last executing test programs:

1m17.175973979s ago: executing program 4 (id=63):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0xbd, 0xf7, 0x13, 0x8, 0x2770, 0x930c, 0x8d6a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2a, 0xc5, 0x98}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

1m15.079532091s ago: executing program 4 (id=71):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r0, &(0x7f00000002c0)=""/200, 0x39)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

1m14.805115406s ago: executing program 4 (id=72):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
landlock_create_ruleset(&(0x7f00000001c0)={0xa001, 0x1, 0x3}, 0x18, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="409263"], 0x0, 0x0, 0x0, 0x0})

1m12.8379143s ago: executing program 4 (id=83):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17f, &(0x7f0000000380)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNF6ACRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//8JqdgE=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40000, 0x0)

1m12.246466978s ago: executing program 4 (id=84):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000040)={r1, 0x1, 0x9}, 0x8)

1m11.592142686s ago: executing program 4 (id=85):
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x808000, &(0x7f0000002600)=ANY=[], 0x1, 0xa0, &(0x7f00000024c0)="$eJzs17GJAlEUBdC7s8vuGjgNGNiBNdiKGGpmpAhWZCuWIIgVmInJyDgziHagngP/Py43fcnbXbaDlEm1Saoni+VqNpk3f/p5MA7voEjyl+Q/ybBs8u+tObRbkOxP62n36ubr3DUAAMArKTKqx3cbj/fmJ0mvvQOaBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCJrgEAAP//sjg1uA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

1m10.897529251s ago: executing program 32 (id=85):
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x808000, &(0x7f0000002600)=ANY=[], 0x1, 0xa0, &(0x7f00000024c0)="$eJzs17GJAlEUBdC7s8vuGjgNGNiBNdiKGGpmpAhWZCuWIIgVmInJyDgziHagngP/Py43fcnbXbaDlEm1Saoni+VqNpk3f/p5MA7voEjyl+Q/ybBs8u+tObRbkOxP62n36ubr3DUAAMArKTKqx3cbj/fmJ0mvvQOaBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCJrgEAAP//sjg1uA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

6.628278382s ago: executing program 0 (id=478):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)

5.60853588s ago: executing program 0 (id=485):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x19, &(0x7f0000000180)=[{&(0x7f0000000680)=""/103, 0x67}, {&(0x7f00000047c0)=""/4060, 0xfdc}, {&(0x7f00000037c0)=""/4069, 0xfe5}, {&(0x7f0000000700)=""/244, 0xf4}, {&(0x7f00000003c0)=""/225, 0xe1}, {&(0x7f00000019c0)=""/166, 0xa6}, {&(0x7f0000000080)=""/242, 0xf2}], 0x7}, 0x40000100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f00000016c0)="4c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3658f60a84c9f4d4938037e70e4509c5bb", 0x4c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)
recvmsg$kcm(r0, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40000002)

5.207806808s ago: executing program 0 (id=488):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00['], 0x44}}, 0x0)

4.80893021s ago: executing program 2 (id=492):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x3b85, &(0x7f0000010400)={0x0, 0xad84, 0x1, 0x2, 0x338}, &(0x7f0000000180), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f00000000c0), 0x1)

4.426915626s ago: executing program 0 (id=496):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000440), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
lseek(r0, 0x2, 0x3)
getdents64(r0, 0x0, 0x22)

4.372589115s ago: executing program 2 (id=497):
r0 = socket$igmp(0x2, 0x3, 0x2)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

4.228206244s ago: executing program 1 (id=499):
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x3000001d})
epoll_pwait(r1, &(0x7f00000003c0)=[{}], 0x1, 0x7, 0x0, 0x0)

4.146820872s ago: executing program 2 (id=500):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x297, &(0x7f0000000480)="$eJzs3c1qE18Yx/HfmUyb/P8tdfoignRVLbiSvmzETUFyB25cidpEKIYKWkFdRdfiBbjPLXgBLl2Ja6G7rryA7CLnzBkzSWaSGBonid8PJEw655l5TuZMz3lSSgTgn3Wvet46vLAPI5VUknRXCiRVpFDSVV2rvDo9Ozlr1GvDDlRyEfZhFEeagTbHp/WsUBvnIrzIvgq1mv4ZpqPyQ83tlaKzQNHc3Z8hkMr+7nT7K389s+loFp1AwUxbbb3WWtF5AACK5ef/wM/zq379HgTSrp/24/k/WdXP+QTaLjqBKfsyYn9q/ndVVsfY63vF7erWe+5ih1ryQa3Di0lyWVY8snoWmGZUVelyCf57etKo3z5+3qgFeq8jb6nbbMs91+KhmzhvGVfT2u13g4fe8bXpmPVlUiGP1zrNFVbBku3DQTr/VJPNyz3jaOar+WYemkifVPu9/gs7xl4md6WivisV57+Xf0TXy2W5Vjm9XHcnue7P4A3tZUk5FYmSEbXedwGjnDzDnqiNvqi4d/v5vXNRm5lRByOitvqjuqM5P3LazEfzwOzopz6rmlr/B/bd3tU4d6Zt41r6kTG0P6FrGbn5xM8dze3MlsGkPcIEPuiJ7mjt5Zu3zx43GvUXC7th78QZSGOmNpJBMCv5LOyGfZMLOXsy70x+nPxfHXwsvzi6F/0PAxkEi8Kuu0xc/6XqlT23WLNPUe86vZyO7Yw6eOqI+zm1wYZ7/r+/gsupDYz76GEl46+Lg2ccWnPduCXdHOeMscjnOXuOJgkyVX3XIz7/BwAAAAAAAAAAAAAAAAAAmDeX9y8HFeXtKrqPAAAAAAAAAAAAAAAAAAAAAADMu4zv/y0X+v2/9xW/4vt/gan7FQAA//+pI3MQ")
r0 = open(&(0x7f0000000040)='./file1\x00', 0xc0242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0x1, 0x5, 0x4, 0x3, 0x1, {0x0, 0x9, 0x2100, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x2, 0x0, 0x0, 0x3ff, 0x3}}, {0x0, 0x13}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f03)

3.812443901s ago: executing program 1 (id=502):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @union={0x0, 0x0, 0x0, 0x5, 0x0, 0x7ff}]}}, &(0x7f0000000f40)=""/4089, 0x32, 0xff9, 0x1, 0x32e}, 0x28)

3.656931065s ago: executing program 3 (id=504):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

3.593442022s ago: executing program 1 (id=505):
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4}}]}, 0x34}}, 0x0)

3.35617524s ago: executing program 3 (id=507):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x78, 0x30, 0x309, 0x0, 0x2, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xbabd, 0x81, 0x5, 0x1, 0xfff}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.311333383s ago: executing program 1 (id=508):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)=[{0x2000, 0x8000, 0x0, 0x0}], 0x1})

3.281041925s ago: executing program 2 (id=509):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000680)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x0, &(0x7f0000000440)={@fd, @flat=@weak_binder={0x77622a85, 0x0, 0x1}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x33}}, 0x0}}], 0x0, 0x0, 0x0})
r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffffffffffddf, &(0x7f0000000080)=ANY=[])
syz_usb_control_io(r0, 0x0, 0x0)

3.069402536s ago: executing program 3 (id=510):
rseq(&(0x7f00000000c0), 0x20, 0x0, 0x0)
r0 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r0, 0x0, 0x0, 0x1, 0x3000)
msgctl$IPC_RMID(r0, 0x0)

2.91956445s ago: executing program 3 (id=511):
syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340))
syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file0\x00', 0x1600008, &(0x7f0000000100)={[{@nodecompose}, {@gid}, {@barrier}, {@nobarrier}, {@nls={'nls', 0x3d, 'macromanian'}}, {@type={'type', 0x3d, "05f2875e"}}, {@type={'type', 0x3d, "eaab9aa0"}}]}, 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB='osx.:'], 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

2.753193626s ago: executing program 5 (id=512):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r1 = epoll_create(0x31)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000025c0)={0x2008})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000004c80)={0xe000000d})

2.606718232s ago: executing program 3 (id=513):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@ipv6_newaddr={0x48, 0x14, 0x101, 0x70bd26, 0x25dffbf8, {0xa, 0x38, 0x19, 0xff, r1}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x21ce0}, @IFA_ADDRESS={0x14, 0x1, @mcast1}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x8004)

2.47662787s ago: executing program 0 (id=514):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x16, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000341200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a80)={r1, 0x0, 0xe, 0x0, &(0x7f0000000640)="f4a64cb84de4115d6424ca0e839e", 0x0, 0x80020401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.255737083s ago: executing program 5 (id=515):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000070000000000e000000200000000000000000000000000000000000000000a000e0000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20004048, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty, 0x4}, 0x1c)

