last executing test programs:

2m16.795192404s ago: executing program 1 (id=2):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x800001, 0x0, 0x1f)

2m16.580093848s ago: executing program 1 (id=20):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[], 0x1, 0x2c3, &(0x7f0000000100)="$eJzs3EFrE2sUxvFzm94mTWmTC5eCgnrQjd0MbfwAGqQFMaDWpqgLYWonGjImZSZUUsRmI279HMVld4L6BboRN+7dFUF0YRfiiJmknbSTNNUmpvb/gzInec+TvKUknBTybt56/rCQc42cWZaBmMqASFW2RJI/q7p/6teBWj0kQVWZGPny/tTN23eupjOZ6KzqTHruQkpVx868evT4xdk35ZH59bGXUdlI3t38lPqwMb5xYvP73IO8q3lXi6WymrpQKpXNBdvSxbxbMFSv25bpWpovupbTtJ6zS0tLFTWLi6PxJcdyXTWLFS1YFS2XtOxU1Lxv5otqGIaOxuV4G+ygJ7s2O2umWy57kUPdEbpuOOxOx0lXRWRo72J2rRebAgAA/aX9/O/P+q3n/8y8f23M/9OHM/+LMP93SbXp1j7zP/4KjpM24/XXbzPmfwAAAAAAAAAAAAAAAAAAAAAAjoItz0t4npdoXBs/URGJiUjj9p/eJ7pjv7//5/DYxV7vE90R+OJeTMR+tpxdzvpXfz2dk7zYYsmkJORb7f2gzq9nrmSmJ7Xmq+d5q/X86nI2ItFGviEZlj/935SfV3ltB/L/Sjz4/ClJyP/hz58KzQ/dOH8ukDckIW/vSUlsWay9r+3kn0ypXr6W2ZUfrvW1FHrSAgAAAAAA/cnQbcnmz7/+2Y9GrSEme9f9/AH+P7Dr8/WgnOzkiEoAAAAAAPDb3MpKwbRtywkp1kWkxVKtiIpIm/hxLSLSF9vYVVwSkT7YRq+KmIj49+gvxMc/bsc7Snkd9Azu82rqtyL0wGAAAAAAR9jO0H+A0LunXdwRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHT9tjwCZG/KbKSqHR39QTfKA2jxPoivTuNwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6z48AAAD//0vYF3I=")
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)

2m16.07394109s ago: executing program 1 (id=27):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a"], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

2m14.878869427s ago: executing program 1 (id=42):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x32}, @in=@local, {0x200000, 0x0, 0xffffffffffff7fff}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@loopback}}]}, 0x154}}, 0x0)

2m14.405073457s ago: executing program 32 (id=42):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x32}, @in=@local, {0x200000, 0x0, 0xffffffffffff7fff}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@loopback}}]}, 0x154}}, 0x0)

3.861954442s ago: executing program 3 (id=1509):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
getitimer(0x2, &(0x7f0000000040))

3.524494557s ago: executing program 3 (id=1513):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x480, 0x0, 0x0)

3.523819487s ago: executing program 2 (id=1514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x2261, 0x2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r0}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)

3.33009946s ago: executing program 3 (id=1516):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0x891c, 0x0)

3.294864731s ago: executing program 2 (id=1517):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x3, 0x7fff7ffc}]})
mlock2(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1)

3.174458392s ago: executing program 3 (id=1519):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={[{}]}, 0x1, 0x232, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiAwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1t9BgaGDSDnulXOjbnrFi/ItUz9fN2bFwwHoz5PZGBkZGBgYmCYGbZzD7K/yhugkcHAzMDAoMIAUsTCkJaZk2rgwcDIwMzAws6ADGCqmRg4wKr0kvNzUtoZGMFJAKxtOQML3AzDxwys/CDlII7RYwZWuIyxRQPMyHYorQKlPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDReJ//iJDNgYGhorEkpIiQ4hYSUmREVzMSABuMxPU1rlMqJ47zsQwCkbBKBgFo2AUjIJRMApGwSgYBSMZAAIAAP//kpC1eQ==")
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905"], 0x0)

3.120592153s ago: executing program 2 (id=1520):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000440)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@nodiscard}, {@discard_size={'discard', 0x3d, 0x4}}, {@nodiscard}, {@quota}, {@discard}, {@iocharset={'iocharset', 0x3d, 'cp852'}}]}, 0xff, 0x6108, &(0x7f000000fa40)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP7M3r52bgZC/k7+BtWOMcTbZ9SW+0LqYcG24lUBS0kts17t2FnyL1y5JGsmOAiUSRkUVbcOLtoCiNm8qrCovaBVQXqBWlSqR9gV9g6hQeRFVAQWkSm0VstWceZ5nZ2ZnZ3a94/XMOZ+PlPzimTNzzpx5Zna/63x3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6m167/QXK1mWVf/J/7U+y66v/vfasfX5Ze+61kcIAAAArNQv83+/elO64OASblS3zT++9fvPz83NzWWfHvyT4a/OzaUrxrJseE2W5ddFl3/8YKV+m+CpbLQyUPfngQ67H+xw/VCH64c7XD/S4fo1Ha4f7XD9ghOwwNraz2PyO9uS/+f62inNbs6G8+u2tLjVU5U1AwPxZzm5Sn6bueFj2Ux2IpvOJhu2r21bybd/YVN1Xx/K4r4G6va1sbpCfv7E0XgMlXCOtzTsa/4+o5++Jxv7xc+fOPpX5165tdXseBoa7q92nNs2V4/z8+GS2rFWsjXpnMTjHKg7zo0tnpPBhuOs5Ler/nfzcb66xOMcnD/MVdX8nI9mA/l/v5Sfp6H6H+ul87QxXPbft2dZdnH+sJu3WbCvbCBb13DJwPzzM1pbkdX7qC6lN2ZDy1qnm5awTqtzakvjOm1+TcTnf1O43dAix1D/NP30yZG65/21uStZp1H1US/2Wmleg91+rfTKGozr4qX8QT/dcg1uCY//ia2Lr8GWa6fFGkyPu24Nbu60BgdGBvNjTk9CJb/N/Brc0bD9YL6nSj5f3tp+DU6cO3lmYvaxx++cOXnk+PTx6VO7duyY3LVnz759+yaOzZyYnqz9+wrPdu9blw2k18DmcO7ia+AdTdvWL9W5b4wseP+90tfhaJvX4fqmbbv9OhxqfnCV1XlBLlzTtdfGp6onffTSQLbIayx/frav/HWYHnfd63Co7nXY8mtKi9fh0BJeh9Vtzmxf2vcsQ3X/tDqGxb8WrGwNrq9bg83fjzSvwW5/P9Ira3A0rIsfbl/8a8HGcLxPjy/3+5HBBWswPdzw3lO9JH2/P7ovH63W5W3VK64byc7PTp+969Ej586d3ZGFsSreVLdWmtfrurrHlC1YrwPLXq8HZ9769G0tLl8fztXondV/jS76XFW32X1X++cq/+rW+nw2XLozC6PLVvt8tvpqXj2fI1n2te89ed93nvjaexc9n9W8+fmJlX8vnnJp3fvv8CLvvzH3v17bX7qrpwaHh2qv38F0doYb3o8bn6qh/L2rku/71YmlvR8Ph39W+/345jbvxxuatu32+/Fw84OL78eVTj/tWJnm53M0rJMTk+3fj6vbbNi53DU51Pb9+PYwK+H8vzMkhZSL6tbOYus27WtoaDg8rqG4h8Z1uqth++GQzar7em7nla3TbbfX7mswPbp5q7VOx5q27fY6TT/7WmydVjr99O3KND+fo2Fd3Lyr/TqtbvPi7pW/d66N/1n33jnSaQ0OD45Uj3k4LcL8/T6bWxvX4F3Z0ex0diKbyq8dyddTJd/X+N1LW4Mj4Z/Vfq/c0GYNbmvatttrMH0dW2ztVYYWPvguaH4+R8O6eObu9muwus379nb3e9dt4ZK0Td33rs0/X1vsZ163NZ2mq7VWhsJxfm9v+5/NVrc5sW+5ObP9ebojXHJdi/PU/Ppd7DU1la3OedoQjvOVfYufp+rxVLf56v4lrqeDWZZdeOSe/Oe94e9X/vb8D55v+HuXVn+nc+GRe352w7F/WM7xA9D/Xq+NdbWvdXV/M7WUv/8HAAAA+kLM/QNhJvI/AAAAFEbM/fH/Ck/kfwAAACiMmPuHwkxKkv83vO+VmdcvZKmZPxfE69NpuLe2Xey4ToY/j83Nq15+z7PT//X3F5a274Esy1679w9abr/h3nhcNWPhOC+/v/HyBZ6/c0n7Pnz/hbTf+v7618P9x8ez1GXQqoI7mWXZCzd9Od/P2IOX8vnivYfzed/Fp5+qbvPq/tqf4+1fflNt+z8P5d+Dx4403P7lcB5+Eubkh1ufj3i7b11658a9D8zvL96usvnG/GE/81DtfuPvyfnKU7Xt43le7Pi/86XnvlXd/tG3tz7+CwOtj/+5cL/Phvk/b6ltX/8cVP8cb/eFcPxxf/F2d33zuy2P//IXa9uf+UBtu8Nhxv1vC3/e8oFXZurP16OVIw2PK/tgbbu4/8kf/FF+fby/eP/Nxz966FLD+WheHy/+a+1+Jpq2j5fH/UR/17T/6v3Ur8+4/+f+8HDDee60/8v3vfyW6v027/+Opu3OPLI93//8/TX+xqa/+MKXW+4vHs/BvznT8HgOfiK8jsP+n3korMdw/f9ert1f829XOPyJxvefuP3X119oeDzRh35R2//ldx/P55rRteuuu/6GGy++rXrusuylNbX767T/4395uuH4v3FL7XzE62NHv3n/i4n7P/u58VOnZ8/PTKWz+sRN+e/O+UjteOLx3hTeW5v/fOj0uYenz45Njk1m2Vhxf4XeFftmmD+rjYvtt55b8A66/f7wfN72Zy+s2/ovX4qX/9unapdf+nDt69Y7wnZfCZevD8/f8va/0DObbslf35UXwxHOLfx9wSuxcct/7lvShuHxN39fENf7mTc/nJ+H6nX51434ul7h8f9oqnY/3w7ndS78ZubNt8zvr377+LsRLn2y9npf8fkLb3Pxef3r8Hx/9Ce1+4/HFR/vj8L3Md/d0Ph+F9fHty8MNN9//ls8Lob3k+xi7fq4VTzfl169peXhxd9Dkl28Nf/zH6f7uXVZD3Mxs4/NTpyYOXX+0Ylz07PnJmYfe/zQydPnT507lP8uz0Of6XT7+fendfn709T0nt1Z/m51ujausmt9/GfuPzq1d3Lr1PSxI+ePnbv/zPTZ40dnZ49OT81uPXLs2PTnOt1+ZurAjp37d+3dOX58ZurAvv37d+0fnzl1unoYtYPqYM/kZ8dPnT2U32T2wO79O+6+e/fk+MnTU9MH9k5Ojp/vdPv8a9N49da/P352+sSRczMnp8dnZx6fPrBj/549Ozv+NsCTZ47Njk2cPX9q4vzs9NmJ2mMZO5dfXP3a1+n2FNPsv9e+n21Wqf0ivuzjd+xJv5+16tknF72r2iZNv0D0lfC7aP7pDWf2LeXPMfcPh5mUJP8DAABAGcTcPxJmIv8DAABAYcTcvybMRP4HAACAwoi5fzTMpCT5v3D9/w0XlrR//X/9//rzpf9fsv7/J3ut/197v9D/746V9u/1/wP9f/1//X/9f/1/uqDX+v8x96/NslLmfwAAACiDmPvXhZnI/wAAAFAYMfdfF2Yi/wMAAEBhxNx/fZhJSfK//v/V7v8P6v/r/+v/x3Wp/6//vwr0/9vT/+9A/38iK1f//2I3j1//X/+fhXqt/x9z/w1hJiXJ/wAAAFAGMfffGGYi/wMAAEBhxNx/U5iJ/A8AAACFEXP/+jCTkuR//X+f/6//r/+v/996//r//Un/vz39/w70/33+v/6//j9d1Wv9/5j73xBmUpL8DwAAAGUQc/8bw0zkfwAAAOg9Q1d2s5j73xRmsiD/X+EOAAAAgGsu5v6bs6YieEn+/l//X/9f/1//X/+/9f6X3v8fzPT/e4f+f3v6/x3o/+v/6//r/9NVvdb/z3N/Npq9OcykJPkfAAAAyiDm/lvCTOR/AAAAKIyY+/9fmIn8DwAAAIURc/+GMJOS5H/9f/1//X/9f/3/1vv3+f/9Sf+/Pf3/DvT/9f/1//X/6ape6//H3H9rmElJ8j8AAACUQcz9t4WZyP8AAABQGDH3//8wE/kfAAAACiPm/o1hJiXJ//r/Pd7/j81R/X/9f/1//X/9/yXR/29P/78D/X/9f/1//X+6qtf6/zH3vyXMpCT5HwAAAMog5v63hpnI/wAAAFAYMfe/LcxE/gcAAIDCiLl/LMykJPlf/79L/f8tNyy4zOf/6/+n9RGm/r/+v/7/1af/357+fwf6//r/+v/6/3RVr/X/Y+7fFGZSkvwPAAAAZRBz/+YwE/kfAAAACiPm/tvDTOR/AAAAKIyY+7eEmZQk/+v/9/jn/+v/6//r/+v/6/8vi/5/e/r/Hej/6//r/+v/01W91v+Puf/tYSYlyf8AAABQBjH3bw0zkf8BAACgMGLuf0eYifwPAAAAhRFz/7Ywk5Lkf/1//X/9f/1//f/W+9f/70/6/+3p/3eg/6//r/+v/09X9Vr/P+b+d4aZlCT/AwAAQBnE3L89zET+BwAAgMKIuf+OMBP5HwAAAAoj5v7xMJOS5H/9f/1//X/9f/3/1vvX/+9P+v/t6f93oP+v/6//r/9PV/Va/z/m/jvDTEqS/wEAAKAMYu6/K8xE/gcAAIDCiLl/IsxE/gcAAIDCiLl/MsykJPlf/1//X/9f/39Z/f+3zd+v/n+N/n9v0f9vT/+/A/1//f9r3v8f1v+nUHqt/x9z/44wk5LkfwAAACiDmPt3hpnI/wAAAFAYMffvCjOR/wEAAKAwYu7fHWZSkvyv/6//r/+v/+/z/1vvX/+/P+n/t9f9/n98iPr/+v/6/z7/X/+fhXqt/x9z/91hJiXJ/wAAAFAGMffvCTOR/wEAAKAwYu7fG2Yi/wMAAEBhxNy/L8ykJPlf/1//X/9f/1//v/X+9f/7k/5/ez7/vwP9f/1//X/9f7qq1/r/MffvDzMpSf4HAACAMoi5/11hJvI/AAAAFEbM/b8SZiL/AwAAQGHE3P+rYSYlyf/6//r/+v/6//r/rfev/9+f+rb/X/syrP+v/6//38fHr/+v/89Cvdb/j7n/QJhJSfI/AAAAlEHM/b8WZiL/AwAAQGHE3P/uMBP5HwAAAAoj5v6DYSYlyf/6//r/+v/6//r/rfev/9+f+rb/H5Ss/z/SfIH+v/5/Px+//r/+Pwv1Wv8/5v73hJmUJP8DAABAGcTcf0+YifwPAAAAhRFz/3vDTOR/AAAAKIyY+98XZlKS/K//r/+v/6//r//fev/6//1J/7+9Huv/L6D/r//fz8ev/6//z0K91v+Puf/9YSYlyf8AAABQBjH3fyDMRP4HAACAwoi5/4NhJvI/AAAAFEbM/R8KMylJ/tf/1//X/9f/1/9vvX/9//6k/9+e/n8H+v8F6/+P3aD/r//P1dIqAS10Zf3/619bdIcr7P/H3P/rYSYlyf8AAABQBjH33xtmIv8DAABAYcTc/+EwE/kfAAAACiPm/o+EmZQk/6+o/z+i/x/p/zcev/5/6/Wh/6//r/9/9en/t9dn/f9f3hgu1/+v0f/v7ePvyf7/jxfr/8+tab69/j9Xw5X1/1vqSv8/5v6PhpmUJP8DAABAGcTc/7EwE/kfAAAACiPm/o+Hmcj/AAAAUBgx9/9GmElJ8r/P/68ex3x7Wf9f/z+/QP9f/1//v2/p/7fXZ/1/n//fRP+/t4+/J/v/Pv+fa6zX+v8x938izKQk+R8AAADKIOb++8JM5H8AAAAojJj7PxlmIv8DAABAYcTc/6kwk5Lkf/1/n/+v/6//r//fev/6//1J/789/f8O9P/1/3ut//8f+v/0t17r/8fcf3+YSUnyPwAAAJRBzP0PhJnI/wAAAFAYMff/ZpiJ/A8AAACFEXP/p8NMSpL/9f/7pf8/pv+v/6//3/R49P/1/1vR/29P/78D/X/9/17r//v8f/pcr/X/Y+5/MMxk6fl/dMlbAgAAANdEzP2/FWZSkr//BwAAgDKIuf+3w0zkfwAAACiMmPt/J8ykJPlf/79f+v8+/z/T/9f/b3o8+v/6/62sXv8/vvPo/+v/6/9H+v/6//r/NOu1/n/M/b8bZlKS/A8AAABlEHP/Q2Em8j8AAAD0hVb/T3azmPsPhZnI/wAAAFAYMfcfDjMpSf7X/9f/1//v0f7/n27+5x9+/2OHd+j/6//r/y/Lqn7+f/XF7/P/9f/1/xP9f/1//X+a9Vr/P+b+I2EmJcn/AAAAUAYx9/9emIn8DwAAAIURc//RMBP5HwAAAAoj5v6pMJOS5H/9f/1//f8e6f9XKllWkM//j+dD/79R1/r/8U1X/7+lVe3/PzDfE9f/X27/f6Tlpfr/+v/9fPz6//r/LNRr/f+Y+6fDTEqS/wEAAKAMQu4fOFab81fI/wAAAFAYMfcfDzOR/wEAAKAwYu5/OMykJPlf/1//X/+/R/r/zZ//38f9f5//35rP/18d+v/t9U7/vzX9f/3/fj5+/X/9fxbqtf5/zP0zYSYlyf8AAABQBjH3fybMRP4HAACAwoi5/7NhJvI/AAAAFEbM/SfCTEqS//X/9f/1//X/9f9b71//vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7T4aZlCT/AwAAQBnE3H8qzET+BwAAgMKIuf90mIn8/3/s3UevnXe1x/Htex1dW3kBd3Anmd9XgDIAiRm8AAZMGICEGNBCb3EgtACh90DoPZQEQmiht4QWCJ3QO4QSegAZobPWss/xPs+2zT728/zX5zNZ4HDYB2Ql+cX+6g8AAADDyN3/4Lilyf7X/+v/h+3/76r/3+/z9f/6/5Hp/6fp/zfQ/+v/9f/6f7Zqbv1/7v6HxC1N9j8AAAB0kLv/oXGL/Q8AAADDyN1/Sdxi/wMAAMAwcvc/LG5psv/39P+HVj37/8x49f8j9f/e/9/38/X/+v+Rndv+/7J//5lP/6//1/8H/b/+X//PXnPr/3P3PzxuabL/AQAAoIPc/Y+IW+x/AAAAGEbu/kfGLfY/AAAADCN3/6Pilib73/v/3v/X/+v/9f/rP1//v0ze/5/Wqf+/5NYLH3jH9f93w5l8vv5f/6//1/+zXXPr/3P3Pzpu2T387r7370cBAACA5cjd/5i4pcmv/wMAAEAHufsfG7fY/wAAADCM3P2Pi1ua7H/9v/5f/6//1/+v/3z9/zLp/6d16v/P5vP1//p//b/+n+2aW/+fu//xcUuT/Q8AAAAd5O5/Qtxi/wMAAMAwcvdfGrfY/wAAADCM3P3H4pYm+1//f/D9/z/1//r/uPp//b/+/+Dp/6fp/zfQ/+v/9f/6f7Zqbv1/7v7L4pYm+x8AAAA6yN3/xLjF/gcAAIBh5O5/Utxi/wMAAMAwcvdfHrc02f/6f+//6//1//r/9Z+v/18m/f+0c9//r/sr5P70/4vv/y/Q/+v/9f+c7Az7/zsn/rS9lf4/d/+T45Ym+x8AAAA6yN3/lLjF/gcAAIBh5O5/atxi/wMAAMAwcvc/LW5psv/1//p//b/+X/+//vP1/8uk/582m/f/Dx1e+8P6/8X3/97/1//r/9llbu//5+5/etzSZP8DAABAB7n7r4hb7H8AAAAYRu7+Z8Qt9j8AAAAMI3f/M+OWJvtf/6//1//r//X/6z9/qv+/4aTvT/8/L/r/abPp//eh/9f/L/n71//r/znV3Pr/3P3Pilua7H8AAADoIHf/lXGL/Q8AAADDyN3/7LjF/gcAAIBh5O5/TtzSZP+v7/9P/HH9/+nR/+/+/vX/639+bKv/z/9G/f9k/3837//3pP+fpv/fQP+v/9f/79f/H9309fp/1plb/5+7/7lxS5P9DwAAAB3k7n9e3GL/AwAAwDBy9z8/brH/AQAAYBi5+18QtzTZ/97/1//r/5fX/3v/f8f5fP9/dc77/8P6/9Ok/5+m/99A/6//1/97/5+tmlv/n7v/hXFLk/0PAAAAHeTuf1HcYv8DAADAMpz8ewf2/obSkLv/xXGL/Q8AAADDyN3/krilyf7X/+v/9f/6/979/5GF9P/e/z9d+v9p+v8Nzm//f2jQ/v/wYP3/1ft9/Rz6/0v1/8zMrv7/xhM/fr76/9z9L41bmux/AAAA6CB3/8viFvsfAAAAhpG7/+Vxi/0PAAAAw8jdf1Xc0mT/H3j/f3T/z9b/6//1//r/89//L+X9f/3/6dL/T9P/b+D9f+//e/9f/89W7er/T3K++v/c/a+IW5rsfwAAAOggd/8r4xb7HwAAAIaRu//quMX+BwAAgGHk7n9V3NJk/2+p/7/qisvv4v3/PfT/+v+9Pz/0//p//f/B0/9P0/9voP/X/+v/9f9s1dz6/9z9r45bmux/AAAA6CB3/2viFvsfAAAAhpG7/7Vxi/0PAAAAw8jd/7q4pcn+P/D3/yd06P/zx/X/+v+V/l//r/8/J9r2/4fW/ZXoVPv0/zff/9g9d/+I/l//r//X/+v/2YJZ9P/HT/zdZe7+18ctTfY/AAAAdJC7/w1xi/0PAAAAw8jd/8a4xf4HAACAYeTuf1PcMsj+P7Lhj+v/vf+v/9f/6//Xf77+f5na9v+nyfv/G+j/9f/6f/0/WzWL/v+kf5+7/81xyyD7HwAAAFjV7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//b/+X/+v/1//+fr/ZdL/T9P/b6D/1//r//X/bNXc+v/c/dfELU32PwAAAHSQu//tcYv9DwAAAMPI3f+OuMX+BwAAgGHk7n9n3NJk/+v/9f/6f/2//n/95+v/l0n/P03/v1qtrp34Btb1/8f/R/+v/9f/6/85S3Pr/3P3vytuabL/AQAAoIPc/dfGLfY/AAAADCN3/3Vxi/0PAAAAw8jd/+64pcn+1//r//X/+n/9//rP1/8vk/5/mv5/A+//6//1//p/tmpu/X/u/vfELU32PwAAAHSQu//6uMX+BwAAgGHk7n9v3GL/AwAAwDBy998QtzTZ//p//b/+X/+v/1//+fr/ZTq4/n+l/9f/6/830P/r//X/7DW3/j93//vilib7HwAAADrI3f/+uMX+BwAAgGHk7v9A3GL/AwAAwDBy938wbmmy//X/+n/9v/5f/7/+8/X/y+T9/2n6/w30//p//b/+n62aW/+fu/9DcUuT/Q8AAAAd5O6/MW6x/wEAAGAYufs/HLfY/wAAADCM3P0fiVua7H/9v/5/d/+/Wun/9f/6/x3noP8/stL/b53+f5r+fwP9/5j9/3+tBur/j+779fp/5mhu/X/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk/+v/9f/e/9f/6//Xf773/5dJ/z9N/7+B/n/M/t/7//p/zpu59f+5+z8ZtzTZ/wAAANBB7v5PxS32PwAAAAwjd/+n4xb7HwAAAIaRu/8zO/fEPwBosv/1//p//b/+X/+//vP1/8uk/5+m/99A/6//1//r/9mqufX/sftXn41bmux/AAAA6CB3/01xi/0PAAAAw8jdf3PcYv8DAADAMHL3fy5uabL/9f/6f/3/Mvv/I/p//b/+f6259P8XX3yPW/T/+n/9v/5f/6//725u/X/u/s/HLU32PwAAAHSQu/8LcYv9DwAAAMPI3f/FuMX+BwAAgGHk7v9S3NJk/5/a/1+w2ilUd6zr/6NR0/+fRP+/+/vX/6//+eH9f/2//v/gzaX/9/7/2X3/+n/9/5K//zPq/y869ev1/4xobv1/7v5b4pYm+x8AAAA6yN3/5bjF/gcAAIBh5O7/Stxi/wMAAMAwcvffGrc02f/e/9f/6//1//r/9Z+v/18m/f80/f8G+n/9v/f/H3Tf/9b/sz1z6/9z9381bmmy/wEAAKCD3P1fi1vsfwAAABhG7v6vxy32PwAAAAwjd/834pYm+1//r//X/+v/9f/rP1//v0z6/2n6/w30//p//b/3/9mqufX/ufu/Gbc02f8AAADQQe7+b8Ut9j8AAAAMI3f/t+MW+x8AAACGkbv/O3FLk/2//f7/Iv1/0P/Ppf+/j/5/z+fr//X/I9P/51/R19P/b6D/1//r//X/bNXc+v/c/bfFLU32PwAAAHSQu/+7cYv9DwAAAMPI3f+9uMX+BwAAgGHk7v9+3NJk/3v/v1f/f2jVsf/3/r/+X//fif5/mv5/A/2//l//r/9nq+bW/+fu/0Hc0mT/AwAAwFLd6/8fcNvp/mdz9/8wbrH/AQAAYBi5+38Ut9j/AAAAMIzc/T+OW5rsf/1/r/6/5/v/+n/9v/6/E/3/NP3/Bvp//b/+X//PVs2t/8/d/5O45aThd/iM/1cCAAAAc5K7/6dxS5Nf/wcAAIAOcvf/LG45Zf8fP83f1Q4AAADMTe7+n8ctTX79X/8/8/5/NX7/f/tK/6//36H/1/9vg/5/2n/Y/x8/pP/X/0/Q/+v/9f/sNbf+P3f/L+KWJvsfAAAABrXrnyjk7v9l3GL/AwAAwDBy9/8qbrH/AQAAYBi5+38dtzTZ//r/mff/Z/X+/9H6V0vo/73/f4D9/5VH1n6+/l//PzL9/zTv/2+g/9f/6//1/2zV3Pr/3P23xy1N9j8AAAB0kLv/N3GL/Q8AAADDyN3/27jF/gcAAIBh5O7/XdzSZP/r/0fs/5f1/r/+3/v/Z9///++Fx2669/2uu0b/zwnnsv/Pnwv6f/2//n+H/l//r/9nr7n1/7n7fx+3NNn/AAAA0EHu/jviFvsfAAAAhpG7/w9xi/0PAAAAw8jd/8e4pcn+1//r/+fS/+f/1+eh/z+2vP4/m+Lu/b/3//X/p/L+/zT9/wb6f/2//l//z1bNrf/P3f+nuKXJ/gcAAIAOcvf/OW6x/wEAAGAYufv/ErfY/wAAADCM3P1/jVua7H/9v/5/Lv1/8v7/ia/z/v8O/b/+/0zo/6fp/zfQ/+v/9f/6f7Zqbv1/7v6/xS1N9j8AAAB0kLv/zrjF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv/1//p//b/+X/+//vP1/8uk/5+m/99A/6//1//r/9mqufX/ufv/FQAA///1FHDi")
open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)

