last executing test programs:

7m22.937052233s ago: executing program 0 (id=1):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000200)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
linkat(r2, &(0x7f0000000180)='./file1\x00', r2, &(0x7f0000000640)='./bus\x00', 0x0)

7m20.518215063s ago: executing program 0 (id=9):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xa, 0x101, 0x7fff, 0x30, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000001400), 0x208e24b)
fdatasync(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000740)=0xa00, 0x12)

7m17.997821814s ago: executing program 0 (id=12):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x7547, 0x2, 0x2, 0x7, 0xd3, 0x9})
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040100"], 0xe)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)

7m17.250552952s ago: executing program 32 (id=12):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x7547, 0x2, 0x2, 0x7, 0xd3, 0x9})
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040100"], 0xe)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)

21.217907408s ago: executing program 5 (id=983):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r5, @ANYBLOB="0100ffffffff0000000001000000", @ANYRES32=r4, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r1], 0xcc}, 0x1, 0xf000}, 0x0)

19.613865531s ago: executing program 1 (id=988):
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x88}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$sock_timeval(r3, 0x1, 0x14, &(0x7f0000000ac0)={0x0, 0xea60}, 0x10)
recvmmsg(r3, &(0x7f000000a900), 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000000a40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d6c6f7765722c726f6469722c636865636b3d7374726963742c696f636861727365743d6370387f072ccfcc6ae2456315ce9bfa60f635372c73686f72746e616d653d77696e39352c726f6469722c636f6465706167653d3737352c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c74696d655f6f66667365743d3078666666666666666666666666666539642c646d61736b3d30303030303030303030303030303030303030303030322c756e695f786c6174653d302c696f636861727365743d6d616363656c7469632c756e695f786c6174653d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c757466383d312c73686f72746e616d653d77696e39352c757466383d302c646566636f6e746578743d756e636f6e66696e65645f752c004524d950df541bbcd4ef42b2c4c63419accfa4ea465e739a4837d13c04574e6c49c3e657e9c6f96cded6017db7c14015f543fe5ac9ca1d73df69a2538f00044d19b6ffe2"], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
write$binfmt_script(r2, &(0x7f00000008c0), 0xfecc)
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)=ANY=[@ANYBLOB='M'], 0x4c}}, 0x0)
write$binfmt_misc(r4, &(0x7f0000001280), 0x6)

19.435378121s ago: executing program 4 (id=989):
ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$kcm(0xa, 0x3, 0x73)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
ioctl$USBDEVFS_RESETEP(0xffffffffffffffff, 0x80045503, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c068c0a7d2eaebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f014", 0x206}], 0x1}, 0x9fc)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000480)={[{@nodecompose}, {@nls={'nls', 0x3d, 'macgaelic'}}, {@force}, {@type={'type', 0x3d, "883b7f38"}}, {@gid}, {@nobarrier}, {@uid}, {@nodecompose}, {@gid={'gid', 0x3d, 0xee00}}]}, 0x0, 0x6ef, &(0x7f0000000c80)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroWdhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0Og5KreAoVcctJNZWZnVivt7EOyJCvO7ydm5pv5nvOfnZl9ICaAb6zF6ag+iSQWp9/cTNd3tudaY9tzE3l2KyJqEVGJqLYXkaxGlnsrn+Lb6ca8fNKvnw9XFt7+/KudL9pr1XzKylcG1StR6920lU/RjIixfNlrvE+Lnxzu/kB7t/u2N6qks4dpwK4VgYu/PFWr8NT2emx18j7+TzYfVP0o5y1wTiXt+2aPqYjJiKhHtO/6+dWhcrajO3lbz3oAAAAAcFSNo1d5YTd2YzMunMZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HmVP/8/yadKkW5GUjz/v5Zvizx9Dg1/EOJnE+3lk9MfDAAAAAAAAACculd3Yzc240Kxvpdkv/m/1vUb/7fivViP5ViL67EZS7ERG7EWsxEx1dVQbXNpY2NtNqsZcWlAzZvxaUnNm/3HeOuE9xkAAAAAAAAAzrn6kPz7473bfh+L+7//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAeZBEjLUX2XSpSE9FpRoR9YiopeW2Ij4t0l8TSdnGJ2c/DgAAAHgq9YOrSX2EOi+8H7uxGReK9b0k+8x/Jfu8XI/3YjU2YiU2ohXLcSf/DJ1+6q/sbM+1drbnHqRTb7s//fJIQ89ajPZ3D+U9v5yVaMTdWMm2XI/bkcReppK38vLO9ly6fFA+rg/SMSU/yQ0YzVhX+k46u/pJlv7zwW8RqkfaxWOq9M2ZynLHOxGZyceW1rhYRKA8EkOPTnVgT7NR6Xzzc2lwT+Ux/2Bw75OHSpV+c3MahnZ0OBI3o9I5QlcGRyLiu//4+Nf3Wqv3791dnz6zXTqe94eWOByJua5IXH2OIjHcTBaJy531xfhF/Cqm48uJt2ItVuI3sRQbsdws8pfyl1k6nxocqc8mu9feGjaS9Jxsdq5fZWNqxoExRTN+nqWW4rXsmF6IlUjiYUQsxxvZ382Y7VwN9o/w5RHO+soIV9ou176XLTphikb/sn8brcmTksb1Yldcu6+5U1le95b9KL1YGqXiXjf6/ahL9Tt5Im3hDwPvD2ftcCRmuyLxUr/XSzukf91L5+ut1ftr95beLWu85MXwer5Mz6M/neVdYqj0CL8Y9XznLmbzJDunZrK8lzp32IPxquW/uLRVevIud+q1z9RfxsO4c+BM/WHMx3wsZKWvZKXHe+5Yad7VTksHr+FpXvpOq9r5Yaf7/dbDaLXfDwFwvk1+f7LW+F/j342PGn9s3Gu8Wf/ZxI8mXqnF+L/Gf1ydGXu98kry9/gofrf/+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi+9UeP7y+1WstrBxMT0U5UerPSRNK9Jan2ltkrHiRWWr0kkeSPyhmhcLL+6PHe0AYHJyby4R2z+kkmiqc1Di/cPMVhJFuHj1d9+LEonvI0QhdJT8DTyscec9Hz/pbxc3AoDyeaJ9dg8YLtyjr6q7dRdrzGIqKs8JALx9hJXH2AZ+nGxoN3b6w/evyDlQdL7yy/s7w6Pj+/MLMw/8bcjbsrreWZ9ryrwpk8/BY4C91vJzpqEfHq8LoDHtQKAAAAAAAAAAAAnKLefxXIM/57cv8L8Yx3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiaW5yO6pNIYnbm+ky6vrM910qnIr1fshoRlYhIfhuR/DPiVrSnmOpqLunXz4crC29//tXOF/ttVYvylYitvvVGs5VP0YyIsXx5Uu3dHt5ebT85UZKddCKTBuxaETh41v4fAAD//05W6Hc=")
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB='osx.:'], 0x0, 0x0, 0x0)
listxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

19.413803712s ago: executing program 5 (id=990):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$MEDIA_IOC_SETUP_LINK(0xffffffffffffffff, 0xc0347c03, &(0x7f00000009c0)={{0x80000000, 0x0, 0x4, [0xc, 0x2]}, {0x80000000, 0x0, 0x3, [0xfffffff9, 0xffffff79]}, 0x2, [0x3]})
fsopen(&(0x7f00000000c0)='gadgetfs\x00', 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000440)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)

18.702344057s ago: executing program 1 (id=993):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(&(0x7f0000000200), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f0000000000)={0x26, 0x3, 0x0, {0x5, 0x5, 0x0, '#,)\x82%'}}, 0x26)

18.429781118s ago: executing program 4 (id=996):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
socket(0x11, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_virt_wifi\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000))
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)

15.721452113s ago: executing program 1 (id=999):
r0 = io_uring_setup(0x177f, &(0x7f0000000140))
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r2, 0xc)
setsockopt$inet6_int(r1, 0x10d, 0xb, &(0x7f0000000080)=0xa, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x9, @loopback, 0x20}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

12.861908577s ago: executing program 4 (id=1006):
syz_mount_image$minix(&(0x7f0000000100), &(0x7f00000066c0)='./file0\x00', 0x1810002, &(0x7f0000000180)=ANY=[], 0x1, 0x1e1, &(0x7f0000000380)="$eJzs201u00AYxvHHjmM35ftrwwqJBWyIIY0E3dEDcAF2VWuqChcQZdMKCbrhHhyDHTfhAq0EJzCya8t1iSdOnNgJ+f+kNtPRPJ03Ul93bLUCsLJuJp8tWeomoyiKvjyQ9PqVJMcYdRspEMDcRNZ505dxR0+vmVMAlkPn9+h5r7TBf2QDO78KZKeF2dcHYF7OtjrJOeCnJf3683nnNP3oVjw/nG3ZUif94kLeldYq5U+s5PW+I51eyHvKvoElfTWcX76f5x+pmO9VrT/df/1Sfn1cML5lip3Yycvjh8X8FUlXJV2TdF3SjfRe65ak2yP23720/72K9QN1xD99/cJMpbYt5vuGBZ45H3fPm/0weDrRrrlumn82Zd5N84Oa+Q3jqvIHKV6a7++8D3dLV72csjrAzP6n/ycztv9L5Y8P6/S/U7P/gVV2eHT8djsMg4+TD+ypUjMe9NT8pk67b3lZBtlBMp6JL9PjU99ar7m5QW8xyigftHxhAjB3/qeDD/7h0fGT/YPtvWAveDcYbr4YbgyGzzf95Fzu1zmdA1hk+S/9auvNfxIEAAAAAAAAAAAAAADacEfS3baLAAAAANCIJv6dqO33CAAAAAAAAAAAAAAAAAAAAPwv/gYAAP//y2Qy4A==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0xc17a)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x80044940, &(0x7f0000001b00))
fdatasync(r1)

12.147104027s ago: executing program 5 (id=1011):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x30144d0, &(0x7f0000000300)={[{@barrier_val={'barrier', 0x3d, 0x1}}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@jqfmt_vfsv1}, {@mblk_io_submit}, {@data_ordered}, {@barrier_val}, {@grpjquota}, {}]}, 0xc5, 0x7ce, &(0x7f0000000500)="$eJzs3c9rHNcdAPDvrFY/7VYqlLYuFBYKrcF4Vbmq3UKhKj2UQg2G5JRDbLFaC0crrdGujCVEYhMCuQSSkFty8Tk/LyHX/IDkkvwfwcZJZBOHHILC7A9pJe/aK0faje3PB8Z6b+fNvPfdN/P2STOeDeCxlUv/yUQciYiXk4jxxutJRAzWUtmImXq5OxvrhXRJYnPzia+TWpnbG+uFaNkmdaiR+V1EfPxCxLHM3fVWVtcWZkul4vKObVfXjl9YnJ0vzheXTk5NT5849bdTJ/cv1m+/WDt845X//vmdme+f/+27L32SxEwcTuOr2Y5jv+Qi14hrMH0Ld/jPflfWN+8/20WhTMTmZj2ZPegGsQfpqTnQ6JUjMR4D9+qf0V62DAA4KM9FOjPrYKDjGgDgoZbUP///1e92AAC90vw7wO2N9UJz6e9fJHrr5r8jYqQef/P6Zn1NtnHNbqR2HXTsdrLjykgSERP7UH8uIt744Om30iV2XU8FOEhXrkbEuYncjvF/IGoj3O57FvbqL+1fnm/N5HatNP5B73yYzn/+3m7+l9ma/0Sb+c9wm3P3Qdz//M9c34dqOkrnf/9subftTkv8DRMDjdwvanO+weT8hVIxHdt+GRFHY3A4zU/Vy7a9Q+borR9udaq/df73zavPvJnWn/7cLpG5nh3euc3cbHX2p8bddPNqxO+z7eJPx//hWv8nHea/Z7qs43//ePH1TuvS+NN4m8vd8R+szWsRf2rb/8lWmTQ1WV28OFlpd3/iZO1wmGweFG28NxNjnerPZbf7P13S+pu/C/RC2v9j945/Imm9X7PS9a63zoXPr41/1KlQ6/HfPv72x/9Q8mQtPdR47fJstbo8FTGU/P/u109sb9vMN8un8R/9Y/vzvzn+tTn+n0r3f67LNyJ746u3Hzz+g5XGP7en/t9zIkbuLAx0qr+7/p/esU0341+3DXzQ9w0AAAAAAAAAAAAAAAAAAAAAAAAA9iITEYcjyeS30plMPl//Du9fx1imVK5Uj50vryzNpetqzz/NNB91Od7yPNSpxvPwm/kTu/J/jYhfRcRrw6O1fL5QLs31O3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaDjU4fv/U18O7yo80I8WAgAHYsQHOwA8bpJstt9NAAB6baTrkrmIGD3QtgAAvdH95z8A8Kjo/PnvwgAAPKru8/v/7v8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHt15vTpdNn8bmO9kObnLq2uLJQvHZ8rVhbyiyuFfKG8fDE/Xy7Pl4r5Qnkxsh12dKX+o1QuX5yOpZXLk9VipTpZWV07u1heWaqevbA4O188WxzsYWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0K3K6trC5nipuJwmZksSPU4sfFbvh59LeyT2logr9f7b1z1/evIPv0l32tcAY2h7lBjty9gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DD4MQAA//+KvR+l")
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
write(r0, &(0x7f0000000280)="1c0000001a009b", 0x7)

11.521893827s ago: executing program 1 (id=1013):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
close(0x3)

8.857825292s ago: executing program 5 (id=1017):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x18, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000010c0)={0x18, &(0x7f0000000f80)={0x20, 0x5}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

8.353769327s ago: executing program 4 (id=1019):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r5, @ANYBLOB="0100ffffffff00000000010000000800", @ANYRES32=r4, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r1], 0xcc}, 0x1, 0xf000}, 0x0)

7.26606661s ago: executing program 1 (id=1020):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(&(0x7f0000000200), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r2, &(0x7f0000000000)={0x26, 0x3, 0x0, {0x5, 0x5, 0x0, '#,)\x82%'}}, 0x26)

7.265322579s ago: executing program 4 (id=1021):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
open$dir(&(0x7f0000000100)='./file1\x00', 0x40802, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000480)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a5fd9688000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES64, @ANYRESOCT, @ANYRES32=r4, @ANYBLOB], 0x58}}, 0x0)

7.232694943s ago: executing program 6 (id=1022):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x23, &(0x7f0000000100), &(0x7f0000000200)=0x14)

7.232275393s ago: executing program 2 (id=1023):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
epoll_create1(0x0)
socket(0x1, 0x80802, 0x0)
epoll_create1(0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7fffffff}, 0x0, 0x0)
close(r0)

6.873882816s ago: executing program 2 (id=1024):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r0 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r2, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
close(0x3)

5.468253255s ago: executing program 6 (id=1025):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r1 = accept(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r1, &(0x7f000000b680)={0x0, 0x10400004, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2}, 0x0)

5.367506038s ago: executing program 2 (id=1026):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)
syz_open_dev$video(0x0, 0xfffffffffffffffd, 0x200000)
sendto$inet(r0, &(0x7f0000000040)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=ANY=[@ANYBLOB="6000000010000304f5000000000000", @ANYRES32=0x0, @ANYBLOB="00050000000000003000128009000100766c616e00000000200002800c0002000a0000001f0000000600"], 0x60}}, 0x0)
sendto$inet(r0, &(0x7f0000000280)='p', 0x29fcb, 0x0, 0x0, 0x0)

5.252159857s ago: executing program 3 (id=1027):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in=@private=0xa010101, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {@in=@multicast2, 0x0, 0x3c}, @in6=@remote, {0x0, 0x0, 0xfffffffffffffffe}, {}, {}, 0x0, 0x3503, 0xa, 0x2, 0xfd, 0x2c}, [@coaddr={0x14, 0xe, @in=@broadcast}]}, 0x104}, 0x1, 0x0, 0x0, 0x50}, 0x0)

4.406593321s ago: executing program 3 (id=1028):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d70", 0x2c}], 0x1)

4.36005255s ago: executing program 6 (id=1029):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup(0x5881, &(0x7f0000000240)={0x0, 0x0, 0x400})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000300)={[], [{@appraise_type}, {@permit_directio}]}, 0x0, 0x544, &(0x7f0000000fc0)="$eJzs3c+PG1cdAPDvzP5MmnYT6AEqIAEKAUWxs04bVb20uYBQVQlRcUAc0mXXWS2x4xB7S3eJxPZvAAkkTvAncEDigNQTB24ckTggpHJACrACZZFAMprx7MbZ9bKm9trE/nykycybNzPf9+KM3/OzMy+AqXUpInYiYj4i3o6IpWJ/UizxemfJjnu0+2B1b/fBahLt9lt/TfL8bF90nZN5prjmYkR87csR30qOxm1ubd9ZqdWq94t0uVW/V25ubV/dqK+sV9erdyuVG8s3rr1y/eXK0Op6sf7zh1/aeOPrv/rlJz/47c4Xv5cV61yR112PYepUfe4gTmY2It44jWBjMFOs58dcDj6cNCI+EhGfye//pZjJ/3UCAJOs3V6K9lJ3GgCYdGk+BpakpYhI06ITUOqM4T0fZ9Nao9m6cruxeXetM1Z2PubS2xu16rULC7//Tn7wXJKll/O8PD9PVw6lr0fEhYj44cKZPF1abdTWxtPlAYCp90x3+x8R/1hI01Kpr1N7fKsHADw1FsddAABg5LT/ADB9tP8AMH36aP+LL/t3Tr0sAMBo+PwPANNH+w8A00f7DwBT5atvvpkt7b3i+ddr72xt3mm8c3Wt2rxTqm+ullYb9++V1huN9fyZPfWTrldrNO4tvxSb75Zb1War3NzavlVvbN5t3cqf632rOjeSWgEA/82Fi+//LomInVfP5Et0zeWgrYbJlo67AMDYzAxysg4CPNXM9gXTq68mPO8k/ObUywKMR8+HeS/23HzSj/+HIH5nBP9XLn+8//F/czzDZDH+D9Prw43/vzb0cgCjZ/wfple7nRye83/+IAsAmEgD/ISv/f1hdUKAsTppMu+hfP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+ZcRHw7krSUzwWeZn+mpVLEsxFxPuaS2xu16rWIeC4uRsTcQpZeHnehAYABpX9Oivm/Li+9eO5w7nzyz4V8HRHf/clbP3p3pdW6v5zt/9vB/oX96cMqj88bYF5BAGDI8va7Uqy7Psg/2n2wur+MsjwPb8a/i6mIV/d2H+RLJ2c2sp0Ri3lf4uzfk5gtzlmMiBciYmYI8Xfei4iP9ap/ko+NnC9mPu2OH0XsZ0caP30ifprnddZZ5+ujT172zBCKBhPv/ZsR8Xqv+y+NS/m69/2/mL9DDe7hzc7F9t/79rrizxaRZnrEz+75S/3GeOnXXzmys73UyXsv4oXZXvGTg/jJMfFf7DP+Hz7xqR+8dkxe+6cRl6N3/O5Y5Vb9Xrm5tX11o76yXl2v3q1UbizfuPbK9Zcr5XyMurw/Un3UX1698txxZcvqf/aY+Is96z9/cO7n+qz/z/719jc//Ti5cDj+Fz7b+/V/vmf8jqxN/Hyf8VfO/uLY6buz+GvH1P+k1/9Kn/E/+NP2Wp+HAgAj0NzavrNSq1XvD7SRfQodxnWObGRF7O/g/e7iYEH/GKdRi5M2kuiZNXdaf6unvjF70Fcc7pW/kV1xxNVJh16LgTYejSrW+N6TgNF4fNOPuyQAAAAAAAAAAAAAAMBxRvFfl8ZdRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACbXfwIAAP//yQ/MDQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
sendmsg$netlink(r0, 0x0, 0x4010)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
setsockopt$inet_tcp_int(r6, 0x12, 0x2, 0x0, 0x0)