2.211884496s ago: executing program 3 (id=516):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x5599, &(0x7f0000005680)="$eJzs3X1oVecdB/BzTaKhFpPV1alY6RSqdGVTW5DNUeNLZjvfkhq0NTXGaWudrViZW9qJCwliOi2NSh2jrjhkRVtWApO+iFPXoUM2psikszLnim44ahZ1gh2Tjdx7n+u955rk1nVNXz6fknvuc3/nec5zD+eP+731OTcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKIoSm289OevImvqxM8fNeeA/j7y669ljk5aNPnL25/N3TCuqWv1U3fSGlrq5UzqaKxfPP3p1/aEoSqT6pfsvnHzfA4/OWTizNAxYX53alpd3ecjk4+lUo2/Oi539cv8WRVFUEhugKL2tLMpqJ+IHiFblD9it6k1X3lxWM/XtxssXJg6vHbU3/63TqbS3J9Bb0tfVmWvXUkXysU9sj0w769JL5Fyiqf7xC+4jeRMAwAcypiq5yXwcTX/EzbQb4/VYuyLWbo21wyeE1uzGjUiN27ered4er/fSPCtSUaFfl/OM1dPnP9OuivePtWNR4wPMM3fXdKQp7WqeK2P13ponAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMfJu5PmXZgy/cXLfSfV7hiy4a+z+mxcv+9UbfVLd+2sPrHujf61ddMbWurmTulorlw8/+jV9YeiqDzZL5Hqnnhj08Kn+tbNfHDzQ2srZ0w49FpRetywLc7aOfpjePLVsij6VlblTBj23IAoqsotJJvRj/MLy5JP7g8FAAAAPk2GJB/7ZNqpOFiS004k02Qi+V+QCovVm668uaxm6tuNly9MHF47au+Nj1fVxXgV1x0v0y6/9pfICsYh/sbHu1YPu67KG6d78RHjef7YtHdmnBlRf27rlfNNTWsv7h534K73tkw93/zNd/av6Hf/cyPy8n959/k/nDn5HwAAgP+F/B8fp3s95f+3ZlfOaPvDvT/6/biv/31o9cZ3m/YmVg09vmLkd+ZNPPXa869fzcv/t+ccMi//hxmH/N8nurH8DwAAAB9n/+/8X5E3Tvd6yv/PHDwxdM+ogzWN0furyv6VOLhk36nnvtZ8ec29216oPDvrsf55+X9MYfm/OHva4cXfhQkvL4uiMYWfVAAAACBH+P/u175aCHk99c1BPK+/PP7FnRdLZxYvKf7yrl3bnl5TevcdA5fWLn5l9EtDnjg8/9nVefm/orD8X/LRvF0AAACgAIs23L100D/mjd+2pH32rVePVg66Z/vRO25un7G6Zv2kFbec/kpe/q8qLP/36523AwAAAFzHsfmPLFrxt9071v16xOQxpe9PGTn7e3WX9hwe++9RNR0vjP/GW3n5v76w/H9Tepte+ZDqdCj8K4QtZVFU2vlkZarwm6h1YqYAAAAAfEhCTm/44eylDZuf2fbPizV3vtJ8y8utf374C+V3bpz2s+9vOT63adO+vPy/svv7/4c7HYT1/zn3/8tb/59VSN31b4IbAwAAAPBZlL+eP9weP/XLBV39/n6h6/8fe3r4o1u/+5Olv7itfHfitpNPfumJ5ocrfzpwYHvL6JHNRYNL8vJ/Y2H5vyh7+2H+/h8AAADcgE/a7/89lDdO93q6//+0BesOL2gf+/kDLe3Pjxn02znFDy7Y+af2m/c/Oax9/7nzLcPy8n9rYfk/bPtnv70D4fw0l0XR4M4n6bsJ7grTXR4rtJVkFVInPtZjTuiRLrT1yyokrYz1GFcWRV/sfNIYK3wuFFpjhY4B6cL2WOFIKKSvh0zh1VjhQLjStg5ITzdeeD0U0gss2sIKiv6ZJRGxHpe66tFZuG6Pk5mDAwAAfKaE8JzOsiW5zSgeZdsSPe1wU0879Olph6KediiO7RDfsavXo/rcQnj9L6dXv/f48l/WTmi4Z+7kPcOOP37f2bE/+PbaX83uv6XxxKUpTXn5f3th+T+cir6pTVfr/6Ow/j/9u4aZ9f/1oVAeK7SFQlX8jgFV4RipsLshHKO8Kt2jY3CmAAAAAJ9q4XuBol6eBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBf9u49Sq6qThTw7nd30uk0OI6AykSdJEZMdydBlICLPERUjHQYZFTGPEg65NEkIQ8kwYWBsBwUdQLBxDvDXQS4WYCixDgEERgSlcC9RHnNMAzyFLiBUSFc3nCZ3NV9aleqzulKV0wa0tzv+6NrV/3289Sja59zah8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/w+BDv7LgilOeuWnkC3936imNC59+bsxlB3/kiPqb5h48/PUtd8+6fcrxZ10w5eSJO1YeO+Mrd7/591tDaO8uV5EUr/j5RVOX1U6Z9KWLv3zOsZ8/auum2ly9uXgY2PWnMnfn/Njqk4NCuKEihOp0YGRjEqjJ3W+M9b2vMYQDwq5AvkTHgKREuuFwW0MI68KuQL6qGxtCaCwInHTvL2/9blfikoYQhoYQ6tJtPFyXtNGQDgyrTQID0oEF1UnglZ2JfODnlUkA9lp8M+Rf9BvaizM091yuxOuvZp917O2VHl5VTDSXzven8X3cqQK16Qfa9+ppy1RHn8i8PTZ7t/WDd1tmO6/ytBV+kcp9Q9m5K1QXKmd2zJq+tHNJfKQytLRUlaqpj57nh5//+ow9Sfeb12HsQPM+eR1W7dh+59mNn7pu9aD1r64ce+WWve3mQwWbtDDd1+pC7jXXb57HaJzPk37w9st8SxriS1cI4V9vqNv26hcuf/nTa7ZcPem8v13zzIjTW9veuO+F6yctWLXg+v/+i8z8v3n38//4co63lUW5Y6tvNCVz8/hIY0w815TMzQEAAKDf6A97Tac+NOvF4b/5xD9PvvHR7YOO/5tFqw/+de2Wdz34VOX4Z285ecT81zLz/yHlHf+Ph/wbC0e7OYRx3YmVg0M4qPvxJHBN7M6pg0P4QHeqvTgwPhXYHMLB3YkR+apSJepjiSGpwPamXGBcKrA1BtpTgfUxsCoVOD8GNqQCM2JgcyowIQbCnOJxfKQpN46yAw0xMC3ZiBviWQgvNMXWUtvqd/mqAAAA9pHc7LCm+G7BuQ57myFOLzc09JYhnoFdMkNdqob0DDY/rSpZQ3VvNVT2VkN+3Ct2P/xMzRW91Zw5DaOiOMPSb/7h/rFfXDW3euj22sNemnfczN8d8/41O1s++uPanT8cd9fahsz8v2338/+6HjpSkTn+H8Lk7r8xd2Uu0pmPT2svygAAAADshdETP/ZPl733l9fdcuLnfzv4jiOv2PjDqbVjv/XK0nt+uGLCudt+dEFm/j+uvPP/4z6RqoLMYVvcDTFvcAhtxYGk2qOygeSo98BcAAAAAPqD/PH4/LHwObnb5BTt9Hw6m799D/PHA//jesw//pC/fmzDf8z99k8nTjli7TmPzd9+1+EfrWn7m+cf/tIF86Z947JvZub/7eWd/z+g+DbpxNbYi9WDQ6gvCNwee9kV6DYkBh47pjiQG//WuAEujFXlTkzIV3VhLDEtBtpSgXWlStydL3FQcSD3ZOUbX5kfx5xciYIAAAAAvOXi7oB4XD6e/3/fgg/PPmpb3aG3rKr46V/uuKZz4vVtNc+M/VXT61/4whNff63xzMz8f9qenf/fPQ/OnN7fOTCE1uoQqtI/DNg2IFkYMAYaK3KJWwYkdVWlqzp3QAhHdw0sXdXjufX/q9NrDN7bkFQVAwd98Ornh3UlrmwIobUwcP8pl3+sK7EkFcg3/sWGEP6qa7Tpxq+vTxqvSTe+tj6EQwsC+apOrQ+hq7HadFW/rMtdxyBd1XV1IbyrIJCv6oi6EJYFAPqp+K90ZuGDi5ctnze9s7NjUR8m4j78hjBrTmdHy4wFnTPrSvRpZqrPRcsYnZsdU8nlkFLiEkWr7lk7tJx0/neCbYV9ye3Hz5w4mLsfvwvVdI9zdE3R3THpIX/4Q9kmQsE3qbdryAMKK9n1JGbqj/lrw8BQv3Rxx6KWs6YvWbJoVPK33Oyjk79xUMm2GpXeVgN66tt+8PIYXlhJ65LTF7YuXrZ85JzTp5/WcVrH/NFtYw5vO3LMqCM+3to1qrbkby9DHd5T1amh7rz8rR/qIdUFlbwVnxoSEhL9LfE/zjj95DuOnPOpE+5d+oGj1oybcPaNh89qXXPb9ZPWT3ts8I9GXZKZ/y/c/fw/furET/7c+gyljv83x8P8yeO7DvNPi4F15R7/by51ND9/YsCQVGBFDKxwmB8AAIB3hrg7Mu52jHutH6q74qrDL3329C2jJn7tzOaRv57wwXEHfvqML99x3H/+3/d/7xN//N+Z+f+K8n7/v4/W/88vXf+5Usv8j4gl2kqt/59e5j+//v+KUuv/p5f5z6//v+5tWP9/aT6Q2iQvWP8fAAB4J3jr1v/vdXn/9AUCMhl6Xd4/fYGATIZel/Ev9wIBe7z+/5PHXPv0B97/TPvPrr/j8ekXn3HOx9fUD9uxrL7l9m//+y9u/MqpgzLz/1Xlzf8t3A8AAAD7j2uPffLfjr3q+7ec3Pjsj2sWzT7/5vNuahz2WsWsjfMnDJh8zez/ysz/15U3/3/r1/8Lpc7/H1Iq0F5qYUDr/wEAANBPlVr/b/tP6i+9sHHHuk0bXv/ske9+/Tt3fOdrry34wQ8+89H3zV48adyEmzPz/w3lzf/jaReVRbljb95oSta0C+k17Z5ryv9kAAAAAPqHytDSUlNm3qKVUcf/+W3GpUB3ly504nE//WT70HffPufaKa3/cN99Ha2H3NnUsH7+zi+d8PTyp05YeWVm/r+5vPl/0e8yqnZsv/Psxk9d98bqQetfXTn2yi27jv8DAAAAfafc/RIAAAAAAAAAAAAAAMDb770Lxoy/t+Xxd1+0evn5zdddcfmbm1q3fPUfL6na/uHZf7hg7uiGzO//w+TucqV+/x+v+xd/X/AXRbljq72v/5e7f9LxP1nWvWThtqYQPlQYmHfevANC7tr8wwsDt351xHu6EuelS9z8yISnuhJT04HPjDzw5a7E0anAtLhI4sHpQLyq4suDUoG4vOJ96UDcHhvSgdpc4FuDknFUpLfVM43JtqpIb6sHG0MYXBDIb6sbGpM2KtIDvCQVyA/wjHQgDvALuUBlulc/GZj0KgYaY9HLBia9AgBgvxW/BdaEWXM6O9riV/h4e0h18W1UtGTZudlqq8psPi5NtuqetUPLSVelv4vuutZ4TajrGsKozNfVwiwV3aPcN7X0sun+osSQe1vtra82XW3pETUkI2qZsaBzZk2vAx/Te5bR1b1mGZWZ7BRmqezepGXUUkZfyhhRmdumjC7H+5WhpaUqlWtsDDaHIr29Isr9vX5Pa/6VekV0+cSXb/rD41ubPn3Ye9pPO/+eyvff+6sDr3jxQ688dN1hm/7bR9b++urM/L+5vPl/XeG4Xs5dDGBFvLLeUYNDmFbmiAAAAOCdb/b8Ry6+4FcXbX+sfdhTC1ovuvWBZT9YXt10zfnHPnjzmS+d8r2pexu/9skTfvvAb3+0cdj4WxaOGfDEWVdedtw9d92xetvxb95w2P8ZOePRzPx/SHnz/7hjLHcoONnbsTle/3/l4BC6L63fnASuicM9dXAIH+hOtccSyQX1PxdLtCWBa+IOkxGxxLT24qrqY2BDKrC9KRfYnApsjYHcXoqrQ25XzkVNIXysOzW5uMTCWKI5FTghBoakAi0x0JYKDIqBcanAHwflAu2pwJ0xEOYUb6ufDcptKwAAgD2Rm2fVFN8N6XnehureMlT0lmFAbxkqe8tQ11uGUqOI9zfGDDWFx+NzGeJDNelaG1K1ZDLEi+Hvcb8yGcLdxTnTBTNN588kaS7OGTN8+x8f/OT0lx6+YemP3hh+4rmf/PH3tm16be4Tp40cPO3VsfNGfPuPmfl/W3nz/wHFt0nrW+P8f9f1/5LA7bF7q+Op40Ni4LFjigO5HQNb42T3wnxV7bkSuUn7hbHEuBgYkgosjIFxqcC0ybnAuvcUB3Iz7XzjK/ONz8mVKAgAAADAWy7uIIi7aeL8/9K/mz353O+0dqyc9dWnps0Y+ukDL33fpcfcNOk3c9cedOCpd14zLzP/H1fe/D+2N7CwsfNjb54cFMINFbt6kw+MbEwCcT9GY/x5/PsaQzigYAdHvkTHgKREbarhcFtD8gv12nRVNzYkawzE+yfd+8tbv9uVuKQhhKEFe1/ybTxcl7TRkA4Mq00CA9KBBdVJIO75yQd+XpkEYK/l9wrGF1TuVJe85p7LlXj9vVOuCZoeXmYfaA/5evrNVV+pSz+Q26eat2dPW6Y6+kTm7bHZu60/vtuavdsKv0jlvqHs3BWqC5UzO2ZNX9q5JD5S+EvWjD56nnv6Jevu0vvgdbjiz+9t7+rSHWhLfXy09Vyu59dhRayuasf2O89u/NR1qwetf3Xl2Cu3lN2NEuIm/cuvjR/2UMHm7Wt1Ifea63efJ+0+T/rjv4EhnrYQwqbnvlF/5okn/tsB/7Rw0/cf/a/mV7/1zTs2blzW1HJz1ZpJF3722sz8v728+X916rbba3FjLh4cwocLNu62uPknDk4+BwsCyafku7KB5JD7E00lPzkBAABgX8vv7sjvL5iTu01OCE/Pk7P52/cwf9xfMa7H/OX2+4TP3/0vf7vid6u/uGX9AxW/+f3GK04YM3XhYwvvu3jiP/+v31/16I2Z+f+03c//61PddPzf8X/6iOP/Pdrfd0XXpx9YsVe7ojPV0Scc/+/R/v5uc/y/R47/O/7fE8f/e+H4f4/296ct8y1poS9dIYSnn/2XC//hgmUnPfTqu4+4+IE/PTjx7IobOv9j+kPPdLzx0Vdm3XpoZv6/sLz5v/X/el60L7/+37RS6/8tLLX+3wrr/wEAAH2qxEJz6XleZvW+TIb06n2ZDL0uENjrEoPW/9vj9f82nFz9+1/P/ffvf+6+pw+vnHr/f46eP++m4UcdM+KqNU+t+NcX2lsy8/8V5c3/48thYGHr/WX9vyGTS1S1KgYWWhgQAACA/VGpHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8vcaceedL33lh+2G3Lrlt5cnj/3r1qV//7NEH/+zKnZ/YHL7x4vKX7ply/FkXTDl54o6Vx874yt1v/v3WEOZ0l6tIilf8/KKpy2qnTPrSxV8+59jPH7V1U12u3prc7XuLcsdW32gKYV3BI40x8VxT151dgZOO/8my6q7EtqYQPlQYmHfevAO6EuubQhheGLj1qyPe05U4L13i5kcmPNWVmJoOfGbkgS93JY7OBSrS3b10UNLdinR3vzsohMEFgXx35w4qrirfxnG5QGW6jasakzZioDEW/UFj0kYMdMYSc+pDaK0OoSpd1f+sS6qqSlf1i7qkqqp0VefUhXB0CKE6XdUjtUlV1emR31WbVBUDB33w6ueHdSXW1YbQWhi4/5TLP9aVOCMVyDd+Ym0If9X1kkk3vrEmabwm3fglNSEcGkKoTZd4sTopUZsu8Xh1CO8qCOQbn10dwrLAO0L88JlZ+ODiZcvnTe/s7FjUh4naXFsNYdaczo6WGQs6Z9al+lRKRUF657nZeGWZY3/4+a/P6Lpddc/aoeWkq3Plarq7PLqm6O6YfdX7ij7qfezXgMJKdj0fmfpj/towMNQvXdyxqOWs6UuWLBqV/C03++jkb1UummyrUftqW5Xrz91WwwsraV1y+sLWxcuWj5xz+vTTOk7rmD+6bczhbUeOGXXEx1u7RtWW/N0XQ708G6/q46EeUl1QyVvxASAhIdHfEpVFn25t+/u/7MwX/V0drQl13R/QmWlFYZaK7lHui0GP3318Xw46MyXJjGhUZuKQyTK69yxjMpOJXVkakizd3+syk8PCmiq7N2m8XxlaWkr+p2suvlu4+f7Uw+YtV9x05aYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAAP//CAsM0g==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
llistxattr(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)

1.943332024s ago: executing program 5 (id=517):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x1008, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x0, &(0x7f0000000040))

1.75839984s ago: executing program 5 (id=518):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)

1.624113486s ago: executing program 1 (id=519):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f0000000300)='[', 0x1, 0x4090, &(0x7f0000000000)={0xa, 0x0, 0x8a3, @loopback, 0xb}, 0x1c)
getsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000001240)=""/4092, &(0x7f0000000240)=0xffc)

1.346880297s ago: executing program 1 (id=520):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000300)={[{@utf8}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'cp855'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@fat=@codepage={'codepage', 0x3d, '950'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

839.184731ms ago: executing program 0 (id=521):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000feffffff0000000000000000850000002a00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