2.902650157s ago: executing program 4 (id=1522):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r0, 0x104, 0x6, 0x0, &(0x7f00000000c0))

2.68036579s ago: executing program 4 (id=1524):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
sysinfo(&(0x7f0000000000)=""/196)

2.67970532s ago: executing program 0 (id=1525):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea000fffbf7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a4", 0x24}], 0x2)

2.551521101s ago: executing program 0 (id=1526):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r0, 0x4bfb, 0x0)

2.535380572s ago: executing program 4 (id=1527):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000300)={0x9, {0xd46, 0x0, 0x235}})

2.411109104s ago: executing program 4 (id=1528):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000280)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3}}, 0x24)

2.393554764s ago: executing program 0 (id=1529):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xfffe, 0x1}, 0x6)

2.311604445s ago: executing program 2 (id=1530):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89ff, &(0x7f0000001440)={'bridge0\x00', &(0x7f00000002c0)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x6ef1}})

2.232488757s ago: executing program 4 (id=1531):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000000c0), 0x10)

2.170830187s ago: executing program 0 (id=1532):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000880)=@newtaction={0x84, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x70, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x400000000000000}}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0)

2.049552909s ago: executing program 4 (id=1533):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000180), 0x2, 0x557, &(0x7f0000000940)="$eJzs3cFvI1cZAPBvJvFudjclKXAolSgVLdotsM6mYduIQwEJwakSUMQJaQmJE0XrxKvEaTfRiqbiioQECCpxgRMXJP4AJNQLd4RUqdwRICpUsnAAqe2gsce7iddOvML2qMnvJ83OvHn2fN+z18/v2RNPAGfWkxFxJSImIuKZiJgp9qfFEvvtJb/d3YM7y/mSRJa99E4SSbGvc6zzxfpScbepiPjGVyO+mzwYd3t37+ZSvV7bKspzzY3k3Szbu7q+sbRWW6ttLizMP7f4/OL1xWtDaedsRLzw5b/99Ie/+soLv/vsK3++8faV7+Vp/TfLXo2udgxTu+mV1mPRMRkRW6MIVpLJVgvbrg90jx7/IQAAGIt8vP/hiPhka/w/ExOt0RwAAABwmmRfmI53k4gMAAAAOLXSiJiOJK0W5/tOF+dmXoqIj8bFtN7Ybn5mtbGzuZLXRcxGJV1dr9euxVTr3IHZqCR5eb44x7ZTfrarvBARj0bET2YutMrV5UZ9pewPPwAAAOCMuNQ1///3TJpWq0XlfsnJAQAAAMMzW3YCAAAAwMiZ/wMAAMDpVsnn/9lAF2RKR58NAAAAMAJfe/HFfMk6179eeXl352bj5asrte2b1Y2d5epyY+tWda3RWGv9Zt/GScerNxq3PhebO7fnmrXt5tz27t6NjcbOZvPG+pFLYAMAAABj9Ogn3vhTEhH7n7/QWnLnirpKRDZx+MaTZWQIjMpDndPz19HlAYzf4ff3CyXmAYyfIT2cXZWyEwBKd9IfAPU9eecPw88FAAAYjcsf6//9/zurpaYGjFjx/X8y0A+AAKfKRNkJAKVpf//3ftZWdjbAOFWOGwGYFMCplw7n+/8TTiVMdCgAAFCy6daSpNViHjAdaVqtRjzSuixgJVldr9euRcSHIuKtmcr5vDzfumdiNA8AAAAAAAAAAAAAAAAAAAAAAAAAA8qyJDIAAADgVItI/965Mtflmaenuz8fOJf8Z6a1johXfv7Sz24vNZtb8/n+f97b33y92P/sw3768OO3h/QxBgAAAHBIZ57emccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDDdPbizfDfLsuzgzvI44/7jSxExW8QvlnbNZEy11lNRiYiL/0pi8tD9koiYGEL8/dci4rFe8ZM8rZgtsjgS/1xEGhEXhhU/HjJ+tONfGkJ8OMveyPufL/Z6/aXxZGvd+/U3WSz/r/79X3qv/5vo0/890u+glaPFx9/8zVzf+K9FPD7Zu//pxE/y4/WI/9SAbfzON/f2+tVlv4y43Kv/S47Gmmtu3Jrb3t27ur6xtFZbq20uLMw/t/j84vXFa3Or6/Va8W/PGD/6+G/fv19674H2Xzym/221v8/j//SA7X/vzdsHH2lvdj0zUYlfZNmVp3o//4/lq08/GL/z3vep4n0gL+ePYfr6t3rGf+LXf3yiX255+1f6tH+qq/3nu9p/ZcD2P/P17/9lwJsCAGOwvbt3c6ler23ZOLwRs+OK9QF7Cs5FeyMfd5aeTxJJ5BtvHalaKj+x9sarxWtsqd55tQ3pyL8vJkejTL6k/ggAABid+4P+7pqknIQAAAAAAAAAAAAAAAAAAADgDDrxZ8D6VaURcX/Pt39wzK+RdcfcL6epAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH+l8AAAD//9CN1mM=")
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x0, 0x100)