3.848274523s ago: executing program 2 (id=1030):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

3.049864383s ago: executing program 5 (id=1031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="120000000500000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.016550844s ago: executing program 3 (id=1032):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
ioctl$SNDCTL_SEQ_GETINCOUNT(0xffffffffffffffff, 0x80045105, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
close(0x3)

2.992886984s ago: executing program 2 (id=1033):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f4d, &(0x7f0000009040)="$eJzs3V1vHFf9B/DfPnj90H/TqPqrChEXaQqlpTTPCZSnplxwAUggoVyTyHWrQApVEhCtIuIqF4gLHl4C3PQGib6R8hYQL4BICVeVoAwa+5xkPF5nbRLv7Pp8PpIz89sz4z2Tr8ez65nZEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAfOfbPzzdi4jLv0gPHI74vxhE9COW6/pY1DMX8/LDiDgSG83xXEQMFiPq9Tf+eSbiXER8fCji3v1bq/XDZ3bZj/Onbl7/9Lvf+tuvf3/nyI/f/NGH7fYf/P/Zj35zO+Lw91/76NPbT2bbAQAAoBRVVVW99Db/aHp/3++6UwDAVOTjf5Xkx+e87s1Yf9Rqtfp3/dnqj7rQuqka73aziIj15jr1awan4wFgzqzHJ113gQ7Jv2jDiHiq604AM63XdQfYF/fu31rtpXx7zePBsc32/HfKLfmv9x7c37HTdJL2NSbT+vm6E4N4dof+LE+pD7Mk599v5395s32Ultvv/Kdlp/xHm7c+FSfnP2jn37Il/z9ExNzm3x+bf6ly/sO95L8+mOP9X/4AAAAAABx8+e//hzs+/7v4+JuyK5vn/7af6e0/3GQAAAAAAAAAmDuPO/7fA8b/AwAAgJlVv1ev/fHQw8d2+iy2+vFLvYinW8sDhUk3y6x03Q8AAAAAAAAAAAAAKMlw8xreS72IhYh4emWlqqr6q6ld79Xjrj/vSt9+KFnXv+QBAGDTx4da9/L3IpYi4lL6rL+FlZWVqlpaXqlWquXF/Hp2tLhULTfe1+Zp/djiaBcviIejqv5mS431mia9X57U3v5+9XONqsEuOjYdHQYOABGxeTS654h0wFTVM9H1qxzmg/3/4LH/sxtd/5wCAAAA+6+qqqqXPs77aDrn3++6UwDANCzl43/7vIBarVar1eqDVzdV491uFhGx3lynfs1gOH4AmDPr8UnXXaBD8i/aMCKOdN0JYKb1uu4A++Le/VurvZRvr3k8SOO752tBtuS/3ttYL68/bjpJ+xqTaf183YlBPLtDf56bUh9mSc6/387/8mb7KC233/lPy07519t5uIP+dC3nP2jn33Jw8u+Pzb9UOf/hnvIfyB8AAAAAAGZY/vv/Yed/8yYDAAAAAAAAwNy5d//War7vNZ///+yY5XrNOfd/Hhg5/96u83f/70GS8++3829dkDNozN9942H+/7x/a/XDm//4TJ7OfP4Lg1H93Au9/mCYrvmpFt6Kq3Et1uLUtuWHW9pPb2tf2NJ+ZkL72W3to7p9ObefiNX4WVyLNx+0L064MGppQns1oT3nP7D/FynnP2x81fmvpPZea1q7+0F/237fnI57not//veL2/eu6bsTgwfb1lRv3/EO+rPxf/LUKH5+Y+36iV9euXnz+ulIky2Pnok0ecJy/gvpK+f/0gub7fn3fnN/vfvBaM/575t3/7Knxe/EcMf8X2jM19v78hPp4GzL+Y/SV84/H4HG7/8zlP8ePWr/f6WD/gAAAAAAAAAAAAAAAMCjVFW1cYvoxYi4kO7/6ereTABgqn77vTRTJaFWq9VqtfrA1k3VeK83i1jaus6FiPjVuG8GAMyy/0TE37vuBJ2Rf8Hy5/3V08913Rlgqm689/5Prly7tnb9Rtc9AQAAAAAAAAD+V3n8z2ON8Z83rgNqjRu9ZfzXN+LY3I7/2R8NNsY6Txv0fDx6/O/j8ejxv4cTnm9hQvtoQvvihPalCe1jb/RoyPk/nzLO+R9NG1bS+K8vddCfruX8j6exnnP+X2gt18y/+tM859/fkv/Jm++8e/LGe++/evWdK2+vvb3209OnLpw7e/7c2fPnT7519draqc1/O+zx/sr557GvXQdalpx/zlz+Zcn5fz7V8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/y+mWv5lyfm/kmr5lyXn/6VUy78sOf9XUy3/suT8T6Ra/mXJ+Z9MtfzLkvPPZ7jkX5acf76yQf5lyfmfSbX8y5LzP5tq+Zcl538u1fIvS87/fKrlX5ac/4VUy78sOf8vp1r+Zcn5fyXV8i9Lzv+1VMu/LDn/r6Za/mXJ+X8t1fIvS87/66mWf1ly/t9ItfzLkvP/ZqrlX5ac/+upln9ZHn7+v5kpz/zrrxEz0A0zZsbNdP2bCQAAAAAAAAAAAABom8blxF1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnK+wzgZ7/stSHBDYQQ4oS1MWBg8e76CxxiMElIKWlTSkLatKTGsdfGib/qXSeAUFkKbYmCVKT2gl40TaI0itRWoChSU4lGSI3U3pWrRNxErcSFpULloKRSqsBWZ877vjszOzuz/lg855zfD+G/d+bMzDtnzszus9YzAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA02/Cx6T8fyLIs/7/xx7osuzT/+5psT/7l3M6LvUIAAADgfL3V+PMfLksn7FnGhZq2+bcP/cf35+fn57MvvHn67b+cn09njGXZ0Oosa5wX/fsvfzHfvE3wVDY6MNj09WCPmx/qcf5wj/NHepy/qsf5q3ucP9rj/EU7YJE1xe9jGle2qfHXdcUuza7IRhrnbepwqacGVg8Oxt/lNAw0LjM/cjA7nB3JprPJRZcZaPyXZS9tyG/rnize1mDTba3PsuzMzx7fH9cwEPbxpqzlxhqaH7s37srG3vzZ4/u/M/v6+zvNnrth0UqzbPPGfJ1PZ9nCr6uygWx12idxnYNN61zfYZ1DLescaFwu/3v7Os8sc53xfo+Gdb7SZZ3rw2mPXJtl2Vy25DbtnsoGs7Vtt5r292hxROTXkT+U78mGz+o42bCM4yS/zGvXth4n7cdk3P8bwj4ZXmINzQ/HG0+uWrTfz/U4ye91Pxyr+XXfl9/o6Gjzr1ZbjtV8m8evW/oY6PjYdTgG0rHcdAxs7HUMDK4aahwDgwtr3thyDEwtusxgNtC4rdPXdT8GJmaPnpiYefSxWw4f3Xdo+tD0sanJndu37di+bceOiYOHj0xPFn+e3S4tkbXZYDoGN4bXmngM3tC2bfMhOf/NC/c8GO2T50F+3z9zfb6gSwezJY7xfJunN5//8yB93296Hgw3PQ86vqZ2eB4ML+N5kG9zZvPyvmcON/3faQ0r9Vq4rukYuJjfD/PbfPDGpV8L14d1PXPT2X4/HFp0DMS7NRCee/kp6ee90dvCfll8XFydn3HJquzUzPTJLY/sm509OZWF8Y64vOmxaj9e1jbdp2zR8TJ41sfLnr//1fVXdzh9XdhXozd3f6zybbaPd3+sGq/urftzVVbsz5ZTt2ZhXGDv9P7s9N0s358pS3TZn/k2T99y/j8LplzS9Po30uv1b2hkuHj9G0p7Y6Tl9W/xQzPUWFmWnbllea9/I+H/d/r174o+ef3L99WDW7ofA/k2z0yc7TEw3PX179owB8J6bgyJYbQp97/dOH+uOEybHsuex83w8Eg4bobjLbYeN9sWXSa/tvy2N0+e23Gz+drWx6rl55YKHjf5vvqrye7HTb7Ny1Pn/9qxJv616bVjVa9jYGRoVb7ekXQQFK9382viMbAl258dz45kB9Jl8kc5v63xrcs7BlaF/9/p146r+uQYyPfV81u7HwP5Nj/admF/dtocTknbNP3s1P77haUy/9XDC9fXvtsudObP1/nxH38qndYpQ+TbvL79bHNG9/10czjlkg77qf35s9QxfSB7Z/bTVWGdR3Z0/91Uvs0VO5d5PO3JsuzVqVcbv+8Kv9/93qkff7/l976dfqf86tSr907c/5OzWT8AAOfu7cafc6uKnzWb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o9gudrznwtdj8wvy0z/67ZEXvvrE8m57MMuyX937gY7bP3xHXFfhRFznh1tPX+Sqa5Z1+w89sLBd8/snnNlVXH+8P8s9DGJX+aWJrY3rHXt0qjFfvjdrzPvnnnmquP7i67j96W3F9n8T3rRkz8GBlstvDuvZFOZYeE+Z+/Ys7Id8xsu9sP5D/3r5ZxduL15uYOO7G3fz+T8urje+R9Rzlxfbx/u91Pr/5WvffSHf/pHrOq//icHO6z8drve1MH+5u9i+eZ9/tWn9fxrWH28vXm7Lt37Ycf0vvq/Y/sVwXHwjzPb13/UXH3yr0+MVb2fP7cXl4u1P/u/2xuXi9cXrb1//6BNTLfuj/fpffrO4nt1f/vlQ8/bx9Hg70UO3tx7fA+HxbemRZ1n23T/LWvZz9pHicv/ctv54fSdu77z+m9vWeWLgmsblF+7Pupb79fW/29rx/sb17PnHdS3357m7w/57c+JH+fWevj8cj+H8/3uluL729zJ98e7W15u4/TfWFc/beH0Tbet/rm39c9fk+673+u95s1j/i3eubln/nk+E4+meYvZa/6G/vazl8t/8TvF4nPzK+LHjM6cOH2jaq83P49Wja9Zecum73n1ZeC1t/3rv8dmHp0+OTY5NZtlYCd8ycKXX/60w/6cYcxf+Fgo/+Xlx3D37yeL71g2/KL5+Lpz+UHg84/fHr//1SMvx2v64z91ZzPNd/01hHcv1vq/91zXL2vD051869U9/8nr7zwXx/px472jj/j2/4crGeQMvF+e3v1718p/vbX1e/3R4sjF/EPbrfHhn5o1XFrfXfv3xvUme/XTx/I0/ycXLZ23vJ7JuqPV+nO/6fxp+jvnhVa2vf/H4+METbe/mvC4byJcwF14fsrni/LhV3N/Pnrmy4+3F9+HJ5t5/Nstc0syjMxNHDh879cjE7PTM7MTMo4/tPXr81LHZvY33Lt37xV6XX3h+r208vw9M79yeNZ7tx4uxwi72+k88sP/ArZPXH5g+uO/UwdkHTkyfPLR/Zmb/9IGZ6/cdPDj9lV6XP3xg99TWXdtu3Tp+6PCB3bft2rVt1/jhY8fzZRSL6mHn5JfGj53c27jIzO7tu6Z27Ng+OX70+IHp3bdOTo6f6nX5xvem8fzSXx4/OX1k3+zho9PjM4cfm949tWvnzq093/3x6ImDM2MTJ08dmzg1M31yorgvY7ONk/Pvfb0uTz3MHA+vd20Gwk/nn7t5Z3p/3Ny3n1zyqopNWn88zd4I7wUVv7/1+jrm/pEwk5rkfwAAAKiDmPvDG/8vnCH/AwAAQGXE3L86zET+BwAAgMqIub9I/qPp49/rkv8vVP//Sf3/Bv1//f9M/z/R/9f/z/T/9f970P/X/y/z+vX/9f/prd/6/yH3Z2uyzL//AwAAQEXF3L82zET+BwAAgMqIuf+SMBP5HwAAACoj5v5Lw0xqkv99/r/+v/5/t/5/3Fb/P9P/74f+/6b/1v9fRP9f/z/T/z9nF7s/X/b192H/f43+P/2m3/r/Mfe/K8ykJvkfAAAA6iDm/neHmcj/AAAAUBkx918WZiL/AwAAQGXE3L8uzKQm+V//X/9f/9/n/+v/l6b/7/P/O9D/1//P9P/P2cXuz5d9/X3Y//f5//Sdfuv/x9z/a2EmNcn/AAAAUAcx978nzET+BwAAgMqIuf/yMBP5HwAAACoj5v4rwkxqkv/r2f9/Lcsy/f9M/1//v22d+v/6/ytB/1//vxv9f/3/Mq9f/1//n976rf8fc/97w0xqkv8BAACgDmLuvzLMRP4HAACAyoi5/31hJvI/AAAAVEbM/VeFmdQk/9ez/+/z//X/C/r/revU/9f/Xwn6//r/3ej/6/+Xef36//r/9NZv/f+Y+98fZlKT/A8AAAB1EHP/1WEm8j8AAABURsz9Hwgzkf8BAACgMmLuXx9mUpP8r/+v/6//r/+v/6//v5LK1f8fXPIc/f+C/n+rC9f/n1tYgP5/adav/6//T2/91v+Puf+DYSY1yf8AAABQBzH3fyjMRP4HAACAyoi5/5owE/kfAAAAKiPm/rEwk5rkf/3/Wvf/89P0//X/9f/1/1dUufr/S9P/L+j/t/L5//r/+v/6/3TXb/3/mPs3hJnUJP8DAABAHcTcvzHMRP4HAACAyoi5/9owE/kfAAAAKiPm/k1hJjXJ//r/te7/+/x//f+Wder/6/+vBP1//f9u9P/1/8u8fv1//X9667f+f8z914WZ1CT/AwAAQB3E3H99mIn8DwAAAJURc/8NYSbyPwAAAFRGzP2bw0xqkv/1//X/9f9L3P8f0v/P9P/7nv6//n83+v/6/2Vev/6//j+99Vv/P+b+G8NMapL/AQAAoA5i7r8pzET+BwAAgMqIuf/mMBP5HwAAACoj5v7xMJOa5H/9f/1//f8S9/99/n/L+vX/+5P+v/5/N/r/+v9lXr/+v/4/vfVb/z/m/lvCTGqS/wEAAKAOYu7fEmYi/wMAAEBlxNw/EWYi/wMAAEBlxNw/GWZSk/yv/6//r/+v/6//r/+/kvT/9f+70f/X/y/z+vX/9f/prd/6/zH3T4WZ1CT/AwAAQB3E3L81zET+BwAAgMqIuX9bmIn8DwAAAJURc//2MJOa5P+S9P+3pAKU/r/+v/6//r/+f6no/+v/d6P/r/9f5vXr/+v/02qww2n91v+PuX9HmElN8j8AAADUQcz9O8NM5H8AAACojJj7bw0zkf8BAACgMmLuvy3MpCb5vyT9f5//r/+v/99E/1//v0z0//X/u9H/1/8v8/r1//X/6a3f+v8x9+8KM6lJ/gcAAIA6iLn/w2Em8j8AAABURsz9t4eZyP8AAABQKp0+hzCKuf8jYSY1yf/6/1Xv/8+v1v/X/9f/775+/f+Vpf+v/9+N/r/+f5nXr/+v/09v/db/j7l/d5hJTfI/AAAA1EHM/XeEmcj/AAAAUBkx998ZZiL/AwAAQGXE3L8nzKQm+V//v+r9f5//r/+v/99r/fr/K0v/X/+/G/3/cvb/w48t+v991P/PjyH9f/pRv/X/Y+6/K8ykJvkfAAAA6iDm/o+Gmcj/AAAAUBkx938szET+BwAAgMqIuf/jYSY1yf/6//r/+v/6//r/+v8rqfv615z39de4/994KdT/L+j/n5uL3Z8v+/r7qf/v8//pV/3W/4+5/+4wk5rkfwAAAKiDmPs/EWYi/wMAAEBlxNz/62Em8j8AAABURsz994SZ1CT/6//r/+v/6//r/+v/rySf/+/z/7vR/9f/L/P69f/1/+mt3/r/Mff/RphJTfI/AAAA1EHM/feGmcj/AAAAUBkx938yzET+BwAAgJJZteQ5Mff/ZphJTfJ/+fr/Y6Xs/w+m69f/1//X/9f/1/+/kPT/9f8z/f9zdrH782Vfv/6//j+99Vv/P+b+3wozqUn+BwAAgDqIuf9TYSbyPwAAAFRGzP2/HWYi/wMAAEBlxNx/X5hJTfL/he7/t1++G5//r/+f6f/r/+v/6/+fJ/1//f9M//+cXez+fNnXr/+v/09v/db/j7n/d8JMapL/AQAAoA5i7r8/zET+BwAAgD718FlfIub+T4eZyP8AAABQGTH3fybMpCb5v3yf/6//r/+v/6//r/9fJvr/+v/d6P/r/5d5/fr/+v/01m/9/5j7HwgzqUn+BwAAgDqIuf+zYSbyPwAAAFRGzP2/G2Yi/wMAAEBlxNz/e2EmNcn/+v/6//r/+v/6//r/K0n/f3H/P38N0/8v6P/r/5d5/fr/+v/01m/9/5j7PxdmUpP8DwAAAHUQc//vh5nI/wAAAFAZMff/QZiJ/A8AAACVEXP/g2EmNcn/+v/6//r/+v/6//r/K0n/3+f/d6P/r/9f5vXr/+v/01u/9f9j7v98mElN8j8AAADUQcz9fxhmIv8DAABAZcTcvzfMRP4HAACAyoi5/6Ewk5rkf/1//X/9f/1//X/9/5Wk/6//343+v/5/mdev/6//T2/91v+PuX9fmMme1psBAAAAyivm/i+EmdTk3/8BAACgDmLu3x9mIv8DAABAZcTcfyDMpCb5X/9f/1//X/9f/1//fyXp/+v/d6P/r/9f5vXr/+v/01u/9f9j7p8OM6lJ/gcAAIA6iLn/YJiJ/A8AAACVEXP/oTAT+R8AAAAqI+b+h8NMapL/9f/1//X/a9v/f+V7bevU/9f/Xwn6//r/3ej/6/+Xef36//r/9NZv/f+Y+w+HmdQk/wMAAEAdxNz/xTAT+R8AAAAqI+b+L4WZyP8AAABQGTH3HwkzqUn+1//X/9f/r23/f3mf/79m4Xb1//X/z4X+v/5/N/r/+v9lXr/+v/4/vfVb/z/m/qNhJjXJ/wAAAFAHMfcfCzOR/wEAAKAyYu4/HmYi/wMAAEBlxNx/IsykJvlf///s+v8DS3QD9f87r1//vwL9/yb6//r/50L/X/+/G/1//f8yr1//X/+f3vqt/x9z/x+FmdQk/wMAAEAdxNx/MsxE/gcAAIDKiLl/JsxE/gcAAIDKiLl/NsykJvlf/9/n/+v/6//r/+v/ryT9f/3/bvT/9f/LvH79f/1/euu3/n/M/afCTGqS/wH4f/buM1mzsurj8EMD79uU5RyYgiNwCI7BKsdgDmDGrJhzwpzarJhzzgFzzqKYY5UWp9da0G2fvU93n6fPve91XR9YelC5KdoP/4JfbQAAOsjdf/+4xf4HAACAaeTuf0DcYv8DAADANHL3PzBuabL/9f/6f/2//l//r//fJ/2//n+J/l//v+X36//v1v/fdrX+nwsarf/P3f+guKXJ/gcAAIAOcvc/OG6x/wEAAGAaufsfErfY/wAAADCN3P0PjVua7H/9v/5f/6//1//r//dJ/6//X6L/1/9v+f36f9//Z91o/X/u/ofFLU32PwAAAHSQu//hcYv9DwAAANPI3f+IuMX+BwAAgGnk7r8hbmmy//X/+n/9/wb7/2v0//r/7dD/6/+X6P/1/1t+v/5f/8+60fr/3P03xi1N9j8AAAB0kLv/kXGL/Q8AAADTyN3/qLjF/gcAAIBp5O5/dNzSZP/r//X/+v8N9v++/6//3xD9v/5/if5f/7/l9+v/9f+sG63/z93/mLilyf4HAACADnL3PzZusf8BAABgGrn7Hxe32P8AAAAwjdz9j49bmux//b/+X/+v/9f/6//3Sf+v/1+i/9f/b/n9+n/9P+v23v/f56aDe9T+P3f/TXFLk/0PAAAAHeTuf0LcYv8DAADANHL3PzFusf8BAABgGrn7nxS3NNn/+n/9/139/3+u0v/r//X/d/1c/3889P/6/yX6f/3/lt+v/9f/s27v/f9K73/+v8/d/+S4pcn+BwAAgA5y9z8lbrH/AQAAYBq5+58at9j/AAAAMI3c/U+LW5rsf/2//t/3//X/+n/9/z7p/4ft/8//v9659P9Hov/X/x/W/9/7CO/X/9PBaP1/7v6nxy1N9j8AAAB0kLv/GXGL/Q8AAADTyN1/c9xi/wMAAMA0cvc/M25psv+vbP9/1Tldo/5f/7/T/w/Y/59q2f/f+TP9/37o/4ft/5fp/49E/6//9/1//T/LRuv/c/c/K25psv8BAACgg9z9z45b7H8AAACYRu7+58Qt9j8AAABMI3f/c+OWJvvf9//1//p//f9lff//6jn6f9//3x/9v/5/if5f/7/l9+v/9f+sG63/z93/vLilyf4HAACA6Z3a1e5/ftxi/wMAAMA0cve/IG6x/wEAAGAauftfGLc02f/6f/2//l//f1n9/yTf/9f/74/+X/+/5Kj9/07/X38u+v9x3q//1/+zbrT+P3f/i+KWJvsfAAAAOsjd/+K4xf4HAACAaeTuf0ncYv8DAADANHL3vzRuabL/9f/6f/2//l//r//fJ/2//n+J7//r/7f8fv2//p91o/X/uftfFrc02f8AAADQQe7+l8ct9j8AAABMI3f/K+IW+x8AAACmkbv/lXHL+fv/1JV81ZWj/9f/6//1//p//f8+6f/1/0v0/xfu/08f8sfT/4/1fv2//p91o/X/uftviVv8/X8AAACYRu7+V8Ut9j8AAABMI3f/q+MW+x8AAACmkbv/NXFLk/1/WP9/xz3O/n79/9Ho/y/8fv2//l//r//X/+v/l+j/ff9/y+/X/+v/WTda/5+7/7VxS5P9DwAAAB3k7n9d3GL/AwAAwDRy978+brH/AQAAYBq5+98QtzTZ/8f//f/r9f/6f/1/XP2//l//r//X/y/T/+v/t/x+/b/+n3Wj9f+5+98YtzTZ/wAAANBB7v43xS32PwAAAEwjd/+b4xb7HwAAAKaRu/8tcUuT/X/8/b/v/+v/L7L/P6X/T/r/+Ouq/9f/XwT9v/5/p/+/ZCfdz2/9/fp//T/rRuv/c/efOZh6/fY/AAAAdHDm4Lend2+NW+x/AAAAmEbu/rfFLfY/AAAATCN3/9vjlib7X/+v/z/x/t/3/4v+P/666v/1/xdB/6//3+n/L9lJ9/Nbf7/+X//PutH6/9z974hbmux/AAAA6CB3/zvjFvsfAAAAphG7/+w//G7/AwAAwJTedfDb07t3xy1N9n/j/v/6y+3/r7vbv9b/X/j9+v9j6f/PnP9rT/+v/98S/b/+f4n+X/+/5feP0//HD27Q/zOe0fr/3P3viVua7H8AAADoIHf/e+MW+x8AAACmkbv/1rjF/gcAAIBp5O5/X9zSZP837v8n+f7/fW+PF+j/5+3/ff8/rv5f/38h+n/9/07/f8lOup/f+vvH6f99/59xjdb/5+5/f9zSZP8DAABAB7n7PxC32P8AAAAwjdz9H4xb7H8AAACYRu7+D8UtTfa//n/r/b/v/+v/9f/6/7Hp//X/S/T/+v8tv1//r/9n3Wj9f+7+D8ctTfY/AAAAdJC7/yNxi/0PAAAA08jd/9G4xf4HAACAaeTu/1jc0mT/6//1//vq/+/8g+j/m/T/N+r/d/r/Q+n/9f9L9P/6/y2/X/+v/2fdaP1/7v6Pxy1N9j8AAAB0kLv/E3GL/Q8AAADTyN3/ybjF/gcAAIBp5O7/VNxwr3ue3JOO17WH/Dx6c/2//t/3//X/vv+v/98n/b/+f4n+X/+/5ffr//X/rBut/8/d/+m4xd//BwAAgGnk7v9M3GL/AwAAwDRy9382brH/AQAAYBq5+z8XtzTZ//p//b/+f7P9/3X6/3Pfr/8fk/5f/79E/6//3/L79f/6f9aN1v/n7v983NJk/wMAAEAHufu/ELfY/wAAADCN3P1fjFvsfwAAAJhG7v4vxS1N9r/+X/+v/99s/+/7/+e9X/8/Jv2//n+J/l//v+X36//1/6wbrf/P3f/luKXJ/gcAAIAOcvd/JW6x/wEAAGAaufu/GrfY/wAAADCN3P1fi1ua7H/9v/5f/6//1//r//dJ/6//X6L/1/9v+f36f/0/60br/3P3fz1uabL/AQAAoIPc/d+IW+x/AAAAmEbu/m/GLfY/AAAATCN3/21xS5P9P3P/v/Qf0/+fpf/X/+/0//r/PdP/6/+X6P/1/1t+v/5f/8+60fr/3P3filua7H8AAADoIHf/t+MW+x8AAACmkbv/O3GL/Q8AAADTyN3/3bilyf6fuf9fov8/S/+v/9/p//X/e6b/1/8v0f/r/7f8fv2//p91J9T/X7s7pP/P3f+9uKXJ/gcAAIAOcvd/P26x/wEAAGAauft/ELfY/wAAADCN3P0/jFvm2f/3u3Xhd+r/j73/P/hFpP/X/+/0//p//f8B/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9W/f/VO/2//v8K0//r/5fo//X/W36//v/o/f9V16z9rzGr0fr/3P0/i1ua7H8AAADoIHf/z+MW+x8AAACmkbv/F3GL/Q8AAAADOnVJ/63c/b+MW5rsf/2//l//36r/9/1//f8Vp//X/y/R/+v/t/z+7P/z153+3/f/+V+j9f+5+38VtzTZ/wAAANBB7v5fxy32PwAAAEwjd/9v4hb7HwAAAKaRu/+3cUuT/a//1//r//X/+n/9/z7p//X/S/T/+v8tv9/3//X/rBut/8/df3vc0mT/AwAAQAe5+38Xt9j/AAAAMI3c/b+PW+x/AAAAmEbu/jvilib7X/+v/5+y//9//b/+X/8/Cv2//n+J/l//v+X36//1/6wbrf/P3f+HuKXJ/gcAAIAOcvf/MW6x/wEAAGAaufv/FLfY/wAAADCN3P1/jlua7H/9v/7/4vv/a+vPe9j+3/f/9f/6/2HM2///n/5f/3/Z/f/Nt5z9sf5/m+/X/+v/WTda/5+7/y9xS5P9DwAAAB3k7v9r3GL/AwAAwDRy9/8tbrH/AQAAYBq5+/8etzTZ//p//f+U3//X/+v/9f/DmLf/9/1//b/v/+v/9f/6f9aM1v/n7v9H3NJk/wMAAEAHufv/GbfY/wAAADCN3P3/ilvsfwAAAJhG7v5/xy1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7/xsAAP//mFIzvw==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0\x00')