659.218807ms ago: executing program 5 (id=522):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x3000cd0, &(0x7f0000000440)=ANY=[], 0x5, 0x1509, &(0x7f0000000940)="$eJzs3Am4TmX3MPC17vveHDI8Sea97rV5kuEmSUJJMiRJEpI5IUmSJEkcMiUhCRlPkjlkTicd8zxkTjp5JUkSkinc33VUn7f3fft6p//n/b9n/a5rX+deZ++1nrXPup7z7L2v65xvuwyt1rB65XrMDP8M/esCf/6SCAAJADAAALIDQAAAZXKUyZG2P5PGxH/qRcT/kPrTr3YH4mqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiHRtZt5rZUu/mzz//19O/SvJ8vmfLuDv7ZD5/7fR/9DRMv/0Teafvsn80zeZf/pz5RYsuKp9iKtP3v/pm8xfiHTt3/5Mef3Zq/1MW7Z/YBNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIf4/OOuvMADw6/pq9yWEEEIIIYQQQoh/H//+1e5ACCGEEEIIIYQQ//MQFGgwEEAGyAgJkAkywzWQBbJCNsgOMbgWcsB1kBOuh1yQG/JAXsgH+aEAhEBggSGCglAI4nADFIYboQgUhWJQHByUgJJwE5SCm6E03AJl4FYoC7dBOSh/+TXT3AmV4C6oDHdDFagK1aA63AM14F6oCfdBLbgfasMDUAcehLrwENSD+tAAHoaG8Ag0gsbQBJpCM2gOLf4gPyn738p/EbrDS9ADekIi9ILe8DL0gb7QD/rDAHgFBsKrMAheg8EwBIbC6zAM3oDh8CaMgJEwCt6C0TAGxsI4GA8TIAnehonwDkyCdx/JClNgKkyD6TADZsJ7MAtmwxx4H+bCPJgPSZkWwiJYDB/AEvgQkuEjWAofQwosg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK3wC22A77ICdsAt2wx74FPbCZ7APPodU/OIfzD/z23zoioCAChUaNJgBM2ACJmBmzIxZMAtmw2wYwxjmwByYE3NiLsyFeTAPJmI+LIAFkJCQkbEgFsQ4xrEwFsYiWASLYTF06LAklsRSeNF7XxrLYBksi2WxHJbH8ng73o4VsSJWwkpYGStjFayC1bAa3oP34L1YE2tiLayFtbE21sE6WBfrYj2shw2wATbEhtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xRfwBXwRX8SX8CXsiVVUL+yNvbEP9sF+2B/74ys4EF/FV/E1HIxDcCi+jq/jGzgcT+MIHImjcBRWVGNwLI5DVhMwCZMwI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+NcnIfzcAEuwEW4GBfjEvwQkzEZl+IZTMFluBxX4EpchStxDa7FNbgeN+B63ISbcAtuwU/wE9yO23En7sTduBs/xU/xM/wMB2MqpuJ+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8gSfxBJ7CU3gaz+BZADiP5/ECXsBLeCntza/SGGVUBpVBJagElVllVllUFpVNZVMxFVM5VA6VU+VUuVQulUflUflUPlVAFVCkSLGKVEFVUMVVXBVWhVURVUQVU8WUU06VVCVVKVVKlValVRl1qyqrblPlVHnV2t2ublcVVRtXSd2lKqvKqoqqqqqp6qq6qqFqqJqqpqqlaqnaqraqox5UdVUv7If1VdpkGqoh2EgNxSaqqWqmmqs38FHVUg3HVqq1aqMeVyNxBLZTLV179ZTqoMZiR/WMGofPqs5qAnZRz6uu6gXVTb2ouqtWrofqqSZjL9VbTcM+qq/qp/qrWVhVpU2smnpNvZhxiBqqXleL8A01XL2pRqiRapR6S41WY9RYNU6NVxNUknpbTVTvqEnqXTVZTVFT1TQ1Xc1QM9V7apaareao99VcNU+DWqAWqkVqsfpALVEfqmT1kVqqPlYpaplarlaolWqVWq3WqLVqnVqvNqiNapParLaoreoTtU1tVzvUTrVL7VZ71Kdqr/pM7VOfq1T1hdqv/qQOqC/VQfWVOqS+VofVN+qI+lYdVd+pY+p7dVydUCfVD+qU+lGdVmfUWXVOnVc/qQvqorqkvAKNWmmtjQ50Bp1RJ+hMOrO+RmfRWXU2nV3H9LU6h75O59TX61w6t85j8up8Or8uoENN2mrWkS6oC+m4vkEX1jfqIrqoLqaLa6dL6JL6Jl1K36xL61t0GX2rLqtv0+V0eV3Bg75DV9R36kr6Ll1Z362r6Kq6mq6u79E19L26pr5P19L369r6AV1HP6jr6od0PV1fN9AP64b6Ed1IN9ZNdFPdTDfXLfSjuqV+TLfSrXUb/bhuq5/Q7fSTur1+SnfQT+uO+hndST+rO+vndBf9vO6qX9Dd9EV9SXvdQ/fUibqX7q1f1n10X91P99cD9Ct6oH5VD9Kv6cF6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6tx+ixepweryfoJP22nqjf0ZP0u3qynqKn6ml6up6h+/1Sac7fkf/O38gfdPnVt+it+hO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qp/TP+hT+kd9Wp/RZ/Q5fV6f1xd++RmAQaOMNsYEJoPJaBJMJpPZXGOymKwmm8luYuZak8NcZ3Ka600uk9vkMXlNPpPfFDChIWMNm8gUNIVM3NxgCpsbTRFT1BQzxY0zJUxJc9O/nP9H/bUwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PDJJpE09u8bPqYvqaf6W8GmFfMQDPQDDKDzGAz2Aw1Q80wM8wMN8PNCDPCjDKjzGgz2ow1Y814M94k+exmoploJplJZrKZbKYOyG6mm+lmpplpZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJtkkm6VmqUkxy8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2K2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0m1aSa/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOW/OmwvmgrlkLqVd9gUqUIEJTJAhyBAkBAlB5iBzkCXIEmQLsgWxIBbkCHIEOYPrg1xB7iBPkDfIF+QPCgRhQIENOIiCgkGhIB7cEBQObgyKBEWDYkHxwAUlgpLBTUGp4OagdHBLUCa4NSgb3BaUC8oHFYLbgzuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUC+oHDYKHg4bBI0GjoHHQJGgaNAuaBy3+rfW9P537Mdcj7Bkmhr3C3uHLYZ+wb9gv7B8OCF8JB4avhoPC18LB4ZBwaPh6OCx8IxwevhmOCEeGo8K3wtHhmHBsOC4cH04Ik8K3w4nhO+Gk8N1wcjglnBpMC6eHM8KZ4XvhrHB2OCd8P5wbzgvnhwvCheGiEH++JIbk8KNwafhxmBIuC5eHK8KV4apwdbgmXBuuC9eHG8KN4aYyA38+NNwWbg93hDvDXeHucE/4abg3/CzcF34epoZfhPvDP4UHwi/Dg+FX4aHw6/Bw+E14JPw2PBp+Fx4Lvw+PhyfCk+EP4anwx/B0eCY8G54Lz4c/hRfCi+Gl0Kdd3Kd9vJMhQxkoAyVQAmWmzJSFslA2ykYxilEOykE5KSflolyUh/JQPspHBagApWFiKkgFKU5xKkyFqQgVoWJUjBw5KkklqRSVotJUmspQGSpLZakclaMKVIHuoDvoTrqT7qK76G66m6pSVapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqCE1pEbUiJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaVu1I26U3fqQT0okRKpN/WmPtSH+lE/GkADaCANpEE0iAbTYBpKQ2kYDaPhNJxG0EgaRW/RaBpDY2kcjacJlERJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSfJpPC2khLabFtISWUDIl01JaSimUQstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22gb7aAdtIt20R7aQ3tpL+2jfZRKqbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO00k6SafoFJ2m03SWztJ5+oku0EW6RJ4SbCab2V5js9isNpvNbv8yzmPz2nw2vy1gQ5vL5v5NTNbaIraoLWaLW2dL2JL2pr+Ky9nytoK93d5hK9o7bSVbzmaCP49r2HttTXufrWXvt9XtPb+Ja9sHbB37iK1rG9t6tqltYJvbhvYR28g2tk1sU9vMNrdt7RO2nX3StrdPJXSwT/95bNPiJfZDu9aus+vtBrvXfmbP2nP2iP3Wnrc/2R62px1gX7ED7at2kH3NDrZDfhsD2FH2LTvajrFj7Tg73k74q3iqnWan2xl2pn3PzrKz/ypebD+wc22ynW8X2IV20eU4radk+5Fdaj+2KXaZXW5X2JV2lV1t1/zfXlfYTXaz3WL32E/tNrvd7rA77S67+3Kcdh777Oc21X5hD9tv7AH7pT1oj9pD9uvLcdr5HbXf2WP2e3vcnrAn7Q/2lP3RnrZnLp9/2rn/YC/aS9ZbYGTFmg0HnIEzcgJn4sx8DWfhrJyNs3OMr+UcfB3n5Os5F+fmPJyX83F+LsAhE1tmjrggF+I438CF+UYuwkW5GBdnxyW4JN/EpfhmLs23cBm+lcvybVyOy3MFvp3v4Ip8J1fiu7gy381VuCpX4+p8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI/rcwN+mBvyI9yIG3MTbsrNuDm34Ee5JT/Grbg1t+HHuS0/we34SW7PT3EHfpo78jPciZ/lzvwcd+HnuSu/wN34Re7OL3EP7smJ3It788vch/tyP+7PA/gVHsiv8iB+jQfzEB7Kr/MwfoOH85s8gkfyKH6LR/MYHsvjeDxP4CR+myfyOzyJ3+XJPIWn8jSezjN4Jr/Hs3g2z+H3eS7P4/m8gBfyIl7MH/AS/pCT+SNeyh9zCi/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8LbeDvv4J28i3fzHv6U9/JnvI8/51T+gvfzn/gAf8kH+Ss+xF/zYf6Gj/C3fJS/42P8PR/nE3ySf+BT/COf5jN8ls/xef6JL/BFvsSeIcJIRToyURBliDJGCVGmKHN0TZQlyhpli7JHsejaKEd0XZQzuj7KFeWO8kR5o3xR/qhAFEYU2YijKCoYFYri0Q1R4ejGqEhUNCoWFY9cVCIqGd0UlYpujkpHt0RlolujstFtUbmofFQhuj26I6oY3RlViu6KKkd3R1WiqlG1qHp0T1QjujeqGd0X1Yruj0pHD0R1ogejutFDUb2oftQgejhqGD0SNYoaR02iplGzqHnUIno0ahk9FrWKWkdtosejttETUbvoyah99FTUIXr6yv6iwc+fpn+xPzHqFelfnpDdpxfGF8UXxz+IL4l/GE+OfxRfGv84nhJfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c3xL3vnpGcJh2IwzGBS6Dy+gSXCaX2V3jsrisLpvL7mLuWpfDXedyuutdLpfb5XF5XT6X3xVwoSNnHbvIFXSFXNzd4Aq7G10RV9QVc8WdcyVcSdfctXAtXEv3mGvlWrs27nH3uHvCPeGeTPilcdfRPeM6uWddZ/ece84977q6F1w396Lr7l5yPVxPl+gSXW/X2/VxfVw/188NcAPcQDfQDXKD3GA32A11Q90wN8wNd8PdCDfCjXKj3Gg32o11Y914N94luSQ30U10k9wkN9lNdlPdVDfdTXcz3Uw3y81yc9wcN9fNdfPdfLfQLXSL3WK3xC1xyS7ZLXVLXYpLccvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XOpLtXtd/vdAXfAHXRfuUPua3fYfeOOuG/dUfedO+a+d8fdCXfSeX3K/ehOuzPurDvnzruf3AV30V1y3iXF3o5NjL0TmxR7NzY5NiU2NTYtNj02IzYz9l5sVmx2bE7s/djc2LzY/NiC2MLYotji2AexJbEPY8mxj2JLYx/HUmLLYstjK2IrY6ti3uffFvmCvpCP+xt8YX+jL+KL+mK+uHe+hC/pb/Kl/M2+tL/Fl/G3+rL+Nl/Ol/cVfGPfxDf1zXxz38I/6lv6x3wr39q38Y/7tv4J384/6dv7p3wH/7Tv6J/xnfyzvrN/znfxz8/7Zcq+u3/J9/A9faLv5Xv7l30f39f38/39AP+KH+hf9YP8a36wH+KH+tf9MP+GH+7f9CP8SD/Kv+VH+zF+rB/nx/sJPsm/7Sf6d/wk/66f7Kf4qX6an+5n+Jn+PT/Lz/Zz/Pt+rp/n5/sFfqFf5Bf7D/wS/6FP9h/5pf5jn+KX+eV+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qP/Hb/Ha/w+/0u/xuv8d/6vf6z/w+/7lP9V/4/f5P/oD/0h/0X/lD/mt/2H/jj/hv/VH/nT/mv/fH/Ql/0v/gT/kf/Wl/xp/15/x5/5O/4C/6S/I3a0IIIYQQfxf9B/t7/Y3vqV+2NL0BIOv2vIf+subGXD+v+6q9HWIA8FTPLvV/3erXT0xM/OXYFA1BoQUAELuSnwGuxMugDTwB7aE1lPqb/fVVFS5f9/2/6sdvBcgMkOnXnLTbo1/jK/Vv/p36jT/g362/7Of6CwCKFLqSk1b41/hK/dK/U39329+vf7n/TF8mAbT6s5wscCW+Ur8kPAZPQ/vfHCmEEEIIIYQQQvysrzrf9Q/uPy/fn+czv837Nf6j+/M/UOlf7V8IIYQQQgghhBB/7NkXuj35aPv2rTv9Ny8y/me08R+wQAD4D2hDFv/5i6v9m0kIIYQQQgjx73blov9qdyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqRf//x/CFN/98FX+xyFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+3/BAAA//+0FVXr")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141281, 0xb0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})

595.951464ms ago: executing program 2 (id=523):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30000000000900010073797a30000000000900020073797a32000000007c010000020a01"], 0x250}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

115.87876ms ago: executing program 2 (id=524):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[], 0x1, 0x1d6, &(0x7f0000000f80)="$eJzsVb/OEkEQ/+3dwoFSUNtKhEaBIzGWdvIAPoAETiQe/uEuUQiJaENjYXwJEp/CwkR7C2NMbLDQRAuMFYZg9nZ23QskKIF835fsLyHzm5mdmR32dvZO9DDyAKwW4zaKSMBQwCfGwAGUmbQts1L+JLkmfOVSr5P9FckvJKPh6P1zSUd3W2EYDKLhDsIYsGtNimya+D8X20LePUtbGIg4sg/snfnQJHblhjZdL1IWb9sa15PBJ97FMcivQvqYvh26RAbH7gLQlt+F3cf08aU8zq1rXArPn6avdy/i/FdUBBpf0Y2nDn4kyofFuC3ILZpiwtaRP7pOco1Q3hhrLlxX3rXOw5NpCZQBVOP+g2o0HF3u9VvdoBvc8/3G1drb83RF10+AXhjUmLGNZKBwaIgbmTf8GQCf//onMMCMrQmcA5iKVSFqOFcuGoF5wDFizRwy72tVf6UcLvq4iUvIAXg0EW4f8t8qQWTjuC1aa4LBJaXOjX0CSzjIJY4r7fthZwoGpsJm4DpHfY6MVnxSRKGgcU23PyVZItkkOSM5J6neLvUm8STDd9IqEyCLx604HiSPl2Ta5mubX9SVHaqqXkOmduLBwsLCwsLCwuKM4E8AAAD//yhrTN0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x11, 0x2)
getdents64(r0, 0x0, 0x44)