1.881341642s ago: executing program 0 (id=1534):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00=', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
mkdir(&(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x66)

745.048359ms ago: executing program 0 (id=1535):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000003000000000000000000000085000000a0000000850000005000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

609.134991ms ago: executing program 3 (id=1536):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)

462.032313ms ago: executing program 2 (id=1537):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@setlink={0x48, 0x10, 0x401, 0x0, 0xfffffffc, {}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bond\x00'}, @IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x5, 0x3, 0xf}, @IFLA_XDP_FLAGS={0x8, 0x3, 0xd}]}]}, 0x48}}, 0x0)

232.383776ms ago: executing program 3 (id=1538):
r0 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)

0s ago: executing program 2 (id=1539):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0xfffd, 0x3, 0x3})

kernel console output (not intermixed with test programs):

pe 16 has an invalid length.
[  128.019629][ T6853] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  128.062049][ T6853] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  128.070864][ T6853] BTRFS info (device loop2): using free space tree
[  128.242641][   T23] IPVS: starting estimator thread 0...
[  128.285372][ T6853] BTRFS info (device loop2): enabling ssd optimizations
[  128.301163][ T6853] BTRFS info (device loop2): auto enabling async discard
[  128.352016][ T6900] IPVS: using max 19 ests per chain, 45600 per kthread
[  128.512282][ T6908] tmpfs: Bad value for 'mpol'
[  128.542413][ T5791] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  128.681545][ T6874] loop0: detected capacity change from 0 to 32768
[  128.786906][ T6874] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  128.951986][ T6874] OCFS2: ERROR (device loop0): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list
[  128.992032][ T6874] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  129.093450][ T6874] OCFS2: File system is now read-only.
[  129.119973][ T6874] (syz.0.353,6874,0):ocfs2_find_leaf:1941 ERROR: status = -30
[  129.161876][ T6874] (syz.0.353,6874,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[  129.206729][ T6874] (syz.0.353,6874,0):ocfs2_get_clusters:624 ERROR: status = -30
[  129.244690][ T6874] (syz.0.353,6874,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30
[  129.292639][ T6874] (syz.0.353,6874,0):ocfs2_read_virt_blocks:987 ERROR: status = -30
[  129.304696][ T6874] (syz.0.353,6874,0):ocfs2_read_dir_block:511 ERROR: status = -30
[  129.344377][ T6874] (syz.0.353,6874,0):ocfs2_find_dir_space_el:3505 ERROR: status = -5
[  129.377592][ T6874] (syz.0.353,6874,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -5
[  129.398677][ T6874] (syz.0.353,6874,0):ocfs2_mknod:298 ERROR: status = -5
[  129.428842][ T6874] (syz.0.353,6874,0):ocfs2_mknod:502 ERROR: status = -5
[  129.456309][ T6874] (syz.0.353,6874,0):ocfs2_mkdir:659 ERROR: status = -5
[  129.547236][ T5788] ocfs2: Unmounting device (7,0) on (node local)
[  129.934580][ T6945] loop3: detected capacity change from 0 to 64
[  130.022005][ T6948] netlink: 4 bytes leftover after parsing attributes in process `syz.0.365'.
[  130.378742][ T6959] loop0: detected capacity change from 0 to 64
[  130.507192][ T6959] hfs: request for non-existent node 327680 in B*Tree
[  130.562237][ T6959] hfs: request for non-existent node 327680 in B*Tree
[  130.683134][   T58] hfs: request for non-existent node 327680 in B*Tree
[  130.690346][   T58] hfs: request for non-existent node 327680 in B*Tree
[  130.856957][ T6973] loop3: detected capacity change from 0 to 1024
[  130.974889][ T6973] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.149395][ T6973] EXT4-fs warning (device loop3): ext4_rmdir:3243: inode #11: comm syz.3.380: empty directory 'file1' has too many links (111)
[  131.353413][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.552409][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  131.552426][   T28] audit: type=1326 audit(1752651784.165:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7001 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  131.692078][   T28] audit: type=1326 audit(1752651784.165:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7001 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  131.776282][   T28] audit: type=1326 audit(1752651784.225:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7001 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  131.826701][   T28] audit: type=1326 audit(1752651784.235:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7001 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  131.902121][   T28] audit: type=1326 audit(1752651784.235:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7001 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  132.100125][ T7027] loop3: detected capacity change from 0 to 2048
[  132.121995][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  132.135147][ T7021] bond1: entered allmulticast mode
[  132.165552][ T7027] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  132.168167][ T7021] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.253014][ T7027] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.310997][   T23] usb 1-1: Using ep0 maxpacket: 32
[  132.336169][   T23] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[  132.371867][   T23] usb 1-1: config 0 has no interface number 0
[  132.397182][   T23] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has an invalid bInterval 97, changing to 7
[  132.448373][   T23] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid maxpacket 24929, setting to 1024
[  132.506903][   T23] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  132.522116][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.529794][ T7034] loop2: detected capacity change from 0 to 256
[  132.540154][   T23] usb 1-1: Product: syz
[  132.549285][   T23] usb 1-1: Manufacturer: syz
[  132.566021][   T23] usb 1-1: SerialNumber: syz
[  132.587502][   T23] usb 1-1: config 0 descriptor??
[  132.612077][ T7034] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.642548][   T23] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  132.661815][ T7034] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  132.695711][ T7034] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  132.706616][   T23] em28xx 1-1:0.132: Video interface 132 found: isoc
[  132.838634][ T7034] loop2: Can't mount, would change RO state
[  132.898580][ T7043] loop4: detected capacity change from 0 to 2048
[  132.911886][   T23] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[  132.954804][ T7043] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  133.033099][   T23] em28xx 1-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  133.057972][ T5987] udevd[5987]: incorrect nilfs2 checksum on /dev/loop4
[  133.067140][   T23] em28xx 1-1:0.132: board has no eeprom
[  133.068172][ T7050] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.117655][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  133.128420][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  133.141893][   T23] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  133.149773][   T23] em28xx 1-1:0.132: analog set to isoc mode.
[  133.156939][ T5834] em28xx 1-1:0.132: Registering V4L2 extension
[  133.171546][   T23] usb 1-1: USB disconnect, device number 2
[  133.186346][   T23] em28xx 1-1:0.132: Disconnecting em28xx
[  133.194250][ T7052] netlink: 68 bytes leftover after parsing attributes in process `syz.2.406'.
[  133.220095][ T7048] bond2: entered allmulticast mode
[  133.226182][ T7052] netlink: 24 bytes leftover after parsing attributes in process `syz.2.406'.
[  133.263581][ T7043] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 3044605952
[  133.340948][ T7043] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=15)
[  133.378504][ T7043] Remounting filesystem read-only
[  133.385814][ T7043] NILFS (loop4): error -5 truncating bmap (ino=15)
[  133.559179][ T5834] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[  133.582873][   T28] audit: type=1326 audit(1752651786.195:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.2.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  133.607536][ T5834] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[  133.625048][ T7043] syz.4.404 (7043) used greatest stack depth: 19440 bytes left
[  133.632856][ T5834] em28xx 1-1:0.132: No AC97 audio processor
[  133.667024][ T5834] usb 1-1: Decoder not found
[  133.671697][ T5834] em28xx 1-1:0.132: failed to create media graph
[  133.688663][   T28] audit: type=1326 audit(1752651786.195:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.2.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  133.717719][ T5834] em28xx 1-1:0.132: V4L2 device video103 deregistered
[  133.737727][ T5979] NILFS (loop4): discard dirty page: offset=0, ino=6
[  133.747919][ T5979] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.763823][ T5834] em28xx 1-1:0.132: Remote control support is not available for this card.
[  133.791898][   T28] audit: type=1326 audit(1752651786.245:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.2.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  133.829189][ T5979] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.840334][ T5979] NILFS (loop4): discard dirty block: blocknr=37, size=1024
[  133.849459][   T23] em28xx 1-1:0.132: Closing input extension
[  133.875372][ T5979] NILFS (loop4): discard dirty block: blocknr=38, size=1024
[  133.883298][   T28] audit: type=1326 audit(1752651786.245:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.2.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  133.918091][ T5979] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  133.934863][   T23] em28xx 1-1:0.132: Freeing device
[  133.977472][   T28] audit: type=1326 audit(1752651786.245:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.2.408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x7ffc0000
[  134.169259][ T7072] loop2: detected capacity change from 0 to 4096
[  134.246071][ T7072] ntfs: volume version 3.1.
[  135.004690][ T7112] loop3: detected capacity change from 0 to 64
[  135.018847][ T7111] capability: warning: `syz.4.427' uses 32-bit capabilities (legacy support in use)
[  135.315868][ T7122] vivid-000: =================  START STATUS  =================
[  135.345532][ T7122] vivid-000: Test Pattern: 75% Colorbar
[  135.363905][ T7122] vivid-000: Fill Percentage of Frame: 100
[  135.378546][ T7122] vivid-000: Horizontal Movement: No Movement
[  135.413025][ T7122] vivid-000: Vertical Movement: No Movement
[  135.431821][ T7122] vivid-000: OSD Text Mode: All
[  135.436856][ T7122] vivid-000: Show Border: false
[  135.468501][ T7122] vivid-000: Show Square: false
[  135.478058][ T7122] vivid-000: Sensor Flipped Horizontally: false
[  135.487248][ T7122] vivid-000: Sensor Flipped Vertically: false
[  135.493964][ T7122] vivid-000: Insert SAV Code in Image: false
[  135.500016][ T7122] vivid-000: Insert EAV Code in Image: false
[  135.521320][ T7122] vivid-000: Insert Video Guard Band: false
[  135.538191][ T7122] vivid-000: Reduced Framerate: false
[  135.548314][ T7122] vivid-000: Enable Capture Cropping: true
[  135.561844][ T7122] vivid-000: Enable Capture Composing: true
[  135.572151][ T7122] vivid-000: Enable Capture Scaler: true
[  135.577890][ T7122] vivid-000: Timestamp Source: End of Frame
[  135.601879][ T7122] vivid-000: Colorspace: sRGB
[  135.621849][ T7122] vivid-000: Transfer Function: Default
[  135.640846][ T7122] vivid-000: Y'CbCr Encoding: Default
[  135.664851][ T7122] vivid-000: HSV Encoding: Hue 0-179
[  135.688238][ T7122] vivid-000: Quantization: Default
[  135.702067][ T7122] vivid-000: Apply Alpha To Red Only: false
[  135.708142][ T7122] vivid-000: Standard Aspect Ratio: 4x3
[  135.749128][ T7131] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  135.762390][ T7122] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  135.771009][ T7122] vivid-000: DV Timings: 640x480p59 inactive
[  135.789544][ T7122] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  135.811897][ T7122] vivid-000: Maximum EDID Blocks: 2
[  135.817199][ T7122] vivid-000: Limited RGB Range (16-235): false
[  135.846218][ T7122] vivid-000: Rx RGB Quantization Range: Automatic
[  135.861931][ T7122] vivid-000: Power Present: 0x00000001
[  135.867600][ T7122] tpg source WxH: 320x180 (Y'CbCr)
[  135.887979][ T7122] tpg field: 1
[  135.901986][ T7122] tpg crop: 320x180@0x0
[  135.906221][ T7122] tpg compose: 320x180@0x0
[  135.921900][ T7122] tpg colorspace: 8
[  135.925830][ T7122] tpg transfer function: 0/0
[  135.930475][ T7122] tpg Y'CbCr encoding: 0/0
[  135.951874][ T7122] tpg quantization: 0/0
[  135.956163][ T7122] tpg RGB range: 0/2
[  135.970807][ T7122] vivid-000: ==================  END STATUS  ==================
[  136.276338][ T7117] loop0: detected capacity change from 0 to 32768
[  136.319584][ T7117] XFS: ikeep mount option is deprecated.
[  136.444769][ T7117] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  136.512610][ T7117] XFS (loop0): Ending clean mount
[  136.547790][ T7117] XFS (loop0): Quotacheck needed: Please wait.
[  136.591345][ T7160] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  136.621978][ T7160] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.706737][ T7117] XFS (loop0): Quotacheck: Done.
[  137.046980][ T5788] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  138.113648][ T7201] netlink: 28 bytes leftover after parsing attributes in process `syz.4.453'.
[  138.155774][ T7168] loop3: detected capacity change from 0 to 32768
[  138.209687][ T7201] netlink: 'syz.4.453': attribute type 8 has an invalid length.
[  138.260497][ T7201] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  138.341824][ T7168] ERROR: (device loop3): dbAllocAG: Corrupt dmapctl page
[  138.341824][ T7168] 
[  138.371526][ T7168] ERROR: (device loop3): remounting filesystem as read-only
[  138.436685][ T7210] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.457'.
[  138.477083][ T7210] openvswitch: netlink: Key type 2832 is out of range max 32
[  138.702060][ T7216] netlink: zone id is out of range
[  138.707252][ T7216] netlink: get zone limit has 8 unknown bytes
[  139.521457][ T7214] loop3: detected capacity change from 0 to 32768
[  139.563298][ T7214] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.459 (7214)
[  139.603345][ T7214] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  139.617050][ T7214] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  139.628748][ T7214] BTRFS info (device loop3): force clearing of disk cache
[  139.636933][ T7214] BTRFS info (device loop3): enabling ssd optimizations
[  139.644323][ T7214] BTRFS info (device loop3): using spread ssd allocation scheme
[  139.653202][ T7214] BTRFS info (device loop3): enabling disk space caching
[  139.661214][ T7214] BTRFS info (device loop3): turning on sync discard
[  139.669571][ T7214] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  139.691836][ T7214] BTRFS info (device loop3): use zstd compression, level 3
[  139.700287][ T7214] BTRFS info (device loop3): setting nodatacow, compression disabled
[  139.721909][ T7214] BTRFS info (device loop3): disk space caching is enabled
[  139.979236][ T7214] BTRFS info (device loop3): rebuilding free space tree
[  140.046700][ T7214] BTRFS info (device loop3): disabling free space tree
[  140.062105][ T7214] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  140.081820][ T7214] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  140.132688][ T7268] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  140.150595][ T7268] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  140.352123][ T5793] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  140.376915][ T7273] netlink: 'syz.2.479': attribute type 15 has an invalid length.
[  141.131941][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.491'.
[  141.176647][ T7298] loop3: detected capacity change from 0 to 256
[  141.354472][ T7298] FAT-fs (loop3): Directory bread(block 64) failed
[  141.361136][ T7298] FAT-fs (loop3): Directory bread(block 65) failed
[  141.381911][ T7298] FAT-fs (loop3): Directory bread(block 66) failed
[  141.401852][ T7298] FAT-fs (loop3): Directory bread(block 67) failed
[  141.408614][ T7298] FAT-fs (loop3): Directory bread(block 68) failed
[  141.435545][ T7298] FAT-fs (loop3): Directory bread(block 69) failed
[  141.468557][ T7298] FAT-fs (loop3): Directory bread(block 70) failed
[  141.476061][ T7298] FAT-fs (loop3): Directory bread(block 71) failed
[  141.491978][ T7298] FAT-fs (loop3): Directory bread(block 72) failed
[  141.509736][ T7298] FAT-fs (loop3): Directory bread(block 73) failed
[  141.992043][  T786] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  142.088907][ T7313] loop3: detected capacity change from 0 to 256
[  142.117407][ T7294] loop0: detected capacity change from 0 to 40427
[  142.138784][ T7313] exfat: Deprecated parameter 'utf8'
[  142.152540][ T7294] F2FS-fs (loop0): invalid crc value
[  142.166799][ T7313] exfat: Deprecated parameter 'namecase'
[  142.194907][ T7294] F2FS-fs (loop0): Found nat_bits in checkpoint
[  142.211470][  T786] usb 3-1: Using ep0 maxpacket: 8
[  142.228117][ T7313] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  142.248787][  T786] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.304905][  T786] usb 3-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[  142.331660][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.346688][  T786] usb 3-1: Product: syz
[  142.350962][  T786] usb 3-1: Manufacturer: syz
[  142.381566][  T786] usb 3-1: SerialNumber: syz
[  142.390586][  T786] usb 3-1: config 0 descriptor??
[  142.404702][  T786] cdc_phonet 3-1:0.0: skipping garbage
[  142.414020][  T786] cdc_phonet 3-1:0.0: invalid descriptor buffer length
[  142.431834][  T786] cdc_phonet: probe of 3-1:0.0 failed with error -22
[  142.438766][ T7294] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  142.621451][   T23] usb 3-1: USB disconnect, device number 4
[  142.637294][ T7323] loop3: detected capacity change from 0 to 512
[  142.658631][ T7323] EXT4-fs: Ignoring removed nobh option
[  142.682567][ T7323] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  142.735441][ T7323] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  142.752549][ T7323] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #13: comm syz.3.502: casefold flag without casefold feature
[  142.770521][ T7323] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.502: couldn't read orphan inode 13 (err -117)
[  142.781054][ T7323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.893693][ T7323] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  142.977686][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.420977][ T7345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.512'.
[  143.530324][ T7343] loop3: detected capacity change from 0 to 8192
[  143.586538][ T7343] syz.3.511: attempt to access beyond end of device
[  143.586538][ T7343] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  143.650260][ T7343] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  143.667697][ T7343] FAT-fs (loop3): Filesystem has been set read-only
[  143.719835][ T7343] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  143.753036][ T7343] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  143.833081][ T7352] loop4: detected capacity change from 0 to 4096
[  143.851890][ T7352] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  144.378747][ T7367] CIFS: VFS: Malformed UNC in devname
[  144.387643][ T7369] NILFS (nullb0): couldn't find nilfs on the device
[  144.394651][ T7368] netlink: 'syz.3.524': attribute type 21 has an invalid length.
[  145.412076][ T7389] tmpfs: Unknown parameter 'func'
[  145.454576][ T7376] loop0: detected capacity change from 0 to 32768
[  145.511155][ T7377] loop2: detected capacity change from 0 to 40427
[  145.532849][ T7383] loop4: detected capacity change from 0 to 32768