2.82990394s ago: executing program 6 (id=1034):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r5, @ANYBLOB="0100ffffffff00000000010000000800", @ANYRES32=r4, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r1], 0xcc}, 0x1, 0xf000}, 0x0)

2.444073477s ago: executing program 3 (id=1035):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="240000003c000701fcffff324a0000de037c0000040000000c00"], 0x24}}, 0xc000)

2.376231846s ago: executing program 5 (id=1036):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x10, &(0x7f0000000280)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001e40)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0})

2.346188672s ago: executing program 6 (id=1037):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x23, &(0x7f0000000100), &(0x7f0000000200)=0x14)

2.137967918s ago: executing program 1 (id=1038):
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r0 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r2, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
close(0x3)

1.063622412s ago: executing program 3 (id=1039):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000002c0)=[@window, @mss, @mss={0x2, 0x8}, @window, @window={0x3, 0x3, 0x5}, @timestamp, @mss={0x2, 0x9}, @timestamp], 0x2000000000000135)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0x440)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)

184.106873ms ago: executing program 6 (id=1040):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x57c, &(0x7f00000013c0)="$eJzs3U1rG9caAOB3xnbifNxrB0K4t4tiyKIpaaTY7kcKXaTL0oYG2n0qbMUEy1Gw5BC7gSaLZtNNCYVSGijtvvsuQ/9Af0WgDYQSTLvoxmXkkaPEki078kei54Gxz5kZ+ZxXM+/xGY2EAuhbY9mPNOL/EfF1EjHSsm0w8o1jq/stP745lS1JrKx88mcSSb6uuX+S/z6SV/4XEb9+GXE6Xd9ubXFptlSplOfzejGSa8Xa4tKZK3OlmfJM+erE5OS5tyYn3n3n7Z7F+vrFv7/7+P4H5746ufztzw+P3U3ifBzNt7XG8RxutVbGYix/Tobi/DM7jvegsf0k2esOsC0DeZ4PRTYGjMRAnvVtrYzsZteAHfZFltZAn0rkP/Sp5jygeW3fo+vgF8aj91cvgNbHP7j62kgMN66NDi8nT10ZZde7oz1oP2vjlz/u3c2W6N3rEACbunU7Is4ODq4f/5J8/Nu+s13s82wbxj/YPfez+c8b7eY/6dr8J9rMf460yd3t2Dz/04c9aKajbP73Xtv579pNq9GBvPafxpxvKLl8pVLOxrb/RsSpGDqY1Te4n/NZuvxgpdPG1vlftmTtN+eCeT8eDh58+jHTpXrpuYJu8eh2xCtt57/J2vFP2hz/7Pm42GUbJ8r3Xu20bfP4d9bKjxGvtT3+T+5oZaVifa7T/cli43woNs+K9f66c+K3Tu3vdfzZ8T+8cfyjSev92trW2/hh+J9yp23bPf8PJJ82ygfydTdK9fr8eMSB5KP16yeePLZZb+6fxX/q5MbjX7vz/1CW2F3Gf+f4ndZdh7cW/87K4p/e0vHfeuHBh59/36n97o7/m43SqXxNN+Nftx18nucOAAAAAAAA9ps0Io5GkhbWymlaKKy+v+N4HE4r1Vr99OXqwtXpaHxWdjSG0uad7pGW90OM5++HbdYnnqlPRsSxiPhm4FCjXpiqVqb3OngAAAAAAAAAAAAAAAAAAADYJ45EDLf7/H/m94G97h2w4zb4ym/gJdc5//MtvfimJ2Bfas3/g3vYD2D3mf9D/+oi/9Pd6Aew+/z/h/4l/6F/yX/oX/If+tdW8v+nCzvYEQAAAAAAAAAAAAAAAAAAAAAAAAAAAHg5XLxwIVtWlh/fnMrq09cXF2ar189Ml2uzhbmFqcJUdf5aYaZanamUC1PVuc3+XqVavTY+EQs3ivVyrV6sLS5dmqsuXK1fujJXmilfKg/tSlQAAAAAAAAAAAAAAAAAAADwYqktLs2WKpXyvILCtgqD+6MbnQppfqLvl/68MIU9HpgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMW/AQAA//+LGzah")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(0x0, 0x1c5b40, 0x43ff5eac7399ce04)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
write$FUSE_OPEN(r4, &(0x7f0000000080)={0x20}, 0x20)
sendfile(r4, r3, 0x0, 0x2c62)

183.436288ms ago: executing program 3 (id=1041):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r1 = accept(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18}], 0x1d}], 0x1, 0x0)
recvmsg(r1, &(0x7f000000b680)={0x0, 0x10400004, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2}, 0x0)

723.753µs ago: executing program 4 (id=1042):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="48000000100039042cbd7000eaffffff000003e4", @ANYRES32=r3, @ANYBLOB="83000400cb1507002800128008000100736974001c000280080014"], 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)