0s ago: executing program 5 (id=525):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xffeffffc}, {0x16}]}, 0x10)
sendto$inet6(r0, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 interface with an up link
[   90.526826][ T5865] team0: Port device team_slave_1 added
[   90.533704][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.540905][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.567798][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.608571][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.707547][ T5874] team0: Port device team_slave_0 added
[   90.715032][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.724611][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.752500][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.785500][ T5874] team0: Port device team_slave_1 added
[   90.820179][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.827679][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.854101][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.883493][ T5866] team0: Port device team_slave_0 added
[   90.957089][ T5866] team0: Port device team_slave_1 added
[   90.963657][ T5874] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.971344][ T5874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.997819][ T5874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.016531][ T5864] hsr_slave_0: entered promiscuous mode
[   91.023165][ T5864] hsr_slave_1: entered promiscuous mode
[   91.029281][ T5864] debugfs: 'hsr0' already exists in 'hsr'
[   91.035492][ T5864] Cannot create hsr debugfs directory
[   91.067439][ T5874] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.074812][ T5874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.101522][ T5874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.183403][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.190808][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.217264][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.232969][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.240082][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.267242][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.382524][ T5865] hsr_slave_0: entered promiscuous mode
[   91.388826][ T5865] hsr_slave_1: entered promiscuous mode
[   91.396247][ T5865] debugfs: 'hsr0' already exists in 'hsr'
[   91.402110][ T5865] Cannot create hsr debugfs directory
[   91.436313][ T5866] hsr_slave_0: entered promiscuous mode
[   91.443050][ T5866] hsr_slave_1: entered promiscuous mode
[   91.449103][ T5866] debugfs: 'hsr0' already exists in 'hsr'
[   91.455663][ T5866] Cannot create hsr debugfs directory
[   91.495818][ T5874] hsr_slave_0: entered promiscuous mode
[   91.502484][ T5874] hsr_slave_1: entered promiscuous mode
[   91.508495][ T5874] debugfs: 'hsr0' already exists in 'hsr'
[   91.515048][ T5874] Cannot create hsr debugfs directory
[   91.812234][ T5860] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   91.869501][ T5860] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   91.916251][ T5860] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   91.984703][ T5860] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   92.034372][   T43] cfg80211: failed to load regulatory.db
[   92.101230][ T5864] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   92.127013][ T5864] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   92.137848][ T5864] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.169361][ T5864] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.200171][ T5872] Bluetooth: hci0: command tx timeout
[   92.269089][ T5865] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.282067][ T5865] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.295449][ T5865] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.305963][ T5865] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.350110][ T5872] Bluetooth: hci1: command tx timeout
[   92.430839][ T5869] Bluetooth: hci3: command tx timeout
[   92.436515][ T5872] Bluetooth: hci2: command tx timeout
[   92.458672][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.472409][ T5866] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   92.507528][ T5866] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.510572][ T5872] Bluetooth: hci4: command tx timeout
[   92.541107][ T5866] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.576248][ T5866] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.606773][ T5860] 8021q: adding VLAN 0 to HW filter on device team0
[   92.642403][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.649673][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.678390][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.685566][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.695835][ T5874] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   92.724881][ T5874] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   92.736853][ T5874] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   92.754237][ T5874] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   92.872324][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.925252][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.993629][ T5865] 8021q: adding VLAN 0 to HW filter on device team0
[   93.034459][ T5864] 8021q: adding VLAN 0 to HW filter on device team0
[   93.069876][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.077059][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.106609][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.113958][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.152725][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.160138][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.176372][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.183576][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.256403][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.376943][ T5874] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.423564][ T5866] 8021q: adding VLAN 0 to HW filter on device team0
[   93.445548][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.452744][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.510864][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.558106][ T5874] 8021q: adding VLAN 0 to HW filter on device team0
[   93.600669][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.607944][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.635660][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.642885][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.688013][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.695207][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.895737][ T5860] veth0_vlan: entered promiscuous mode
[   93.967515][ T5860] veth1_vlan: entered promiscuous mode
[   94.022145][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.056643][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.154735][ T5860] veth0_macvtap: entered promiscuous mode
[   94.188199][ T5860] veth1_macvtap: entered promiscuous mode
[   94.273168][ T5872] Bluetooth: hci0: command tx timeout
[   94.280887][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.320489][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.367100][ T5864] veth0_vlan: entered promiscuous mode
[   94.407098][ T5865] veth0_vlan: entered promiscuous mode
[   94.421256][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.430773][ T5872] Bluetooth: hci1: command tx timeout
[   94.447992][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.474623][ T5864] veth1_vlan: entered promiscuous mode
[   94.482464][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.491481][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.513214][ T5869] Bluetooth: hci3: command tx timeout
[   94.518734][ T5872] Bluetooth: hci2: command tx timeout
[   94.535326][ T5865] veth1_vlan: entered promiscuous mode
[   94.577695][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.594719][ T5872] Bluetooth: hci4: command tx timeout
[   94.618622][ T5874] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.686563][ T5864] veth0_macvtap: entered promiscuous mode
[   94.719098][ T5864] veth1_macvtap: entered promiscuous mode
[   94.777543][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.804780][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.854576][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.889058][ T5865] veth0_macvtap: entered promiscuous mode
[   94.915894][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.947726][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.958630][ T5865] veth1_macvtap: entered promiscuous mode
[   94.966374][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.999072][ T1109] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.019914][ T1109] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.028693][ T1109] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.087941][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.099236][ T1109] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.137705][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.163521][ T5874] veth0_vlan: entered promiscuous mode
[   95.183405][ T5860] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.212998][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.248926][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.259737][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.327226][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.357239][ T5874] veth1_vlan: entered promiscuous mode
[   95.407748][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.440728][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.547667][ T5866] veth0_vlan: entered promiscuous mode
[   95.562125][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.576840][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.592681][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.612669][ T5866] veth1_vlan: entered promiscuous mode
[   95.613289][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.644460][ T5874] veth0_macvtap: entered promiscuous mode
[   95.703982][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.721835][ T5874] veth1_macvtap: entered promiscuous mode
[   95.733672][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.795514][ T5874] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.853027][ T5874] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.878105][ T5866] veth0_macvtap: entered promiscuous mode
[   95.918401][ T5866] veth1_macvtap: entered promiscuous mode
[   95.972193][ T1087] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.982891][ T1087] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.033853][ T1087] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.050839][ T1087] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.063595][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.154186][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.278493][ T1118] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.302644][ T1118] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.351096][ T5872] Bluetooth: hci0: command tx timeout
[   96.393094][ T1118] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.431840][ T1118] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.464123][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.491821][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.510791][ T5872] Bluetooth: hci1: command tx timeout
[   96.593097][ T5872] Bluetooth: hci2: command tx timeout
[   96.598609][ T5872] Bluetooth: hci3: command tx timeout
[   96.649391][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.671146][ T5872] Bluetooth: hci4: command tx timeout
[   96.692294][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.903230][ T6006] netlink: 27 bytes leftover after parsing attributes in process `syz.0.17'.
[   96.926435][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.940080][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.088086][ T6011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18'.
[   97.246294][ T6011] team0: Port device team_slave_0 removed
[   97.354294][ T1118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.380677][ T1118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.518712][ T6017] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   98.133903][ T6004] loop3: detected capacity change from 0 to 32768
[   98.274311][ T6004] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   98.482271][ T6004] XFS (loop3): Ending clean mount
[   98.705116][ T6014] loop2: detected capacity change from 0 to 40427
[   98.769837][ T6014] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[   98.814226][ T6014] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   98.832821][ T6014] F2FS-fs (loop2): build fault injection rate: 17008
[   98.857145][ T6014] F2FS-fs (loop2): build fault injection type: 0x1f8
[   98.869471][ T5860] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   98.922381][ T6014] F2FS-fs (loop2): invalid crc value
[   99.404659][ T6014] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.476081][ T6014] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   99.530112][ T6014] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   99.641265][   T30] audit: type=1800 audit(1757402478.748:2): pid=6014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.20" name="file1" dev="loop2" ino=10 res=0 errno=0
[   99.788783][ T5874] syz-executor: attempt to access beyond end of device
[   99.788783][ T5874] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   99.834959][ T6021] loop4: detected capacity change from 0 to 32768
[   99.842495][ T5874] CPU: 1 UID: 0 PID: 5874 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   99.842525][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.842537][ T5874] Call Trace:
[   99.842545][ T5874]  <TASK>
[   99.842553][ T5874]  dump_stack_lvl+0x189/0x250
[   99.842588][ T5874]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.842611][ T5874]  ? __pfx_queue_work_on+0x10/0x10
[   99.842637][ T5874]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   99.842664][ T5874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.842714][ T5874]  f2fs_handle_critical_error+0x37c/0x540
[   99.842747][ T5874]  f2fs_write_end_io+0x886/0xb60
[   99.842796][ T5874]  __submit_merged_bio+0x27a/0x6a0
[   99.842828][ T5874]  __submit_merged_write_cond+0x255/0x530
[   99.842861][ T5874]  f2fs_write_data_pages+0x261d/0x3000
[   99.842927][ T5874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.843006][ T5874]  ? check_path+0x21/0x40
[   99.843021][ T5874]  ? check_noncircular+0xe0/0x160
[   99.843108][ T5874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.843135][ T5874]  do_writepages+0x32e/0x550
[   99.843173][ T5874]  ? do_raw_spin_unlock+0x122/0x240
[   99.843199][ T5874]  filemap_fdatawrite+0x199/0x240
[   99.843225][ T5874]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   99.843304][ T5874]  ? do_raw_spin_unlock+0x122/0x240
[   99.843330][ T5874]  f2fs_sync_dirty_inodes+0x31f/0x830
[   99.843377][ T5874]  f2fs_write_checkpoint+0x93e/0x2440
[   99.843404][ T5874]  ? __lock_acquire+0xab9/0xd20
[   99.843462][ T5874]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   99.843555][ T5874]  kill_f2fs_super+0x2cc/0x6d0
[   99.843590][ T5874]  ? __pfx_kill_f2fs_super+0x10/0x10
[   99.843639][ T5874]  ? shrinker_free+0x2ce/0x3e0
[   99.843661][ T5874]  deactivate_locked_super+0xbc/0x130
[   99.843685][ T5874]  cleanup_mnt+0x425/0x4c0
[   99.843712][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.843742][ T5874]  task_work_run+0x1d4/0x260
[   99.843767][ T5874]  ? __pfx_task_work_run+0x10/0x10
[   99.843786][ T5874]  ? __x64_sys_umount+0x122/0x160
[   99.843813][ T5874]  ? exit_to_user_mode_loop+0x40/0x130
[   99.843842][ T5874]  exit_to_user_mode_loop+0xec/0x130
[   99.843866][ T5874]  do_syscall_64+0x2bd/0xfa0
[   99.843881][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.843908][ T5874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.843926][ T5874]  ? clear_bhb_loop+0x60/0xb0
[   99.843949][ T5874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.843965][ T5874] RIP: 0033:0x7fa75cb8ff17
[   99.843983][ T5874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   99.843999][ T5874] RSP: 002b:00007ffe3537de18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   99.844021][ T5874] RAX: 0000000000000000 RBX: 00007fa75cc11c05 RCX: 00007fa75cb8ff17
[   99.844033][ T5874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3537ded0
[   99.844045][ T5874] RBP: 00007ffe3537ded0 R08: 0000000000000000 R09: 0000000000000000
[   99.844056][ T5874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3537ef60
[   99.844067][ T5874] R13: 00007fa75cc11c05 R14: 0000000000018542 R15: 00007ffe3537efa0
[   99.844103][ T5874]  </TASK>
[   99.844111][ T5874] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  100.226628][ T6021] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  100.259289][ T6038] loop0: detected capacity change from 0 to 32768
[  100.290499][ T6021] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  100.408669][ T6038] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  100.490585][ T6021] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  100.546097][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  100.585070][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  100.723062][ T6038] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  100.814620][ T6038] XFS (loop0): Starting recovery (logdev: internal)
[  100.913950][ T6038] XFS (loop0): Ending recovery (logdev: internal)
[  100.964480][ T6038] XFS (loop0): Quotacheck needed: Please wait.
[  101.079013][ T6038] XFS (loop0): Quotacheck: Done.
[  101.085673][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 500ms
[  101.116730][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  101.128360][ T6021] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  101.156145][ T6021] gfs2: fsid=syz:syz.0: can't create quotad thread: -4
[  101.195484][ T6052] loop1: detected capacity change from 0 to 32768
[  101.219464][ T6052] =======================================================
[  101.219464][ T6052] WARNING: The mand mount option has been deprecated and
[  101.219464][ T6052]          and is ignored by this kernel. Remove the mand
[  101.219464][ T6052]          option from the mount to silence this warning.
[  101.219464][ T6052] =======================================================
[  101.408424][ T5864] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  101.607736][ T6052] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  101.763589][ T6070] block device autoloading is deprecated and will be removed.
[  101.820567][ T6064] loop3: detected capacity change from 0 to 32768
[  101.872575][ T6064] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.32 (6064)
[  102.016763][ T5865] (syz-executor,5865,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  102.034401][ T6064] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  102.058409][ T6064] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  102.073735][ T5865] ocfs2: Unmounting device (7,1) on (node local)
[  102.152405][ T6075] netlink: 36 bytes leftover after parsing attributes in process `syz.4.34'.
[  102.278264][ T6074] loop2: detected capacity change from 0 to 4096
[  102.443432][ T6064] BTRFS info (device loop3): enabling ssd optimizations
[  102.493878][ T6064] BTRFS info (device loop3): enabling free space tree
[  102.553768][ T6101] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.632537][   T30] audit: type=1800 audit(1757402481.748:3): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.32" name="file1" dev="loop3" ino=260 res=0 errno=0
[  102.653124][    C1] vkms_vblank_simulate: vblank timer overrun
[  103.034925][ T5860] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  103.176435][ T6109] loop4: detected capacity change from 0 to 256
[  103.324230][ T6113] overlayfs: statfs failed on './file0'
[  103.333178][ T6109] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  103.378541][ T6117] Zero length message leads to an empty skb
[  103.393315][ T6109] exFAT-fs (loop4): failed to load alloc-bitmap