[  145.540903][ T7377] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  145.540937][ T7376] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  145.604666][ T7377] F2FS-fs (loop2): invalid crc value
[  145.608583][ T7383] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.530 (7383)
[  145.630764][ T7397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.535'.
[  145.640517][ T7377] F2FS-fs (loop2): Found nat_bits in checkpoint
[  145.672572][ T7383] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.715709][ T7383] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  145.777885][ T7383] BTRFS info (device loop4): force clearing of disk cache
[  145.824851][ T7383] BTRFS info (device loop4): enabling ssd optimizations
[  145.849236][ T7383] BTRFS info (device loop4): using spread ssd allocation scheme
[  145.864466][ T7376] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  145.882301][ T7383] BTRFS info (device loop4): enabling disk space caching
[  145.891897][ T7377] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  145.908253][ T7383] BTRFS info (device loop4): turning on sync discard
[  145.931059][ T7383] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  145.978019][ T7376] XFS (loop0): Starting recovery (logdev: internal)
[  145.986853][ T7383] BTRFS info (device loop4): use zstd compression, level 3
[  146.021539][ T7383] BTRFS info (device loop4): setting nodatacow, compression disabled
[  146.055763][ T7383] BTRFS info (device loop4): disk space caching is enabled
[  146.087081][ T7376] XFS (loop0): Ending recovery (logdev: internal)
[  146.242346][ T5788] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  146.269242][ T7383] BTRFS info (device loop4): rebuilding free space tree
[  146.295599][ T7383] BTRFS info (device loop4): disabling free space tree
[  146.342374][ T7383] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  146.379896][ T7383] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  146.755436][ T5979] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.942351][ T7428] loop3: detected capacity change from 0 to 512
[  147.033907][ T7428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  147.056673][ T7436] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615)
[  147.092344][ T7428] ext4 filesystem being mounted at /149/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  147.231619][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  147.503102][ T7449] netlink: 128 bytes leftover after parsing attributes in process `syz.3.545'.
[  147.557129][ T7449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.545'.
[  147.995443][ T7465] loop0: detected capacity change from 0 to 256
[  148.054250][ T7465] FAT-fs (loop0): Directory bread(block 64) failed
[  148.063946][ T7465] FAT-fs (loop0): Directory bread(block 65) failed
[  148.070727][ T7465] FAT-fs (loop0): Directory bread(block 66) failed
[  148.083448][ T7468] loop3: detected capacity change from 0 to 512
[  148.103880][ T7465] FAT-fs (loop0): Directory bread(block 67) failed
[  148.120819][ T7465] FAT-fs (loop0): Directory bread(block 68) failed
[  148.144551][ T7465] FAT-fs (loop0): Directory bread(block 69) failed
[  148.161680][ T7465] FAT-fs (loop0): Directory bread(block 70) failed
[  148.170084][ T7465] FAT-fs (loop0): Directory bread(block 71) failed
[  148.179394][ T7465] FAT-fs (loop0): Directory bread(block 72) failed
[  148.186324][ T7465] FAT-fs (loop0): Directory bread(block 73) failed
[  148.204683][ T7468] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[  148.236635][ T7468] System zones: 1-12
[  148.290249][ T7468] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.557: Directory hole found for htree index block 0
[  148.340001][ T7468] EXT4-fs (loop3): Remounting filesystem read-only
[  148.349911][ T7475] dlm: non-version read from control device 59
[  148.358938][ T7468] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[  148.388726][ T7468] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  148.424064][ T7468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.663577][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.085038][ T7495] loop4: detected capacity change from 0 to 256
[  149.117558][ T7495] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  149.151886][ T5827] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  149.367710][ T5827] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.397039][ T5827] usb 1-1: New USB device found, idVendor=03da, idProduct=2820, bcdDevice=52.3c
[  149.419892][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.495079][ T5827] usb 1-1: config 0 descriptor??
[  149.543474][ T5827] usb 1-1: bad CDC descriptors
[  149.779245][ T5827] usb 1-1: USB disconnect, device number 3
[  150.289621][ T7515] loop2: detected capacity change from 0 to 8192
[  150.325590][ T7515] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  150.353699][ T7520] loop3: detected capacity change from 0 to 1024
[  150.363898][ T7515] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  150.373798][ T7515] REISERFS (device loop2): using ordered data mode
[  150.380394][ T7515] reiserfs: using flush barriers
[  150.390303][ T7515] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  150.410383][ T7515] REISERFS (device loop2): checking transaction log (loop2)
[  150.470878][ T7520] syz.3.582: attempt to access beyond end of device
[  150.470878][ T7520] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  150.512395][ T7520] Buffer I/O error on dev loop3, logical block 100663296, async page read
[  150.562772][ T7520] hfsplus: unable to mark blocks free: error -5
[  150.591886][ T7520] hfsplus: can't free extent
[  150.611144][ T7515] REISERFS (device loop2): Using tea hash to sort names
[  150.646445][ T7515] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  150.973353][ T7528] bridge1: entered promiscuous mode
[  151.112668][ T5834] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  151.308669][ T7538] loop0: detected capacity change from 0 to 4096
[  151.325865][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  151.344952][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.372544][ T5834] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00
[  151.386773][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.406981][ T5834] usb 4-1: config 0 descriptor??
[  151.417668][ T7541] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.427599][ T5834] xbox_remote_probe: endpoint_in message size==0?
[  151.637260][ T5834] usbhid 4-1:0.0: can't add hid device: -71
[  151.651938][ T5834] usbhid: probe of 4-1:0.0 failed with error -71
[  151.678309][ T5834] usb 4-1: USB disconnect, device number 4
[  151.923012][ T7552] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  151.948842][ T7552] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  151.963204][ T7553] loop0: detected capacity change from 0 to 4096
[  151.977427][ T7553] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  152.112507][ T7553] ntfs3: loop0: failed to convert "c46c" to cp861
[  152.355318][ T7561] netdevsim netdevsim3 ªªªªªª: renamed from netdevsim0 (while UP)
[  152.930183][ T7582] tc_dump_action: action bad kind
[  153.362121][   T23] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  153.406311][ T7573] loop0: detected capacity change from 0 to 32768
[  153.504028][ T7573] find_entry called with index >= next_index
[  153.518646][ T7573] find_entry called with index >= next_index
[  153.552795][ T7573] find_entry called with index >= next_index
[  153.614474][ T7600] loop4: detected capacity change from 0 to 16
[  153.619640][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10
[  153.647061][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  153.699887][   T23] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  153.703489][ T7600] erofs: (device loop4): mounted with root inode @ nid 36.
[  153.726303][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.761887][   T23] usb 4-1: Product: syz
[  153.783689][   T23] usb 4-1: Manufacturer: syz
[  153.809757][   T23] usb 4-1: SerialNumber: syz
[  153.838334][   T23] usb 4-1: config 0 descriptor??
[  153.884753][   T23] snd-usb-audio: probe of 4-1:0.0 failed with error -90
[  154.083635][   T23] usb 4-1: USB disconnect, device number 5
[  154.847312][ T5875] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  154.888253][ T7633] netlink: 'syz.0.636': attribute type 15 has an invalid length.
[  155.041976][ T5875] usb 3-1: Using ep0 maxpacket: 32
[  155.062613][ T5875] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.091678][ T5875] usb 3-1: New USB device found, idVendor=061d, idProduct=c170, bcdDevice=ce.6f
[  155.123253][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.167173][ T5875] usb 3-1: Product: syz
[  155.171428][ T5875] usb 3-1: Manufacturer: syz
[  155.177143][ T5875] usb 3-1: SerialNumber: syz
[  155.204118][ T5875] usb 3-1: config 0 descriptor??
[  155.223598][ T5875] quatech2 3-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  155.523848][ T5827] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  155.528593][ T5875] usb 3-1: qt2_attach - failed to power on unit: -71
[  155.545891][ T5875] quatech2: probe of 3-1:0.0 failed with error -71
[  155.559675][ T5875] usb 3-1: USB disconnect, device number 5
[  155.699364][ T7657] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  155.714944][ T5827] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  155.736197][ T5827] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  155.764315][ T5827] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  155.782236][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.813997][ T7645] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  155.846673][ T5827] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  156.192323][ T7668] netlink: 20 bytes leftover after parsing attributes in process `syz.3.652'.
[  156.214039][ T7668] netlink: 56 bytes leftover after parsing attributes in process `syz.3.652'.
[  156.322311][  T786] usb 1-1: USB disconnect, device number 4
[  156.463106][ T7675] loop2: detected capacity change from 0 to 64
[  156.874169][ T7687] loop4: detected capacity change from 0 to 1024
[  156.901160][ T7687] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  156.944052][ T7687] hfsplus: filesystem is marked journaled, leaving read-only.
[  157.346125][ T7703] loop4: detected capacity change from 0 to 512
[  157.385251][ T7703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  157.415994][ T7703] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.514296][ T7703] __quota_error: 14 callbacks suppressed
[  157.514315][ T7703] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  157.553506][ T7703] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  157.602095][ T7703] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.669: Failed to acquire dquot type 0
[  157.687917][ T7714] netlink: 'syz.2.673': attribute type 15 has an invalid length.
[  157.708694][ T5979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  158.548277][ T7744] veth3: entered promiscuous mode
[  158.571871][ T7744] veth3: entered allmulticast mode
[  159.767336][ T7794] loop2: detected capacity change from 0 to 512
[  159.823982][ T7794] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.916592][ T7794] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.944274][ T7794] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.111578][ T7809] process 'syz.4.718' launched './file1' with NULL argv: empty string added
[  160.237069][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.462687][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.722'.
[  160.901410][ T7825] loop0: detected capacity change from 0 to 8192
[  161.003850][ T7829] loop3: detected capacity change from 0 to 4096
[  161.128153][ T7834] netlink: 6 bytes leftover after parsing attributes in process `syz.2.730'.
[  161.183615][ T7834] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  161.374274][ T7836] loop0: detected capacity change from 0 to 4096
[  161.398412][ T7836] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  161.454748][ T7836] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  161.857327][   T28] audit: type=1326 audit(1752651814.475:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  161.901956][   T28] audit: type=1326 audit(1752651814.475:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  161.932082][   T28] audit: type=1326 audit(1752651814.475:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  161.954942][   T28] audit: type=1326 audit(1752651814.475:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  161.978372][ T5827] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  162.004234][   T28] audit: type=1326 audit(1752651814.475:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.0.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  162.181924][ T5827] usb 3-1: Using ep0 maxpacket: 16
[  162.193033][ T5827] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  162.216929][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.240233][ T5827] usb 3-1: Product: syz
[  162.248365][ T5827] usb 3-1: Manufacturer: syz
[  162.253420][ T5827] usb 3-1: SerialNumber: syz
[  162.259753][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.745'.
[  162.270227][ T5827] usb 3-1: config 0 descriptor??
[  162.501099][ T7873] netlink: 64 bytes leftover after parsing attributes in process `syz.0.750'.
[  162.510881][ T5827] speedtch 3-1:0.0: speedtch_bind: data interface not found!
[  162.514574][ T7873] netlink: 64 bytes leftover after parsing attributes in process `syz.0.750'.
[  162.518946][ T5827] speedtch 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  162.657958][ T7879] netlink: 28 bytes leftover after parsing attributes in process `syz.0.752'.
[  162.741417][ T5827] usb 3-1: USB disconnect, device number 6
[  162.831846][   T23] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  162.985327][ T7881] loop0: detected capacity change from 0 to 32768
[  163.011064][ T7881] 
[  163.011064][ T7881]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  163.011064][ T7881] 
[  163.034397][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[  163.045105][   T23] usb 4-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  163.054973][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.067386][   T23] usb 4-1: config 0 descriptor??
[  163.168018][ T5788] 
[  163.168018][ T5788]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  163.168018][ T5788] 
[  163.180071][ T5788] 
[  163.180071][ T5788]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  163.180071][ T5788] 
[  163.356621][   T23] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[  163.366948][ T5985] udevd[5985]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  163.395995][   T23] usb 4-1: USB disconnect, device number 6
[  163.818482][ T7895] loop2: detected capacity change from 0 to 1024
[  164.188680][ T7907] netlink: 288 bytes leftover after parsing attributes in process `syz.2.767'.
[  164.612510][ T7923] dvmrp0: entered allmulticast mode
[  164.883618][ T7933] loop2: detected capacity change from 0 to 64
[  164.998093][ T7933] Trying to free block not in datazone
[  165.018463][ T7938] loop0: detected capacity change from 0 to 256
[  165.195576][ T7938] FAT-fs (loop0): Directory bread(block 64) failed
[  165.208662][ T7938] FAT-fs (loop0): Directory bread(block 65) failed
[  165.217207][ T7938] FAT-fs (loop0): Directory bread(block 66) failed
[  165.241556][ T7938] FAT-fs (loop0): Directory bread(block 67) failed
[  165.266723][ T7938] FAT-fs (loop0): Directory bread(block 68) failed
[  165.278678][ T7938] FAT-fs (loop0): Directory bread(block 69) failed
[  165.293176][ T7938] FAT-fs (loop0): Directory bread(block 70) failed
[  165.300589][ T7945] loop3: detected capacity change from 0 to 64
[  165.310733][ T7938] FAT-fs (loop0): Directory bread(block 71) failed
[  165.322029][ T7938] FAT-fs (loop0): Directory bread(block 72) failed
[  165.328620][ T7938] FAT-fs (loop0): Directory bread(block 73) failed
[  166.167602][ T7972] loop3: detected capacity change from 0 to 512
[  166.263349][ T7972] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.292464][ T7977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.798'.
[  166.339205][ T7972] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.470392][ T7972] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  166.557890][ T7987] loop2: detected capacity change from 0 to 1024
[  166.576720][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.718058][   T28] audit: type=1326 audit(1752651819.335:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.3.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ffc0000
[  166.814391][   T28] audit: type=1326 audit(1752651819.335:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.3.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ffc0000
[  166.898405][   T28] audit: type=1326 audit(1752651819.355:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.3.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f933098e929 code=0x7ffc0000
[  166.963340][   T28] audit: type=1326 audit(1752651819.355:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.3.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ffc0000
[  166.996640][   T28] audit: type=1326 audit(1752651819.355:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.3.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ffc0000
[  167.170434][ T8003] comedi comedi0: ni_at_a2150: I/O port conflict (0xf2,28)
[  167.187908][ T8004] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  167.569396][ T8015] netlink: 14601 bytes leftover after parsing attributes in process `syz.2.817'.
[  167.739632][ T8021] vivid-001: =================  START STATUS  =================
[  167.747475][ T8021] vivid-001: RDS Tx I/O Mode: Controls
[  167.755348][ T8021] vivid-001: RDS Program ID: 32904
[  167.760682][ T8021] vivid-001: RDS Program Type: 3
[  167.766190][ T8021] vivid-001: RDS PS Name: VIVID-TX
[  167.771382][ T8021] vivid-001: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  167.774733][ T8019] loop4: detected capacity change from 0 to 2048
[  167.782113][ T8021] vivid-001: RDS Stereo: true
[  167.794008][ T8021] vivid-001: RDS Artificial Head: false
[  167.799628][ T8021] vivid-001: RDS Compressed: false
[  167.840966][ T8021] vivid-001: RDS Dynamic PTY: false
[  167.857203][ T8021] vivid-001: RDS Traffic Announcement: false
[  167.864824][ T8019] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.879361][ T8021] vivid-001: RDS Traffic Program: true
[  167.885719][ T8019] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.896516][ T8021] vivid-001: RDS Music: true
[  167.901179][ T8021] vivid-001: ==================  END STATUS  ==================
[  167.940640][ T8019] EXT4-fs error (device loop4): __ext4_new_inode:1075: comm syz.4.819: reserved inode found cleared - inode=1
[  168.079575][ T7997] loop3: detected capacity change from 0 to 32768
[  168.113077][ T5979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.160160][ T7997] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  168.407636][ T8044] program syz.2.825 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.419030][ T7997] XFS (loop3): Ending clean mount
[  168.469160][ T7997] XFS (loop3): Quotacheck needed: Please wait.
[  168.618058][ T7997] XFS (loop3): Quotacheck: Done.
[  168.869094][ T5793] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  169.572513][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.842'.
[  169.980116][ T8088] loop3: detected capacity change from 0 to 128
[  169.995239][ T8089] loop0: detected capacity change from 0 to 512
[  170.012300][ T8088] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  170.052914][ T8088] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: writeback.
[  170.140520][ T8089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.154194][ T8089] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.173001][ T8088] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.848: checksumming directory block 0
[  170.225380][ T8075] loop4: detected capacity change from 0 to 32768