0s ago: executing program 2 (id=1043):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x18, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000010c0)={0x18, &(0x7f0000000f80)={0x20, 0x5}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  153.501201][ T5913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.526574][ T5913] usb 5-1: config 0 descriptor??
[  153.537403][ T5970] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 12 with error 28
[  153.799512][ T5970] EXT4-fs (loop1): This should not happen!! Data will be lost
[  153.799512][ T5970] 
[  153.900748][ T5970] EXT4-fs (loop1): Total free blocks count 0
[  154.235998][ T5970] EXT4-fs (loop1): Free/Dirty block details
[  154.350842][ T5970] EXT4-fs (loop1): free_blocks=68451041280
[  154.405234][ T5970] EXT4-fs (loop1): dirty_blocks=16
[  154.466926][ T5970] EXT4-fs (loop1): Block reservation details
[  154.478127][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.800552][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.808026][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.815628][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.823126][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.830587][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.838009][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.845487][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.853283][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.861165][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.868611][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.876501][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.884128][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.891735][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.899160][ T5913] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  154.908997][ T5913] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  154.923054][ T5970] EXT4-fs (loop1): i_reserved_data_blocks=1
[  154.960458][ T5913] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  154.967929][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.442565][ T5994] veth0_vlan: entered promiscuous mode
[  155.557145][ T5994] veth1_vlan: entered promiscuous mode
[  155.836461][ T5994] veth0_macvtap: entered promiscuous mode
[  156.005003][ T6420] usb 5-1: string descriptor 0 read error: -71
[  156.183419][ T5913] usb 5-1: reset high-speed USB device number 2 using dummy_hcd
[  156.281676][ T5994] veth1_macvtap: entered promiscuous mode
[  156.391284][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.541200][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.612303][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.682217][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.692297][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.702871][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.719405][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.749519][ T6472] netlink: 56 bytes leftover after parsing attributes in process `syz.1.116'.
[  156.780080][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.797026][ T5994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.848047][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.939534][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.970473][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.026692][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.095811][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.157758][ T5927] usb 5-1: USB disconnect, device number 2
[  157.171017][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.181669][ T5994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.193403][ T5994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.204632][ T5994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.214283][ T6479] loop2: detected capacity change from 0 to 512
[  157.219764][ T5994] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.229449][ T5994] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.238226][ T5994] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.247376][ T5994] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.313312][ T6481] loop3: detected capacity change from 0 to 8
[  157.415433][ T6481] SQUASHFS error: zlib decompression failed, data probably corrupt
[  157.424174][ T6481] SQUASHFS error: Failed to read block 0x9b: -5
[  157.431134][ T6481] SQUASHFS error: Unable to read metadata cache entry [99]
[  157.438438][ T6481] SQUASHFS error: Unable to read inode 0x127
[  158.075278][ T6479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  158.190267][ T6479] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.167630][ T6042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.241884][ T6042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.297486][ T6496] netlink: 64 bytes leftover after parsing attributes in process `syz.3.121'.
[  159.501736][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.560732][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.575813][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  159.600560][ T6477] loop4: detected capacity change from 0 to 32768
[  159.609840][ T6477] =======================================================
[  159.609840][ T6477] WARNING: The mand mount option has been deprecated and
[  159.609840][ T6477]          and is ignored by this kernel. Remove the mand
[  159.609840][ T6477]          option from the mount to silence this warning.
[  159.609840][ T6477] =======================================================
[  159.669059][ T6477] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  159.901750][   T29] audit: type=1800 audit(1732586174.169:4): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.118" name="file1" dev="loop4" ino=17058 res=0 errno=0
[  160.316964][ T5855] ocfs2: Unmounting device (7,4) on (node local)
[  160.659851][ T6520] input: syz1 as /devices/virtual/input/input11
[  160.931854][ T6527] Bluetooth: MGMT ver 1.23
[  161.750567][ T6540] netlink: 56 bytes leftover after parsing attributes in process `syz.2.131'.
[  165.588065][ T6556] loop5: detected capacity change from 0 to 512
[  165.722446][ T6558] netlink: 64 bytes leftover after parsing attributes in process `syz.2.134'.
[  165.776278][ T6556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  165.899525][ T6556] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.014912][ T6575] loop6: detected capacity change from 0 to 128
[  166.023752][ T6575] EXT4-fs: Ignoring removed bh option
[  166.220087][ T6575] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.283594][ T6575] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  166.299832][ T6581] netlink: 'syz.1.139': attribute type 5 has an invalid length.
[  169.102014][ T5994] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  173.057238][ T6617] kAFS: No cell specified
[  174.171944][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  174.628289][ T6634] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  174.650501][ T6638] netlink: 'syz.1.153': attribute type 1 has an invalid length.
[  174.719482][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  174.731647][ T6638] 8021q: adding VLAN 0 to HW filter on device bond1
[  174.755334][ T6634] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  174.768534][ T6634] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  174.787174][ T6634] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  174.844648][ T6645] bond1: (slave gretap1): making interface the new active one
[  174.873525][ T6645] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  174.882558][    T8] usb 5-1: Using ep0 maxpacket: 8
[  174.916718][    T8] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  174.930180][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.959269][    T8] usb 5-1: Product: syz
[  174.966554][ T6638] vlan2: entered promiscuous mode
[  174.980383][    T8] usb 5-1: Manufacturer: syz
[  174.989579][ T6638] bond1: entered promiscuous mode
[  175.008147][    T8] usb 5-1: SerialNumber: syz
[  175.019492][ T6638] gretap1: entered promiscuous mode
[  175.943409][    T8] usb 5-1: config 0 descriptor??
[  176.153740][    T8] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  176.257444][ T6664] loop1: detected capacity change from 0 to 64
[  177.996743][ T6685] loop6: detected capacity change from 0 to 2048
[  178.207121][ T6685] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  178.703466][    T8] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  178.740498][    T8] usb 5-1: USB disconnect, device number 3
[  180.586852][ T6694] loop4: detected capacity change from 0 to 1764
[  182.351069][ T6712] netlink: 'syz.2.168': attribute type 5 has an invalid length.
[  185.420525][ T6744] trusted_key: encrypted_key: insufficient parameters specified
[  186.043457][ T6751] loop1: detected capacity change from 0 to 512
[  186.132520][ T6751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.145377][ T6751] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  188.142683][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.255071][ T6762] loop6: detected capacity change from 0 to 4096
[  188.643835][ T6762] ntfs3(loop6): ino=5, "/" directory corrupted
[  188.697583][ T6762] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  189.652155][ T6783] netlink: 'syz.3.187': attribute type 5 has an invalid length.
[  195.893062][ T6825] netlink: 8 bytes leftover after parsing attributes in process `syz.6.194'.
[  196.779414][ T5956] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  196.949450][ T5956] usb 4-1: Using ep0 maxpacket: 16
[  196.957026][ T5956] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  197.019866][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  197.086172][ T5956] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  197.107129][ T5956] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.139740][ T6846] netlink: 'syz.5.204': attribute type 5 has an invalid length.
[  197.148968][ T5956] usb 4-1: Product: syz
[  197.209052][ T5956] usb 4-1: Manufacturer: syz
[  197.260703][ T5956] usb 4-1: SerialNumber: syz
[  197.372583][ T5956] usb 4-1: config 0 descriptor??
[  197.417775][   T29] audit: type=1326 audit(1732586211.679:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.2.203" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccd577e819 code=0x0
[  198.474556][ T5956] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  198.485917][ T5956] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  198.758134][ T6858] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  198.785504][ T6858] Cannot find set identified by id 0 to match
[  198.979812][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  198.990441][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  198.999716][ T5857] Bluetooth: hci0: unexpected event 0x30 length: 34 > 3
[  199.506090][ T5956] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  199.532437][ T5956] em28xx 4-1:0.0: Config register raw data: 0x56
[  200.579445][ T5956] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  200.586488][ T5956] em28xx 4-1:0.0: No AC97 audio processor
[  201.064235][ T6873] loop2: detected capacity change from 0 to 2048
[  202.397260][ T6873] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  203.297480][ T6886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.214'.
[  203.560788][ T5914] usb 4-1: USB disconnect, device number 2
[  203.567602][ T5914] em28xx 4-1:0.0: Disconnecting em28xx
[  203.653327][ T5914] em28xx 4-1:0.0: Freeing device
[  204.505894][ T6896] netlink: 64 bytes leftover after parsing attributes in process `syz.4.219'.
[  204.597899][ T6899] netlink: 'syz.5.220': attribute type 5 has an invalid length.
[  204.792176][ T6906] kAFS: No cell specified
[  206.322950][ T6920] loop3: detected capacity change from 0 to 1024
[  208.133555][ T6931] loop6: detected capacity change from 0 to 2048
[  208.151566][ T5914] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  208.485299][ T6931] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  208.559470][ T5914] usb 5-1: Using ep0 maxpacket: 32
[  208.598025][ T5914] usb 5-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=99.db
[  208.702864][ T6920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.749420][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.850072][ T5914] usb 5-1: config 0 descriptor??
[  209.182748][ T5914] pwc: Logitech ViewPort AV 100 webcam detected.
[  209.485260][ T5914] pwc: Failed to set LED on/off time (-71)
[  209.493942][   T29] audit: type=1800 audit(1732586223.689:6): pid=6948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.226" name="bus" dev="loop3" ino=18 res=0 errno=0
[  209.525680][ T5914] pwc: send_video_command error -71
[  209.670477][   T29] audit: type=1804 audit(1732586223.709:7): pid=6948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.226" name="/newroot/40/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  209.828026][ T5914] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  209.837772][ T5914] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  209.851178][ T5914] usb 5-1: USB disconnect, device number 4
[  210.323730][ T6953] loop2: detected capacity change from 0 to 32768
[  210.335624][ T6953] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.235 (6953)
[  210.371755][ T6953] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  210.383368][ T6953] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  210.392260][ T6953] BTRFS info (device loop2): using free-space-tree
[  211.018009][ T6971] loop5: detected capacity change from 0 to 40427
[  211.052323][ T6971] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  211.060292][ T6971] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  211.118490][ T6971] F2FS-fs (loop5): invalid crc value
[  211.168196][ T6971] F2FS-fs (loop5): Found nat_bits in checkpoint
[  211.316491][   T81] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  211.472190][   T81] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28
[  211.550187][ T6971] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  211.557527][ T6971] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  211.893056][   T81] EXT4-fs (loop3): This should not happen!! Data will be lost
[  211.893056][   T81] 
[  211.919495][   T81] EXT4-fs (loop3): Total free blocks count 0
[  211.925558][   T81] EXT4-fs (loop3): Free/Dirty block details
[  211.963313][   T81] EXT4-fs (loop3): free_blocks=68451041280
[  211.969407][   T81] EXT4-fs (loop3): dirty_blocks=16
[  211.974630][   T81] EXT4-fs (loop3): Block reservation details
[  212.014489][   T81] EXT4-fs (loop3): i_reserved_data_blocks=1
[  212.561310][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.739478][   T29] audit: type=1800 audit(1732586226.839:8): pid=6997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.235" name="file1" dev="loop2" ino=260 res=0 errno=0
[  212.923870][ T6494] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  212.945006][ T6494] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  215.237806][ T5848] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.212293][ T7029] netlink: 88 bytes leftover after parsing attributes in process `syz.4.246'.
[  216.616364][ T7044] loop1: detected capacity change from 0 to 512
[  216.729647][ T5862] Bluetooth: hci1: command 0x0406 tx timeout
[  216.737022][ T5857] Bluetooth: hci5: command 0x0406 tx timeout
[  216.763691][ T5868] Bluetooth: hci4: command 0x0406 tx timeout
[  216.770502][ T5857] Bluetooth: hci2: command 0x0406 tx timeout
[  216.776579][ T5857] Bluetooth: hci3: command 0x0406 tx timeout
[  217.044840][ T7044] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  217.061568][ T7044] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.528669][ T7062] loop3: detected capacity change from 0 to 1024
[  218.210715][ T7062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.425690][ T7072] loop5: detected capacity change from 0 to 2048
[  219.455928][ T7076] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  219.594203][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  219.771433][   T29] audit: type=1800 audit(1732586234.039:9): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.252" name="bus" dev="loop3" ino=18 res=0 errno=0
[  219.922032][   T29] audit: type=1804 audit(1732586234.149:10): pid=7083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.252" name="/newroot/43/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  222.473326][ T7054] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  222.936443][ T7112] loop1: detected capacity change from 0 to 1024
[  223.011247][ T7112] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  224.109522][ T7126] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  224.151883][ T7112] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  224.240144][ T7112] EXT4-fs (loop1): orphan cleanup on readonly fs
[  224.278556][ T7112] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  224.368236][ T7112] EXT4-fs (loop1): Remounting filesystem read-only
[  224.408457][ T7112] Quota error (device loop1): write_blk: dquota write failed
[  224.416178][ T7112] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  224.426427][ T7112] EXT4-fs (loop1): 1 truncate cleaned up
[  224.630917][ T7112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  224.823569][ T1080] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28
[  224.895242][ T1080] EXT4-fs (loop3): This should not happen!! Data will be lost
[  224.895242][ T1080] 
[  224.959062][ T1080] EXT4-fs (loop3): Total free blocks count 0
[  225.005416][ T1080] EXT4-fs (loop3): Free/Dirty block details
[  225.015671][ T1080] EXT4-fs (loop3): free_blocks=68451041280
[  225.049355][ T1080] EXT4-fs (loop3): dirty_blocks=16
[  225.055080][ T1080] EXT4-fs (loop3): Block reservation details
[  225.064697][ T1080] EXT4-fs (loop3): i_reserved_data_blocks=1
[  225.197628][ T7142] loop6: detected capacity change from 0 to 512
[  225.289025][ T7114] syz.5.259 (7114): drop_caches: 2
[  225.451975][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.520617][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.564353][ T7142] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  225.629456][ T7142] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.769044][ T5856] Bluetooth: hci0: command 0x0406 tx timeout
[  227.369866][ T5994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  228.949784][ T7148] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.970137][ T7148] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  229.076157][ T7185] loop4: detected capacity change from 0 to 1024
[  229.089427][ T7185] EXT4-fs: Ignoring removed oldalloc option
[  229.122094][ T7185] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  230.098625][ T7176] loop1: detected capacity change from 0 to 32768
[  230.121458][ T7148] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  230.139523][ T7176] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.271 (7176)
[  230.159405][ T7148] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  230.350508][ T7185] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.369368][ T7176] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  230.385294][ T7176] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  230.397001][ T7148] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  230.399417][ T7176] BTRFS info (device loop1): using free-space-tree
[  230.410021][ T7148] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  230.490186][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  230.512390][ T7148] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  230.610212][ T7148] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  230.645611][ T7148] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  230.653155][ T7148] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  230.691934][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  230.692312][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  230.729834][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  230.741328][ T7193] loop2: detected capacity change from 0 to 32768
[  230.882645][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  230.882938][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  230.976054][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  231.056081][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  231.095739][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  231.156578][ T7187] loop3: detected capacity change from 0 to 32768
[  231.179900][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  231.180179][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  231.572190][ T7187] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.277 (7187)
[  231.768363][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  231.769140][ T7176] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  231.827714][ T7193] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  231.928638][ T7176] BTRFS error (device loop1): open_ctree failed
[  232.035249][ T7187] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  232.045616][ T7187] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  232.102527][ T7187] BTRFS info (device loop3): using free-space-tree
[  232.118003][   T29] audit: type=1326 audit(1732587462.383:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.6.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febf1b7e819 code=0x7ffc0000
[  232.118814][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  232.154420][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  232.164801][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  232.175852][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  232.186746][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  232.196199][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  232.205881][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  232.216603][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  232.227934][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  232.228007][   T29] audit: type=1326 audit(1732587462.433:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.6.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febf1b7e819 code=0x7ffc0000
[  232.239545][ T7187] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  232.280357][ T7187] BTRFS error (device loop3): open_ctree failed
[  232.319503][   T29] audit: type=1326 audit(1732587462.433:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.6.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7febf1b7e819 code=0x7ffc0000
[  232.324954][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.407545][   T29] audit: type=1326 audit(1732587462.433:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.6.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febf1b7e819 code=0x7ffc0000
[  232.691036][ T7193] XFS (loop2): Ending clean mount
[  232.706204][   T29] audit: type=1326 audit(1732587462.433:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.6.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febf1b7e819 code=0x7ffc0000
[  233.051416][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  233.603838][ T7276] loop3: detected capacity change from 0 to 512