[  103.440032][ T6109] exFAT-fs (loop4): failed to recognize exfat type
[  103.856073][ T6123] loop6: detected capacity change from 0 to 524287999
[  103.927501][ T5863] Buffer I/O error on dev loop6, logical block 65535998, async page read
[  104.496276][ T6136] loop1: detected capacity change from 0 to 1024
[  104.517669][ T6136] EXT4-fs: Ignoring removed bh option
[  104.597848][ T6136] EXT4-fs (loop1): mounted filesystem 05000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.825409][ T6144] [U] 
[  104.828416][ T6144] [U] K{‘
[  104.873573][ T6144] [U] ÄT Ž1ÊÀŠªFÌÇÄFËŠÎ`GÊJǘÜGÖƯ¹¬¡—ÞÈOÕÑ/ÜMCÇ
[  104.889458][ T6144] [U] TžØ–/,�~ˆÄœ­‹JÕßÊ}8ÎÊÞ'O1�Ü"™7-΂JQœK—¤WºÏQÉ5C%"¬H12–¦Y“„‰ž€ÊXÍ`ˆ‚Íȼ`+³Û(·Â¿!(ÉÛÉZ'ÀTXLN»I®GÅJ– °ÜÝ­·PÅ~÷7Í!‘ÕÒ"بÎ¾ª(È5ˆOBܤ‡ÍƒJÖ
[  104.943256][ T6144] [U] ±K\&—}6£6œXÎHX�¥Ôµ„ÌÞ.`¸A“$Û40|϶¿�9°ØÞ¨„¯ÀÏU‚Ò4�ÔÄ®VBZÃÐ}ÌWÔM”TºŽÍQŸÝΦR’4”ß
[  104.953125][ T5865] EXT4-fs (loop1): unmounting filesystem 05000000-0000-0000-0000-000000000000.
[  104.996567][ T6144] [U] ".H6ØÞ"ÖKÇ[›‰¤ŒJÁ4ÇØI�N¨™[Z(•„C|TË]Z{�Â3ŸC=»¨XÎԞ˅Î4¿W‰)\T‘XJØ�SH{Q;̹¢…ÖTÔÇ+‹¦÷GÍÈß®D„.Ë‚³>Yž�÷ÉWUH„FN—Ž�ÇHL]SÔ2ŠÇÙ\G%ŠO¼&Z)µК'¨PUL‚_<Ã	¢Ø°‰Ò®ÔÅ`Ò±TÔÁÞœÐËÞ;_Ô"(‘U{7Jœ¿2X ‘/€'ÝÙCÑÌÕIº©ÀÏH¿C�Õ³žV¦=�‘AIÇ%W¼ESž RšŸJŠÎœƒÚ”GÂ÷RÁ¹Í¡HI
˜¢œAÏÌ6-ÚD�ÚV¨Á I"ØÅNƨ ÞÚASC~4Áª¹8CØ*­OO5/ßœJš~º§¡W—VK+¬®‰Œ3ÈÇY)Ž¹M°¸ÆV¶ÌYQƽ€DTR¯
OTPEM%F×ÊEJÍA5ÆÔT_-X~ ^AAÛ‚Ò˜½QÖÅ
[  105.078018][ T6144] [U] 	+�W‰G?]£Ó'A:	»Ú)Õ
ÏÓ™“' B>T¢ ¡F/™÷<'ÈUÓ'–¼H§IÉ.+]EŸ.½-É¿ß¿Ò%÷È>2`¶^Uß8F.Š6¤Å3ÓØ+ËA¾Â««„°G3ÓPÂÓ6:�^0À�TÉÈV÷'EÕT¼€ÛÂYC‰N¾ÞRÏ©ÞNÈPJ×;ÆZ†ÊÔÑÛ‘8!¯È\Ù…¸AØÊ–2Á£$е™Â­WI.ÍÇ#ŠÈ/BAI¼�Ä`ÐÁ4J’ÔDÎY@ÓZ„ÜGW÷5Ë¿Bĵٜ NÓY"VI2ÛÌ
[  105.135461][ T6150] loop3: detected capacity change from 0 to 64
[  105.150388][ T6144] [U] ÔT¦_K5¸T¬YJÐÞÎ9ÐÕCÊ$BRŸLÚNUL¶Ü9WÈÝÍ|žGÅ"ʃÆ%ÇÚ¶ÊCªØ�°¶ºQÎÙ
 ŸÇ3‹ÆQ¯ÔN^HP*½Ü$	µ.Î7YÓ±œ2³
[  105.181586][ T6144] [U] ½?�©ßHÜÄ*ÙÁ”Î3Í�7ÜÉ�¾^#Q�"0~‡‚Ð(ÉOÏXLŒB£,'VÎÓ=‹ÝËCÌS«…’G‚S¶Þ0•Ö‚‹Ù`˜›žÙ‡Ÿ†=1(÷ξ™÷P#Ò2DO*Ƀ
[  105.229041][ T6144] [U] ©S¹“Gžµ²¶“˜GUÐÔD-{¸™Â|&“�®ŸŸÑ�2µ›LÞC_©œ!`¨ÍOZÖ¥¢B¶³%>ÊRѶÖWχݎSSÂH"£YA4£O.šYÙÛÄ�„RTÔ¶ŒBÚ[+/<<R�B�ÊÄÕ|ФEŽžÑÛ –V96#ÛÚÑͤʦJºUº%
S851ƒ�ÞÒ©S�P±¨\£ƒ?Qª|L�´QXµ0ÂKÔ1ORÉ´2¡½|ÖÜDÖFÌ¿»Ù�ÚË2Þ”–¨×0ÌÅH•}C[/¤»“ŸPX^¼ÈO
[  105.337683][ T6144] [U] ÖØ›·Ü—(JÅЛ•§MÛÜXZ˜;œ½±ÓßØ�_¹»µÔ*3÷3…¿5¸\ƒXM³ÚU�‰AK!AQ`¿Ë;FЕ�I+ÖÐVUHÅÐÂMÑJ³´Æ·ÙÛZÄCØÃZ‹¼Â)_ÇŸ¡	Ô‘¡&ßÖ¡ßÁAÇXTOÈÝÊ_½ Ú¼¦:¨Â×%À²PÒ×ÈCÖ²‚YÖ+_ÞÜ›ÝÛ}UÏM˜ƒÆ«CÅ!KJÒ7пG¯Ë=BÈ
[  105.376302][ T6156] loop4: detected capacity change from 0 to 64
[  105.443233][ T6144] [U] Ù½¥Fœ%ŽXAÙÂLŸ2R*GŒÒVW¬Ñ$ƒÜJ	ÃA˜›F¶¿�·+ؾ9Í„VIºÖ—¼KÙ¾Å1}_©Â
Á¥%ÃR6„•(]“¦/Ÿ¶Ø�Å™YܺÇÞHä¾ÜÑR GªÄRN/Ü«Î#!ÊDÙÛÚ«%ÞÛËDªÏ-{Ð$ÞVU‘ÝT²¼ª$:MTRÔEŽC1V‰D~ÎÈ];[˜ËÚÐ÷SQ¾¯œÙ(ÌËE,X¦8Â"Ù
ÆÐG¥DŸÚµ2@T8ž¾´ÒƒÀÐßÀT8.RC+Ä@Ëʦ‡P‡UÁ
P”‰¼¶C±‡Ë'Å„YLÓ-SS1E?Å7ÓO‡§Ì^]¦†ÂÓC”½H]§JKR]RKQ܆�ØÝ£Þ´OTCÔÆX¶¨¾4™NË	³Ï&�Á­ÐÚ‹ŠÓ@¶:M7¿~�+”W*ÛÁ–XMÜÓ>>—¡{Q¢Ú×
_²Õ�LX8ÊU„ÇØÎ{ÐZ³ÍØ�)ßÒ7?ËRR;ßC¿R HײڣÁ»¨È1Å>)©Mă‰ÏT§²Ú(ÌÇAÏ�„}9·Ú¥ÃJ*MÑœ¥Ä¡«'L¹£Q	ÌDWŸÒظ=ؽ|Q¬	ÏÆ™W;5ÆÙŽª!ÑDB¸X`ɧÖ/÷ÂE�`ƦM¢XÎÂ"Ä\
[  105.602133][ T6144] [U] {;ŽÕ¥ÂÙ˜_ˆO2«Ñ)ÎO®›.2ÐW2ʲ¨ÐYÙÃÃX_  HPϱœSªD­�¦Ø:]‚{Ë©ÔÝÆȽ
[  105.652480][ T6144] [U] I,Ç>ÇÓ¤	ÎÙ5�1Ñ÷^1ÒN4¯OǶÞ'0Ý?Ö’IÙ9W.Ï_.¶WŠA¼Š�Vˆ±`)ÑZ¬ÏÆC6GIÓ¹²A»¬XL[¢›½¡FÜ*ÀÑO‰W)+‡Ç'\NÆ
[K@ÑËÄÜ2ÇǬ–®¡P"^`Á‰Í	Ø¿
[  105.670095][ T6144] [U] 22½“Æ©ÐÛ©X?0;3U±
[  105.679542][ T6144] [U] ÞœÕ
Æ�ÓSOBX 8”Wˆ4Á‘(Ð~/§¿ÍKÇUžÃÔ–OQËE+·G®-YµGY_
•>V¢ÜÈË—3.HÁÓ™]Í„²2‘”)™DË,	‘Ä	ÞD~×D©£¡+ÃW;A\˜F
PÉÞȘ|$ºØ)�
KØ�I³ÉÐÉ¿KÑYT^RÍÜÙÇ™µ“ËA=±#–Üœ	ÝÍ¿ËAE©�TÅ1·Îݯ4K¯.E"RÚS|ПÀSÖ’Á:•Ù>P™…RÐ"Z‰Ú­ÛÚÉ#P!˜KY"›}ÃÆF¿N84ܳƒÅHÞ±£O•ÈS¿™Ì«%DLWÙMƲÇ
[  105.711203][ T6144] [U] [ª['XN€'²÷Á¿Ü,MR¦«/žšœÂ1D=!DŽX91BÙ
WÇ»R—LF…ƒÆK̤ZÕÊ# `Ì‘LØ›§Ëœ»×B~ÅMÒÔÖ
[  105.728793][ T6144] [U] ™LÖ>�Ñ�D+ˆD¯§—®Ì"5ŽÊ��H3<ª¨ÅIR=F^”F�NÕÓÜÀ‰¿Û­VÛ÷œDÁOIOÚ:UÖ>ÖYÂ
[  105.738074][ T6144] [U] 'B—6VÝ20³Ä·Çž¥·×ŒÏ"T8Ñ{9ÆFW��]ÔÊÄÌ©�
[  105.745308][ T6144] [U] Ù72Þ‰ÏÂÃUÞC6™ÎÜÔÏ„I]8Cª£TÛ¨QSK�YÞÎIÒÀ¹ ¿|V'ÛTV/ÙÅG•$[ 9KH`Ú"Ü‘ÚÕ}€Ñ[^=ˆÚ0Á]½Ã%ÆÌ‚T“Šž¹ØFÌ_VÖ4C¸ÒÅ
[  105.804386][ T6144] [U] ¹EC�
[  105.808009][ T6144] [U] �—”|‚ÊÌ<ÄÎ:^Ü3$7NK~Ø-™@÷¦?Ÿ–/MTL·�Û¾©IˆWȬ@G~TØ{ÊÜP¿+Æ$ªJP|µŽÇIÛRIÓ�PMÐ Õ·YÓ Ú”8ÌTÉÐÞVžÙßÆË,ÎLÂ,Õ
[  105.852644][   T43] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  105.999139][ T6143] [U] ˆKÌÚÛÕ‰)0ÄÄÝ~ܳʪÁIP'ÍFÓÒœZÚÞR¬™ß@BÓ]Â5ÝÊ{­©Ê¼Ô'À8ÅÆ¥F‡¹UTQUD
Ç©¤K;7ͪ0C[„ÃY–¼ÈYC¦¶»Ø°Mª™LÒ8’T…ÍšÎ5³ÝÝRX�™¶ÐWÍ X¤²ÓOQHVI'8œ¥Î…Lµ
[  106.040153][   T43] usb 4-1: Using ep0 maxpacket: 8
[  106.057253][   T43] usb 4-1: unable to get BOS descriptor or descriptor too short
[  106.077949][   T43] usb 4-1: config 4 interface 0 has no altsetting 0
[  106.105107][   T43] usb 4-1: string descriptor 0 read error: -22
[  106.120039][   T43] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  106.140258][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.167921][   T43] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  106.213483][   T43] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  106.215147][ T6152] loop1: detected capacity change from 0 to 32768
[  106.240042][   T24] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  106.249367][   T43] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  106.259037][ T6152] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.54 (6152)
[  106.260396][   T43] usb 4-1: media controller created
[  106.317561][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  106.321914][ T6152] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  106.367870][ T6152] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  106.415907][   T24] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  106.435706][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.446363][ T6158] usb 4-1: dvb_usb_au6610: wlen=0, aborting
[  106.455050][   T24] usb 5-1: Product: syz
[  106.459373][   T24] usb 5-1: Manufacturer: syz
[  106.464865][   T24] usb 5-1: SerialNumber: syz
[  106.490289][   T24] usb 5-1: config 0 descriptor??
[  106.513263][   T24] gspca_main: sq930x-2.14.0 probing 2770:930c
[  106.529343][ T6152] BTRFS info (device loop1): enabling ssd optimizations
[  106.584893][ T6152] BTRFS info (device loop1): enabling free space tree
[  106.622636][ T6152] BTRFS info (device loop1): use lzo compression, level 1
[  106.655832][   T43] zl10353_read_register: readreg error (reg=127, ret==0)
[  106.777727][ T6189] loop2: detected capacity change from 0 to 1024
[  106.897656][ T6189] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.930113][ T6189] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.939188][   T43] usb 4-1: USB disconnect, device number 2
[  107.033974][ T5865] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.140787][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.195287][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  107.376732][   T24] gspca_sq930x: ucbus_write failed -71
[  107.381484][    T9] usb 1-1: Using ep0 maxpacket: 16
[  107.416171][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.447758][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.489550][ T6198] warning: `syz.3.68' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  107.489913][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  107.539980][    T9] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  107.549111][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.610312][    T9] usb 1-1: config 0 descriptor??
[  107.612081][   T24] gspca_sq930x: Sensor ov9630 not yet treated
[  107.630340][   T24] sq930x 5-1:0.0: probe with driver sq930x failed with error -22
[  107.680986][   T24] usb 5-1: USB disconnect, device number 2
[  107.726301][ T6202] loop3: detected capacity change from 0 to 256
[  107.749136][ T6202] exfat: Deprecated parameter 'utf8'
[  107.891792][   T30] audit: type=1800 audit(1757402487.008:4): pid=6202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.69" name="file2" dev="loop3" ino=1048605 res=0 errno=0
[  108.064824][    T9] shield 0003:0955:7214.0001: unknown main item tag 0x0
[  108.119871][    T9] shield 0003:0955:7214.0001: unknown main item tag 0x0
[  108.127824][    T9] shield 0003:0955:7214.0001: item fetching failed at offset 3/5
[  108.181211][    T9] shield 0003:0955:7214.0001: Parse failed
[  108.187372][    T9] shield 0003:0955:7214.0001: probe with driver shield failed with error -22
[  108.354251][    T9] usb 1-1: USB disconnect, device number 2
[  108.459623][ T6196] loop2: detected capacity change from 0 to 32768
[  108.507550][ T6200] loop1: detected capacity change from 0 to 32768
[  108.532892][ T6196] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  108.575193][ T6200] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  108.610035][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  108.625679][ T6226] loop3: detected capacity change from 0 to 8
[  108.740027][ T6196] XFS (loop2): Ending clean mount
[  108.773127][ T6196] XFS (loop2): Quotacheck needed: Please wait.
[  108.792545][   T24] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  108.810252][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.815403][ T6200] XFS (loop1): Ending clean mount
[  108.833754][   T24] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  108.842979][   T24] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  108.856687][   T24] usb 5-1: Manufacturer: syz
[  108.872716][ T6196] XFS (loop2): Quotacheck: Done.
[  108.891377][   T24] usb 5-1: config 0 descriptor??
[  109.020466][   T24] rc_core: IR keymap rc-hauppauge not found
[  109.026438][   T24] Registered IR keymap rc-empty
[  109.031431][   T30] audit: type=1804 audit(1757402488.128:5): pid=6196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.67" name="/newroot/7/file0/file1" dev="loop2" ino=9286 res=1 errno=0
[  109.069629][ T5865] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.093992][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  109.127650][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input5
[  109.208125][ T5874] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.371359][ T6234] loop0: detected capacity change from 0 to 4096
[  109.441712][ T6234] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  109.472953][    C1] igorplugusb 5-1:0.0: receive overflow, at least 1 lost
[  109.509927][ T6236] rc rc0: two consecutive events of type space
[  109.650284][ T6234] ntfs3(loop0): ino=1a, mi_enum_attr
[  109.660409][ T6234] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  109.700205][   T24] usb 5-1: USB disconnect, device number 3
[  109.788463][ T6234] ntfs3(loop0): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  110.357284][ T6253] loop4: detected capacity change from 0 to 8
[  110.883268][ T5866] SQUASHFS error: Unknown inode type 0 in squashfs_iget!
[  110.921228][ T5866] SQUASHFS error: Unknown inode type 0 in squashfs_iget!
[  111.026811][ T6245] loop3: detected capacity change from 0 to 32768
[  111.033542][ T6250] loop0: detected capacity change from 0 to 32768
[  111.068780][ T6245] (syz.3.79,6245,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  111.070805][ T6250] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.80 (6250)
[  111.123894][ T6245] (syz.3.79,6245,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  111.178261][ T6250] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  111.206415][ T6250] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  111.217682][ T6251] loop1: detected capacity change from 0 to 32768
[  111.309133][ T6245] JBD2: Ignoring recovery information on journal
[  111.343209][ T6251] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  111.473147][ T6251] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  111.485665][ T6250] BTRFS info (device loop0): rebuilding free space tree
[  111.496954][ T6245] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  111.565679][ T6250] BTRFS info (device loop0): setting nodatasum
[  111.579467][ T6250] BTRFS info (device loop0): setting nodatacow
[  111.599995][ T6250] BTRFS info (device loop0): enabling ssd optimizations
[  111.606997][ T6250] BTRFS info (device loop0): enabling free space tree
[  111.666337][ T6250] BTRFS info (device loop0): force clearing of disk cache
[  111.692292][ T6250] BTRFS info (device loop0): enabling auto defrag
[  111.692512][ T6251] syz.1.82 (6251) used greatest stack depth: 18472 bytes left
[  111.706725][ T6250] BTRFS info (device loop0): max_inline set to 0
[  111.823139][ T1087] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.912544][ T5865] ocfs2: Unmounting device (7,1) on (node local)
[  112.175969][ T1087] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.197568][ T5860] ocfs2: Unmounting device (7,3) on (node local)
[  112.206475][ T5864] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  112.504900][ T6282] loop1: detected capacity change from 0 to 256
[  112.530947][ T1087] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.890498][ T1087] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.935679][ T6286] loop2: detected capacity change from 0 to 16
[  112.990621][ T6286] erofs (device loop2): mounted with root inode @ nid 36.
[  113.015151][ T6288] netlink: 8 bytes leftover after parsing attributes in process `syz.0.87'.
[  113.041818][ T6286] erofs (device loop2): readahead error at folio 26 @ nid 36
[  113.049425][ T6286] erofs (device loop2): readahead error at folio 25 @ nid 36
[  113.066835][ T6288] netlink: 12 bytes leftover after parsing attributes in process `syz.0.87'.
[  113.115533][ T6286] erofs (device loop2): readahead error at folio 24 @ nid 36
[  113.146507][ T6286] erofs (device loop2): readahead error at folio 23 @ nid 36
[  113.167014][ T6286] erofs (device loop2): readahead error at folio 22 @ nid 36
[  113.181858][ T6286] erofs (device loop2): readahead error at folio 21 @ nid 36
[  113.197005][   T50] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  113.213597][ T6286] erofs (device loop2): readahead error at folio 20 @ nid 36
[  113.226393][   T50] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  113.239651][ T6286] erofs (device loop2): readahead error at folio 18 @ nid 36
[  113.278359][ T6286] erofs (device loop2): readahead error at folio 16 @ nid 36
[  113.310015][   T50] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  113.344296][ T6286] erofs (device loop2): readahead error at folio 12 @ nid 36
[  113.363774][ T6286] syz.2.91: attempt to access beyond end of device
[  113.363774][ T6286] loop2: rw=524288, sector=720, nr_sectors = 16 limit=16
[  113.368331][   T50] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  113.470418][ T6286] syz.2.91: attempt to access beyond end of device
[  113.470418][ T6286] loop2: rw=524288, sector=525144, nr_sectors = 16 limit=16
[  113.591259][ T1087] bridge_slave_1: left allmulticast mode
[  113.598143][ T6286] syz.2.91: attempt to access beyond end of device
[  113.598143][ T6286] loop2: rw=524288, sector=8, nr_sectors = 16 limit=16
[  113.619897][ T1087] bridge_slave_1: left promiscuous mode
[  113.631935][ T5869] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  113.646641][ T5869] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  113.656366][ T5869] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  113.665926][ T5869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  113.670068][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.673820][ T5869] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  113.688327][ T6286] syz.2.91: attempt to access beyond end of device
[  113.688327][ T6286] loop2: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  113.779394][ T1087] bridge_slave_0: left allmulticast mode
[  113.793183][ T1087] bridge_slave_0: left promiscuous mode
[  113.808793][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.738071][ T6293] loop0: detected capacity change from 0 to 32768
[  115.058521][ T6305] loop2: detected capacity change from 0 to 32768
[  115.117039][ T6305] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  115.138642][ T6305] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  115.172965][ T6293] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  115.172994][ T6293]   allowing incompatible features above 0.0: (unknown version)
[  115.173006][ T6293]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  115.264892][ T6293] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  115.270989][ T6305] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  115.286804][ T6293] bcachefs (loop0): initializing new filesystem
[  115.317199][ T6293] bcachefs (loop0): going read-write
[  115.335007][ T5873] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  115.359121][ T6293] bcachefs (loop0): marking superblocks
[  115.390684][ T5873] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  115.419563][ T6293] bcachefs (loop0): initializing freespace
[  115.491518][ T6293] bcachefs (loop0): done initializing freespace
[  115.521919][ T6293] bcachefs (loop0): reading snapshots table
[  115.536511][ T6293] bcachefs (loop0): reading snapshots done
[  115.558332][ T5873] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 167ms
[  115.572994][ T5873] gfs2: fsid=syz:syz.0: jid=0: Done
[  115.578739][ T6305] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  115.602339][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.605369][ T6293] bcachefs (loop0): done starting filesystem
[  115.637772][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.663980][ T1087] bond0 (unregistering): Released all slaves
[  115.766148][ T6293] syz.0.93 (6293) used greatest stack depth: 16360 bytes left
[  115.788361][ T6327] netlink: 16 bytes leftover after parsing attributes in process `syz.1.98'.
[  115.792398][ T5872] Bluetooth: hci3: command tx timeout
[  115.867443][ T5864] bcachefs (loop0): shutting down
[  115.885305][ T6305] gfs2: fsid=syz:syz.0: found 1 quota changes
[  115.906166][ T5864] bcachefs (loop0): going read-only
[  115.940158][ T5864] bcachefs (loop0): finished waiting for writes to stop
[  115.982183][ T5864] bcachefs (loop0): flushing journal and stopping allocators, journal seq 9
[  116.116415][ T5864] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12
[  116.125939][ T5874] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  116.139370][ T5864] bcachefs (loop0): clean shutdown complete, journal seq 13
[  116.142753][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  116.142778][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.142788][ T5874] Call Trace:
[  116.142796][ T5874]  <TASK>
[  116.142803][ T5874]  dump_stack_lvl+0x189/0x250
[  116.142833][ T5874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.142861][ T5874]  ? __pfx__printk+0x10/0x10
[  116.142889][ T5874]  ? do_raw_spin_unlock+0x122/0x240
[  116.142914][ T5874]  gfs2_assert_warn_i+0x194/0x2c0
[  116.142942][ T5874]  gfs2_qd_dispose+0x4aa/0x5b0
[  116.142966][ T5874]  gfs2_quota_cleanup+0x42b/0x6f0
[  116.142986][ T5874]  ? __pfx_gfs2_quota_cleanup+0x10/0x10
[  116.143004][ T5874]  ? __pfx___might_resched+0x10/0x10
[  116.143027][ T5874]  ? __pfx_gfs2_log_flush+0x10/0x10
[  116.143049][ T5874]  ? gfs2_quota_sync+0x443/0x460
[  116.143077][ T5874]  gfs2_make_fs_ro+0x27a/0x300
[  116.143102][ T5874]  ? __pfx_gfs2_make_fs_ro+0x10/0x10
[  116.143123][ T5874]  ? do_raw_spin_lock+0x121/0x290
[  116.143152][ T5874]  ? do_raw_spin_unlock+0x122/0x240
[  116.143175][ T5874]  gfs2_put_super+0x224/0x950
[  116.143205][ T5874]  ? __pfx_gfs2_put_super+0x10/0x10
[  116.143227][ T5874]  generic_shutdown_super+0x132/0x2c0
[  116.143250][ T5874]  kill_block_super+0x44/0x90
[  116.143271][ T5874]  deactivate_locked_super+0xbc/0x130
[  116.143292][ T5874]  cleanup_mnt+0x425/0x4c0
[  116.143308][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.143337][ T5874]  task_work_run+0x1d4/0x260
[  116.143360][ T5874]  ? __pfx_task_work_run+0x10/0x10
[  116.143378][ T5874]  ? __x64_sys_umount+0x122/0x160
[  116.143401][ T5874]  ? exit_to_user_mode_loop+0x40/0x130
[  116.143426][ T5874]  exit_to_user_mode_loop+0xec/0x130
[  116.143448][ T5874]  do_syscall_64+0x2bd/0xfa0
[  116.143462][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.143485][ T5874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.143501][ T5874]  ? clear_bhb_loop+0x60/0xb0
[  116.143522][ T5874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.143537][ T5874] RIP: 0033:0x7fa75cb8ff17
[  116.143554][ T5874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  116.143567][ T5874] RSP: 002b:00007ffe3537de18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  116.143585][ T5874] RAX: 0000000000000000 RBX: 00007fa75cc11c05 RCX: 00007fa75cb8ff17