[  170.254104][ T8089] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  170.282908][ T5793] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.384042][ T8097] loop2: detected capacity change from 0 to 64
[  170.474179][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.731953][ T8105] program syz.0.852 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.877342][ T8109] loop2: detected capacity change from 0 to 64
[  171.228399][ T8117] loop2: detected capacity change from 0 to 64
[  171.377852][ T8119] loop4: detected capacity change from 0 to 512
[  171.397811][ T8121] sctp: [Deprecated]: syz.0.869 (pid 8121) Use of int in maxseg socket option.
[  171.397811][ T8121] Use struct sctp_assoc_value instead
[  171.469047][ T8119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.504432][ T8119] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.631462][ T8119] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  171.828153][ T5979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.084420][ T8145] loop0: detected capacity change from 0 to 256
[  172.815264][ T8161] loop0: detected capacity change from 0 to 1024
[  172.852008][ T8163] Illegal XDP return value 8 on prog  (id 51) dev N/A, expect packet loss!
[  172.852060][ T8161] hfsplus: request for non-existent node 211 in B*Tree
[  172.882086][ T8161] hfsplus: request for non-existent node 211 in B*Tree
[  172.933299][ T8147] loop3: detected capacity change from 0 to 32768
[  173.013449][ T8147] JBD2: Ignoring recovery information on journal
[  173.127287][ T8151] loop4: detected capacity change from 0 to 32768
[  173.173725][ T8147] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  173.209074][ T8151] 
[  173.209074][ T8151]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.209074][ T8151] 
[  173.336413][ T8151] 
[  173.336413][ T8151]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.336413][ T8151] 
[  173.348103][ T8147] OCFS2: ERROR (device loop3): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 73 has 4294901761 used bits but only 0 total
[  173.374258][ T8151] 
[  173.374258][ T8151]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.374258][ T8151] 
[  173.398845][ T8147] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  173.405446][ T8151] 
[  173.405446][ T8151]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.405446][ T8151] 
[  173.421966][ T8147] OCFS2: File system is now read-only.
[  173.427493][ T8147] (syz.3.874,8147,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[  173.461903][ T8147] (syz.3.874,8147,0):ocfs2_claim_metadata:2008 ERROR: status = -30
[  173.469903][ T8147] (syz.3.874,8147,0):ocfs2_claim_metadata:2021 ERROR: status = -30
[  173.477177][  T110] 
[  173.477177][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.477177][  T110] 
[  173.493943][ T8147] (syz.3.874,8147,0):ocfs2_dx_dir_attach_index:2330 ERROR: status = -30
[  173.524170][ T8147] (syz.3.874,8147,0):ocfs2_expand_inline_dir:3023 ERROR: status = -30
[  173.547744][ T8147] (syz.3.874,8147,0):ocfs2_extend_dir:3205 ERROR: status = -30
[  173.564188][ T8147] (syz.3.874,8147,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30
[  173.584252][ T8147] (syz.3.874,8147,0):ocfs2_mknod:298 ERROR: status = -30
[  173.591373][ T8147] (syz.3.874,8147,0):ocfs2_mknod:502 ERROR: status = -30
[  173.599687][ T8147] (syz.3.874,8147,1):ocfs2_mkdir:659 ERROR: status = -30
[  173.663312][ T8147] syz.3.874 (8147) used greatest stack depth: 18736 bytes left
[  173.710824][ T5979] 
[  173.710824][ T5979]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.710824][ T5979] 
[  173.718010][ T5793] ocfs2: Unmounting device (7,3) on (node local)
[  173.786215][ T5979] 
[  173.786215][ T5979]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  173.786215][ T5979] 
[  173.984438][ T8168] loop0: detected capacity change from 0 to 64
[  174.154300][ T8171] loop3: detected capacity change from 0 to 512
[  174.177768][ T8171] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  174.195783][ T8171] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  174.255828][ T8171] EXT4-fs (loop3): 1 truncate cleaned up
[  174.288342][ T8171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.581328][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.211335][ T8203] loop2: detected capacity change from 0 to 128
[  175.269505][ T8203] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  175.313661][ T8203] ext4 filesystem being mounted at /286/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  175.391427][ T8183] loop0: detected capacity change from 0 to 32768
[  175.398234][ T8203] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 4294967295 (only 1 groups)
[  175.425863][ T8183] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.889 (8183)
[  175.461669][ T8183] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  175.461896][ T8183] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  175.461938][ T8183] BTRFS info (device loop0): setting nodatacow, compression disabled
[  175.461999][ T8183] BTRFS info (device loop0): max_inline at 0
[  175.462022][ T8183] BTRFS info (device loop0): enabling disk space caching
[  175.462043][ T8183] BTRFS info (device loop0): turning off barriers
[  175.462060][ T8183] BTRFS info (device loop0): turning on flush-on-commit
[  175.462084][ T8183] BTRFS info (device loop0): doing ref verification
[  175.462106][ T8183] BTRFS info (device loop0): force clearing of disk cache
[  175.462127][ T8183] BTRFS info (device loop0): enabling ssd optimizations
[  175.462180][ T8183] BTRFS info (device loop0): max_inline at 4096
[  175.462200][ T8183] BTRFS info (device loop0): disk space caching is enabled
[  175.480811][ T5791] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  175.636248][ T8183] BTRFS info (device loop0): auto enabling async discard
[  175.738340][ T8183] BTRFS info (device loop0): rebuilding free space tree
[  175.812839][ T8183] BTRFS info (device loop0): disabling free space tree
[  175.831056][ T8183] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  175.851496][ T8183] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  176.125441][ T5788] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.458768][ T8279] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  177.549060][ T8282] loop0: detected capacity change from 0 to 64
[  177.817259][ T8288] loop2: detected capacity change from 0 to 1764
[  177.918011][ T8288] iso9660: Corrupted directory entry in block 2 of inode 1920
[  178.757164][ T8315] loop0: detected capacity change from 0 to 4096
[  178.788762][ T8315] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  179.016405][ T8325] loop4: detected capacity change from 0 to 16
[  179.053617][ T8325] erofs: (device loop4): mounted with root inode @ nid 36.
[  179.123921][ T8323] loop2: detected capacity change from 0 to 4096
[  179.131365][ T8323] EXT4-fs: inline encryption not supported
[  179.165519][ T8325] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  179.219197][ T8323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.249505][ T8325] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36
[  179.268838][ T8325] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 72 of nid 36
[  179.394433][ T8307] loop3: detected capacity change from 0 to 32768
[  179.474628][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.492285][ T8307] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  179.515936][ T8338] netlink: 60 bytes leftover after parsing attributes in process `syz.4.955'.
[  179.572985][ T8338] unsupported nlmsg_type 40
[  179.701547][ T8343] loop2: detected capacity change from 0 to 1764
[  179.759837][ T8343] iso9660: Corrupted directory entry in block 2 of inode 1920
[  179.883082][ T8307] XFS (loop3): Ending clean mount
[  179.910734][ T8307] XFS (loop3): Quotacheck needed: Please wait.
[  179.943985][ T8347] loop4: detected capacity change from 0 to 16
[  179.982736][ T8347] erofs: (device loop4): mounted with root inode @ nid 36.
[  180.006557][ T8345] loop0: detected capacity change from 0 to 4096
[  180.029752][ T8307] XFS (loop3): Quotacheck: Done.
[  180.057163][ T8347] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  180.097119][ T8347] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535
[  180.119131][ T8347] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 134215752 of nid 36
[  180.136334][ T8345] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  180.322040][ T5793] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  180.371676][ T8353] netlink: 'syz.4.961': attribute type 1 has an invalid length.
[  180.402127][ T8353] netlink: 220 bytes leftover after parsing attributes in process `syz.4.961'.
[  180.657466][ T8355] loop2: detected capacity change from 0 to 4096
[  181.219535][ T8375] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  181.357912][ T8381] loop2: detected capacity change from 0 to 64
[  181.428399][ T8377] loop0: detected capacity change from 0 to 4096
[  181.461898][ T8377] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  181.519317][ T8377] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  181.811876][ T8389] loop3: detected capacity change from 0 to 512
[  181.857163][ T8387] loop2: detected capacity change from 0 to 4096
[  181.863831][ T8389] EXT4-fs: journaled quota format not specified
[  181.904252][ T8387] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  182.243234][ T8387] ntfs3: loop2: ino=0, attr_set_size
[  182.250010][ T8387] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  182.695579][ T8412] loop2: detected capacity change from 0 to 2048
[  182.701066][ T8414] netlink: 'syz.0.991': attribute type 3 has an invalid length.
[  182.771662][ T8418] bridge_slave_0: left allmulticast mode
[  182.789964][ T8418] bridge_slave_0: left promiscuous mode
[  182.810638][ T8418] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.835045][ T8412] Alternate GPT is invalid, using primary GPT.
[  182.848083][ T8412]  loop2: p2 p3 p7
[  182.869738][ T8418] bridge_slave_1: left allmulticast mode
[  182.888179][ T8418] bridge_slave_1: left promiscuous mode
[  182.908766][ T8418] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.032322][ T8418] bond0: (slave bond_slave_0): Releasing backup interface
[  183.173167][ T8418] bond0: (slave bond_slave_1): Releasing backup interface
[  183.290720][ T8418] team0: Port device team_slave_0 removed
[  183.331948][ T8431] syz.3.999 (8431): /proc/8430/oom_adj is deprecated, please use /proc/8430/oom_score_adj instead.
[  183.348831][ T5987] udevd[5987]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  183.376816][ T5781] udevd[5781]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  183.405077][ T5925] udevd[5925]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  183.437686][ T8418] team0: Port device team_slave_1 removed
[  183.463818][ T8418] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.485257][ T8418] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.532416][ T8418] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.563038][ T8418] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.800749][ T8444] loop3: detected capacity change from 0 to 256
[  183.860799][ T8444] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  183.875535][ T8446] loop4: detected capacity change from 0 to 1764
[  183.983723][ T8446] iso9660: Corrupted directory entry in block 2 of inode 1920
[  184.018208][    C1] sd 0:0:1:0: [sda] tag#1106 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  184.018273][    C1] sd 0:0:1:0: [sda] tag#1106 CDB: Read(6) 08 00 9f d1 fe de
[  184.303314][ T8458] loop3: detected capacity change from 0 to 64
[  184.896823][ T8481] loop4: detected capacity change from 0 to 256
[  185.022852][ T8481] FAT-fs (loop4): Directory bread(block 64) failed
[  185.029494][ T8481] FAT-fs (loop4): Directory bread(block 65) failed
[  185.043223][ T8481] FAT-fs (loop4): Directory bread(block 66) failed
[  185.049798][ T8481] FAT-fs (loop4): Directory bread(block 67) failed
[  185.093911][ T8481] FAT-fs (loop4): Directory bread(block 68) failed
[  185.131047][ T8481] FAT-fs (loop4): Directory bread(block 69) failed
[  185.176576][   T28] audit: type=1326 audit(1752651837.785:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.199279][ T8481] FAT-fs (loop4): Directory bread(block 70) failed
[  185.211115][ T8481] FAT-fs (loop4): Directory bread(block 71) failed
[  185.227504][ T8481] FAT-fs (loop4): Directory bread(block 72) failed
[  185.246612][   T28] audit: type=1326 audit(1752651837.785:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.269236][ T8481] FAT-fs (loop4): Directory bread(block 73) failed
[  185.326636][   T28] audit: type=1326 audit(1752651837.785:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.375212][   T28] audit: type=1326 audit(1752651837.785:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.442997][   T28] audit: type=1326 audit(1752651837.785:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.503248][   T28] audit: type=1326 audit(1752651837.785:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.538206][   T28] audit: type=1326 audit(1752651837.785:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.561281][   T28] audit: type=1326 audit(1752651837.785:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.586032][   T28] audit: type=1326 audit(1752651837.785:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.629744][   T28] audit: type=1326 audit(1752651837.785:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8487 comm="syz.3.1025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f933098e929 code=0x7ff00000
[  185.805377][ T8502] loop4: detected capacity change from 0 to 164
[  185.820013][ T8502] rock: directory entry would overflow storage
[  185.827665][ T8502] rock: sig=0x5245, size=8, remaining=3
[  186.241667][ T8510] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1035'.
[  186.707822][ T8500] loop0: detected capacity change from 0 to 32768
[  186.743601][ T8500] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.1030 (8500)
[  186.809415][ T8500] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  186.842944][ T8500] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  186.898630][ T8500] BTRFS info (device loop0): force zlib compression, level 3
[  186.927376][ T8500] BTRFS info (device loop0): force clearing of disk cache
[  186.940342][ T8500] BTRFS info (device loop0): setting nodatasum
[  186.967325][ T8500] BTRFS info (device loop0): doing ref verification
[  187.002055][ T8500] BTRFS info (device loop0): allowing degraded mounts
[  187.017059][ T8500] BTRFS info (device loop0): enabling disk space caching
[  187.055683][ T8500] BTRFS info (device loop0): disk space caching is enabled
[  187.104183][ T8529] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  187.167559][ T8529] bond1: entered promiscuous mode
[  187.181964][ T8529] bond1: entered allmulticast mode
[  187.192997][ T8529] 8021q: adding VLAN 0 to HW filter on device bond1
[  187.337722][ T8500] BTRFS info (device loop0): enabling ssd optimizations
[  187.361991][ T8500] BTRFS info (device loop0): auto enabling async discard
[  187.398540][ T8500] BTRFS info (device loop0): rebuilding free space tree
[  187.465971][ T8500] BTRFS info (device loop0): disabling free space tree
[  187.497235][ T8500] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  187.537742][ T8500] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  187.665634][ T8500] BTRFS info (device loop0): balance: start -sprofiles=system|metadata|single|raid0|raid1|dup|raid10|raid5|raid6|raid1c3|raid1c4|0xfffefffffffff800,usage=0..0,drange=65536..70368744177664,vrange=25207..4294967295,limit=0..81917
[  187.723097][ T8500] BTRFS info (device loop0): balance: ended with status: 0
[  187.870881][ T5788] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  188.033357][ T8563] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1052'.
[  188.418548][ T8575] loop3: detected capacity change from 0 to 1024
[  188.625345][ T8575] syz.3.1056: attempt to access beyond end of device
[  188.625345][ T8575] loop3: rw=0, sector=393308, nr_sectors = 2 limit=1024
[  188.952866][ T8589] Unsupported ieee802154 address type: 0
[  189.030540][ T8593] loop0: detected capacity change from 0 to 24
[  189.063151][ T8593] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  189.126501][ T8593] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  189.229931][ T8593] romfs: read error for inode 0x70040
[  189.233393][ T8597] bridge_slave_0: left allmulticast mode
[  189.241444][ T8597] bridge_slave_0: left promiscuous mode
[  189.269131][ T8597] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.295600][ T8597] bridge_slave_1: left allmulticast mode
[  189.309475][ T8597] bridge_slave_1: left promiscuous mode
[  189.316950][ T8597] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.365448][ T8597] bond0: (slave bond_slave_0): Releasing backup interface
[  189.428020][ T8597] bond0: (slave bond_slave_1): Releasing backup interface
[  189.538292][ T8597] team0: Port device team_slave_0 removed
[  189.632262][ T8597] team0: Port device team_slave_1 removed
[  189.653015][ T8597] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.669446][ T8597] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.693640][ T8597] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.726933][ T8597] batman_adv: batadv0: Removing interface: batadv_slave_1
[  190.016680][ T8621] netlink: 160 bytes leftover after parsing attributes in process `syz.4.1080'.
[  190.679237][ T8642] loop2: detected capacity change from 0 to 2048
[  190.713095][ T8642] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  190.758055][ T8642] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  191.228673][ T8636] loop0: detected capacity change from 0 to 32768
[  191.297392][ T8636] JFS: metapage_get_blocks failed
[  191.304424][ T8656] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  191.320100][ T8636] ERROR: (device loop0): release_metapage: metapage_write_one() failed
[  191.320100][ T8636] 
[  191.338678][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1098'.
[  191.367743][ T8636] ERROR: (device loop0): remounting filesystem as read-only
[  191.498671][  T111] blkno = 8ed2c, nblocks = 1
[  191.508003][  T111] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map
[  191.508003][  T111] 
[  191.772593][   T23] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  191.971820][   T23] usb 3-1: Using ep0 maxpacket: 16
[  191.984156][   T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.001071][   T23] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  192.041779][   T23] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  192.080846][   T23] usb 3-1: config 0 interface 0 has no altsetting 0
[  192.101984][   T23] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  192.114962][ T8674] xt_l2tp: v2 sid > 0xffff: 262144
[  192.121417][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.132724][   T23] usb 3-1: Product: syz
[  192.136959][   T23] usb 3-1: Manufacturer: syz
[  192.152560][   T23] usb 3-1: SerialNumber: syz
[  192.169781][   T23] usb 3-1: config 0 descriptor??
[  192.196014][ T8676] loop0: detected capacity change from 0 to 4096
[  192.208605][ T8676] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  192.500858][ T8682] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  192.573659][ T8685] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  192.581484][ T8685] IPv6: NLM_F_CREATE should be set when creating new route
[  192.588903][ T8685] IPv6: NLM_F_CREATE should be set when creating new route
[  192.653210][   T23] usb 3-1: USB disconnect, device number 7
[  193.932264][ T8715] bridge_slave_0: left allmulticast mode
[  193.937995][ T8715] bridge_slave_0: left promiscuous mode
[  193.950044][ T8715] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.987893][ T8715] bridge_slave_1: left allmulticast mode
[  194.001457][ T8715] bridge_slave_1: left promiscuous mode
[  194.013000][ T8715] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.047085][ T8715] bond0: (slave bond_slave_0): Releasing backup interface
[  194.078674][ T8715] bond0: (slave bond_slave_1): Releasing backup interface
[  194.142538][  T786] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  194.176489][ T8715] team0: Port device team_slave_0 removed