[  235.920334][ T7276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  236.148654][ T7276] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.888565][ T7148] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  237.052581][ T7148] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  237.530573][ T7321] loop6: detected capacity change from 0 to 4096
[  237.559587][ T7321] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  237.583734][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  237.710479][ T7321] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  237.919632][ T7321] ntfs3(loop6): ino=21, The size of extended attributes must not exceed 64KiB
[  238.379543][ T5914] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  238.497376][ T7348] loop6: detected capacity change from 0 to 128
[  238.596563][ T7348] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  238.721820][ T5914] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  239.003010][ T5914] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  239.115021][ T7342] loop1: detected capacity change from 0 to 4096
[  239.425219][ T7342] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  239.434381][ T5914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.452136][ T5914] usb 6-1: config 0 descriptor??
[  239.463311][ T5914] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  240.029981][ T7342] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  242.020335][ T7375] ipvlan2: entered promiscuous mode
[  242.346810][ T7375] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  242.372860][ T7375] team0: Device ipvlan2 is already an upper device of the team interface
[  243.016094][ T5956] usb 6-1: USB disconnect, device number 2
[  243.362781][ T7395] loop4: detected capacity change from 0 to 1024
[  243.370687][ T7395] EXT4-fs: Ignoring removed orlov option
[  243.469574][ T7390] loop1: detected capacity change from 0 to 512
[  243.868985][ T7391] loop2: detected capacity change from 0 to 40427
[  244.073728][ T7391] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  244.081645][ T7391] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  244.101009][ T7395] EXT4-fs (loop4): Test dummy encryption mode enabled
[  244.108408][ T7395] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  244.131960][ T7391] F2FS-fs (loop2): invalid crc value
[  244.203480][ T7391] F2FS-fs (loop2): Found nat_bits in checkpoint
[  244.314513][ T7391] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  244.323701][ T7391] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  244.462114][ T7395] EXT4-fs warning (device loop4): ext4_enable_quotas:7152: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  244.479005][ T7390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  244.563328][ T7415] netlink: 'syz.3.314': attribute type 5 has an invalid length.
[  244.596326][ T7395] EXT4-fs (loop4): mount failed
[  244.609559][ T7390] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.654556][ T7391] syz.2.310: attempt to access beyond end of device
[  244.654556][ T7391] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  245.382503][ T7426] input: syz1 as /devices/virtual/input/input15
[  245.863494][ T7429] loop4: detected capacity change from 0 to 164
[  246.956570][   T66] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  246.970539][ T7435] netlink: 'syz.5.318': attribute type 1 has an invalid length.
[  247.224511][   T66] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  247.834517][ T7425] loop3: detected capacity change from 0 to 2048
[  247.926189][ T7425] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  248.410219][ T7435] 8021q: adding VLAN 0 to HW filter on device bond1
[  248.630222][ T7442] 8021q: adding VLAN 0 to HW filter on device bond1
[  248.637527][ T7442] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  248.659978][ T7442] bond1: (slave ip6tnl1): Error -95 calling set_mac_address
[  248.782161][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  251.226802][ T7473] warning: `syz.1.328' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  251.589439][  T969] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  251.744506][  T969] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  251.799802][  T969] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  251.808913][  T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.828312][ T7485] netlink: 'syz.6.329': attribute type 5 has an invalid length.
[  252.774331][  T969] usb 5-1: config 0 descriptor??
[  252.783727][  T969] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  252.990337][ T7502] loop2: detected capacity change from 0 to 128
[  253.078862][ T7502] VFS: Found a Xenix FS (block size = 1024) on device loop2
[  253.172162][ T7502] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  254.266760][ T7513] loop3: detected capacity change from 0 to 512
[  254.412125][ T7518] QAT: Invalid ioctl 1074554389
[  254.655512][ T7520] loop6: detected capacity change from 0 to 2048
[  254.856525][ T7513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  254.885044][ T7520] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c018, mo2=0102]
[  254.904838][ T7520] System zones: 0-7
[  254.922235][  T969] usb 5-1: USB disconnect, device number 5
[  254.955942][ T7520] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.011025][ T7513] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.049761][ T7525] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  257.349074][ T7534] loop2: detected capacity change from 0 to 65536
[  257.355586][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  257.476337][ T7534] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  257.891841][ T7562] netlink: 'syz.1.343': attribute type 5 has an invalid length.
[  258.316447][ T7534] XFS (loop2): Torn write (CRC failure) detected at log block 0x10. Truncating head block from 0x12.
[  258.406977][ T7534] XFS (loop2): Internal error rhead->h_magicno != cpu_to_be32(XLOG_HEADER_MAGIC_NUM) at line 2951 of file fs/xfs/xfs_log_recover.c.  Caller xlog_valid_rec_header+0x2ff/0x3e0
[  258.424729][ T7534] CPU: 0 UID: 0 PID: 7534 Comm: syz.2.339 Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  258.435019][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  258.445239][ T7534] Call Trace:
[  258.448639][ T7534]  <TASK>
[  258.451602][ T7534]  dump_stack_lvl+0x16c/0x1f0
[  258.456349][ T7534]  xfs_corruption_error+0x12f/0x150
[  258.461618][ T7534]  ? xlog_valid_rec_header+0x2ff/0x3e0
[  258.467148][ T7534]  xlog_valid_rec_header+0x34a/0x3e0
[  258.472491][ T7534]  ? xlog_valid_rec_header+0x2ff/0x3e0
[  258.478007][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.483724][ T7534]  xlog_do_recovery_pass+0x952/0xd80
[  258.489101][ T7534]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  258.494981][ T7534]  ? xlog_bread+0x9a/0xc0
[  258.499406][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.505117][ T7534]  ? __kvmalloc_node_noprof+0x7c/0x1a0
[  258.510638][ T7534]  xlog_verify_tail+0x1e0/0x4f0
[  258.515563][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.521271][ T7534]  ? xlog_rseek_logrec_hdr+0x292/0x590
[  258.526974][ T7534]  ? __pfx_xlog_verify_tail+0x10/0x10
[  258.532476][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.538284][ T7534]  xlog_verify_head+0x264/0x530
[  258.543221][ T7534]  ? __pfx_xlog_verify_head+0x10/0x10
[  258.548662][ T7534]  ? __entry_text_end+0x1020c5/0x1020c9
[  258.554282][ T7534]  ? xlog_check_unmount_rec+0x1fd/0x550
[  258.559900][ T7534]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  258.565861][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.571570][ T7534]  ? __kvmalloc_node_noprof+0x7c/0x1a0
[  258.577184][ T7534]  xlog_find_tail+0x85d/0xf00
[  258.581957][ T7534]  ? __pfx_xlog_find_tail+0x10/0x10
[  258.587241][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.592947][ T7534]  ? mark_held_locks+0x9f/0xe0
[  258.597771][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.603475][ T7534]  ? lockdep_hardirqs_on+0x7c/0x110
[  258.608839][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.614644][ T7534]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  258.620515][ T7534]  xlog_recover+0x8f/0x4e0
[  258.625000][ T7534]  ? __pfx_xlog_recover+0x10/0x10
[  258.630111][ T7534]  xfs_log_mount+0x234/0x460
[  258.634753][ T7534]  xfs_mountfs+0x1220/0x2230
[  258.639422][ T7534]  ? __pfx_xfs_mountfs+0x10/0x10
[  258.644422][ T7534]  ? do_init_timer+0xc9/0x110
[  258.649174][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.654874][ T7534]  ? xfs_mru_cache_create+0x4be/0x5d0
[  258.660315][ T7534]  ? __pfx_xfs_fstrm_free_func+0x10/0x10
[  258.666009][ T7534]  xfs_fs_fill_super+0x1557/0x1f50
[  258.671194][ T7534]  get_tree_bdev_flags+0x38e/0x620
[  258.676381][ T7534]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  258.681916][ T7534]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  258.687620][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.693327][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.699020][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.704740][ T7534]  vfs_get_tree+0x92/0x380
[  258.709209][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.714902][ T7534]  path_mount+0x14e6/0x1f20
[  258.719440][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.725130][ T7534]  ? kmem_cache_free+0x152/0x4b0
[  258.730107][ T7534]  ? __pfx_path_mount+0x10/0x10
[  258.735004][ T7534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  258.740694][ T7534]  ? putname+0x13c/0x180
[  258.744984][ T7534]  __x64_sys_mount+0x294/0x320
[  258.749791][ T7534]  ? __pfx___x64_sys_mount+0x10/0x10
[  258.755111][ T7534]  ? do_user_addr_fault+0x83d/0x13f0
[  258.760443][ T7534]  do_syscall_64+0xcd/0x250
[  258.764998][ T7534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.771033][ T7534] RIP: 0033:0x7fccd577ffba
[  258.775476][ T7534] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.795116][ T7534] RSP: 002b:00007fccd662be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  258.803564][ T7534] RAX: ffffffffffffffda RBX: 00007fccd662bef0 RCX: 00007fccd577ffba
[  258.811564][ T7534] RDX: 0000000020000800 RSI: 0000000020000000 RDI: 00007fccd662beb0
[  258.819559][ T7534] RBP: 0000000020000800 R08: 00007fccd662bef0 R09: 0000000003000010
[  258.827639][ T7534] R10: 0000000003000010 R11: 0000000000000246 R12: 0000000020000000
[  258.835635][ T7534] R13: 00007fccd662beb0 R14: 000000000000b967 R15: 00000000200002c0
[  258.843655][ T7534]  </TASK>
[  258.847741][ T7534] XFS (loop2): Corruption detected. Unmount and run xfs_repair
[  258.855556][ T7534] XFS (loop2): failed to locate log tail
[  258.861588][ T7534] XFS (loop2): log mount/recovery failed: error -117
[  259.017507][ T7534] XFS (loop2): log mount failed
[  259.038651][ T5994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.054855][ T7572] loop1: detected capacity change from 0 to 512
[  259.149690][ T7572] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  259.220378][ T7572] EXT4-fs (loop1): orphan cleanup on readonly fs
[  259.494926][ T7578] loop5: detected capacity change from 0 to 2048
[  260.132927][ T7578] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  260.242397][ T7572] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.346: bg 0: block 248: padding at end of block bitmap is not set
[  260.319585][ T7572] Quota error (device loop1): write_blk: dquota write failed
[  260.349649][ T7572] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  260.380944][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  260.387508][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  260.432326][ T7572] EXT4-fs error (device loop1): ext4_acquire_dquot:6936: comm syz.1.346: Failed to acquire dquot type 1
[  260.488195][ T5956] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  260.929863][ T5956] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  261.301462][ T7572] EXT4-fs (loop1): 1 truncate cleaned up
[  261.358428][ T7595] binder: 7592:7595 ioctl c0306201 0 returned -14
[  261.434946][ T5956] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  261.449782][ T5956] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.759023][ T5956] usb 3-1: config 0 descriptor??
[  261.809914][ T7597] netlink: 48 bytes leftover after parsing attributes in process `syz.5.353'.
[  261.937017][ T5956] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  261.992923][ T7572] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.006623][ T7572] syz.1.346 (7572) used greatest stack depth: 20192 bytes left
[  264.252552][    T8] usb 3-1: USB disconnect, device number 2
[  264.345989][ T7615] loop4: detected capacity change from 0 to 16
[  265.273480][ T7618] netlink: 'syz.2.359': attribute type 5 has an invalid length.
[  266.081275][ T7615] erofs (device loop4): mounted with root inode @ nid 36.
[  266.125839][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.272838][ T7627] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  266.826883][ T7640] loop4: detected capacity change from 0 to 1024
[  266.875254][ T7640] EXT4-fs: Ignoring removed oldalloc option
[  266.930419][ T7640] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  267.100677][ T7640] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.768341][ T7663] loop3: detected capacity change from 0 to 1024
[  268.777026][ T7663] hfsplus: unable to find HFS+ superblock
[  269.944852][   T29] audit: type=1800 audit(1732587500.183:16): pid=7666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.364" name="file1" dev="loop4" ino=15 res=0 errno=0
[  270.149686][ T7672] netlink: 32 bytes leftover after parsing attributes in process `syz.5.370'.
[  270.230109][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.499436][ T5915] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  272.692071][ T5915] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  272.745596][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  272.779195][ T7692] loop1: detected capacity change from 0 to 16
[  272.799759][ T7691] netlink: 'syz.4.374': attribute type 5 has an invalid length.
[  272.865213][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  272.887076][ T7692] erofs (device loop1): mounted with root inode @ nid 36.
[  272.893441][ T5915] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  272.989369][ T5915] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  273.016384][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.092765][ T5915] usb 3-1: config 0 descriptor??
[  273.409314][ T7700] loop4: detected capacity change from 0 to 2048
[  273.862307][ T7700] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  274.177897][ T5915] usb 3-1: can't set config #0, error -71
[  274.190436][ T5915] usb 3-1: USB disconnect, device number 3
[  274.598624][ T7709] input: syz1 as /devices/virtual/input/input16
[  275.500717][ T7718] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  276.332891][ T7725] loop4: detected capacity change from 0 to 2048
[  277.820112][ T7725] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  278.297936][ T7757] loop1: detected capacity change from 0 to 32768
[  278.806573][ T7757] (syz.1.384,7757,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  279.609898][ T7757] (syz.1.384,7757,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  279.966962][ T7798] loop2: detected capacity change from 0 to 16
[  280.012169][ T7798] erofs (device loop2): mounted with root inode @ nid 36.
[  280.027078][ T7793] loop5: detected capacity change from 0 to 512
[  280.076460][ T7757] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  280.089357][ T7757] (syz.1.384,7757,1):ocfs2_initialize_super:2281 ERROR: status = -12
[  280.155471][ T7802] lo: entered allmulticast mode
[  280.189973][ T7757] (syz.1.384,7757,0):ocfs2_fill_super:1178 ERROR: status = -12
[  280.353247][ T7793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  280.563516][ T7793] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.920003][ T7802] tunl0: entered allmulticast mode
[  281.239753][ T7802] gre0: entered allmulticast mode
[  281.621534][ T7802] gretap0: entered allmulticast mode
[  281.874054][ T7802] erspan0: entered allmulticast mode
[  281.905332][ T7802] ip_vti0: entered allmulticast mode
[  282.230474][ T7802] ip6_vti0: entered allmulticast mode
[  282.282934][ T7802] sit0: entered allmulticast mode
[  282.301159][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  283.016174][ T7802] ip6tnl0: entered allmulticast mode
[  283.271146][ T7802] ip6gre0: entered allmulticast mode
[  285.134019][ T7802] syz_tun: entered allmulticast mode
[  285.169477][  T969] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  285.275763][ T7848] loop3: detected capacity change from 0 to 512
[  285.283085][ T7848] ext4: Unknown parameter 'appraise_type'
[  285.623618][ T7802] ip6gretap0: entered allmulticast mode
[  285.954094][ T7802] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.963289][ T7802] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.397717][ T7854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.400'.
[  286.440096][ T7802] bridge0: entered allmulticast mode
[  286.519005][ T7802] vcan0: entered allmulticast mode
[  286.553493][ T7802] bond0: entered allmulticast mode
[  286.608332][ T7802] bond_slave_0: entered allmulticast mode
[  286.614240][ T7802] bond_slave_1: entered allmulticast mode
[  286.653708][ T7857] loop6: detected capacity change from 0 to 2048
[  286.692234][ T7857] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  286.762579][ T7802] team0: entered allmulticast mode
[  286.788142][ T7802] team_slave_0: entered allmulticast mode
[  286.818720][ T7802] team_slave_1: entered allmulticast mode
[  286.867139][ T7802] dummy0: entered allmulticast mode
[  286.898671][ T7802] nlmon0: entered allmulticast mode
[  286.931832][ T7802] caif0: entered allmulticast mode
[  286.949002][ T7802] batadv0: entered allmulticast mode
[  287.042470][ T7802] vxcan0: entered allmulticast mode
[  287.058897][ T7866] loop6: detected capacity change from 0 to 16
[  287.065554][ T7802] vxcan1: entered allmulticast mode
[  287.079370][ T7802] veth0: entered allmulticast mode
[  287.089328][ T7866] erofs (device loop6): mounted with root inode @ nid 36.
[  287.098227][ T7802] veth1: entered allmulticast mode
[  287.135153][ T7802] wg0: entered allmulticast mode
[  287.172785][ T7802] wg1: entered allmulticast mode
[  287.194940][ T7802] wg2: entered allmulticast mode
[  287.216579][ T7802] veth0_to_bridge: entered allmulticast mode
[  287.287505][ T7802] veth1_to_bridge: entered allmulticast mode
[  287.327960][ T7802] veth0_to_bond: entered allmulticast mode
[  287.346510][ T7802] veth1_to_bond: entered allmulticast mode
[  287.365303][ T7802] veth0_to_team: entered allmulticast mode
[  287.417256][ T7802] veth1_to_team: entered allmulticast mode
[  287.431438][ T7802] veth0_to_batadv: entered allmulticast mode
[  287.565855][ T7802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.574332][ T7802] batadv_slave_0: entered allmulticast mode
[  287.583492][ T7802] veth1_to_batadv: entered allmulticast mode
[  287.698112][ T7802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.719835][ T7802] batadv_slave_1: entered allmulticast mode
[  288.052123][ T7802] xfrm0: entered allmulticast mode
[  288.064838][ T7802] veth0_to_hsr: entered allmulticast mode
[  288.073264][ T7802] hsr_slave_0: entered allmulticast mode
[  288.099842][ T7802] veth1_to_hsr: entered allmulticast mode
[  288.119666][ T7802] hsr_slave_1: entered allmulticast mode
[  288.554923][ T7802] hsr0: entered allmulticast mode
[  288.695959][ T7802] veth1_virt_wifi: entered allmulticast mode
[  288.748320][ T7802] veth0_virt_wifi: entered allmulticast mode
[  288.785811][ T7802] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  288.827500][ T7802] veth1_vlan: entered allmulticast mode
[  288.856795][ T7802] veth0_vlan: entered allmulticast mode
[  288.895035][ T7868] loop6: detected capacity change from 0 to 32768
[  288.926124][ T7802] vlan0: entered allmulticast mode
[  288.957251][ T7802] vlan1: entered allmulticast mode
[  288.991563][ T7802] macvlan0: entered allmulticast mode
[  289.005240][ T7802] macvlan1: entered allmulticast mode
[  289.021687][ T7802] ipvlan0: entered allmulticast mode
[  289.027140][ T7802] ipvlan1: entered allmulticast mode
[  289.045965][ T7802] veth1_macvtap: entered allmulticast mode
[  289.054740][ T7868] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  289.068688][ T7802] veth0_macvtap: entered allmulticast mode
[  289.148413][ T7880] loop1: detected capacity change from 0 to 512
[  289.258461][ T7802] macvtap0: entered allmulticast mode
[  289.272955][ T7880] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  289.306517][ T7802] macsec0: entered allmulticast mode
[  289.316223][ T7880] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.352164][ T7802] geneve0: entered allmulticast mode
[  289.388641][ T7802] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.411589][ T7802] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.428944][ T7802] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.461188][ T7802] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.486768][ T7802] geneve1: entered allmulticast mode
[  289.527222][ T5994] ocfs2: Unmounting device (7,6) on (node local)
[  289.539426][ T7802] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  289.736731][ T7802] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[  289.755823][ T7802] netdevsim netdevsim4 netdevsim2: entered allmulticast mode
[  290.854543][ T7802] netdevsim netdevsim4 netdevsim3: entered allmulticast mode
[  290.957230][ T7802] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  291.626762][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  292.055468][ T7904] loop1: detected capacity change from 0 to 512
[  292.062752][ T7904] EXT4-fs: Ignoring removed orlov option
[  292.168615][ T7904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.188654][ T7904] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.132289][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.735556][ T7923] loop6: detected capacity change from 0 to 2048
[  293.992672][ T7923] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  294.165092][ T7926] loop1: detected capacity change from 0 to 16
[  294.244308][ T7926] erofs (device loop1): mounted with root inode @ nid 36.
[  295.776695][ T7934] loop5: detected capacity change from 0 to 512
[  295.911524][ T7925] loop4: detected capacity change from 0 to 8192
[  295.939844][ T7937] team_slave_0: entered promiscuous mode
[  295.945819][ T7937] team_slave_1: entered promiscuous mode
[  295.991099][ T7934] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  296.058553][ T7937] team0: Device macsec1 is already an upper device of the team interface
[  296.149384][ T7934] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.810523][ T7945] loop1: detected capacity change from 0 to 40427
[  296.881587][ T7945] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  296.889582][ T7945] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  296.904154][ T7945] F2FS-fs (loop1): invalid crc value
[  297.157139][ T7937] team_slave_0: left promiscuous mode