[  116.143597][ T5874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3537ded0
[  116.143607][ T5874] RBP: 00007ffe3537ded0 R08: 0000000000000000 R09: 0000000000000000
[  116.143617][ T5874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3537ef60
[  116.143627][ T5874] R13: 00007fa75cc11c05 R14: 000000000001c517 R15: 00007ffe3537efa0
[  116.143658][ T5874]  </TASK>
[  116.423044][ T5864] bcachefs (loop0): marking filesystem clean
[  116.509141][ T5864] bcachefs (loop0): shutdown complete
[  117.365264][   T30] audit: type=1326 audit(1757402496.468:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  117.387565][    C1] vkms_vblank_simulate: vblank timer overrun
[  117.470157][ T1087] hsr_slave_0: left promiscuous mode
[  117.515662][   T30] audit: type=1326 audit(1757402496.468:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  117.552908][ T1087] hsr_slave_1: left promiscuous mode
[  117.588383][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.600170][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.621218][   T30] audit: type=1326 audit(1757402496.478:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa75cb8d550 code=0x7ffc0000
[  117.652394][ T6359] loop3: detected capacity change from 0 to 8192
[  117.679862][   T30] audit: type=1326 audit(1757402496.478:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa75cb8d550 code=0x7ffc0000
[  117.701893][    C1] vkms_vblank_simulate: vblank timer overrun
[  117.712787][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.739997][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1
[  117.756446][ T6359] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  117.783423][   T30] audit: type=1326 audit(1757402496.478:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  117.822414][ T1087] veth1_macvtap: left promiscuous mode
[  117.841969][ T1087] veth0_macvtap: left promiscuous mode
[  117.847756][ T1087] veth1_vlan: left promiscuous mode
[  117.879505][ T5872] Bluetooth: hci3: command tx timeout
[  117.900278][ T1087] veth0_vlan: left promiscuous mode
[  117.949858][   T30] audit: type=1326 audit(1757402496.478:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  117.982665][ T6345] loop1: detected capacity change from 0 to 32768
[  118.046726][   T30] audit: type=1326 audit(1757402496.478:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  118.068859][    C1] vkms_vblank_simulate: vblank timer overrun
[  118.152450][   T30] audit: type=1326 audit(1757402496.478:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  118.289147][   T30] audit: type=1326 audit(1757402496.478:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  118.415261][   T30] audit: type=1326 audit(1757402496.478:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.2.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa75cb8ebe9 code=0x7ffc0000
[  118.437472][    C1] vkms_vblank_simulate: vblank timer overrun
[  119.279670][ T6385] loop1: detected capacity change from 0 to 1024
[  119.537103][ T6378] loop2: detected capacity change from 0 to 32768
[  119.582586][   T50] hfsplus: b-tree write err: -5, ino 4
[  119.630068][ T6378] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.113 (6378)
[  119.717158][ T6378] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.745624][ T6378] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  119.826327][ T6381] loop3: detected capacity change from 0 to 40427
[  119.951544][ T5872] Bluetooth: hci3: command tx timeout
[  119.978593][ T6381] F2FS-fs (loop3): invalid crc value
[  120.065889][ T6378] BTRFS info (device loop2): rebuilding free space tree
[  120.125962][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  120.224241][ T6378] BTRFS info (device loop2): disabling free space tree
[  120.251797][ T6378] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  120.293889][ T6378] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  120.311525][    T9] usb 1-1: Using ep0 maxpacket: 16
[  120.330414][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  120.351553][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  120.393149][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  120.410346][ T6378] BTRFS info (device loop2): enabling ssd optimizations
[  120.414107][ T6381] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  120.429002][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.449303][ T6378] BTRFS info (device loop2): force clearing of disk cache
[  120.459416][    T9] usb 1-1: Product: syz
[  120.469560][    T9] usb 1-1: Manufacturer: syz
[  120.484496][ T6378] BTRFS info (device loop2): enabling auto defrag
[  120.489837][ T6381] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  120.491296][    T9] usb 1-1: SerialNumber: syz
[  120.519887][ T6378] BTRFS info (device loop2): max_inline set to 4096
[  120.520597][ T1087] team0 (unregistering): Port device team_slave_1 removed
[  120.664072][ T6381] syz.3.114: attempt to access beyond end of device
[  120.664072][ T6381] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  120.795299][ T5860] syz-executor: attempt to access beyond end of device
[  120.795299][ T5860] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  120.821425][ T1087] team0 (unregistering): Port device team_slave_0 removed
[  120.860129][ T5860] CPU: 0 UID: 0 PID: 5860 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  120.860163][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  120.860173][ T5860] Call Trace:
[  120.860181][ T5860]  <TASK>
[  120.860189][ T5860]  dump_stack_lvl+0x189/0x250
[  120.860221][ T5860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.860242][ T5860]  ? __pfx_queue_work_on+0x10/0x10
[  120.860265][ T5860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  120.860289][ T5860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  120.860327][ T5860]  f2fs_handle_critical_error+0x37c/0x540
[  120.860358][ T5860]  f2fs_write_end_io+0x886/0xb60
[  120.860404][ T5860]  __submit_merged_bio+0x27a/0x6a0
[  120.860435][ T5860]  __submit_merged_write_cond+0x255/0x530
[  120.860481][ T5860]  f2fs_write_data_pages+0x261d/0x3000
[  120.860545][ T5860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.860620][ T5860]  ? __mod_zone_page_state+0xd7/0x140
[  120.860655][ T5860]  ? folios_put_refs+0x58b/0x670
[  120.860689][ T5860]  ? __lock_acquire+0xab9/0xd20
[  120.860721][ T5860]  ? do_raw_spin_lock+0x121/0x290
[  120.860753][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  120.860772][ T5860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.860798][ T5860]  do_writepages+0x32e/0x550
[  120.860833][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  120.860857][ T5860]  filemap_fdatawrite+0x199/0x240
[  120.860880][ T5860]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  120.860959][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  120.860983][ T5860]  f2fs_sync_dirty_inodes+0x31f/0x830
[  120.861027][ T5860]  f2fs_write_checkpoint+0x93e/0x2440
[  120.861051][ T5860]  ? __lock_acquire+0xab9/0xd20
[  120.861107][ T5860]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  120.861195][ T5860]  kill_f2fs_super+0x2cc/0x6d0
[  120.861228][ T5860]  ? __pfx_kill_f2fs_super+0x10/0x10
[  120.861271][ T5860]  ? shrinker_free+0x2ce/0x3e0
[  120.861294][ T5860]  deactivate_locked_super+0xbc/0x130
[  120.861316][ T5860]  cleanup_mnt+0x425/0x4c0
[  120.861334][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.861364][ T5860]  task_work_run+0x1d4/0x260
[  120.861389][ T5860]  ? __pfx_task_work_run+0x10/0x10
[  120.861407][ T5860]  ? __x64_sys_umount+0x122/0x160
[  120.861431][ T5860]  ? exit_to_user_mode_loop+0x40/0x130
[  120.861456][ T5860]  exit_to_user_mode_loop+0xec/0x130
[  120.861490][ T5860]  do_syscall_64+0x2bd/0xfa0
[  120.861505][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.861530][ T5860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.861547][ T5860]  ? clear_bhb_loop+0x60/0xb0
[  120.861570][ T5860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.861588][ T5860] RIP: 0033:0x7f629e98ff17
[  120.861605][ T5860] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  120.861619][ T5860] RSP: 002b:00007ffc3461dd18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  120.861638][ T5860] RAX: 0000000000000000 RBX: 00007f629ea11c05 RCX: 00007f629e98ff17
[  120.861649][ T5860] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3461ddd0
[  120.861658][ T5860] RBP: 00007ffc3461ddd0 R08: 0000000000000000 R09: 0000000000000000
[  120.861668][ T5860] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc3461ee60
[  120.861680][ T5860] R13: 00007f629ea11c05 R14: 000000000001d73b R15: 00007ffc3461eea0
[  120.861714][ T5860]  </TASK>
[  120.863136][ T5860] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  120.917946][ T5874] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.969551][    T9] usb 1-1: 0:2 : does not exist
[  121.033021][ T6387] loop1: detected capacity change from 0 to 32768
[  121.315874][ T6387] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.421338][    T9] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  121.666624][    T9] usb 1-1: USB disconnect, device number 3
[  121.675435][ T6387] XFS (loop1): Ending clean mount
[  121.707889][ T6387] XFS (loop1): Quotacheck needed: Please wait.
[  121.813115][ T6387] XFS (loop1): Quotacheck: Done.
[  121.836207][ T6065] udevd[6065]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  121.865155][ T6387] XFS (loop1): User initiated shutdown received.
[  121.882707][ T6387] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  121.912110][ T6387] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  122.030068][ T5872] Bluetooth: hci3: command tx timeout
[  122.117207][ T5865] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.157420][ T6427] loop3: detected capacity change from 0 to 16
[  122.241704][ T6427] erofs (device loop3): mounted with root inode @ nid 36.
[  122.347166][ T6427] erofs (device loop3): readahead error at folio 20 @ nid 36
[  122.369323][ T6431] netlink: 12 bytes leftover after parsing attributes in process `syz.0.123'.
[  122.384041][ T6427] erofs (device loop3): readahead error at folio 18 @ nid 36
[  122.422979][ T6431] netlink: 12 bytes leftover after parsing attributes in process `syz.0.123'.
[  122.434846][ T6427] syz.3.120: attempt to access beyond end of device
[  122.434846][ T6427] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16
[  122.490065][ T6427] erofs (device loop3): invalid de[0].nameoff 0 @ nid 36
[  122.804227][ T6436] loop0: detected capacity change from 0 to 4096
[  122.878627][ T6436] ntfs3(loop0): ino=b, Correct links count -> 1.
[  122.889230][ T6436] ntfs3(loop0): ino=18, mi_enum_attr
[  122.898578][ T6436] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  122.944390][ T6439] program syz.3.126 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.534074][ T6296] chnl_net:caif_netlink_parms(): no params data found
[  123.658919][ T6465] loop3: detected capacity change from 0 to 512
[  123.703282][ T6465] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  123.762137][ T6465] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  123.860914][ T6465] EXT4-fs (loop3): 1 truncate cleaned up
[  123.908581][ T6465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.990320][ T6465] fscrypt (loop3, inode 18): Mutually exclusive encryption flags (0x0f)
[  124.188611][ T6296] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.204643][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.222819][ T6296] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.247747][ T6296] bridge_slave_0: entered allmulticast mode
[  124.283295][ T6296] bridge_slave_0: entered promiscuous mode
[  124.311492][ T6296] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.334369][ T6296] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.370033][ T6296] bridge_slave_1: entered allmulticast mode
[  124.389928][ T6296] bridge_slave_1: entered promiscuous mode
[  124.559677][ T6491] loop1: detected capacity change from 0 to 2048
[  124.622720][ T6491] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  124.703761][ T6496] loop0: detected capacity change from 0 to 256
[  124.754507][ T6498] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  124.767209][ T6496] exfat: Unknown parameter 'ÿÿÿ0xffffffffffffffff0x0000000000000000'
[  124.817735][ T6296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.888314][ T6296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.968939][ T6500] loop2: detected capacity change from 0 to 2048
[  125.060622][ T6500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.444939][ T6296] team0: Port device team_slave_0 added
[  125.621198][ T6296] team0: Port device team_slave_1 added
[  125.933844][ T6517] loop2: detected capacity change from 0 to 2048
[  125.990066][ T6517] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  126.005366][ T6517] UDF-fs: Scanning with blocksize 512 failed
[  126.054475][ T6517] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  126.138597][ T6296] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.157702][   T30] audit: type=1800 audit(1757402505.268:16): pid=6517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.146" name="file2" dev="loop2" ino=819 res=0 errno=0
[  126.183579][ T6296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.312498][ T6296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.381077][ T6296] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.388080][ T6296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.458115][ T6296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.746011][ T6296] hsr_slave_0: entered promiscuous mode
[  126.781081][ T6296] hsr_slave_1: entered promiscuous mode
[  126.787565][ T6296] debugfs: 'hsr0' already exists in 'hsr'
[  126.794593][ T6534] capability: warning: `syz.2.151' uses deprecated v2 capabilities in a way that may be insecure
[  126.823966][ T6296] Cannot create hsr debugfs directory
[  126.964637][ T6538] loop1: detected capacity change from 0 to 512
[  127.052132][ T6538] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  127.069621][ T6538] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  127.099237][ T6538] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  127.184370][ T6538] System zones: 0-2, 18-18, 34-35
[  127.264585][ T6538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  127.407798][ T6538] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  127.498441][ T6538] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  127.541030][ T6538] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  127.653237][   T30] audit: type=1800 audit(1757402506.758:17): pid=6538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.152" name="file2" dev="loop1" ino=16 res=0 errno=0
[  127.684954][ T6538] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.152: bg 0: block 353: padding at end of block bitmap is not set
[  127.887212][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.905091][ T6296] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  127.951429][ T6296] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  128.039699][ T6296] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  128.104258][ T6296] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  128.601224][ T6296] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.668234][ T6296] 8021q: adding VLAN 0 to HW filter on device team0
[  128.715559][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.722812][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.865693][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.872938][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.204457][ T6558] loop3: detected capacity change from 0 to 40427
[  129.253140][ T6558] F2FS-fs (loop3): invalid crc value
[  129.466798][ T6599] loop1: detected capacity change from 0 to 1024
[  129.574123][ T6599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.639032][ T6558] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  129.670254][ T6558] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  129.802502][ T6599] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  129.823011][ T6296] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.844138][ T6599] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.166: missing EA_INODE flag
[  129.866556][   T30] audit: type=1800 audit(1757402508.978:18): pid=6558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.155" name="file1" dev="loop3" ino=10 res=0 errno=0
[  129.914838][ T6558] syz.3.155: attempt to access beyond end of device
[  129.914838][ T6558] loop3: rw=34817, sector=53248, nr_sectors = 8 limit=40427
[  129.943669][ T6599] EXT4-fs (loop1): Remounting filesystem read-only
[  129.961763][ T6599] EXT4-fs warning (device loop1): ext4_xattr_inode_dec_ref_all:1221: inode #18: comm syz.1.166: ea_inode dec ref err=-30
[  129.999981][ T6599] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -30)
[  130.088391][ T5860] syz-executor: attempt to access beyond end of device
[  130.088391][ T5860] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  130.129126][ T6583] loop2: detected capacity change from 0 to 32768
[  130.139197][ T6613] loop0: detected capacity change from 0 to 128
[  130.155411][ T5860] CPU: 0 UID: 0 PID: 5860 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  130.155438][ T5860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.155449][ T5860] Call Trace:
[  130.155457][ T5860]  <TASK>
[  130.155465][ T5860]  dump_stack_lvl+0x189/0x250
[  130.155497][ T5860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.155520][ T5860]  ? __pfx_queue_work_on+0x10/0x10
[  130.155546][ T5860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  130.155573][ T5860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  130.155615][ T5860]  f2fs_handle_critical_error+0x37c/0x540
[  130.155657][ T5860]  f2fs_write_end_io+0x886/0xb60
[  130.155706][ T5860]  __submit_merged_bio+0x27a/0x6a0
[  130.155738][ T5860]  __submit_merged_write_cond+0x255/0x530
[  130.155772][ T5860]  f2fs_write_data_pages+0x261d/0x3000
[  130.155842][ T5860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.155929][ T5860]  ? folio_unqueue_deferred_split+0x93/0x230
[  130.155952][ T5860]  ? unwind_next_frame+0xa5/0x2390
[  130.155968][ T5860]  ? rcu_is_watching+0x15/0xb0
[  130.155994][ T5860]  ? __kasan_check_byte+0x12/0x40
[  130.156034][ T5860]  ? __lock_acquire+0xab9/0xd20
[  130.156069][ T5860]  ? do_raw_spin_lock+0x121/0x290
[  130.156103][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  130.156125][ T5860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.156153][ T5860]  do_writepages+0x32e/0x550
[  130.156191][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  130.156217][ T5860]  filemap_fdatawrite+0x199/0x240
[  130.156242][ T5860]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  130.156346][ T5860]  ? do_raw_spin_unlock+0x122/0x240
[  130.156373][ T5860]  f2fs_sync_dirty_inodes+0x31f/0x830
[  130.156420][ T5860]  f2fs_write_checkpoint+0x93e/0x2440
[  130.156448][ T5860]  ? __lock_acquire+0xab9/0xd20
[  130.156507][ T5860]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  130.156603][ T5860]  kill_f2fs_super+0x2cc/0x6d0
[  130.156640][ T5860]  ? __pfx_kill_f2fs_super+0x10/0x10
[  130.156699][ T5860]  ? shrinker_free+0x2ce/0x3e0
[  130.156723][ T5860]  deactivate_locked_super+0xbc/0x130
[  130.156746][ T5860]  cleanup_mnt+0x425/0x4c0
[  130.156766][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[  130.156798][ T5860]  task_work_run+0x1d4/0x260
[  130.156825][ T5860]  ? __pfx_task_work_run+0x10/0x10
[  130.156844][ T5860]  ? __x64_sys_umount+0x122/0x160
[  130.156871][ T5860]  ? exit_to_user_mode_loop+0x40/0x130
[  130.156901][ T5860]  exit_to_user_mode_loop+0xec/0x130
[  130.156926][ T5860]  do_syscall_64+0x2bd/0xfa0
[  130.156941][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[  130.156968][ T5860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.156986][ T5860]  ? clear_bhb_loop+0x60/0xb0
[  130.157010][ T5860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.157027][ T5860] RIP: 0033:0x7f629e98ff17