[  194.212046][ T8715] team0: Port device team_slave_1 removed
[  194.225230][ T8715] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.235569][ T8715] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.254281][ T8715] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.262289][ T8715] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.322441][ T8723] netlink: 'syz.3.1129': attribute type 10 has an invalid length.
[  194.344075][ T8723] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1129'.
[  194.362105][  T786] usb 1-1: Using ep0 maxpacket: 16
[  194.380369][  T786] usb 1-1: config 0 has an invalid interface number: 237 but max is 0
[  194.399652][  T786] usb 1-1: config 0 has no interface number 0
[  194.412135][ T8727] loop4: detected capacity change from 0 to 4096
[  194.415525][  T786] usb 1-1: config 0 interface 237 has no altsetting 0
[  194.445380][  T786] usb 1-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad
[  194.462153][  T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.480466][  T786] usb 1-1: Product: syz
[  194.490611][  T786] usb 1-1: Manufacturer: syz
[  194.508349][  T786] usb 1-1: SerialNumber: syz
[  194.538289][  T786] usb 1-1: config 0 descriptor??
[  194.557793][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  194.564515][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  194.589458][  T786] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 found
[  194.816144][  T786] snd_usb_podhd 1-1:0.237: cannot get proper max packet size
[  194.843328][  T786] snd_usb_podhd 1-1:0.237: Line 6 POD HD300 now disconnected
[  194.869411][  T786] snd_usb_podhd: probe of 1-1:0.237 failed with error -22
[  195.091415][ T5827] usb 1-1: USB disconnect, device number 5
[  195.107577][ T8745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1141'.
[  195.279904][ T8751] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1143'.
[  195.780914][ T8767] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1152'.
[  195.783254][ T8769] syz.2.1153 uses obsolete (PF_INET,SOCK_PACKET)
[  195.824277][ T8771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1154'.
[  195.856256][ T8771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1154'.
[  196.155112][ T8781] loop2: detected capacity change from 0 to 2048
[  196.256743][ T8781] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=2, rec_len=59, name_len=1
[  196.474956][ T8775] loop0: detected capacity change from 0 to 32768
[  196.500858][ T8775] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  196.545595][ T8775] OCFS2: ERROR (device loop0): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 74 has 8388607 used bits but only 2048 total
[  196.573278][ T8775] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  196.586627][ T8775] OCFS2: File system is now read-only.
[  196.592303][ T8775] (syz.0.1156,8775,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[  196.600927][ T8775] (syz.0.1156,8775,0):ocfs2_claim_new_inode:2216 ERROR: status = -30
[  196.609205][ T8775] (syz.0.1156,8775,0):ocfs2_claim_new_inode:2231 ERROR: status = -30
[  196.617533][ T8775] (syz.0.1156,8775,0):ocfs2_mknod_locked:639 ERROR: status = -30
[  196.625461][ T8775] (syz.0.1156,8775,0):ocfs2_mknod:385 ERROR: status = -30
[  196.634606][ T8775] (syz.0.1156,8775,0):ocfs2_mknod:502 ERROR: status = -30
[  196.642483][ T8775] (syz.0.1156,8775,0):ocfs2_create:676 ERROR: status = -30
[  196.754380][ T5788] (syz-executor,5788,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  196.769320][ T8785] loop2: detected capacity change from 0 to 1024
[  196.790374][ T5788] ocfs2: Unmounting device (7,0) on (node local)
[  196.795933][ T8788] loop4: detected capacity change from 0 to 1024
[  196.887657][ T8788] afs: Unexpected value for 'dyn'
[  196.980562][ T1113] hfsplus: b-tree write err: -5, ino 4
[  197.208851][ T8795] ieee802154 phy0 wpan0: encryption failed: -22
[  197.380209][ T8798] bridge_slave_0: left allmulticast mode
[  197.406682][ T8798] bridge_slave_0: left promiscuous mode
[  197.415431][ T8798] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.462163][ T8798] bridge_slave_1: left allmulticast mode
[  197.491891][ T8798] bridge_slave_1: left promiscuous mode
[  197.497930][ T8798] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.607789][ T8798] bond0: (slave bond_slave_0): Releasing backup interface
[  197.644911][ T8798] bond0: (slave bond_slave_1): Releasing backup interface
[  197.745037][ T8798] team0: Port device team_slave_0 removed
[  197.780200][ T8798] team0: Port device team_slave_1 removed
[  197.797429][ T8798] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.809258][ T8798] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.822929][ T8798] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.830496][ T8798] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.079058][ T8816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1174'.
[  198.105276][ T8816] netlink: 'syz.2.1174': attribute type 2 has an invalid length.
[  198.538353][   T28] kauditd_printk_skb: 2373 callbacks suppressed
[  198.538369][   T28] audit: type=1326 audit(1752651851.155:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.0.1183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  198.601794][   T28] audit: type=1326 audit(1752651851.195:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.0.1183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  198.633598][   T28] audit: type=1326 audit(1752651851.195:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.0.1183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  198.664752][   T28] audit: type=1326 audit(1752651851.195:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.0.1183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  198.747660][ T8835] loop4: detected capacity change from 0 to 64
[  199.149679][ T8844] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  199.590742][ T8820] loop3: detected capacity change from 0 to 40427
[  199.593048][ T8858] openvswitch: netlink: Message has 8 unknown bytes.
[  199.617184][ T8820] F2FS-fs (loop3): invalid crc value
[  199.656219][ T8820] F2FS-fs (loop3): Found nat_bits in checkpoint
[  199.836909][ T8867] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1198'.
[  199.848440][ T8820] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  199.857930][ T8867] openvswitch: netlink: Message has 8 unknown bytes.
[  200.102622][ T8875] ieee802154 phy0 wpan0: encryption failed: -22
[  200.673013][ T8886] netlink: 'syz.3.1204': attribute type 10 has an invalid length.
[  200.704089][ T8886] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1204'.
[  200.835678][ T8876] loop4: detected capacity change from 0 to 32768
[  200.897681][ T8876] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.120625][ T8906] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1214'.
[  201.185921][ T8876] XFS (loop4): Ending clean mount
[  201.217256][ T8876] XFS (loop4): Quotacheck needed: Please wait.
[  201.311898][  T786] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  201.324769][ T8876] XFS (loop4): Quotacheck: Done.
[  201.386495][ T8908] sp0: Synchronizing with TNC
[  201.450060][ T8907] [U] è
[  201.511899][  T786] usb 3-1: Using ep0 maxpacket: 16
[  201.524500][ T5979] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.540747][  T786] usb 3-1: config 0 has an invalid descriptor of length 39, skipping remainder of the config
[  201.556284][  T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 32695, setting to 1024
[  201.570937][  T786] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  201.630721][  T786] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  201.647832][ T8912] loop0: detected capacity change from 0 to 128
[  201.683268][  T786] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  201.711080][  T786] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  201.742005][  T786] usb 3-1: Manufacturer: syz
[  201.752640][ T8912] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  201.778435][  T786] usb 3-1: config 0 descriptor??
[  201.787510][ T8912] ext4 filesystem being mounted at /284/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  201.796933][ T8916] loop3: detected capacity change from 0 to 2048
[  201.836896][ T8904] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  201.841543][ T8912] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 25 (only 1 groups)
[  201.917170][ T8916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.952824][ T8916] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.977789][ T8916] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1219: corrupted xattr block 128: bad e_name length
[  202.053376][ T5788] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  202.169160][ T5823] usb 3-1: USB disconnect, device number 8
[  202.205801][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.223974][ T8920] loop4: detected capacity change from 0 to 256
[  202.256480][ T8920] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  202.280220][ T8922] 9pnet: Found fid 0 not clunked
[  203.057773][ T8949] loop0: detected capacity change from 0 to 512
[  203.111329][ T8949] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  203.175030][ T8949] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  203.294012][ T8949] EXT4-fs (loop0): 1 truncate cleaned up
[  203.332194][ T8949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.455509][ T8949] EXT4-fs error (device loop0): ext4_append:79: inode #2: comm syz.0.1233: Logical block already allocated
[  203.577628][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.579142][ T8969] comedi comedi4: bad chanlist[0]=0x00000009 chan=9 range length=2
[  203.786219][ T8975] loop4: detected capacity change from 0 to 1764
[  203.852676][ T8975] iso9660: Corrupted directory entry in block 0 of inode 1792
[  203.962017][ T8978] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1246'.
[  204.497705][ T8968] loop2: detected capacity change from 0 to 32768
[  204.567730][ T8968] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.729732][ T8968] XFS (loop2): Ending clean mount
[  204.903037][ T5791] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.958315][ T9010] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1258'.
[  205.277232][ T8987] loop3: detected capacity change from 0 to 32768
[  205.340770][ T8987] jfs_strtoUCS: char2uni returned -22.
[  205.388852][ T8987] charset = cp949, char = 0xd4
[  205.641797][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1264'.
[  205.653959][ T9024] netlink: 'syz.0.1265': attribute type 1 has an invalid length.
[  205.688733][ T9024] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.1265'.
[  206.021772][ T9034] loop0: detected capacity change from 0 to 1024
[  206.295901][   T12] hfsplus: b-tree write err: -5, ino 4
[  206.745230][ T9046] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  206.871994][ T9008] Bluetooth: hci0: command 0x0406 tx timeout
[  206.878732][ T9008] Bluetooth: hci1: command 0x0406 tx timeout
[  206.885094][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  206.886869][ T9030] loop3: detected capacity change from 0 to 32768
[  206.908384][ T9052] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1279'.
[  207.365055][ T9063] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1285'.
[  207.383892][ T9065] loop2: detected capacity change from 0 to 128
[  207.560513][ T9069] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1288'.
[  207.571331][ T9069] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1288'.
[  207.988913][ T9081] loop4: detected capacity change from 0 to 512
[  208.062720][ T9081] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.141250][ T9081] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  208.323794][ T5979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.507451][ T9096] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  208.575356][ T9072] loop0: detected capacity change from 0 to 32768
[  208.763193][ T9102] binder: 9101:9102 ioctl c0046209 0 returned -22
[  209.255290][ T9116] loop0: detected capacity change from 0 to 4096
[  209.292294][ T9116] NILFS (loop0): mounting unchecked fs
[  209.297840][ T9116] NILFS (loop0): recovery required for readonly filesystem
[  209.365077][ T9116] NILFS (loop0): write access will be enabled during recovery
[  209.409119][ T9116] NILFS (loop0): invalid segment: Checksum error in segment payload
[  209.433529][ T9116] NILFS (loop0): trying rollback from an earlier position
[  209.472498][ T9116] NILFS (loop0): norecovery option specified, skipping roll-forward recovery
[  209.573358][ T9116] NILFS (loop0): couldn't remount because the filesystem is in an incomplete recovery state
[  209.638773][ T9130] loop4: detected capacity change from 0 to 8
[  209.683717][ T9130] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  209.718360][ T5781] udevd[5781]: incorrect cramfs checksum on /dev/loop4
[  209.756469][ T9132] usb usb8: usbfs: process 9132 (syz.2.1317) did not claim interface 0 before use
[  209.840036][ T5781] udevd[5781]: incorrect cramfs checksum on /dev/loop4
[  209.908755][ T9138] loop3: detected capacity change from 0 to 128
[  209.982036][ T9138] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  210.050272][ T9138] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  210.100568][ T9143] netlink: 'syz.0.1323': attribute type 3 has an invalid length.
[  210.339397][ T9146] loop4: detected capacity change from 0 to 764
[  210.444105][ T9146] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  210.505879][ T9146] Symlink component flag not implemented
[  210.531626][ T9146] Symlink component flag not implemented
[  210.558889][ T9146] Symlink component flag not implemented (128)
[  210.591935][ T9146] Symlink component flag not implemented (122)
[  211.461551][ T9182] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1342'.
[  211.986702][   T28] audit: type=1326 audit(1752651864.605:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  212.041065][   T28] audit: type=1326 audit(1752651864.605:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  212.059400][ T9202] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1352'.
[  212.109970][   T28] audit: type=1326 audit(1752651864.645:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  212.214072][   T28] audit: type=1326 audit(1752651864.645:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  212.286271][   T28] audit: type=1326 audit(1752651864.645:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  212.535890][ T9216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1359'.
[  212.568033][ T9184] loop4: detected capacity change from 0 to 32768
[  212.611127][ T9184] ialloc: diAlloc returned -5!
[  212.714648][ T9218] loop0: detected capacity change from 0 to 256
[  212.835026][ T9218] FAT-fs (loop0): Directory bread(block 64) failed
[  212.841663][ T9218] FAT-fs (loop0): Directory bread(block 65) failed
[  212.872002][ T9218] FAT-fs (loop0): Directory bread(block 66) failed
[  212.914175][ T9218] FAT-fs (loop0): Directory bread(block 67) failed
[  212.920892][ T9218] FAT-fs (loop0): Directory bread(block 68) failed
[  212.986116][ T9218] FAT-fs (loop0): Directory bread(block 69) failed
[  212.995730][ T9218] FAT-fs (loop0): Directory bread(block 70) failed
[  213.022905][ T9218] FAT-fs (loop0): Directory bread(block 71) failed
[  213.029698][ T9218] FAT-fs (loop0): Directory bread(block 72) failed
[  213.058118][ T9218] FAT-fs (loop0): Directory bread(block 73) failed
[  213.203441][ T9233] ieee802154 phy0 wpan0: encryption failed: -22
[  213.290178][ T9234] loop2: detected capacity change from 0 to 2048
[  213.411790][ T9236] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  213.538246][ T9234] CPU: 1 PID: 9234 Comm: syz.2.1368 Not tainted 6.6.98-syzkaller #0
[  213.546670][ T9234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.556791][ T9234] Call Trace:
[  213.560116][ T9234]  <TASK>
[  213.563095][ T9234]  dump_stack_lvl+0x16c/0x230
[  213.567842][ T9234]  ? show_regs_print_info+0x20/0x20
[  213.573113][ T9234]  ? kmem_cache_alloc+0x14d/0x2e0
[  213.578185][ T9234]  ? __asan_memset+0x22/0x40
[  213.582833][ T9234]  ? nilfs_btree_alloc_path+0x5e5/0x600
[  213.588445][ T9234]  nilfs_btree_last_key+0x489/0x610
[  213.593710][ T9234]  nilfs_bmap_last_key+0x74/0x120
[  213.598793][ T9234]  nilfs_truncate_bmap+0xff/0x340
[  213.603879][ T9234]  ? nilfs_update_inode+0x1d0/0x1d0
[  213.609134][ T9234]  ? block_truncate_page+0x168/0x9f0
[  213.614480][ T9234]  ? nilfs_inode_sub_blocks+0xe0/0xe0
[  213.619915][ T9234]  nilfs_truncate+0x267/0x4a0
[  213.624661][ T9234]  ? nilfs_write_failed+0xa0/0xa0
[  213.629759][ T9234]  nilfs_setattr+0x211/0x2b0
[  213.634413][ T9234]  ? nilfs_clear_inode+0x280/0x280
[  213.639669][ T9234]  ? is_bad_inode+0xd/0x40
[  213.644147][ T9234]  ? evm_inode_setattr+0x94/0x6a0
[  213.649224][ T9234]  ? bpf_lsm_inode_setattr+0x9/0x10
[  213.654472][ T9234]  ? try_break_deleg+0x79/0x120
[  213.659372][ T9234]  ? nilfs_clear_inode+0x280/0x280
[  213.664549][ T9234]  notify_change+0xb0d/0xe10
[  213.669203][ T9234]  do_truncate+0x19b/0x220
[  213.673679][ T9234]  ? put_page_bootmem+0x2c0/0x2c0
[  213.678772][ T9234]  ? apparmor_file_truncate+0x23f/0x2d0
[  213.684387][ T9234]  ? ima_bprm_check+0x1f0/0x1f0
[  213.689302][ T9234]  path_openat+0x298c/0x3190
[  213.693991][ T9234]  ? do_filp_open+0x3d0/0x3d0
[  213.698751][ T9234]  do_filp_open+0x1c5/0x3d0
[  213.703308][ T9234]  ? vfs_tmpfile+0x490/0x490
[  213.707988][ T9234]  ? _raw_spin_unlock+0x28/0x40
[  213.712891][ T9234]  ? alloc_fd+0x58f/0x630
[  213.717303][ T9234]  do_sys_openat2+0x12c/0x1c0
[  213.722048][ T9234]  ? do_sys_open+0xe0/0xe0
[  213.726691][ T9234]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  213.732739][ T9234]  ? lock_chain_count+0x20/0x20
[  213.737648][ T9234]  __x64_sys_creat+0x90/0xb0
[  213.742328][ T9234]  do_syscall_64+0x55/0xb0
[  213.746808][ T9234]  ? clear_bhb_loop+0x40/0x90
[  213.751542][ T9234]  ? clear_bhb_loop+0x40/0x90
[  213.756284][ T9234]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  213.762235][ T9234] RIP: 0033:0x7fd72e18e929
[  213.766728][ T9234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.786478][ T9234] RSP: 002b:00007fd72f0ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  213.795040][ T9234] RAX: ffffffffffffffda RBX: 00007fd72e3b5fa0 RCX: 00007fd72e18e929
[  213.803067][ T9234] RDX: 0000000000000000 RSI: 0000000000000020 RDI: 0000200000000100
[  213.811096][ T9234] RBP: 00007fd72e210b39 R08: 0000000000000000 R09: 0000000000000000
[  213.819125][ T9234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.827151][ T9234] R13: 0000000000000000 R14: 00007fd72e3b5fa0 R15: 00007ffce21c1668
[  213.835197][ T9234]  </TASK>
[  213.842047][ T9234] NILFS (loop2): btree level mismatch (ino=16): 1 != 7
[  213.852896][ T9234] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16)
[  213.870073][ T9246] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1372'.
[  213.879231][ T9246] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1372'.
[  213.952626][ T9234] Remounting filesystem read-only
[  213.957767][ T9234] NILFS (loop2): error -5 truncating bmap (ino=16)
[  214.072487][ T5791] NILFS (loop2): discard dirty page: offset=4096, ino=6
[  214.079525][ T5791] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[  214.110197][ T5791] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  214.120131][ T5791] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  214.136972][ T5791] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  214.149007][ T5791] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  214.269464][ T9254] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.427596][ T5875] kernel write not supported for file /660/net/ip6_tables_matches (pid: 5875 comm: kworker/0:5)
[  214.873296][ T9281] loop2: detected capacity change from 0 to 1024
[  214.966919][ T9281] hfsplus: bad catalog entry used to create inode
[  215.053323][ T9287] netlink: 'syz.0.1393': attribute type 1 has an invalid length.
[  215.061215][ T9287] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1393'.
[  215.124371][   T11] hfsplus: b-tree write err: -5, ino 4