[  297.162763][ T7937] team_slave_1: left promiscuous mode
[  297.171258][ T7945] F2FS-fs (loop1): Found nat_bits in checkpoint
[  297.282404][ T7945] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  297.289759][ T7945] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  297.361939][ T7952] netlink: 16 bytes leftover after parsing attributes in process `syz.2.425'.
[  298.683701][ T7957] overlayfs: invalid redirect ((null))
[  298.788912][   T66] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  299.145511][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  299.159786][   T66] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  300.500657][ T7979] loop6: detected capacity change from 0 to 2048
[  300.669523][ T7979] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  301.287717][ T7981] loop6: detected capacity change from 0 to 16
[  301.330901][ T7966] loop2: detected capacity change from 0 to 32768
[  302.579416][ T7966] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.432 (7966)
[  302.733001][ T7981] erofs (device loop6): mounted with root inode @ nid 36.
[  302.989570][ T7966] BTRFS error (device loop2): open_ctree failed
[  303.134760][ T7992] loop5: detected capacity change from 0 to 512
[  303.303199][ T7992] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  303.339903][ T7999] netlink: 16 bytes leftover after parsing attributes in process `syz.3.442'.
[  303.369686][ T7992] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.348806][ T8011] loop4: detected capacity change from 0 to 2048
[  305.635046][ T8017] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  306.034543][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  310.039222][    T9] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  310.265156][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.6.452'.
[  310.286976][ T8034] netlink: 28 bytes leftover after parsing attributes in process `syz.6.452'.
[  310.339682][ T8040] loop3: detected capacity change from 0 to 16
[  310.363781][ T8040] erofs (device loop3): mounted with root inode @ nid 36.
[  310.521781][ T8034] bond0: entered promiscuous mode
[  310.538804][ T8034] bond_slave_0: entered promiscuous mode
[  310.575453][ T8034] bond_slave_1: entered promiscuous mode
[  312.003983][ T8034] bond0: left promiscuous mode
[  312.008826][ T8034] bond_slave_0: left promiscuous mode
[  312.047958][ T8034] bond_slave_1: left promiscuous mode
[  312.203026][ T8056] loop2: detected capacity change from 0 to 64
[  312.269445][ T5956] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  312.291319][ T8058] loop3: detected capacity change from 0 to 512
[  312.417112][ T8058] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  312.451587][ T8058] EXT4-fs (loop3): invalid journal inode
[  312.479585][ T8058] EXT4-fs (loop3): can't get journal size
[  312.612863][ T8062] loop4: detected capacity change from 0 to 512
[  312.619760][ T8058] EXT4-fs (loop3): 1 truncate cleaned up
[  312.640650][ T8058] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.669455][ T5913] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  313.098431][ T8062] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  313.164482][ T8062] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.279308][ T5956] usb 2-1: Using ep0 maxpacket: 8
[  313.288014][ T5956] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.298782][ T5956] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  313.310345][ T5956] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  313.319628][ T5956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.327665][ T5956] usb 2-1: Product: syz
[  313.339301][ T5956] usb 2-1: Manufacturer: syz
[  313.343938][ T5956] usb 2-1: SerialNumber: syz
[  313.365594][ T5956] usb 2-1: config 0 descriptor??
[  313.691224][ T5913] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  313.700335][ T5913] usb 6-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  313.709498][ T5913] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.720270][ T5913] usb 6-1: config 0 descriptor??
[  314.020387][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  314.743879][ T8075] loop2: detected capacity change from 0 to 32768
[  316.129377][ T5956] usb 2-1: USB disconnect, device number 2
[  316.242335][    T9] usb 6-1: USB disconnect, device number 3
[  317.456520][ T8102] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  317.828368][ T8116] loop5: detected capacity change from 0 to 16
[  317.880981][ T8116] erofs (device loop5): mounted with root inode @ nid 36.
[  318.452596][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.412269][  T969] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  320.799469][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  320.819508][  T969] usb 2-1: Using ep0 maxpacket: 8
[  320.835952][  T969] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  321.649409][    T9] usb 5-1: Using ep0 maxpacket: 8
[  321.699518][  T969] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  321.742446][  T969] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  321.752706][    T9] usb 5-1: config 0 has no interfaces?
[  321.758222][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  321.768072][  T969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.780240][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.780975][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  321.795369][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  321.810570][    T9] usb 5-1: config 0 descriptor??
[  321.820619][  T969] usb 2-1: Product: syz
[  321.824834][  T969] usb 2-1: Manufacturer: syz
[  321.850133][  T969] usb 2-1: SerialNumber: syz
[  321.902852][ T8163] loop5: detected capacity change from 0 to 16
[  321.915753][  T969] usb 2-1: config 0 descriptor??
[  321.929955][ T8163] erofs (device loop5): mounted with root inode @ nid 36.
[  321.960632][ T8165] netlink: 'syz.2.490': attribute type 1 has an invalid length.
[  322.120725][ T8167] loop2: detected capacity change from 0 to 512
[  322.122863][  T969] usb 5-1: USB disconnect, device number 6
[  322.233996][ T8167] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  322.256265][ T8167] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.519514][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  322.775790][ T8184] loop5: detected capacity change from 0 to 2048
[  322.864740][ T8184] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.056676][    T8] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  323.112658][    T8] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  323.167086][    T8] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  323.176913][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  323.179440][   T29] audit: type=1804 audit(1732587553.433:17): pid=8184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.495" name="/newroot/85/file0/bus/bus/bus" dev="overlay" ino=23 res=1 errno=0
[  323.185586][    T8] usb 7-1: SerialNumber: syz
[  323.297213][ T8191] loop1: detected capacity change from 0 to 64
[  323.326364][ T5927] usb 2-1: USB disconnect, device number 3
[  323.365305][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  323.408803][ T8191] Trying to free block not in datazone
[  323.421187][ T8191] Trying to free block not in datazone
[  323.427237][ T8191] Trying to free block not in datazone
[  323.435816][    T8] usb 7-1: 0:2 : does not exist
[  323.442058][ T8191] Trying to free block not in datazone
[  323.442396][    T8] usb 7-1: unit 255 not found!
[  323.460621][    T8] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[  323.610739][    T8] usb 7-1: USB disconnect, device number 2
[  325.388193][ T8198] ebt_among: wrong size: 1048 against expected 710676, rounded to 710680
[  325.399887][ T6119] udevd[6119]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  325.679520][ T5927] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  326.733276][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.078712][ T8213] netlink: 136 bytes leftover after parsing attributes in process `syz.6.505'.
[  327.128433][ T8207] loop2: detected capacity change from 0 to 32768
[  327.148846][ T5927] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  327.169320][ T5927] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  327.179221][ T5927] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  327.209292][ T5927] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.927877][ T8220] block device autoloading is deprecated and will be removed.
[  327.938969][ T8220] syz.5.501: attempt to access beyond end of device
[  327.938969][ T8220] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  330.440683][ T5927] usb 2-1: can't set config #27, error -71
[  330.448210][ T5927] usb 2-1: USB disconnect, device number 4
[  331.588168][ T8229] tty tty27: ldisc open failed (-12), clearing slot 26
[  332.239365][ T5914] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  332.399373][ T5914] usb 7-1: Using ep0 maxpacket: 8
[  332.459405][ T5914] usb 7-1: config 0 has no interfaces?
[  332.465040][ T5914] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  332.474413][ T5914] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.478650][ T8249] loop1: detected capacity change from 0 to 512
[  332.491075][ T8249] ext4: Unknown parameter 'appraise_type'
[  332.516059][ T5914] usb 7-1: config 0 descriptor??
[  333.701792][    T9] usb 7-1: USB disconnect, device number 3
[  335.017934][ T8262] loop2: detected capacity change from 0 to 8
[  335.047916][ T8262] SQUASHFS error: zlib decompression failed, data probably corrupt
[  335.057414][ T8262] SQUASHFS error: Failed to read block 0x9b: -5
[  335.063790][ T8262] SQUASHFS error: Unable to read metadata cache entry [99]
[  335.071235][ T8262] SQUASHFS error: Unable to read inode 0x127
[  335.628348][ T8270] netlink: 136 bytes leftover after parsing attributes in process `syz.6.521'.
[  339.406452][ T8272] netlink: 'syz.2.522': attribute type 29 has an invalid length.
[  342.083215][ T8304] loop1: detected capacity change from 0 to 2048
[  342.277838][ T8304] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  342.426065][ T8303] loop3: detected capacity change from 0 to 512
[  342.445162][ T8303] ext4: Unknown parameter 'appraise_type'
[  343.073192][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.5.526'.
[  344.184881][ T8319] netlink: 16 bytes leftover after parsing attributes in process `syz.5.537'.
[  344.520328][ T8327] netlink: 136 bytes leftover after parsing attributes in process `syz.5.540'.
[  344.539405][ T5913] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  345.640771][ T8333] loop5: detected capacity change from 0 to 2048
[  345.722475][ T8334] loop4: detected capacity change from 0 to 8
[  345.750547][ T8335] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  346.453567][ T8334] SQUASHFS error: zlib decompression failed, data probably corrupt
[  346.499384][ T8334] SQUASHFS error: Failed to read block 0x9b: -5
[  346.511226][ T5913] usb 3-1: Using ep0 maxpacket: 8
[  346.599349][ T8334] SQUASHFS error: Unable to read metadata cache entry [99]
[  346.606714][ T8334] SQUASHFS error: Unable to read inode 0x127
[  346.743550][ T5913] usb 3-1: config 0 has no interfaces?
[  346.749106][ T5913] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  346.882437][ T5913] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.386912][ T5913] usb 3-1: config 0 descriptor??
[  347.415294][ T5913] usb 3-1: can't set config #0, error -71
[  347.422544][ T5913] usb 3-1: USB disconnect, device number 5
[  348.170403][ T8349] loop3: detected capacity change from 0 to 64
[  348.367399][ T8348] loop1: detected capacity change from 0 to 4096
[  348.722182][ T8355] loop5: detected capacity change from 0 to 128
[  349.359722][ T8355] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  349.812996][ T8365] loop4: detected capacity change from 0 to 2048
[  349.887448][ T8365] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  350.269529][ T8355] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  351.267908][ T8373] loop4: detected capacity change from 0 to 256
[  351.311435][ T8373] FAT-fs (loop4): Directory bread(block 1285) failed
[  352.358342][ T5865] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  354.984127][ T8382] loop1: detected capacity change from 0 to 32768
[  355.104067][ T8403] loop2: detected capacity change from 0 to 4096
[  355.231947][ T8382] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.555 (8382)
[  355.539387][ T8409] loop4: detected capacity change from 0 to 8
[  355.563923][ T8409] SQUASHFS error: zlib decompression failed, data probably corrupt
[  356.369383][ T8409] SQUASHFS error: Failed to read block 0x9b: -5
[  356.375690][ T8409] SQUASHFS error: Unable to read metadata cache entry [99]
[  356.731024][ T8409] SQUASHFS error: Unable to read inode 0x127
[  357.619040][ T8424] hub 5-0:1.0: USB hub found
[  357.625319][ T8424] hub 5-0:1.0: 1 port detected
[  358.419348][ T8423] loop3: detected capacity change from 0 to 512
[  358.427639][ T8423] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  360.299862][ T8440] netlink: 'syz.6.571': attribute type 5 has an invalid length.
[  360.557149][ T8443] netlink: 20 bytes leftover after parsing attributes in process `syz.6.576'.
[  360.566260][ T8443] netlink: 112 bytes leftover after parsing attributes in process `syz.6.576'.
[  360.575739][ T8443] netlink: 20 bytes leftover after parsing attributes in process `syz.6.576'.
[  362.319108][ T8458] loop1: detected capacity change from 0 to 2048
[  363.409694][ T8461] fuse: Bad value for 'fd'
[  364.457059][ T8458] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  364.722218][ T8465] loop4: detected capacity change from 0 to 512
[  364.836539][ T8467] 9pnet_fd: p9_fd_create_tcp (8467): problem connecting socket to 127.0.0.1
[  365.449891][ T8465] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  365.678726][ T8465] EXT4-fs (loop4): 1 truncate cleaned up
[  366.077305][ T8465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.016419][ T8478] loop5: detected capacity change from 0 to 128
[  369.810897][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.102062][ T8496] netlink: 20 bytes leftover after parsing attributes in process `syz.5.590'.
[  370.419392][ T8496] netlink: 112 bytes leftover after parsing attributes in process `syz.5.590'.
[  370.476598][ T8496] netlink: 20 bytes leftover after parsing attributes in process `syz.5.590'.
[  372.716331][ T8511] loop1: detected capacity change from 0 to 2048
[  374.571431][ T8511] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  374.843164][ T8517] loop4: detected capacity change from 0 to 8
[  376.074986][ T8517] SQUASHFS error: zlib decompression failed, data probably corrupt
[  376.087563][ T8517] SQUASHFS error: Failed to read block 0x9b: -5
[  376.097328][ T8517] SQUASHFS error: Unable to read metadata cache entry [99]
[  376.549949][ T8517] SQUASHFS error: Unable to read inode 0x127
[  377.232873][ T8530] loop3: detected capacity change from 0 to 4096
[  377.445226][ T8532] loop1: detected capacity change from 0 to 4096
[  377.751988][ T8532] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  377.761091][ T8530] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  377.807947][ T8530] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  378.147562][ T8532] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  378.198850][ T8534] loop6: detected capacity change from 0 to 8
[  378.221239][ T8532] ntfs3(loop1): failed to convert "c46c" to cp857
[  378.359857][ T8534] SQUASHFS error: xz decompression failed, data probably corrupt
[  378.408307][ T8534] SQUASHFS error: Failed to read block 0x108: -5
[  378.448832][ T8534] SQUASHFS error: Unable to read metadata cache entry [106]
[  378.489581][ T8534] SQUASHFS error: Unable to read inode 0x11f
[  378.924870][ T8526] loop5: detected capacity change from 0 to 32768
[  380.468729][ T5913] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  380.530803][ T8547] loop3: detected capacity change from 0 to 1024
[  381.269671][ T5913] usb 2-1: Using ep0 maxpacket: 32
[  381.291580][ T5913] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  381.300659][ T5913] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  381.337359][ T5913] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  382.202323][ T8547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.669423][ T5913] usb 2-1: config 1 has no interface number 0
[  382.676416][ T5913] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  382.687453][ T5913] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  382.701054][ T5913] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  382.710244][ T5913] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.726571][ T8561] loop5: detected capacity change from 0 to 2048
[  382.986884][ T8548] loop2: detected capacity change from 0 to 32768
[  383.226867][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  383.233526][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  383.269291][ T5913] usb 2-1: can't set config #1, error -71
[  383.279504][ T5913] usb 2-1: USB disconnect, device number 5
[  383.297164][ T8561] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c018, mo2=0102]
[  383.327356][ T8561] System zones: 0-7
[  383.335754][ T8551] netlink: 88 bytes leftover after parsing attributes in process `syz.6.609'.
[  383.364491][   T29] audit: type=1800 audit(1732587613.633:18): pid=8562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.607" name="bus" dev="loop3" ino=18 res=0 errno=0
[  383.390207][ T8561] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.478532][   T29] audit: type=1804 audit(1732587613.633:19): pid=8562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.607" name="/newroot/105/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  384.974468][   T11] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  385.012162][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.085126][   T11] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 11 with error 28
[  385.104145][   T11] EXT4-fs (loop3): This should not happen!! Data will be lost
[  385.104145][   T11] 
[  385.167871][   T11] EXT4-fs (loop3): Total free blocks count 0
[  385.194662][   T11] EXT4-fs (loop3): Free/Dirty block details
[  385.212119][   T11] EXT4-fs (loop3): free_blocks=68451041280
[  385.238378][   T11] EXT4-fs (loop3): dirty_blocks=16
[  385.319672][   T11] EXT4-fs (loop3): Block reservation details
[  385.325739][   T11] EXT4-fs (loop3): i_reserved_data_blocks=1
[  385.598456][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.641660][ T8583] syz.4.616: attempt to access beyond end of device
[  385.641660][ T8583] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  388.419801][ T8602] random: crng reseeded on system resumption
[  389.618166][ T8604] loop5: detected capacity change from 0 to 40427
[  389.910910][ T8604] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  389.918732][ T8604] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  389.949404][ T8604] F2FS-fs (loop5): invalid crc value
[  390.118121][ T8604] F2FS-fs (loop5): Found nat_bits in checkpoint
[  390.328718][ T8604] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  390.336686][ T8604] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  391.768834][ T8625] loop2: detected capacity change from 0 to 8
[  391.789679][ T8625] SQUASHFS error: zlib decompression failed, data probably corrupt
[  391.797800][ T8625] SQUASHFS error: Failed to read block 0x9b: -5
[  391.836329][ T8625] SQUASHFS error: Unable to read metadata cache entry [99]
[  392.079831][ T8625] SQUASHFS error: Unable to read inode 0x127
[  393.133593][   T11] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  393.364142][   T11] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  393.419841][ T8633] netlink: 88 bytes leftover after parsing attributes in process `syz.4.626'.
[  394.167571][ T8639] loop4: detected capacity change from 0 to 1024
[  394.294706][ T8639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  395.239674][ T8642] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  395.569909][ T8648] loop6: detected capacity change from 0 to 8
[  395.577114][ T8648] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  396.313368][ T8654] process 'syz.6.635' launched './file2' with NULL argv: empty string added
[  396.323312][ T8654] cramfs: Error -5 while decompressing!
[  396.329118][ T8654] cramfs: ffffffff9a944b88(26)->ffff888078c50000(4096)
[  396.336208][ T8654] cramfs: Error -3 while decompressing!
[  396.341842][ T8654] cramfs: ffffffff9a944ba2(26)->ffff888078c51000(4096)
[  396.348753][ T8654] cramfs: Error -3 while decompressing!
[  396.354374][ T8654] cramfs: ffffffff9a944bbc(16)->ffff888078c52000(4096)
[  396.361607][ T8654] cramfs: Error -5 while decompressing!
[  396.367276][ T8654] cramfs: ffffffff9a944b88(26)->ffff888078c50000(4096)
[  398.097176][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.643022][ T8671] loop5: detected capacity change from 0 to 2048
[  399.822089][ T8671] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  400.161326][ T8676] loop3: detected capacity change from 0 to 512
[  400.168453][ T8676] ext4: Unknown parameter 'appraise_type'
[  402.064736][ T8682] tty tty33: ldisc open failed (-12), clearing slot 32
[  403.264417][ T8694] loop4: detected capacity change from 0 to 40427
[  403.340581][ T8694] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  403.347608][ T8694] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  403.374934][ T8694] F2FS-fs (loop4): invalid crc value
[  403.418633][ T8694] F2FS-fs (loop4): Found nat_bits in checkpoint
[  403.565908][ T8708] loop2: detected capacity change from 0 to 1024
[  403.707102][ T8708] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.855165][ T8694] F2FS-fs (loop4): Start checkpoint disabled!
[  403.933346][ T8694] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  403.949356][ T8694] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  403.992496][ T8694] syz.4.648: attempt to access beyond end of device
[  403.992496][ T8694] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  404.286702][   T11] kworker/u8:0: attempt to access beyond end of device
[  404.286702][   T11] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  404.346687][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  404.368003][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  404.385352][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  404.399410][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  404.459556][ T8719] loop5: detected capacity change from 0 to 4096
[  404.567217][ T8719] NILFS (loop5): invalid segment: Checksum error in segment payload
[  404.576179][ T8719] NILFS (loop5): trying rollback from an earlier position
[  404.615373][ T8719] NILFS (loop5): recovery complete
[  404.633615][ T8721] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  405.042336][   T29] audit: type=1800 audit(1732587635.313:20): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.653" name="bus" dev="loop2" ino=18 res=0 errno=0
[  405.089335][   T29] audit: type=1804 audit(1732587635.353:21): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.653" name="/newroot/108/bus/bus" dev="loop2" ino=18 res=1 errno=0