[  130.157045][ T5860] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  130.157060][ T5860] RSP: 002b:00007ffc3461dd18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  130.157080][ T5860] RAX: 0000000000000000 RBX: 00007f629ea11c05 RCX: 00007f629e98ff17
[  130.157093][ T5860] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3461ddd0
[  130.157104][ T5860] RBP: 00007ffc3461ddd0 R08: 0000000000000000 R09: 0000000000000000
[  130.157115][ T5860] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc3461ee60
[  130.157127][ T5860] R13: 00007f629ea11c05 R14: 000000000001fb97 R15: 00007ffc3461eea0
[  130.157163][ T5860]  </TASK>
[  130.157171][ T5860] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  130.168792][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.602262][ T6583] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  130.718580][ T6583] XFS (loop2): Ending clean mount
[  130.768730][ T6583] XFS (loop2): Quotacheck needed: Please wait.
[  130.958238][ T6583] XFS (loop2): Quotacheck: Done.
[  131.015837][ T6296] veth0_vlan: entered promiscuous mode
[  131.130803][ T6635] 8021q: adding VLAN 0 to HW filter on device batadv1
[  131.167558][ T5874] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.177929][ T6635] team0: Port device batadv1 added
[  131.236150][ T6296] veth1_vlan: entered promiscuous mode
[  131.263592][ T6634] loop1: detected capacity change from 0 to 4096
[  131.378096][ T6296] veth0_macvtap: entered promiscuous mode
[  131.463067][ T6296] veth1_macvtap: entered promiscuous mode
[  131.611315][ T6296] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.653330][ T6296] batman_adv: batadv0: Interface activated: batadv_slave_1
[  131.703710][ T1094] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.726636][ T1094] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.753983][ T1094] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.789146][ T1094] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.037270][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.076930][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.248900][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.284265][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.426775][ T6654] loop3: detected capacity change from 0 to 1024
[  132.453880][ T6654] EXT4-fs: Ignoring removed orlov option
[  132.470626][ T6656] loop1: detected capacity change from 0 to 2048
[  132.535147][ T6654] EXT4-fs (loop3): Test dummy encryption mode enabled
[  132.548203][ T6659] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  132.570393][ T6654] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  132.700588][ T6654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.903376][ T6654] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  133.001411][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  133.008046][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  133.163949][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.170099][ T6673] veth0_to_bridge: entered promiscuous mode
[  133.197711][ T6673] veth0_to_bridge: left promiscuous mode
[  134.020622][ T6664] loop5: detected capacity change from 0 to 32768
[  134.092322][ T6664] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.251133][   T43] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  134.364461][ T6664] XFS (loop5): Ending clean mount
[  134.453175][ T6671] loop0: detected capacity change from 0 to 32768
[  134.453804][   T43] usb 3-1: Using ep0 maxpacket: 16
[  134.527639][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.546132][ T6671] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  134.566097][ T6296] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.589129][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  134.657230][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  134.663603][ T6671] XFS (loop0): Ending clean mount
[  134.681068][   T43] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  134.691510][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.714472][   T43] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  134.731995][   T43] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  134.740265][   T43] usb 3-1: Manufacturer: syz
[  134.755299][   T43] usb 3-1: config 0 descriptor??
[  134.795828][ T6718] loop3: detected capacity change from 0 to 4096
[  134.840207][ T6718] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  135.177728][ T5864] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  135.281883][   T43] rc_core: IR keymap rc-hauppauge not found
[  135.312507][   T43] Registered IR keymap rc-empty
[  135.317756][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.374571][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.406194][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  135.508316][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input6
[  135.599122][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.670425][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.741395][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.780282][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.830421][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.860013][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.910098][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  135.949983][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  136.007174][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  136.059982][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  136.123306][   T43] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  136.167980][   T43] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  136.281819][   T43] usb 3-1: USB disconnect, device number 2
[  136.456202][ T6756] loop5: detected capacity change from 0 to 128
[  136.558520][ T6756] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.641138][ T6756] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.014756][ T6296] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.274174][ T6752] loop1: detected capacity change from 0 to 32768
[  137.352037][ T6752] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.400325][ T6754] loop0: detected capacity change from 0 to 40427
[  137.407908][ T6754] F2FS-fs: heap/no_heap options were deprecated
[  137.437933][ T6754] F2FS-fs (loop0): build fault injection rate: 19
[  137.454205][ T6754] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  137.499984][ T6754] F2FS-fs (loop0): invalid crc value
[  137.549429][ T6752] XFS (loop1): Ending clean mount
[  137.564305][ T6754] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  137.624159][ T6752] XFS (loop1): Quotacheck needed: Please wait.
[  138.045747][ T6752] XFS (loop1): Quotacheck: Done.
[  138.078542][ T6754] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  138.128745][ T6754] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  138.174503][ T6754] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  138.285009][ T5865] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  138.303154][ T6754] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  138.334794][ T6754] F2FS-fs (loop0): inject inconsistent footer in sanity_check_node_footer of f2fs_update_inode_page+0x82/0x190
[  138.363780][ T6754] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:10, node_footer[nid:10,ino:10,ofs:0,cpver:10241045589465957861,blkaddr:4615]
[  138.368817][ T6786] loop5: detected capacity change from 0 to 4096
[  138.397724][ T6754] CPU: 1 UID: 0 PID: 6754 Comm: syz.0.216 Not tainted syzkaller #0 PREEMPT(full) 
[  138.397756][ T6754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  138.397768][ T6754] Call Trace:
[  138.397776][ T6754]  <TASK>
[  138.397785][ T6754]  dump_stack_lvl+0x189/0x250
[  138.397818][ T6754]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.397838][ T6754]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  138.397868][ T6754]  ? __pfx_queue_work_on+0x10/0x10
[  138.397895][ T6754]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  138.397919][ T6754]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  138.397946][ T6754]  ? f2fs_hw_is_readonly+0x39b/0x470
[  138.397975][ T6754]  f2fs_handle_critical_error+0x37c/0x540
[  138.398008][ T6754]  f2fs_write_inode+0x3ba/0x5f0
[  138.398036][ T6754]  f2fs_do_sync_file+0xba9/0x1860
[  138.398072][ T6754]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  138.398129][ T6754]  ? f2fs_file_write_iter+0x4ac/0x2410
[  138.398149][ T6754]  ? vfs_fsync_range+0x12c/0x1c0
[  138.398172][ T6754]  ? f2fs_sync_file+0xe9/0x160
[  138.398198][ T6754]  f2fs_file_write_iter+0x753/0x2410
[  138.398237][ T6754]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  138.398253][ T6754]  ? rcu_read_lock_any_held+0xb3/0x120
[  138.398291][ T6754]  vfs_write+0x5c6/0xb30
[  138.398319][ T6754]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  138.398353][ T6754]  ? __pfx_vfs_write+0x10/0x10
[  138.398390][ T6754]  ? __fget_files+0x2a/0x420
[  138.398430][ T6754]  ksys_write+0x145/0x250
[  138.398458][ T6754]  ? __pfx_ksys_write+0x10/0x10
[  138.398485][ T6754]  ? do_syscall_64+0xbe/0xfa0
[  138.398504][ T6754]  do_syscall_64+0xfa/0xfa0
[  138.398517][ T6754]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.398545][ T6754]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.398562][ T6754]  ? clear_bhb_loop+0x60/0xb0
[  138.398584][ T6754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.398601][ T6754] RIP: 0033:0x7f16c858ebe9
[  138.398620][ T6754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.398635][ T6754] RSP: 002b:00007f16c9400038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  138.398657][ T6754] RAX: ffffffffffffffda RBX: 00007f16c87c5fa0 RCX: 00007f16c858ebe9
[  138.398670][ T6754] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000004
[  138.398681][ T6754] RBP: 00007f16c8611e19 R08: 0000000000000000 R09: 0000000000000000
[  138.398693][ T6754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  138.398704][ T6754] R13: 00007f16c87c6038 R14: 00007f16c87c5fa0 R15: 00007ffe24e0cdb8
[  138.398738][ T6754]  </TASK>
[  138.420041][ T6754] F2FS-fs (loop0): Stopped filesystem due to reason: 5
[  139.684864][ T5872] Bluetooth: hci1: failed to read key size for handle 201
[  140.680401][ T6809] netlink: 4 bytes leftover after parsing attributes in process `syz.0.234'.
[  141.391192][   T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  141.504226][ T6829] loop0: detected capacity change from 0 to 4096
[  141.599523][   T24] usb 4-1: Using ep0 maxpacket: 8
[  141.607890][ T1094] ntfs3(loop5): ino=5, mi_enum_attr
[  141.640981][   T24] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  141.647500][ T6829] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  141.665249][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.693160][   T24] usb 4-1: Product: syz
[  141.717091][   T24] usb 4-1: Manufacturer: syz
[  141.734992][   T24] usb 4-1: SerialNumber: syz
[  141.778442][   T24] usb 4-1: config 0 descriptor??
[  141.818783][   T24] gspca_main: se401-2.14.0 probing 047d:5003
[  141.920382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!!
[  142.129187][ T5864] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  142.173947][ T6812] loop1: detected capacity change from 0 to 32768
[  142.238357][   T24] gspca_se401: ExtraFeatures: 24
[  142.260514][ T6812] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.264869][   T24] gspca_se401: Too many frame sizes
[  142.510096][ T6851] loop5: detected capacity change from 0 to 4096
[  142.527315][   T43] usb 4-1: USB disconnect, device number 3
[  142.563860][ T6812] XFS (loop1): Ending clean mount
[  142.569953][ T6851] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  142.737150][ T6851] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  142.881983][ T5865] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.406696][ T6867] batman_adv: batadv0: Adding interface: gretap1
[  143.481145][ T6867] batman_adv: batadv0: The MTU of interface gretap1 is too small (1382) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.570449][ T6867] batman_adv: batadv0: Interface activated: gretap1
[  143.699228][ T6873] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  143.730104][ T5872] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  143.740176][ T5872] Bluetooth: hci1: Injecting HCI hardware error event
[  143.748835][ T5872] Bluetooth: hci1: hardware error 0x00
[  143.867845][ T5873] IPVS: starting estimator thread 0...
[  144.010897][ T6882] IPVS: using max 23 ests per chain, 55200 per kthread
[  144.109684][ T6886] loop0: detected capacity change from 0 to 256
[  144.135468][ T6864] loop5: detected capacity change from 0 to 32768
[  144.191014][ T6864] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.250 (6864)
[  144.316756][ T6864] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  144.336743][ T6886] FAT-fs (loop0): Directory bread(block 64) failed
[  144.385581][ T6864] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  144.389502][ T6886] FAT-fs (loop0): Directory bread(block 65) failed
[  144.455343][ T6886] FAT-fs (loop0): Directory bread(block 66) failed
[  144.463437][ T6864] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  144.476404][ T6886] FAT-fs (loop0): Directory bread(block 67) failed
[  144.500292][ T6886] FAT-fs (loop0): Directory bread(block 68) failed
[  144.517474][ T6886] FAT-fs (loop0): Directory bread(block 69) failed
[  144.555484][ T6886] FAT-fs (loop0): Directory bread(block 70) failed
[  144.590038][ T6886] FAT-fs (loop0): Directory bread(block 71) failed
[  144.620089][ T6886] FAT-fs (loop0): Directory bread(block 72) failed
[  144.635996][ T6886] FAT-fs (loop0): Directory bread(block 73) failed
[  144.748636][ T6864] BTRFS info (device loop5): rebuilding free space tree
[  144.847309][ T6864] BTRFS info (device loop5): disabling free space tree
[  144.870284][ T6864] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  144.912076][ T6918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.263'.
[  144.921469][ T6864] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  144.998813][ T6864] BTRFS info (device loop5): setting nodatasum
[  145.049344][ T6864] BTRFS info (device loop5): enabling ssd optimizations
[  145.089884][ T6864] BTRFS info (device loop5): using spread ssd allocation scheme
[  145.097634][ T6864] BTRFS info (device loop5): turning off barriers
[  145.175834][ T6864] BTRFS info (device loop5): enabling disk space caching
[  145.201112][ T6864] BTRFS info (device loop5): force clearing of disk cache
[  145.297969][ T6924] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  145.559024][ T6880] loop3: detected capacity change from 0 to 32768
[  145.638438][ T6296] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.761528][ T1094] JFS: metapage_get_blocks failed
[  145.799567][ T6880] JFS: metapage_get_blocks failed
[  145.813657][  T112] blkno = 50030, nblocks = 1
[  145.813761][ T1094] JFS: metapage_get_blocks failed
[  145.841183][  T112] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map
[  145.841183][  T112] 
[  145.894644][ T6938] loop0: detected capacity change from 0 to 4096
[  145.907023][  T112] ERROR: (device loop3): remounting filesystem as read-only
[  145.942373][  T112] blkno = 5002c, nblocks = 4
[  145.950889][ T5872] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  145.978755][  T112] ERROR: (device loop3): dbUpdatePMap: blocks are outside the map
[  145.978755][  T112] 
[  146.091332][ T6880] JFS: metapage_get_blocks failed
[  146.106916][ T6945] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.129180][ T6880] JFS: metapage_get_blocks failed
[  146.667268][ T6957] loop2: detected capacity change from 0 to 2048
[  146.719649][ T6960] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  146.763388][ T6957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  146.883344][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.470017][ T5872] Bluetooth: hci3: command 0x0405 tx timeout
[  147.782688][ T6988] loop1: detected capacity change from 0 to 1024
[  148.172290][ T5873] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  148.378316][ T5873] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  148.399920][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.439895][ T5873] usb 4-1: Product: syz
[  148.444121][ T5873] usb 4-1: Manufacturer: syz
[  148.487705][ T5873] usb 4-1: SerialNumber: syz
[  148.515401][ T7002] loop1: detected capacity change from 0 to 4096
[  148.528418][ T5873] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  148.586783][ T7002] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  148.668722][    T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  148.808040][ T7002] ntfs3(loop1): ino=1a, mi_enum_attr
[  148.819996][ T7002] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  148.918489][   T30] audit: type=1800 audit(1757402528.028:19): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.290" name="file1" dev="loop1" ino=30 res=0 errno=0
[  148.935813][ T5873] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  148.970626][ T7002] ntfs3(loop1): ino=1e, "file1" ntfs3_write_inode failed, -22.
[  149.125759][ T6978] loop0: detected capacity change from 0 to 32768
[  149.139328][ T5873] usb 3-1: Using ep0 maxpacket: 8
[  149.172726][ T5873] usb 3-1: config index 0 descriptor too short (expected 74, got 45)
[  149.205657][ T6978] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.283 (6978)
[  149.227929][ T5873] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  149.283494][ T5873] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  149.341099][ T6978] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  149.341946][ T5873] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  149.398400][ T6978] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  149.433181][ T5873] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  149.495274][ T5873] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.633405][ T5873] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  149.660206][   T24] usb 4-1: USB disconnect, device number 4
[  149.743467][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.816616][ T6978] BTRFS info (device loop0): enabling ssd optimizations
[  149.858297][ T6978] BTRFS info (device loop0): enabling free space tree
[  150.061566][ T5873] usb 3-1: GET_CAPABILITIES returned 0
[  150.079945][ T5873] usbtmc 3-1:16.0: can't read capabilities
[  150.272153][    T9] usb 4-1: Service connection timeout for: 257
[  150.319008][    T9] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  150.342169][ T5873] usb 3-1: USB disconnect, device number 3
[  150.361125][    T9] ath9k_htc: Failed to initialize the device
[  150.410127][   T24] usb 4-1: ath9k_htc: USB layer deinitialized
[  150.578365][ T7015] loop5: detected capacity change from 0 to 32768
[  150.600978][ T5864] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  150.650198][ T7015] BTRFS info: device /dev/loop5 (7:5) using temp-fsid d7015d2a-60f3-4e65-bb5d-123f795b71cc
[  150.691360][ T7015] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.295 (7015)
[  150.800812][ T7015] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  150.827081][ T7015] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  151.177010][ T7015] BTRFS info (device loop5): rebuilding free space tree
[  151.261698][ T7015] BTRFS info (device loop5): enabling ssd optimizations
[  151.296969][ T7015] BTRFS info (device loop5): enabling free space tree
[  151.368869][ T7015] BTRFS info (device loop5): force clearing of disk cache
[  151.429989][ T7015] BTRFS info (device loop5): enabling auto defrag
[  151.436476][ T7015] BTRFS info (device loop5): force zstd compression, level 3
[  151.484311][ T7015] BTRFS info (device loop5): max_inline set to 0
[  152.002618][ T6296] BTRFS info (device loop5): last unmount of filesystem d7015d2a-60f3-4e65-bb5d-123f795b71cc
[  152.814301][ T7078] loop2: detected capacity change from 0 to 32768
[  152.924760][ T7078] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  153.198767][ T7078] XFS (loop2): Ending clean mount
[  153.527653][ T5874] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  154.705060][ T7135] loop5: detected capacity change from 0 to 1024