[  215.202121][ T9291] netlink: 'syz.3.1394': attribute type 6 has an invalid length.
[  215.350514][ T9295] warning: `syz.0.1397' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  215.480846][ T9299] loop3: detected capacity change from 0 to 4096
[  215.507927][ T9299] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  215.653786][   T28] audit: type=1326 audit(1752651868.275:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9304 comm="syz.0.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  215.709092][   T28] audit: type=1326 audit(1752651868.275:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9304 comm="syz.0.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  215.735775][ T9299] ntfs3: loop3: failed to convert "c46c" to iso8859-3
[  215.769177][   T28] audit: type=1326 audit(1752651868.305:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9304 comm="syz.0.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  215.862684][   T28] audit: type=1326 audit(1752651868.355:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9304 comm="syz.0.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  215.921812][   T28] audit: type=1326 audit(1752651868.355:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9304 comm="syz.0.1402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee278e929 code=0x7ffc0000
[  216.173985][ T9319] loop2: detected capacity change from 0 to 64
[  216.254142][ T9321] tunl0: entered promiscuous mode
[  216.295467][ T9321] netlink: 'syz.3.1409': attribute type 4 has an invalid length.
[  216.317236][ T9321] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1409'.
[  216.449184][ T9329] netlink: 'syz.3.1414': attribute type 3 has an invalid length.
[  216.461992][ T9329] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1414'.
[  217.112942][ T5834] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  217.300876][ T9359] PKCS7: Unknown OID: [4] 0.0
[  217.307256][ T9359] PKCS7: Only support pkcs7_signedData type
[  217.313822][ T5834] usb 3-1: Using ep0 maxpacket: 32
[  217.333577][ T5834] usb 3-1: config 9 has an invalid interface number: 255 but max is 0
[  217.351937][ T5834] usb 3-1: config 9 has no interface number 0
[  217.362667][ T5834] usb 3-1: config 9 interface 255 has no altsetting 0
[  217.389902][ T5834] usb 3-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=49.59
[  217.411655][ T5834] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.420107][ T5834] usb 3-1: Product: syz
[  217.426781][ T5834] usb 3-1: Manufacturer: syz
[  217.431439][ T5834] usb 3-1: SerialNumber: syz
[  217.490704][ T9353] loop0: detected capacity change from 0 to 32768
[  217.507443][ T9353] (syz.0.1425,9353,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  217.522667][ T9353] (syz.0.1425,9353,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  217.549917][ T9353] JBD2: Ignoring recovery information on journal
[  217.611561][ T9353] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  217.676815][ T5834] gspca_main: sonixb-2.14.0 probing 0c45:60a8
[  217.733824][ T5834] sonixb 3-1:9.255: Error reading register 00: -71
[  217.768744][ T5834] usb 3-1: USB disconnect, device number 9
[  217.796963][ T5788] ocfs2: Unmounting device (7,0) on (node local)
[  217.917582][ T9367] loop0: detected capacity change from 0 to 256
[  217.970449][ T9367] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  218.068930][ T9365] loop4: detected capacity change from 0 to 4096
[  218.090924][ T9365] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  218.217578][ T9365] ntfs3: loop4: failed to convert "c46c" to iso8859-3
[  218.709876][ T9363] loop3: detected capacity change from 0 to 32768
[  218.736453][ T9363] (syz.3.1431,9363,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  218.761231][ T9363] (syz.3.1431,9363,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  218.778844][ T9379] loop2: detected capacity change from 0 to 2048
[  218.828299][ T9379] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  218.864631][ T9363] JBD2: Ignoring recovery information on journal
[  218.989963][ T9363] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  219.033729][ T9383] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  219.044827][ T9379] syz.2.1438: attempt to access beyond end of device
[  219.044827][ T9379] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  219.183064][ T9379] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=104, inode=16, rec_len=1816, name_len=0
[  219.226884][ T9379] Remounting filesystem read-only
[  219.342880][ T5793] ocfs2: Unmounting device (7,3) on (node local)
[  219.389912][ T9392] loop0: detected capacity change from 0 to 256
[  220.323977][ T9422] loop3: detected capacity change from 0 to 512
[  220.398376][ T9422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.430200][ T9422] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.522395][ T9422] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1459: corrupted xattr block 33: invalid ea_ino
[  220.614305][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.101812][   T28] audit: type=1326 audit(1752651873.715:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.143090][   T28] audit: type=1326 audit(1752651873.715:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.211782][   T28] audit: type=1326 audit(1752651873.715:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.236401][   T28] audit: type=1326 audit(1752651873.715:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.278034][   T28] audit: type=1326 audit(1752651873.715:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.331909][   T28] audit: type=1326 audit(1752651873.715:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.382539][   T28] audit: type=1326 audit(1752651873.715:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.441462][   T28] audit: type=1326 audit(1752651873.715:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.491988][   T28] audit: type=1326 audit(1752651873.715:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.492042][   T28] audit: type=1326 audit(1752651873.715:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.2.1471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72e18e929 code=0x50000
[  221.514670][    C0] vkms_vblank_simulate: vblank timer overrun
[  221.599233][    C0] vkms_vblank_simulate: vblank timer overrun
[  221.667779][ T9467] loop0: detected capacity change from 0 to 1764
[  222.182038][ T5835] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  222.231785][ T5790] Bluetooth: hci3: command 0x0406 tx timeout
[  222.414147][ T5835] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  222.427011][ T5835] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  222.441568][ T5835] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  222.461153][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  222.470431][ T5835] usb 1-1: SerialNumber: syz
[  222.715021][ T5835] usb 1-1: 0:2 : does not exist
[  222.740516][ T5835] usb 1-1: unit 5 not found!
[  222.767033][ T5835] usb 1-1: USB disconnect, device number 6
[  222.863264][ T5985] udevd[5985]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  223.261791][   T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  223.452206][   T23] usb 4-1: Using ep0 maxpacket: 8
[  223.469786][   T23] usb 4-1: unable to get BOS descriptor or descriptor too short
[  223.479620][   T23] usb 4-1: config 8 has an invalid interface number: 61 but max is 2
[  223.502316][   T23] usb 4-1: config 8 has 1 interface, different from the descriptor's value: 3
[  223.523354][   T23] usb 4-1: config 8 has no interface number 0
[  223.529542][   T23] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0
[  223.551577][   T23] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0
[  223.573096][   T23] usb 4-1: config 8 interface 61 has no altsetting 0
[  223.584211][   T23] usb 4-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f
[  223.594086][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.602641][   T23] usb 4-1: Product: syz
[  223.608512][   T23] usb 4-1: Manufacturer: syz
[  223.617479][   T23] usb 4-1: SerialNumber: syz
[  223.879273][   T23] bfusb: probe of 4-1:8.61 failed with error -5
[  223.933800][   T23] usb 4-1: USB disconnect, device number 7
[  224.272244][ T5834] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  224.471966][ T5834] usb 1-1: Using ep0 maxpacket: 8
[  224.484548][ T5834] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  224.504705][ T5834] usb 1-1: config 179 has no interface number 0
[  224.516485][ T5834] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  224.557042][ T5834] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  224.569953][ T5834] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  224.593365][ T5834] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  224.603871][ T5834] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  224.625459][ T5834] usb 1-1: config 179 interface 65 has no altsetting 0
[  224.635886][ T5834] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  224.663905][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.760413][ T5834] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input9
[  224.807280][ T9529] netlink: 'syz.4.1508': attribute type 5 has an invalid length.
[  225.133968][   T23] usb 1-1: USB disconnect, device number 7
[  225.139987][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  225.163268][   T23] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  225.408273][ T9549] loop3: detected capacity change from 0 to 8
[  225.503648][ T9549] SQUASHFS error: xz decompression failed, data probably corrupt
[  225.512673][ T9549] SQUASHFS error: Failed to read block 0x108: -5
[  225.532593][ T9549] SQUASHFS error: Unable to read metadata cache entry [106]
[  225.539972][ T9549] SQUASHFS error: Unable to read inode 0x11f
[  225.981800][   T23] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  226.052338][ T9551] loop2: detected capacity change from 0 to 32768
[  226.126417][   T28] kauditd_printk_skb: 5139 callbacks suppressed
[  226.126434][   T28] audit: type=1800 audit(1752651878.745:7574): pid=9551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1520" name="bus" dev="loop2" ino=7 res=0 errno=0
[  226.205157][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  226.220353][   T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  226.262188][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33119, setting to 1024
[  226.287995][   T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  226.313567][   T23] usb 4-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[  226.353169][   T23] usb 4-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[  226.361410][   T23] usb 4-1: Manufacturer: syz
[  226.395331][   T23] usb 4-1: config 0 descriptor??
[  226.401367][ T9549] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  226.432061][ T9574] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1532'.
[  226.435057][   T23] smsusb:smsusb_probe: board id=9, interface number 0
[  226.474963][   T23] smsusb:siano_media_device_register: media controller created
[  226.486558][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.493951][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.501315][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.508658][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.515991][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.526754][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.534385][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.541712][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.549023][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.555139][ T9576] loop4: detected capacity change from 0 to 512
[  226.556364][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.571751][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.579099][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.586401][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.593673][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.601865][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.609194][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.616504][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.623800][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.633018][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.652092][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.659446][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.666762][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.674037][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.681679][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.689045][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.696389][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.703774][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.711868][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.719168][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.726474][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.733763][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.741424][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.748770][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.756077][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.763392][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.771097][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.778402][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.785715][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.786703][ T9579] loop0: detected capacity change from 0 to 128
[  226.792987][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.793678][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.814217][ T9576] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  226.814554][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.829703][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.837024][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.844903][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.852264][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.859594][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.866913][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.874238][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.881652][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.890254][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.897570][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.904842][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.912114][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.919368][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.926739][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.942486][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.949840][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.957179][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.964509][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.967668][ T9576] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  226.971801][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.987277][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  226.995212][ T9579] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  227.002099][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.012159][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.019476][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.026799][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.031781][ T9576] System zones: 
[  227.034087][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.034151][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.044549][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.059484][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.066812][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.074191][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.081516][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.088831][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.097158][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.104512][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.111802][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.119083][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.126372][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.133660][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.141846][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.149175][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.151516][ T9576] 0-1
[  227.156444][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.156502][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.174030][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.181358][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.182542][ T9579] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.189527][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.205035][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.205555][ T9576] , 15-15
[  227.212341][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.222608][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.229926][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.233378][ T9576] , 18-18, 34-34
[  227.237217][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.241198][ T9576] EXT4-fs (loop4): orphan cleanup on readonly fs
[  227.248673][   T23] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[  227.255710][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.255820][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.255908][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.255996][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256086][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256177][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256267][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256355][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256443][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.256530][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.339016][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.346341][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.347115][ T9576] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  227.353711][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.370507][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.377843][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.385171][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.392483][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.399803][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.407131][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.415372][ T9576] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  227.416453][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.437536][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.444863][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.452193][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.459509][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.467125][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.474420][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.481737][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.489044][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.496811][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.504130][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.507689][ T9576] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  227.511396][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.511459][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.511517][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.511573][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.511630][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.511686][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.512529][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.569489][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.576813][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.584122][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.591397][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.598666][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.600993][ T9576] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.1533: bg 0: block 40: padding at end of block bitmap is not set