[  405.332659][ T8729] loop4: detected capacity change from 0 to 1024
[  405.346319][ T8725] loop6: detected capacity change from 0 to 512
[  405.520382][ T8729] hfsplus: bad catalog file entry
[  405.543575][ T8730] overlayfs: upper fs does not support tmpfile.
[  405.551400][ T8730] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  405.558424][ T8730] overlayfs: failed to set xattr on upper
[  405.564419][ T8730] overlayfs: ...falling back to redirect_dir=nofollow.
[  405.571340][ T8730] overlayfs: ...falling back to index=off.
[  405.577167][ T8730] overlayfs: ...falling back to uuid=null.
[  405.599078][ T8725] ext4: Unknown parameter 'appraise_type'
[  405.668798][ T8729] hfsplus: failed to load root directory
[  408.200609][ T8713] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  408.698140][ T8743] loop6: detected capacity change from 0 to 256
[  408.871718][ T8743] FAT-fs (loop6): Directory bread(block 64) failed
[  408.878303][ T8743] FAT-fs (loop6): Directory bread(block 65) failed
[  408.924084][ T8743] FAT-fs (loop6): Directory bread(block 66) failed
[  409.049323][ T8743] FAT-fs (loop6): Directory bread(block 67) failed
[  409.270442][ T8743] FAT-fs (loop6): Directory bread(block 68) failed
[  409.277048][ T8743] FAT-fs (loop6): Directory bread(block 69) failed
[  409.541221][ T8743] FAT-fs (loop6): Directory bread(block 70) failed
[  409.548087][ T8743] FAT-fs (loop6): Directory bread(block 71) failed
[  409.554798][ T8743] FAT-fs (loop6): Directory bread(block 72) failed
[  409.561417][ T8743] FAT-fs (loop6): Directory bread(block 73) failed
[  409.608176][   T11] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  409.791627][   T11] EXT4-fs (loop2): This should not happen!! Data will be lost
[  409.791627][   T11] 
[  409.839328][   T11] EXT4-fs (loop2): Total free blocks count 0
[  409.859339][   T11] EXT4-fs (loop2): Free/Dirty block details
[  409.865282][   T11] EXT4-fs (loop2): free_blocks=68451041280
[  409.879326][ T8760] loop3: detected capacity change from 0 to 2048
[  409.922050][   T11] EXT4-fs (loop2): dirty_blocks=16
[  409.927211][   T11] EXT4-fs (loop2): Block reservation details
[  409.943107][ T8744] loop4: detected capacity change from 0 to 32768
[  409.949755][   T11] EXT4-fs (loop2): i_reserved_data_blocks=1
[  409.962317][ T8744] (syz.4.663,8744,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  410.011785][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.125962][ T8755] loop1: detected capacity change from 0 to 32768
[  410.143188][ T8744] (syz.4.663,8744,1):ocfs2_fill_super:1178 ERROR: status = -22
[  410.279299][ T8764] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  410.507119][ T8767] loop2: detected capacity change from 0 to 512
[  410.521462][    C1] dccp_check_seqno: Step 6 failed for CLOSEREQ packet, (LSWL(86108138301147) <= P.seqno(86108138301146) <= S.SWH(86108138301221)) and (P.ackno exists or LAWL(70622901714518) <= P.ackno(70622901714518) <= S.AWH(70622901714518), sending SYNC...
[  410.937803][ T8755] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  411.219301][ T8767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.273898][ T8755] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  411.412947][ T8767] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.430641][ T8779] loop4: detected capacity change from 0 to 256
[  411.792715][ T8755] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  411.810818][ T8781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[  411.824649][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  411.833012][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  411.892979][ T8781] netlink: 112 bytes leftover after parsing attributes in process `syz.3.673'.
[  411.920618][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.936293][ T8781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.673'.
[  412.071436][ T8784] Process accounting resumed
[  412.077749][ T8784] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  412.086758][ T8784] FAT-fs (loop4): Filesystem has been set read-only
[  412.100580][ T8784] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  412.134169][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 301ms
[  412.158680][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  412.173767][ T8755] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  413.396011][ T8793] loop2: detected capacity change from 0 to 512
[  413.490138][ T8793] ext4: Unknown parameter 'appraise_type'
[  413.637064][ T8800] netlink: 'syz.5.679': attribute type 5 has an invalid length.
[  414.978435][ T8808] loop5: detected capacity change from 0 to 1024
[  415.076446][ T8808] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  416.089492][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  417.419403][    T8] usb 5-1: Using ep0 maxpacket: 8
[  417.429248][    T8] usb 5-1: config 0 has no interfaces?
[  417.434763][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  417.464904][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.541333][    T8] usb 5-1: config 0 descriptor??
[  417.574024][ T8830] loop6: detected capacity change from 0 to 64
[  417.618215][ T8830] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop6
[  418.072088][   T29] audit: type=1800 audit(1732588864.324:22): pid=8836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.681" name="bus" dev="loop5" ino=18 res=0 errno=0
[  418.293364][ T5914] usb 5-1: USB disconnect, device number 7
[  419.361369][ T8849] loop2: detected capacity change from 0 to 1024
[  419.376012][ T8849] EXT4-fs: Ignoring removed nomblk_io_submit option
[  419.520008][ T5913] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  419.689463][ T5913] usb 4-1: Using ep0 maxpacket: 8
[  419.747954][ T5913] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  419.757489][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.777916][ T5913] usb 4-1: Product: syz
[  419.784494][ T5913] usb 4-1: Manufacturer: syz
[  419.820685][ T5913] usb 4-1: SerialNumber: syz
[  419.836356][ T5913] usb 4-1: config 0 descriptor??
[  419.917887][ T8849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.984398][ T8813] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  420.399403][ T5913] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  421.159172][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.206694][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.218009][ T8864] Illegal XDP return value 4294967294 on prog  (id 74) dev N/A, expect packet loss!
[  421.233790][ T5913] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  421.626713][ T8877] binder_alloc: 8875: binder_alloc_buf, no vma
[  421.906196][ T8887] loop5: detected capacity change from 0 to 512
[  421.965786][ T8887] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent
[  423.280087][ T5913] usb 4-1: USB disconnect, device number 4
[  426.104903][ T8908] loop1: detected capacity change from 0 to 1024
[  427.291486][ T8917] input: syz1 as /devices/virtual/input/input17
[  427.665400][ T8908] EXT4-fs warning (device loop1): ext4_multi_mount_protect:397: Unable to create kmmpd thread for loop1.
[  427.750478][ T8920] loop6: detected capacity change from 0 to 1024
[  428.362357][ T8920] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  428.727184][ T8935] loop3: detected capacity change from 0 to 1024
[  429.025720][ T8935] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.633795][ T8941] loop2: detected capacity change from 0 to 1024
[  429.651999][ T8941] EXT4-fs: Ignoring removed orlov option
[  429.657733][ T8941] EXT4-fs: Ignoring removed nomblk_io_submit option
[  429.791016][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.812826][ T8941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  429.851093][ T8926] loop4: detected capacity change from 0 to 40427
[  429.869524][ T8926] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  429.876524][ T8926] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  429.926544][ T8926] F2FS-fs (loop4): invalid crc value
[  429.938213][ T8926] F2FS-fs (loop4): Found nat_bits in checkpoint
[  430.070080][ T8951] loop5: detected capacity change from 0 to 8
[  430.078909][ T8951] SQUASHFS error: zlib decompression failed, data probably corrupt
[  430.087249][ T8951] SQUASHFS error: Failed to read block 0x9b: -5
[  430.093632][ T8951] SQUASHFS error: Unable to read metadata cache entry [99]
[  430.100945][ T8951] SQUASHFS error: Unable to read inode 0x127
[  430.110866][  T969] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  430.816892][ T8955] syz.2.720 (8955) used greatest stack depth: 20064 bytes left
[  431.079666][  T969] usb 2-1: Using ep0 maxpacket: 8
[  431.097726][  T969] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  431.107086][  T969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.116916][  T969] usb 2-1: Product: syz
[  431.127094][  T969] usb 2-1: Manufacturer: syz
[  431.130580][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.131795][  T969] usb 2-1: SerialNumber: syz
[  431.210585][ T8926] F2FS-fs (loop4): Start checkpoint disabled!
[  431.290587][  T969] usb 2-1: config 0 descriptor??
[  431.381408][ T8962] loop3: detected capacity change from 0 to 2048
[  431.413901][ T8962] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  431.471842][ T8963] netlink: 64 bytes leftover after parsing attributes in process `syz.6.724'.
[  432.300889][  T969] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  433.231415][ T8976] input: syz1 as /devices/virtual/input/input18
[  433.489927][  T969] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  433.533853][ T8979] loop2: detected capacity change from 0 to 256
[  434.358428][    T8] usb 2-1: USB disconnect, device number 6
[  434.515532][ T8983] loop3: detected capacity change from 0 to 1024
[  435.017886][ T8983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  435.883566][ T5913] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  435.927003][ T9018] netlink: 64 bytes leftover after parsing attributes in process `syz.6.741'.
[  436.069697][ T5913] usb 6-1: Using ep0 maxpacket: 16
[  436.100596][ T5913] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  436.169839][ T5913] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  436.205542][ T5913] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.240790][ T5913] usb 6-1: Product: syz
[  436.245078][ T5913] usb 6-1: Manufacturer: syz
[  436.284936][ T5913] usb 6-1: SerialNumber: syz
[  436.379850][   T29] audit: type=1804 audit(1732588882.564:23): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.730" name="/newroot/127/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  436.402641][ T5913] usb 6-1: config 0 descriptor??
[  436.479443][ T5914] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  436.502468][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.527880][   T29] audit: type=1800 audit(1732588882.564:24): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.730" name="bus" dev="loop3" ino=18 res=0 errno=0
[  436.584020][   T29] audit: type=1804 audit(1732588882.564:25): pid=9015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.730" name="/newroot/127/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  437.489323][ T9034] input: syz1 as /devices/virtual/input/input19
[  437.620645][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  437.674304][ T9044] loop6: detected capacity change from 0 to 8
[  437.719611][ T9044] SQUASHFS error: zlib decompression failed, data probably corrupt
[  437.727675][ T9044] SQUASHFS error: Failed to read block 0x9b: -5
[  437.734059][ T9044] SQUASHFS error: Unable to read metadata cache entry [99]
[  437.741337][ T9044] SQUASHFS error: Unable to read inode 0x127
[  438.025470][ T5914] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  438.034811][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.117794][ T5914] usb 3-1: Product: syz
[  438.168958][ T5914] usb 3-1: Manufacturer: syz
[  438.205636][ T5914] usb 3-1: SerialNumber: syz
[  438.252307][ T5914] usb 3-1: config 0 descriptor??
[  438.518574][ T5914] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  438.761878][ T5956] usb 6-1: USB disconnect, device number 4
[  439.117674][ T5914] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  439.264358][   T29] audit: type=1326 audit(1732588885.534:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.6.749" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7febf1b7e819 code=0x0
[  439.712624][ T9053] loop3: detected capacity change from 0 to 32768
[  440.890220][    T8] usb 3-1: USB disconnect, device number 6
[  441.134548][ T9082] loop6: detected capacity change from 0 to 1024
[  441.385828][ T9082] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.162279][ T9105] netlink: 64 bytes leftover after parsing attributes in process `syz.3.759'.
[  442.448724][   T29] audit: type=1800 audit(1732588888.704:27): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.757" name="bus" dev="loop6" ino=18 res=0 errno=0
[  442.523943][   T29] audit: type=1804 audit(1732588888.704:28): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.757" name="/newroot/122/bus/bus" dev="loop6" ino=18 res=1 errno=0
[  442.615266][ T9111] loop4: detected capacity change from 0 to 8
[  442.652539][ T9111] SQUASHFS error: zlib decompression failed, data probably corrupt
[  442.660728][ T9111] SQUASHFS error: Failed to read block 0x9b: -5
[  442.667002][ T9111] SQUASHFS error: Unable to read metadata cache entry [99]
[  442.674465][ T9111] SQUASHFS error: Unable to read inode 0x127
[  442.969174][ T9112] loop3: detected capacity change from 0 to 2048
[  443.049476][ T9112] EXT4-fs (loop3): bad geometry: first data block 0 is beyond end of filesystem (0)
[  443.103331][ T9114] netlink: 16 bytes leftover after parsing attributes in process `syz.2.767'.
[  443.312633][ T6041] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  443.340515][ T6041] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 10 with error 28
[  443.353232][ T6041] EXT4-fs (loop6): This should not happen!! Data will be lost
[  443.353232][ T6041] 
[  443.363063][ T6041] EXT4-fs (loop6): Total free blocks count 0
[  443.369092][ T6041] EXT4-fs (loop6): Free/Dirty block details
[  443.375302][ T6041] EXT4-fs (loop6): free_blocks=68451041280
[  443.381330][ T6041] EXT4-fs (loop6): dirty_blocks=16
[  443.386575][ T6041] EXT4-fs (loop6): Block reservation details
[  443.392631][ T6041] EXT4-fs (loop6): i_reserved_data_blocks=1
[  443.618150][ T5994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.259398][  T969] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  444.423207][  T969] usb 3-1: Using ep0 maxpacket: 8
[  444.467815][ T9127] netlink: 112 bytes leftover after parsing attributes in process `syz.6.769'.
[  444.491398][  T969] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  444.522836][ T9123] loop4: detected capacity change from 0 to 4096
[  444.542012][  T969] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.629352][  T969] usb 3-1: Product: syz
[  444.656077][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  444.662932][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  444.677375][  T969] usb 3-1: Manufacturer: syz
[  444.689671][  T969] usb 3-1: SerialNumber: syz
[  444.716343][  T969] usb 3-1: config 0 descriptor??
[  444.959589][  T969] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  447.012888][  T969] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  447.015600][ T9142] loop3: detected capacity change from 0 to 128
[  447.663626][ T9146] loop4: detected capacity change from 0 to 32768
[  447.936370][ T9146] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  448.281580][ T5914] usb 3-1: USB disconnect, device number 7
[  448.295157][ T9146] XFS (loop4): Ending clean mount
[  448.370489][ T9146] XFS (loop4): Quotacheck needed: Please wait.
[  448.632123][ T9146] XFS (loop4): Quotacheck: Done.
[  448.925680][ T5855] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  449.115011][ T9177] loop6: detected capacity change from 0 to 8
[  449.183174][ T9169] loop5: detected capacity change from 0 to 32768
[  449.205761][ T9177] SQUASHFS error: zlib decompression failed, data probably corrupt
[  449.579443][ T9177] SQUASHFS error: Failed to read block 0x9b: -5
[  449.585775][ T9177] SQUASHFS error: Unable to read metadata cache entry [99]
[  450.499399][ T9177] SQUASHFS error: Unable to read inode 0x127
[  454.214250][ T9215] netlink: 88 bytes leftover after parsing attributes in process `syz.5.797'.
[  455.365764][ T9218] binder: 9217:9218 ioctl 4018620d 0 returned -22
[  455.503175][ T9220] netlink: 16 bytes leftover after parsing attributes in process `syz.1.801'.
[  456.123589][ T9227] loop3: detected capacity change from 0 to 1024
[  456.236159][ T9227] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  456.352041][ T9227] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  456.439728][ T9227] EXT4-fs (loop3): orphan cleanup on readonly fs
[  456.531568][ T9227] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  456.584126][ T9227] EXT4-fs (loop3): Remounting filesystem read-only
[  456.600368][ T9227] Quota error (device loop3): write_blk: dquota write failed
[  456.640265][ T9227] Quota error (device loop3): write_blk: dquota write failed
[  456.663211][ T9227] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  456.705553][ T9227] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  456.737559][ T9227] EXT4-fs (loop3): 1 orphan inode deleted
[  459.556728][ T9258] loop2: detected capacity change from 0 to 2048
[  459.620874][ T9258] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  459.770033][ T9227] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  460.499470][ T9262] syz.4.813: attempt to access beyond end of device
[  460.499470][ T9262] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  460.690892][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.926629][ T9264] loop4: detected capacity change from 0 to 256
[  461.530187][ T9269] Process accounting resumed
[  461.535025][ T9269] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  461.544083][ T9269] FAT-fs (loop4): Filesystem has been set read-only
[  461.557889][ T9269] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  461.571228][ T9273] loop5: detected capacity change from 0 to 512
[  461.949577][ T9273] EXT4-fs (loop5): blocks per group (95) and clusters per group (32768) inconsistent
[  462.315500][ T9279] binder: 9278:9279 ioctl 4018620d 0 returned -22
[  462.609143][ T9286] netlink: 88 bytes leftover after parsing attributes in process `syz.2.815'.
[  464.155697][ T9295] netlink: 'syz.2.821': attribute type 1 has an invalid length.
[  464.163743][ T9295] netlink: 116 bytes leftover after parsing attributes in process `syz.2.821'.
[  464.228018][ T9289] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  465.166961][ T9309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.824'.
[  467.269435][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  467.351767][ T9321] netlink: 'syz.2.830': attribute type 36 has an invalid length.
[  467.451715][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  467.478683][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  467.519509][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  467.566108][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  467.619579][    T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  467.682836][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.945405][ T9325] loop4: detected capacity change from 0 to 2048
[  468.004370][    T9] usb 6-1: config 0 descriptor??
[  468.009896][ T9325] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  468.643529][    T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  468.755296][    T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  468.924338][ T9333] binder: BINDER_SET_CONTEXT_MGR already set
[  468.931161][ T9333] binder: 9332:9333 ioctl 4018620d 200001c0 returned -16
[  468.947236][    T9] usb 6-1: USB disconnect, device number 5
[  470.045636][ T9338] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  472.054829][ T9350] loop4: detected capacity change from 0 to 164
[  473.337273][ T9352] loop6: detected capacity change from 0 to 512
[  473.489472][ T9352] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  473.571017][ T9352] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  473.846206][ T9363] loop4: detected capacity change from 0 to 2048
[  473.976809][ T9363] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  475.498266][ T9354] loop5: detected capacity change from 0 to 32768
[  476.459668][ T9354] read_mapping_page failed!
[  476.464615][ T9354] diRead: diIAGRead returned -5
[  477.021971][ T9385] loop2: detected capacity change from 0 to 8
[  477.067484][ T9370] loop4: detected capacity change from 0 to 40427
[  477.105828][ T9385] SQUASHFS error: zlib decompression failed, data probably corrupt
[  477.199426][ T9385] SQUASHFS error: Failed to read block 0x9b: -5
[  477.205739][ T9385] SQUASHFS error: Unable to read metadata cache entry [99]
[  477.313693][ T9385] SQUASHFS error: Unable to read inode 0x127
[  477.327141][ T9392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.852'.
[  477.339579][ T9370] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x1fffff
[  477.391491][ T9370] F2FS-fs (loop4): invalid crc value
[  477.451664][ T9370] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4)
[  477.955406][ T5994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  478.468382][ T9406] binder: BINDER_SET_CONTEXT_MGR already set
[  478.479301][ T9406] binder: 9405:9406 ioctl 4018620d 200001c0 returned -16
[  478.702416][ T9408] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  479.118491][ T9401] loop5: detected capacity change from 0 to 32768
[  479.272276][ T9401] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.856 (9401)
[  479.642165][ T9401] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  479.672995][ T9401] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  480.014118][ T9418] loop3: detected capacity change from 0 to 2048
[  480.082925][ T9418] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  480.190751][ T9401] BTRFS info (device loop5): using free-space-tree
[  481.221705][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  481.222032][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  481.259838][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  481.331735][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  481.394648][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  481.406601][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  481.415858][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  481.425891][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  481.665671][ T9401] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  482.175340][ T9439] loop2: detected capacity change from 0 to 2048
[  482.277121][ T9439] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  482.290096][ T9439] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  482.315200][ T9401] BTRFS error (device loop5): open_ctree failed