[  227.605934][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.605994][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.606046][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.643475][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.650785][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.658045][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.665299][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.672543][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.679780][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.687028][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.694288][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.701531][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.709278][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.716600][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.723905][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.731214][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.738522][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.745944][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.753251][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.760555][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.769299][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.776601][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.783853][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.791101][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.798352][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.805609][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.812934][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.820220][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.827582][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.835201][   T23] smsmdtv:smscore_set_device_mode: mode detect failed -22
[  227.844314][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844422][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844516][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844607][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844698][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844795][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844881][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.844985][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.845080][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.845170][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.920862][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.925275][ T9576] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6642: Corrupt filesystem
[  227.928168][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.944401][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.951730][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.954161][ T9576] EXT4-fs (loop4): 1 truncate cleaned up
[  227.959016][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.972159][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.979487][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.986809][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  227.995786][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.003113][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.010417][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.013338][ T9576] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.017701][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.037587][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.044929][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.052241][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.059555][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.068346][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.075668][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.082968][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.090281][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.097591][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.104898][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.112203][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.119521][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.126820][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.134994][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.142303][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.149566][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.156898][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.164141][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.171411][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.178645][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.185882][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.193152][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.200492][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.216371][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.223701][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.231001][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.238303][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.245620][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.252940][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.260247][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.267576][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.284117][ T9586] netlink: 'syz.2.1537': attribute type 3 has an invalid length.
[  228.301475][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.309325][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.316645][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.323951][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.331245][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.338559][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.345882][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.353181][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.360501][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.367887][   T23] smsmdtv:smscore_start_device: set device mode failed , rc -22
[  228.377004][   T23] smsusb:smsusb_init_device: smscore_start_device(...) failed
[  228.386588][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.393925][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.401240][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.408557][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.415889][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.423737][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.431077][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.438376][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.445673][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.452973][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.461067][    C1] smsusb:smsusb_onresponse: error, urb status -2, 0 bytes
[  228.468327][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.475644][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.482936][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.490220][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.497503][    C1] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  228.508048][   T23] ------------[ cut here ]------------
[  228.514701][   T23] ODEBUG: free active (active state 0) object: ffff888026856568 object type: work_struct hint: do_submit_urb+0x0/0x360
[  228.528210][ T5827] ==================================================================
[  228.536302][ T5827] BUG: KASAN: slab-use-after-free in __lock_acquire+0xff/0x7c80
[  228.543969][ T5827] Read of size 8 at addr ffff888140193098 by task kworker/1:3/5827
[  228.551879][ T5827] 
[  228.554213][ T5827] CPU: 1 PID: 5827 Comm: kworker/1:3 Not tainted 6.6.98-syzkaller #0
[  228.562292][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.572355][ T5827] Workqueue: events do_submit_urb
[  228.577410][ T5827] Call Trace:
[  228.580705][ T5827]  <TASK>
[  228.583647][ T5827]  dump_stack_lvl+0x16c/0x230
[  228.588441][ T5827]  ? __lock_acquire+0x7c80/0x7c80
[  228.593493][ T5827]  ? show_regs_print_info+0x20/0x20
[  228.598720][ T5827]  ? load_image+0x3b0/0x3b0
[  228.603238][ T5827]  ? __virt_addr_valid+0x469/0x540
[  228.608378][ T5827]  print_report+0xac/0x230
[  228.612805][ T5827]  ? __lock_acquire+0xff/0x7c80
[  228.617665][ T5827]  kasan_report+0x117/0x150
[  228.622188][ T5827]  ? mark_lock+0x94/0x320
[  228.626531][ T5827]  ? __lock_acquire+0xff/0x7c80
[  228.631396][ T5827]  __lock_acquire+0xff/0x7c80
[  228.636094][ T5827]  ? mark_lock+0x94/0x320
[  228.640444][ T5827]  ? __lock_acquire+0x1334/0x7c80
[  228.645486][ T5827]  ? mark_lock+0x94/0x320
[  228.649833][ T5827]  ? look_up_lock_class+0x75/0x140
[  228.654958][ T5827]  ? verify_lock_unused+0x140/0x140
[  228.660169][ T5827]  ? register_lock_class+0xb5/0x890
[  228.665382][ T5827]  ? is_dynamic_key+0x260/0x260
[  228.670247][ T5827]  ? mark_lock+0x94/0x320
[  228.674589][ T5827]  ? __lock_acquire+0x1334/0x7c80
[  228.679629][ T5827]  lock_acquire+0x197/0x410
[  228.684151][ T5827]  ? smscore_getbuffer+0xa9/0x440
[  228.689223][ T5827]  ? read_lock_is_recursive+0x20/0x20
[  228.694621][ T5827]  _raw_spin_lock_irqsave+0xa8/0xf0
[  228.699832][ T5827]  ? smscore_getbuffer+0xa9/0x440
[  228.704867][ T5827]  ? _raw_spin_lock+0x40/0x40
[  228.709562][ T5827]  smscore_getbuffer+0xa9/0x440
[  228.714430][ T5827]  ? smscore_onresponse+0xf10/0xf10
[  228.719643][ T5827]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  228.725638][ T5827]  ? read_lock_is_recursive+0x20/0x20
[  228.731028][ T5827]  do_submit_urb+0x98/0x360
[  228.735556][ T5827]  ? process_scheduled_works+0x957/0x15b0
[  228.741302][ T5827]  ? process_scheduled_works+0x957/0x15b0
[  228.747042][ T5827]  process_scheduled_works+0xa45/0x15b0
[  228.752704][ T5827]  ? assign_work+0x400/0x400
[  228.757310][ T5827]  ? assign_work+0x39e/0x400
[  228.761915][ T5827]  worker_thread+0xa55/0xfc0
[  228.766616][ T5827]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  228.772524][ T5827]  ? _raw_spin_unlock+0x40/0x40
[  228.777396][ T5827]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  228.783325][ T5827]  kthread+0x2fa/0x390
[  228.787424][ T5827]  ? pr_cont_work+0x560/0x560
[  228.792119][ T5827]  ? kthread_blkcg+0xd0/0xd0
[  228.796726][ T5827]  ret_from_fork+0x48/0x80
[  228.801161][ T5827]  ? kthread_blkcg+0xd0/0xd0
[  228.805852][ T5827]  ret_from_fork_asm+0x11/0x20
[  228.810641][ T5827]  </TASK>
[  228.813667][ T5827] 
[  228.815998][ T5827] Allocated by task 23:
[  228.820170][ T5827]  kasan_set_track+0x4e/0x70
[  228.824775][ T5827]  __kasan_kmalloc+0x8f/0xa0
[  228.829379][ T5827]  smscore_register_device+0x63/0x10f0
[  228.834849][ T5827]  smsusb_probe+0x1362/0x1da0
[  228.839540][ T5827]  usb_probe_interface+0x5a4/0xb00
[  228.844665][ T5827]  really_probe+0x25b/0xb40
[  228.849197][ T5827]  __driver_probe_device+0x18c/0x330
[  228.854494][ T5827]  driver_probe_device+0x4f/0x420
[  228.859528][ T5827]  __device_attach_driver+0x2ca/0x520
[  228.864915][ T5827]  bus_for_each_drv+0x24b/0x2d0
[  228.869775][ T5827]  __device_attach+0x2b5/0x400
[  228.874553][ T5827]  bus_probe_device+0x180/0x260
[  228.879413][ T5827]  device_add+0x85b/0xc20
[  228.883748][ T5827]  usb_set_configuration+0x1a79/0x20c0
[  228.889224][ T5827]  usb_generic_driver_probe+0x8d/0x150
[  228.894712][ T5827]  usb_probe_device+0x13d/0x280
[  228.900007][ T5827]  really_probe+0x25b/0xb40
[  228.904530][ T5827]  __driver_probe_device+0x18c/0x330
[  228.909828][ T5827]  driver_probe_device+0x4f/0x420
[  228.914897][ T5827]  __device_attach_driver+0x2ca/0x520
[  228.920284][ T5827]  bus_for_each_drv+0x24b/0x2d0
[  228.925148][ T5827]  __device_attach+0x2b5/0x400
[  228.929923][ T5827]  bus_probe_device+0x180/0x260
[  228.934785][ T5827]  device_add+0x85b/0xc20
[  228.939124][ T5827]  usb_new_device+0xa31/0x1630
[  228.943898][ T5827]  hub_event+0x2957/0x49c0
[  228.948330][ T5827]  process_scheduled_works+0xa45/0x15b0
[  228.953890][ T5827]  worker_thread+0xa55/0xfc0
[  228.958495][ T5827]  kthread+0x2fa/0x390
[  228.962573][ T5827]  ret_from_fork+0x48/0x80
[  228.966998][ T5827]  ret_from_fork_asm+0x11/0x20
[  228.972056][ T5827] 
[  228.974405][ T5827] Freed by task 23:
[  228.978227][ T5827]  kasan_set_track+0x4e/0x70
[  228.982858][ T5827]  kasan_save_free_info+0x2e/0x50
[  228.987910][ T5827]  ____kasan_slab_free+0x126/0x1e0
[  228.993041][ T5827]  slab_free_freelist_hook+0x130/0x1b0
[  228.998619][ T5827]  __kmem_cache_free+0xba/0x1f0
[  229.003490][ T5827]  smscore_unregister_device+0x603/0x6e0
[  229.009157][ T5827]  smsusb_term_device+0x18f/0x220
[  229.014204][ T5827]  smsusb_probe+0x1708/0x1da0
[  229.018900][ T5827]  usb_probe_interface+0x5a4/0xb00
[  229.024021][ T5827]  really_probe+0x25b/0xb40
[  229.028539][ T5827]  __driver_probe_device+0x18c/0x330
[  229.033840][ T5827]  driver_probe_device+0x4f/0x420
[  229.038881][ T5827]  __device_attach_driver+0x2ca/0x520
[  229.044273][ T5827]  bus_for_each_drv+0x24b/0x2d0
[  229.049159][ T5827]  __device_attach+0x2b5/0x400
[  229.053954][ T5827]  bus_probe_device+0x180/0x260
[  229.058855][ T5827]  device_add+0x85b/0xc20
[  229.063200][ T5827]  usb_set_configuration+0x1a79/0x20c0
[  229.068683][ T5827]  usb_generic_driver_probe+0x8d/0x150
[  229.074184][ T5827]  usb_probe_device+0x13d/0x280
[  229.079045][ T5827]  really_probe+0x25b/0xb40
[  229.083566][ T5827]  __driver_probe_device+0x18c/0x330
[  229.088868][ T5827]  driver_probe_device+0x4f/0x420
[  229.093913][ T5827]  __device_attach_driver+0x2ca/0x520
[  229.099301][ T5827]  bus_for_each_drv+0x24b/0x2d0
[  229.104163][ T5827]  __device_attach+0x2b5/0x400
[  229.109045][ T5827]  bus_probe_device+0x180/0x260
[  229.113941][ T5827]  device_add+0x85b/0xc20
[  229.118280][ T5827]  usb_new_device+0xa31/0x1630
[  229.123081][ T5827]  hub_event+0x2957/0x49c0
[  229.127514][ T5827]  process_scheduled_works+0xa45/0x15b0
[  229.133081][ T5827]  worker_thread+0xa55/0xfc0
[  229.137681][ T5827]  kthread+0x2fa/0x390
[  229.141755][ T5827]  ret_from_fork+0x48/0x80
[  229.146196][ T5827]  ret_from_fork_asm+0x11/0x20
[  229.150986][ T5827] 
[  229.153316][ T5827] The buggy address belongs to the object at ffff888140193000
[  229.153316][ T5827]  which belongs to the cache kmalloc-2k of size 2048
[  229.167381][ T5827] The buggy address is located 152 bytes inside of
[  229.167381][ T5827]  freed 2048-byte region [ffff888140193000, ffff888140193800)
[  229.181273][ T5827] 
[  229.183609][ T5827] The buggy address belongs to the physical page:
[  229.190034][ T5827] page:ffffea0005006400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x140190
[  229.200303][ T5827] head:ffffea0005006400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  229.209242][ T5827] anon flags: 0x57ff00000000840(slab|head|node=1|zone=2|lastcpupid=0x7ff)
[  229.217758][ T5827] page_type: 0xffffffff()
[  229.222094][ T5827] raw: 057ff00000000840 ffff888017842000 0000000000000000 dead000000000001
[  229.230687][ T5827] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[  229.239276][ T5827] page dumped because: kasan: bad access detected
[  229.245707][ T5827] page_owner tracks the page as allocated
[  229.251429][ T5827] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 7853867115, free_ts 0
[  229.271067][ T5827]  post_alloc_hook+0x1cd/0x210
[  229.275847][ T5827]  get_page_from_freelist+0x195c/0x19f0
[  229.281405][ T5827]  __alloc_pages+0x1e3/0x460
[  229.286005][ T5827]  alloc_page_interleave+0x24/0x1e0
[  229.291215][ T5827]  alloc_slab_page+0x5d/0x170
[  229.295902][ T5827]  new_slab+0x87/0x2e0
[  229.299988][ T5827]  ___slab_alloc+0xc6d/0x12f0
[  229.304677][ T5827]  __kmem_cache_alloc_node+0x1a2/0x260
[  229.310143][ T5827]  __kmalloc+0xa4/0x240
[  229.314306][ T5827]  serdev_controller_alloc+0x36/0x240
[  229.319691][ T5827]  serdev_tty_port_register+0x4a/0x250
[  229.325164][ T5827]  tty_port_register_device_attr_serdev+0xcf/0x140
[  229.331689][ T5827]  serial_core_register_port+0x1090/0x2320
[  229.337512][ T5827]  serial8250_register_8250_port+0x15ec/0x1f10
[  229.343684][ T5827]  serial_pnp_probe+0x549/0x730
[  229.348548][ T5827]  pnp_device_probe+0x305/0x4b0
[  229.353415][ T5827] page_owner free stack trace missing
[  229.358791][ T5827] 
[  229.361119][ T5827] Memory state around the buggy address:
[  229.366756][ T5827]  ffff888140192f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  229.374828][ T5827]  ffff888140193000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  229.382897][ T5827] >ffff888140193080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  229.390967][ T5827]                             ^
[  229.395817][ T5827]  ffff888140193100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  229.403882][ T5827]  ffff888140193180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  229.411951][ T5827] ==================================================================
[  229.420033][ T5827] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  229.427240][ T5827] CPU: 1 PID: 5827 Comm: kworker/1:3 Not tainted 6.6.98-syzkaller #0
[  229.435314][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.445373][ T5827] Workqueue: events do_submit_urb
[  229.450422][ T5827] Call Trace:
[  229.453708][ T5827]  <TASK>
[  229.456651][ T5827]  dump_stack_lvl+0x16c/0x230
[  229.461352][ T5827]  ? show_regs_print_info+0x20/0x20
[  229.466565][ T5827]  ? load_image+0x3b0/0x3b0
[  229.471087][ T5827]  panic+0x2c0/0x710
[  229.475012][ T5827]  ? bpf_jit_dump+0xd0/0xd0
[  229.479544][ T5827]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  229.485462][ T5827]  ? _raw_spin_unlock+0x40/0x40
[  229.490325][ T5827]  ? print_memory_metadata+0x314/0x400
[  229.495829][ T5827]  ? __lock_acquire+0xff/0x7c80
[  229.500694][ T5827]  check_panic_on_warn+0x84/0xa0
[  229.505645][ T5827]  ? __lock_acquire+0xff/0x7c80
[  229.510508][ T5827]  end_report+0x6f/0x140
[  229.514767][ T5827]  kasan_report+0x128/0x150
[  229.519285][ T5827]  ? mark_lock+0x94/0x320
[  229.523642][ T5827]  ? __lock_acquire+0xff/0x7c80
[  229.528504][ T5827]  __lock_acquire+0xff/0x7c80
[  229.533192][ T5827]  ? mark_lock+0x94/0x320
[  229.537642][ T5827]  ? __lock_acquire+0x1334/0x7c80
[  229.542679][ T5827]  ? mark_lock+0x94/0x320
[  229.547024][ T5827]  ? look_up_lock_class+0x75/0x140
[  229.552141][ T5827]  ? verify_lock_unused+0x140/0x140
[  229.557369][ T5827]  ? register_lock_class+0xb5/0x890
[  229.562590][ T5827]  ? is_dynamic_key+0x260/0x260
[  229.567452][ T5827]  ? mark_lock+0x94/0x320
[  229.571792][ T5827]  ? __lock_acquire+0x1334/0x7c80
[  229.576824][ T5827]  lock_acquire+0x197/0x410
[  229.581343][ T5827]  ? smscore_getbuffer+0xa9/0x440
[  229.586387][ T5827]  ? read_lock_is_recursive+0x20/0x20
[  229.591774][ T5827]  _raw_spin_lock_irqsave+0xa8/0xf0
[  229.597024][ T5827]  ? smscore_getbuffer+0xa9/0x440
[  229.602060][ T5827]  ? _raw_spin_lock+0x40/0x40
[  229.606761][ T5827]  smscore_getbuffer+0xa9/0x440
[  229.611629][ T5827]  ? smscore_onresponse+0xf10/0xf10
[  229.616837][ T5827]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  229.622838][ T5827]  ? read_lock_is_recursive+0x20/0x20
[  229.628242][ T5827]  do_submit_urb+0x98/0x360
[  229.632768][ T5827]  ? process_scheduled_works+0x957/0x15b0
[  229.638501][ T5827]  ? process_scheduled_works+0x957/0x15b0
[  229.644229][ T5827]  process_scheduled_works+0xa45/0x15b0
[  229.649800][ T5827]  ? assign_work+0x400/0x400
[  229.654401][ T5827]  ? assign_work+0x39e/0x400
[  229.659002][ T5827]  worker_thread+0xa55/0xfc0
[  229.663607][ T5827]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  229.669949][ T5827]  ? _raw_spin_unlock+0x40/0x40
[  229.674818][ T5827]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  229.680728][ T5827]  kthread+0x2fa/0x390
[  229.684802][ T5827]  ? pr_cont_work+0x560/0x560
[  229.689488][ T5827]  ? kthread_blkcg+0xd0/0xd0
[  229.694093][ T5827]  ret_from_fork+0x48/0x80
[  229.698524][ T5827]  ? kthread_blkcg+0xd0/0xd0
[  229.703121][ T5827]  ret_from_fork_asm+0x11/0x20
[  229.707909][ T5827]  </TASK>
[  229.711099][ T5827] Kernel Offset: disabled
[  229.715427][ T5827] Rebooting in 86400 seconds..