[  483.046802][ T9453] input: syz1 as /devices/virtual/input/input20
[  483.928169][ T9460] loop5: detected capacity change from 0 to 4096
[  484.321950][ T9461] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  484.463577][   T29] audit: type=1804 audit(1732588930.704:29): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.866" name="/newroot/142/file0/file1" dev="loop5" ino=15 res=1 errno=0
[  485.947038][ T9481] loop4: detected capacity change from 0 to 8
[  485.971253][ T9481] SQUASHFS error: zlib decompression failed, data probably corrupt
[  485.979341][ T9481] SQUASHFS error: Failed to read block 0x9b: -5
[  485.985680][ T9481] SQUASHFS error: Unable to read metadata cache entry [99]
[  485.993007][ T9481] SQUASHFS error: Unable to read inode 0x127
[  486.836160][ T9484] loop6: detected capacity change from 0 to 16
[  486.849858][ T9484] erofs (device loop6): mounted with root inode @ nid 36.
[  486.957898][ T9485] loop4: detected capacity change from 0 to 4096
[  486.978470][ T9485] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  487.048461][ T9485] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  487.551577][ T9489] loop4: detected capacity change from 0 to 512
[  487.605916][ T9489] EXT4-fs (loop4): blocks per group (64) and clusters per group (20800) inconsistent
[  487.614918][ T9477] loop2: detected capacity change from 0 to 32768
[  491.705778][ T9522] loop2: detected capacity change from 0 to 4096
[  492.498363][ T9530] ucma_write: process 488 (syz.3.890) changed security contexts after opening file descriptor, this is not allowed.
[  492.879421][ T9522] ntfs3(loop2): failed to convert "0080" to macroman
[  493.292749][ T9510] loop5: detected capacity change from 0 to 32768
[  493.938912][ T9510] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  494.156195][ T9510] XFS (loop5): Ending clean mount
[  494.251883][ T9551] loop2: detected capacity change from 0 to 512
[  494.301561][ T5865] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  494.342832][ T9551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  494.359752][ T9551] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  494.924546][ T9532] loop3: detected capacity change from 0 to 32768
[  494.999866][ T9532] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.892 (9532)
[  495.109260][ T9532] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  495.148821][ T9532] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  495.190389][ T9532] BTRFS info (device loop3): using free-space-tree
[  495.707505][ T9559] loop5: detected capacity change from 0 to 32768
[  495.794344][ T9547] loop6: detected capacity change from 0 to 40427
[  495.811941][ T9547] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  495.836143][ T9547] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  495.896300][ T9547] F2FS-fs (loop6): invalid crc value
[  496.007134][ T9559] JBD2: Ignoring recovery information on journal
[  496.018804][ T9547] F2FS-fs (loop6): Found nat_bits in checkpoint
[  496.069488][ T9559] jbd2_journal_bmap: journal block not found at offset 64 on loop5-27
[  496.154821][ T9559] JBD2: bad block at offset 64
[  496.242925][ T9532] BTRFS error (device loop3): open_ctree failed
[  496.278147][ T9559] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  496.736482][ T9596] loop4: detected capacity change from 0 to 8
[  496.808109][ T9596] SQUASHFS error: zlib decompression failed, data probably corrupt
[  496.816842][ T9596] SQUASHFS error: Failed to read block 0x9b: -5
[  496.823667][ T9596] SQUASHFS error: Unable to read metadata cache entry [99]
[  496.831113][ T9596] SQUASHFS error: Unable to read inode 0x127
[  497.129391][ T5865] ocfs2: Unmounting device (7,5) on (node local)
[  497.443146][ T9599] netlink: 12 bytes leftover after parsing attributes in process `syz.3.905'.
[  497.512831][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  499.656020][ T9611] loop3: detected capacity change from 0 to 2048
[  499.673078][ T9605] loop2: detected capacity change from 0 to 32768
[  499.891739][ T9611] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  500.959485][ T9622] netlink: 184 bytes leftover after parsing attributes in process `syz.5.914'.
[  502.069794][ T9626] read_mapping_page failed!
[  502.099047][ T9627] read_mapping_page failed!
[  502.104240][ T9627] ERROR: (device loop2): txAbort: 
[  502.104240][ T9627] 
[  502.238799][ T9627] ERROR: (device loop2): remounting filesystem as read-only
[  502.248926][ T9628] ERROR: (device loop2): diRead: i_ino != di_number
[  502.248926][ T9628] 
[  502.258345][ T9628] jfs_lookup: iget failed on inum 8
[  502.578099][ T9633] loop4: detected capacity change from 0 to 256
[  502.665855][ T9633] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  502.714694][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.1.921'.
[  502.769436][ T5913] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  502.929408][ T5913] usb 6-1: Using ep0 maxpacket: 16
[  502.969150][ T5913] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  503.006798][ T5913] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  503.022699][ T5913] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.039365][ T5913] usb 6-1: Product: syz
[  503.048256][ T5913] usb 6-1: Manufacturer: syz
[  503.065183][ T5913] usb 6-1: SerialNumber: syz
[  503.091325][ T5913] usb 6-1: config 0 descriptor??
[  503.643220][ T9648] loop4: detected capacity change from 0 to 2048
[  503.667306][ T9650] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  504.754329][ T9638] loop3: detected capacity change from 0 to 32768
[  505.044486][ T9650] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  505.095048][ T9650] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4)
[  505.188116][ T9650] Remounting filesystem read-only
[  505.916711][ T5855] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  506.187126][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  506.196082][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  506.249337][ T5913] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  506.625169][ T9685] loop4: detected capacity change from 0 to 4096
[  507.079877][    T9] usb 6-1: USB disconnect, device number 6
[  507.269448][ T5913] usb 3-1: Using ep0 maxpacket: 8
[  507.282414][ T5913] usb 3-1: config 0 has no interfaces?
[  507.288071][ T5913] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  507.338813][ T5913] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.676266][ T5913] usb 3-1: config 0 descriptor??
[  507.995267][ T9696] netlink: 184 bytes leftover after parsing attributes in process `syz.5.939'.
[  508.389444][ T5913] usb 3-1: USB disconnect, device number 8
[  508.602106][ T9711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.938'.
[  509.014997][ T9715] loop2: detected capacity change from 0 to 2048
[  509.088502][ T9715] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  509.160780][ T9715] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  509.361827][ T9724] netlink: 'syz.3.948': attribute type 1 has an invalid length.
[  509.391803][ T9724] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.948'.
[  509.723589][ T9706] loop5: detected capacity change from 0 to 32768
[  509.800133][ T5914] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  510.229312][ T5914] usb 2-1: Using ep0 maxpacket: 16
[  510.243148][ T5914] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  510.306483][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  510.745759][ T5914] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  511.076189][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.084540][ T5914] usb 2-1: Product: syz
[  511.088756][ T5914] usb 2-1: Manufacturer: syz
[  511.093936][ T5914] usb 2-1: SerialNumber: syz
[  511.105545][ T5914] usb 2-1: config 0 descriptor??
[  511.117251][ T5914] em28xx 2-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  511.479415][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  511.561690][ T9746] netlink: 184 bytes leftover after parsing attributes in process `syz.6.954'.
[  511.651775][    T9] usb 3-1: Using ep0 maxpacket: 8
[  511.680599][    T9] usb 3-1: config 0 has no interfaces?
[  511.690327][    T9] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  511.716743][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.767534][    T9] usb 3-1: config 0 descriptor??
[  512.007868][    T9] usb 3-1: USB disconnect, device number 9
[  512.083899][ T9749] loop6: detected capacity change from 0 to 64
[  512.234062][ T9753] loop4: detected capacity change from 0 to 1024
[  512.257674][ T9755] loop5: detected capacity change from 0 to 256
[  512.267920][ T9753] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  512.285895][ T9753] UDF-fs: Scanning with blocksize 512 failed
[  512.307492][ T9753] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  512.336127][ T9753] UDF-fs: Scanning with blocksize 1024 failed
[  512.369747][ T9753] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  512.393922][ T9753] UDF-fs: Scanning with blocksize 2048 failed
[  512.419623][ T9753] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  512.428828][ T9753] UDF-fs: Scanning with blocksize 4096 failed
[  512.496258][ T9753] loop4: detected capacity change from 0 to 512
[  512.655519][ T9753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  512.696662][ T9753] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  512.747724][ T9753] Quota error (device loop4): do_check_range: Getting block 1539 out of range 1-5
[  512.766630][ T9764] Process accounting resumed
[  512.771686][ T9764] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  512.781026][ T9764] FAT-fs (loop5): Filesystem has been set read-only
[  512.784828][ T9753] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  512.799429][ T9764] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  512.809126][ T9753] EXT4-fs error (device loop4): ext4_acquire_dquot:6936: comm syz.4.956: Failed to acquire dquot type 1
[  512.867497][ T9753] EXT4-fs (loop4): Remounting filesystem read-only
[  512.869274][ T5926] usb 2-1: USB disconnect, device number 7
[  512.907033][ T9767] loop2: detected capacity change from 0 to 512
[  512.973338][ T9767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  513.039645][ T9767] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  514.561645][ T9778] loop6: detected capacity change from 0 to 2048
[  514.676427][ T9778] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  514.724995][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.760990][ T9778] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  515.330112][ T9798] loop5: detected capacity change from 0 to 1024
[  515.339688][ T9799] netlink: 168 bytes leftover after parsing attributes in process `syz.4.967'.
[  515.650689][ T9798] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  515.869583][ T9808] input: syz1 as /devices/virtual/input/input21
[  516.013109][    T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  516.299435][    T8] usb 5-1: Using ep0 maxpacket: 8
[  516.362453][    T8] usb 5-1: config 0 has no interfaces?
[  516.379868][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  516.389060][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.422973][    T8] usb 5-1: config 0 descriptor??
[  516.637188][    T8] usb 5-1: USB disconnect, device number 8
[  516.793845][   T29] audit: type=1800 audit(1732588963.064:30): pid=9798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.968" name="bus" dev="loop5" ino=18 res=0 errno=0
[  516.879264][   T29] audit: type=1804 audit(1732588963.064:31): pid=9798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.968" name="/newroot/155/bus/bus" dev="loop5" ino=18 res=1 errno=0
[  517.393662][   T11] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  517.479346][   T11] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 12 with error 28
[  517.531409][   T11] EXT4-fs (loop5): This should not happen!! Data will be lost
[  517.531409][   T11] 
[  517.571326][   T11] EXT4-fs (loop5): Total free blocks count 0
[  517.605619][   T11] EXT4-fs (loop5): Free/Dirty block details
[  517.634640][   T11] EXT4-fs (loop5): free_blocks=68451041280
[  517.663821][   T11] EXT4-fs (loop5): dirty_blocks=16
[  517.690185][   T11] EXT4-fs (loop5): Block reservation details
[  517.727348][   T11] EXT4-fs (loop5): i_reserved_data_blocks=1
[  517.793427][ T5865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.966205][ T9824] loop3: detected capacity change from 0 to 256
[  518.026319][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  518.195259][ T9827] loop5: detected capacity change from 0 to 64
[  518.812057][ T9832] Process accounting resumed
[  518.817004][ T9832] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  518.825915][ T9832] FAT-fs (loop3): Filesystem has been set read-only
[  518.845484][ T9832] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  520.445997][ T9843] loop4: detected capacity change from 0 to 2048
[  520.589027][ T9843] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  520.705313][ T9843] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  520.840972][ T9853] loop3: detected capacity change from 0 to 256
[  520.848254][ T9853] exfat: Invalid uid '0x00000000ffffffff'
[  521.040884][ T9851] netlink: 168 bytes leftover after parsing attributes in process `syz.5.983'.
[  521.483547][ T9862] loop6: detected capacity change from 0 to 512
[  521.510150][ T9862] ext4: Unknown parameter 'appraise_type'
[  521.569993][ T9868] netlink: 64 bytes leftover after parsing attributes in process `syz.3.992'.
[  521.985911][ T9872] loop4: detected capacity change from 0 to 1024
[  522.247695][ T9877] loop3: detected capacity change from 0 to 256
[  522.434408][   T81] hfsplus: b-tree write err: -5, ino 4
[  525.305364][ T9882] Process accounting resumed
[  525.391502][ T9882] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  525.468591][ T9882] FAT-fs (loop3): Filesystem has been set read-only
[  525.539866][ T9901] loop4: detected capacity change from 0 to 2048
[  525.576905][ T9882] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  527.399487][ T9901] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  527.507390][ T5863] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  527.588588][ T5863] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  527.603283][ T9911] netlink: 168 bytes leftover after parsing attributes in process `syz.6.1002'.
[  527.688115][ T9913] loop2: detected capacity change from 0 to 2048
[  527.922661][ T9913] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  527.957371][ T9913] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  527.958997][ T9919] loop6: detected capacity change from 0 to 512
[  527.973809][ T9919] ext4: Unknown parameter 'appraise_type'
[  528.593770][ T9924] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1008'.
[  528.852184][ T9928] loop5: detected capacity change from 0 to 2048
[  528.902419][ T9928] EXT4-fs: Ignoring removed mblk_io_submit option
[  528.951467][ T9928] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal
[  529.064399][ T9928] loop5: detected capacity change from 0 to 128
[  529.099353][ T9928] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  529.123040][ T9934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1012'.
[  529.157069][ T9928] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  531.831036][ T9952] loop4: detected capacity change from 0 to 64
[  532.047045][ T5865] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  533.303276][ T9961] netlink: 176 bytes leftover after parsing attributes in process `syz.4.1019'.
[  533.499663][ T9957] input: syz1 as /devices/virtual/input/input24
[  534.186567][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  534.479729][    T8] usb 6-1: Using ep0 maxpacket: 16
[  535.298981][    T8] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  535.312716][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1021'.
[  535.319328][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  536.302891][ T9990] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1026'.
[  536.403259][    T8] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  536.443562][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.464346][    T8] usb 6-1: Product: syz
[  536.468587][    T8] usb 6-1: Manufacturer: syz
[  536.483509][    T8] usb 6-1: SerialNumber: syz
[  536.502134][    T8] usb 6-1: config 0 descriptor??
[  536.512219][    T8] em28xx 6-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  537.616246][    T8] usb 6-1: USB disconnect, device number 7
[  537.635466][T10000] loop6: detected capacity change from 0 to 512
[  537.715306][T10000] ext4: Unknown parameter 'appraise_type'
[  538.149354][T10011] netlink: 176 bytes leftover after parsing attributes in process `syz.6.1034'.
[  538.300113][T10006] loop2: detected capacity change from 0 to 32768
[  539.742764][T10021] read_mapping_page failed!
[  539.747396][T10021] ERROR: (device loop2): txAbort: 
[  539.747396][T10021] 
[  540.569720][T10021] ERROR: (device loop2): remounting filesystem as read-only
[  540.577582][T10023] ERROR: (device loop2): diRead: i_ino != di_number
[  540.577582][T10023] 
[  540.586662][T10023] jfs_lookup: iget failed on inum 8
[  540.726081][ T5913] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  540.811855][ T5848] ------------[ cut here ]------------
[  540.817821][ T5848] kernel BUG at fs/jfs/inode.c:169!
[  540.827401][T10035] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1042'.
[  540.828617][T10033] loop6: detected capacity change from 0 to 1024
[  541.185432][ T5848] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  541.192609][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted 6.12.0-syzkaller-09073-g9f16d5e6f220 #0
[  541.203145][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  541.213226][ T5848] RIP: 0010:jfs_evict_inode+0x3ec/0x4b0
[  541.218844][ T5848] Code: 24 80 00 74 0d e8 24 9c 81 fe 48 89 df e8 dc 84 02 00 e8 17 9c 81 fe 48 89 df e8 3f 89 19 ff e9 e3 fc ff ff e8 05 9c 81 fe 90 <0f> 0b 48 c7 c7 c0 53 77 8e e8 d6 9f e3 fe e9 43 fc ff ff e8 cc 9f
[  541.238496][ T5848] RSP: 0018:ffffc90003327b58 EFLAGS: 00010293
[  541.244603][ T5848] RAX: 0000000000000000 RBX: ffff88807fa616a0 RCX: ffffffff82269f2b
[  541.252606][ T5848] RDX: ffff88802cf63c00 RSI: ffffffff830d1e2b RDI: ffff88807fa61690
[  541.260612][ T5848] RBP: ffff88807fa61328 R08: 0000000000000005 R09: 0000000000000000
[  541.268609][ T5848] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807fa61770
[  541.276604][ T5848] R13: ffffffff830d1a40 R14: 0000000000000000 R15: ffff88807fa61868
[  541.284605][ T5848] FS:  0000555578b43500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  541.293616][ T5848] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  541.300232][ T5848] CR2: 00007fa8877062d8 CR3: 0000000060684000 CR4: 0000000000350ef0
[  541.308238][ T5848] Call Trace:
[  541.311532][ T5848]  <TASK>
[  541.314480][ T5848]  ? die+0x31/0x80
[  541.318283][ T5848]  ? do_trap+0x232/0x430
[  541.322582][ T5848]  ? jfs_evict_inode+0x3ec/0x4b0
[  541.327578][ T5848]  ? jfs_evict_inode+0x3ec/0x4b0
[  541.332668][ T5848]  ? do_error_trap+0xf4/0x230
[  541.337406][ T5848]  ? jfs_evict_inode+0x3ec/0x4b0
[  541.342407][ T5848]  ? handle_invalid_op+0x34/0x40
[  541.347405][ T5848]  ? jfs_evict_inode+0x3ec/0x4b0
[  541.352400][ T5848]  ? exc_invalid_op+0x2e/0x50
[  541.357204][ T5848]  ? asm_exc_invalid_op+0x1a/0x20
[  541.362286][ T5848]  ? __pfx_jfs_evict_inode+0x10/0x10
[  541.367632][ T5848]  ? dquot_drop+0x4b/0x1a0
[  541.372101][ T5848]  ? jfs_evict_inode+0x3eb/0x4b0
[  541.377096][ T5848]  ? jfs_evict_inode+0x3ec/0x4b0
[  541.382094][ T5848]  ? jfs_evict_inode+0x3eb/0x4b0
[  541.387091][ T5848]  ? __pfx_jfs_evict_inode+0x10/0x10
[  541.392435][ T5848]  evict+0x40c/0x960
[  541.396368][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.402070][ T5848]  ? __pfx_evict+0x10/0x10
[  541.406529][ T5848]  ? __pfx___might_resched+0x10/0x10
[  541.411864][ T5848]  ? do_raw_spin_unlock+0x172/0x230
[  541.417113][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.422814][ T5848]  dispose_list+0x117/0x1e0
[  541.426570][ T5913] usb 6-1: Using ep0 maxpacket: 8
[  541.427341][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.438005][ T5848]  evict_inodes+0x39d/0x4b0
[  541.442552][ T5848]  ? __pfx_evict_inodes+0x10/0x10
[  541.447609][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.453290][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.459057][ T5848]  ? shrink_dcache_for_umount+0x1a6/0x3e0
[  541.464822][ T5848]  generic_shutdown_super+0xb8/0x3d0
[  541.470147][ T5848]  kill_block_super+0x3b/0x90
[  541.474862][ T5848]  deactivate_locked_super+0xc1/0x1a0
[  541.480452][ T5848]  deactivate_super+0xde/0x100
[  541.485274][ T5848]  cleanup_mnt+0x222/0x450
[  541.489738][ T5848]  task_work_run+0x151/0x250
[  541.494360][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  541.499501][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  541.505188][ T5848]  syscall_exit_to_user_mode+0x27b/0x2a0
[  541.510872][ T5848]  do_syscall_64+0xda/0x250
[  541.516022][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.521954][ T5848] RIP: 0033:0x7fccd577fb47
[  541.526387][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  541.546028][ T5848] RSP: 002b:00007ffcfc2d4648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  541.554473][ T5848] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fccd577fb47
[  541.562469][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcfc2d4700
[  541.570464][ T5848] RBP: 00007ffcfc2d4700 R08: 0000000000000000 R09: 0000000000000000
[  541.578453][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcfc2d5780
[  541.586530][ T5848] R13: 00007fccd57f15fc R14: 0000000000083518 R15: 00007ffcfc2d57c0
[  541.594536][ T5848]  </TASK>
[  541.597563][ T5848] Modules linked in:
[  541.601843][ T5848] ---[ end trace 0000000000000000 ]---
[  541.609549][ T5848] RIP: 0010:jfs_evict_inode+0x3ec/0x4b0
[  541.615192][ T5848] Code: 24 80 00 74 0d e8 24 9c 81 fe 48 89 df e8 dc 84 02 00 e8 17 9c 81 fe 48 89 df e8 3f 89 19 ff e9 e3 fc ff ff e8 05 9c 81 fe 90 <0f> 0b 48 c7 c7 c0 53 77 8e e8 d6 9f e3 fe e9 43 fc ff ff e8 cc 9f
[  541.669954][ T5848] RSP: 0018:ffffc90003327b58 EFLAGS: 00010293
[  541.676101][ T5848] RAX: 0000000000000000 RBX: ffff88807fa616a0 RCX: ffffffff82269f2b
[  541.684163][ T5848] RDX: ffff88802cf63c00 RSI: ffffffff830d1e2b RDI: ffff88807fa61690
[  541.692547][ T5848] RBP: ffff88807fa61328 R08: 0000000000000005 R09: 0000000000000000
[  541.700617][ T5848] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807fa61770
[  541.708754][ T5848] R13: ffffffff830d1a40 R14: 0000000000000000 R15: ffff88807fa61868
[  541.717058][ T5848] FS:  0000555578b43500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  541.721842][ T5913] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  541.726373][ T5848] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  541.742305][ T5848] CR2: 00007fcd7a54cbd0 CR3: 0000000060684000 CR4: 0000000000350ef0
[  541.750907][ T5848] Kernel panic - not syncing: Fatal exception
[  541.757267][ T5848] Kernel Offset: disabled
[  541.761600][ T5848] Rebooting in 86400 seconds..