[  154.841879][ T7135] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.019064][   T30] audit: type=1800 audit(1757402534.128:20): pid=7135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.329" name="file1" dev="loop5" ino=15 res=0 errno=0
[  155.060902][ T7147] loop2: detected capacity change from 0 to 2048
[  155.132757][ T7147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  155.242139][ T7135] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  155.333907][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.595598][ T6296] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.699433][ T7163] loop1: detected capacity change from 0 to 1024
[  155.715957][ T7159] loop2: detected capacity change from 0 to 4096
[  155.717012][ T7165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.341'.
[  155.717972][ T7163] EXT4-fs: Ignoring removed nobh option
[  155.766008][ T7159] EXT4-fs (loop2): Test dummy encryption mode enabled
[  155.782371][ T7163] EXT4-fs: Ignoring removed bh option
[  155.828211][ T7159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.862066][ T7163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.960113][ T7171] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[  155.963855][ T7159] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  156.225019][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.266442][ T5874] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.289298][ T7178] loop5: detected capacity change from 0 to 64
[  156.452932][ T7177] Trying to free block not in datazone
[  156.458458][ T7177] Trying to free block not in datazone
[  156.972548][ T7192] loop1: detected capacity change from 0 to 1024
[  157.082948][ T7192] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.211940][   T30] audit: type=1800 audit(1757402536.328:21): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.350" name="file1" dev="loop1" ino=15 res=0 errno=0
[  157.381668][ T7192] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  157.536736][ T7180] loop0: detected capacity change from 0 to 40427
[  157.595581][ T7180] F2FS-fs (loop0): invalid crc value
[  157.711932][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.933657][ T7180] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  157.987664][ T7180] F2FS-fs (loop0): Start checkpoint disabled!
[  158.051526][   T30] audit: type=1326 audit(1757402537.158:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7205 comm="syz.5.355" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f005d98ebe9 code=0x0
[  158.107679][ T7180] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  158.115741][ T7180] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  158.218555][ T7187] loop2: detected capacity change from 0 to 32768
[  158.715879][ T7222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  159.032554][ T7226] loop1: detected capacity change from 0 to 128
[  159.160826][ T7230] loop3: detected capacity change from 0 to 512
[  159.364381][ T7230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.928638][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.600522][ T7229] loop5: detected capacity change from 0 to 40427
[  160.638382][ T7229] F2FS-fs (loop5): invalid crc value
[  160.955662][ T7229] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  160.989502][ T7229] F2FS-fs (loop5): Start checkpoint disabled!
[  161.037651][ T7229] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  161.086028][ T7229] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  161.330493][   T36] kworker/u8:2: attempt to access beyond end of device
[  161.330493][   T36] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.350563][ T7263] XFS (nullb0): Invalid superblock magic number
[  161.365229][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  161.365258][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  161.365271][   T36] Workqueue: writeback wb_workfn (flush-7:5)
[  161.365299][   T36] Call Trace:
[  161.365307][   T36]  <TASK>
[  161.365317][   T36]  dump_stack_lvl+0x189/0x250
[  161.365348][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.365371][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  161.365397][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  161.365425][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  161.365470][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  161.365507][   T36]  f2fs_write_end_io+0x886/0xb60
[  161.365562][   T36]  __submit_merged_bio+0x27a/0x6a0
[  161.365597][   T36]  __submit_merged_write_cond+0x255/0x530
[  161.365635][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  161.365716][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.365815][   T36]  ? __local_bh_enable_ip+0x12d/0x1c0
[  161.365842][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.365873][   T36]  ? __local_bh_enable_ip+0x12d/0x1c0
[  161.365899][   T36]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  161.365950][   T36]  ? xfd_validate_state+0x6d/0x150
[  161.365987][   T36]  ? rcu_is_watching+0x15/0xb0
[  161.366037][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.366066][   T36]  do_writepages+0x32e/0x550
[  161.366100][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  161.366135][   T36]  ? writeback_sb_inodes+0x384/0x1010
[  161.366171][   T36]  __writeback_single_inode+0x145/0xff0
[  161.366195][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  161.366224][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  161.366245][   T36]  ? unwind_next_frame+0xa5/0x2390
[  161.366302][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  161.366385][   T36]  ? rcu_is_watching+0x15/0xb0
[  161.366426][   T36]  wb_writeback+0x43b/0xaf0
[  161.366462][   T36]  ? queue_io+0x371/0x590
[  161.366491][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  161.366528][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.366563][   T36]  wb_workfn+0x409/0xef0
[  161.366605][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  161.366644][   T36]  ? __lock_acquire+0xab9/0xd20
[  161.366688][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  161.366726][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.366750][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  161.366775][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  161.366805][   T36]  process_scheduled_works+0xae1/0x17b0
[  161.366879][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  161.366934][   T36]  worker_thread+0x8a0/0xda0
[  161.366967][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  161.367013][   T36]  ? __kthread_parkme+0x7b/0x200
[  161.367048][   T36]  kthread+0x711/0x8a0
[  161.367075][   T36]  ? __pfx_worker_thread+0x10/0x10
[  161.367102][   T36]  ? __pfx_kthread+0x10/0x10
[  161.367172][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.367197][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.367222][   T36]  ? __pfx_kthread+0x10/0x10
[  161.367246][   T36]  ret_from_fork+0x47c/0x820
[  161.367278][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  161.367319][   T36]  ? __switch_to_asm+0x39/0x70
[  161.367341][   T36]  ? __switch_to_asm+0x33/0x70
[  161.367362][   T36]  ? __pfx_kthread+0x10/0x10
[  161.367387][   T36]  ret_from_fork_asm+0x1a/0x30
[  161.367441][   T36]  </TASK>
[  161.414111][ T7271] loop2: detected capacity change from 0 to 8
[  161.418004][   T36] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  161.715943][ T7260] loop1: detected capacity change from 0 to 32768
[  162.183648][ T7255] loop0: detected capacity change from 0 to 40427
[  162.259287][ T7255] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  162.289924][ T7255] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  162.399385][ T7255] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  162.529504][ T7277] loop1: detected capacity change from 0 to 4096
[  162.625842][ T7277] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  162.656714][ T7277] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  162.771564][ T7277] ntfs3(loop1): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size
[  162.818135][ T7255] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  162.929936][ T7255] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  162.971291][ T7255] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  163.170510][ T7288] loop1: detected capacity change from 0 to 1024
[  163.286785][ T7273] loop2: detected capacity change from 0 to 32768
[  163.590437][ T1109] hfsplus: b-tree write err: -5, ino 3
[  163.856751][ T7303] loop1: detected capacity change from 0 to 512
[  163.919283][ T7303] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  164.053222][ T7273] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  164.053252][ T7273]   allowing incompatible features above 0.0: (unknown version)
[  164.053264][ T7273]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  164.182981][ T7303] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.183124][ T7303] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.254212][ T7303] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.388: corrupted inode contents
[  164.267757][ T7303] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.388: mark_inode_dirty error
[  164.294877][ T7303] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.388: corrupted inode contents
[  164.330800][ T7313] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.388: corrupted inode contents
[  164.337221][ T7313] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.388: mark_inode_dirty error
[  164.361654][ T7313] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.388: corrupted inode contents
[  164.367674][ T7313] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.388: mark_inode_dirty error
[  164.387393][ T7313] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.388: corrupted inode contents
[  164.396398][ T7273] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  164.396445][ T7273] bcachefs (loop2): initializing new filesystem
[  164.507737][ T7313] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.388: mark_inode_dirty error
[  164.591940][ T7273] bcachefs (loop2): going read-write
[  164.633805][ T7273] bcachefs (loop2): marking superblocks
[  164.691595][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.748789][ T7273] bcachefs (loop2): initializing freespace
[  164.755934][ T7323] team_slave_1: entered promiscuous mode
[  164.757091][ T7321] loop5: detected capacity change from 0 to 1024
[  164.784053][ T7321] EXT4-fs: inline encryption not supported
[  164.805522][ T7273] bcachefs (loop2): done initializing freespace
[  164.819158][ T7321] EXT4-fs: Ignoring removed bh option
[  164.855823][ T7273] bcachefs (loop2): reading snapshots table
[  164.884444][ T7325] loop1: detected capacity change from 0 to 128
[  164.893955][ T7273] bcachefs (loop2): reading snapshots done
[  164.905276][ T7321] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.969501][ T7273] bcachefs (loop2): done starting filesystem
[  165.184445][ T5874] bcachefs (loop2): shutting down
[  165.197680][   T30] audit: type=1804 audit(1757402544.308:23): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.392" name="/newroot/41/file1/file1" dev="loop5" ino=15 res=1 errno=0
[  165.229454][ T5874] bcachefs (loop2): going read-only
[  165.246363][ T5874] bcachefs (loop2): finished waiting for writes to stop
[  165.290482][ T5874] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  165.314458][ T7333] loop3: detected capacity change from 0 to 2048
[  165.328807][ T7331] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  165.355675][ T7331] EXT4-fs (loop5): Remounting filesystem read-only
[  165.376773][ T7333] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.486904][ T5874] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  165.542140][ T6296] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.547426][ T5874] bcachefs (loop2): clean shutdown complete, journal seq 4
[  165.570997][ T5874] bcachefs (loop2): marking filesystem clean
[  165.812951][ T5874] bcachefs (loop2): shutdown complete
[  166.258702][ T7353] loop3: detected capacity change from 0 to 2048
[  166.431381][ T7353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.491903][ T7337] loop0: detected capacity change from 0 to 32768
[  166.669828][ T7337] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  166.707989][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.730972][ T7371] loop1: detected capacity change from 0 to 128
[  166.760391][ T7371] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  166.807387][ T7337] XFS (loop0): Ending clean mount
[  166.825559][ T7337] XFS (loop0): Quotacheck needed: Please wait.
[  166.842629][ T7371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.998087][ T7337] XFS (loop0): Quotacheck: Done.
[  167.270071][ T5864] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  167.916527][ T7386] loop6: detected capacity change from 0 to 524287999
[  168.317520][ T7394] loop5: detected capacity change from 0 to 1024
[  168.415843][ T7394] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.614213][ T7392] loop0: detected capacity change from 0 to 32768
[  168.658797][ T7392] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  168.667620][ T7392] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  168.727059][ T7392] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  168.736889][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  168.743851][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  168.973560][ T6296] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.005047][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 261ms
[  169.082564][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  169.088037][ T7392] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  169.650337][ T7382] loop3: detected capacity change from 0 to 40427
[  169.700538][ T7382] F2FS-fs (loop3): invalid crc value
[  170.135473][ T7382] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  170.188002][ T7382] F2FS-fs (loop3): Start checkpoint disabled!
[  170.220235][ T7429] loop5: detected capacity change from 0 to 4096
[  170.254555][ T7382] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  170.259242][ T7429] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  170.300320][ T7382] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  170.406346][ T7429] ntfs3(loop5): ino=1a, mi_enum_attr
[  170.425298][ T7429] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  170.510579][ T7382] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  170.523925][   T30] audit: type=1800 audit(1757402549.638:24): pid=7429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.433" name="file1" dev="loop5" ino=30 res=0 errno=0
[  170.573115][ T7429] ntfs3(loop5): ino=1e, "file1" ntfs3_write_inode failed, -22.
[  170.573550][ T7382] CPU: 0 UID: 0 PID: 7382 Comm: syz.3.416 Not tainted syzkaller #0 PREEMPT(full) 
[  170.573574][ T7382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.573584][ T7382] Call Trace:
[  170.573591][ T7382]  <TASK>
[  170.573598][ T7382]  dump_stack_lvl+0x189/0x250
[  170.573630][ T7382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.573651][ T7382]  ? __pfx_queue_work_on+0x10/0x10
[  170.573684][ T7382]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  170.573710][ T7382]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  170.573739][ T7382]  ? f2fs_hw_is_readonly+0x39b/0x470
[  170.573768][ T7382]  f2fs_handle_critical_error+0x37c/0x540
[  170.573798][ T7382]  do_garbage_collect+0xf22/0x65d0
[  170.573838][ T7382]  ? f2fs_get_victim+0x5a9a/0x6260
[  170.573861][ T7382]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  170.573907][ T7382]  ? __pfx_do_garbage_collect+0x10/0x10
[  170.573923][ T7382]  ? f2fs_get_victim+0x5a9a/0x6260
[  170.573968][ T7382]  ? __lock_acquire+0xab9/0xd20
[  170.574040][ T7382]  ? up_write+0x1c4/0x420
[  170.574062][ T7382]  f2fs_gc+0xc8d/0x25a0
[  170.574112][ T7382]  ? __pfx_f2fs_gc+0x10/0x10
[  170.574142][ T7382]  ? rcu_read_lock_any_held+0xb3/0x120
[  170.574159][ T7382]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  170.574190][ T7382]  ? sb_start_write+0x114/0x1c0
[  170.574209][ T7382]  ? mnt_want_write_file+0x164/0x200
[  170.574230][ T7382]  __f2fs_ioc_gc_range+0x754/0xb10
[  170.574268][ T7382]  ? __pfx___f2fs_ioc_gc_range+0x10/0x10
[  170.574299][ T7382]  __f2fs_ioctl+0x2e00/0xb5b0
[  170.574314][ T7382]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.574351][ T7382]  ? file_ioctl+0x22d/0x780
[  170.574374][ T7382]  ? __pfx_file_ioctl+0x10/0x10
[  170.574409][ T7382]  ? kasan_quarantine_put+0xdd/0x220
[  170.574429][ T7382]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.574454][ T7382]  ? __pfx___f2fs_ioctl+0x10/0x10
[  170.574478][ T7382]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  170.574505][ T7382]  ? do_vfs_ioctl+0xb33/0x1430
[  170.574522][ T7382]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  170.574545][ T7382]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  170.574608][ T7382]  ? has_not_enough_free_secs+0x73b/0x1160
[  170.574640][ T7382]  ? f2fs_ioctl+0x184/0x250
[  170.574657][ T7382]  ? __pfx_f2fs_ioctl+0x10/0x10
[  170.574673][ T7382]  __se_sys_ioctl+0xfc/0x170
[  170.574695][ T7382]  do_syscall_64+0xfa/0xfa0
[  170.574709][ T7382]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.574732][ T7382]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.574748][ T7382]  ? clear_bhb_loop+0x60/0xb0
[  170.574771][ T7382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.574787][ T7382] RIP: 0033:0x7f629e98ebe9
[  170.574803][ T7382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.574817][ T7382] RSP: 002b:00007f629f779038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.574836][ T7382] RAX: ffffffffffffffda RBX: 00007f629ebc5fa0 RCX: 00007f629e98ebe9
[  170.574848][ T7382] RDX: 0000200000000000 RSI: 000000004018f50b RDI: 0000000000000004
[  170.574859][ T7382] RBP: 00007f629ea11e19 R08: 0000000000000000 R09: 0000000000000000
[  170.574870][ T7382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.574880][ T7382] R13: 00007f629ebc6038 R14: 00007f629ebc5fa0 R15: 00007ffc3461ea88
[  170.574913][ T7382]  </TASK>
[  170.574921][ T7382] F2FS-fs (loop3): Stopped filesystem due to reason: 4
[  170.608331][ T7424] loop2: detected capacity change from 0 to 32768
[  170.952574][ T7424] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.432 (7424)
[  171.013720][ T7424] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  171.070729][ T7424] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  171.094017][ T7442] loop0: detected capacity change from 0 to 256
[  171.131580][ T7442] exfat: Deprecated parameter 'namecase'
[  171.283688][ T7442] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  171.365474][ T7424] BTRFS info (device loop2): enabling ssd optimizations
[  171.380004][ T7424] BTRFS info (device loop2): enabling free space tree
[  171.971125][ T5874] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  172.390104][ T7474] loop3: detected capacity change from 0 to 1024
[  172.472376][ T7474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.080245][ T7489] netlink: 36 bytes leftover after parsing attributes in process `syz.3.451'.
[  173.106128][ T7464] loop5: detected capacity change from 0 to 32768
[  173.116730][ T7489] netlink: 108 bytes leftover after parsing attributes in process `syz.3.451'.
[  173.163968][ T7464] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.442 (7464)
[  173.176935][ T7489] netlink: 12 bytes leftover after parsing attributes in process `syz.3.451'.
[  173.209229][ T7489] netlink: 36 bytes leftover after parsing attributes in process `syz.3.451'.
[  173.250518][ T7464] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  173.260978][ T7489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.451'.
[  173.282392][ T7464] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  173.315667][ T7493] loop0: detected capacity change from 0 to 8
[  173.450927][ T7493] SQUASHFS error: xz decompression failed, data probably corrupt
[  173.459059][ T7493] SQUASHFS error: Failed to read block 0x108: -5
[  173.605663][ T7464] BTRFS info (device loop5): enabling ssd optimizations
[  173.622332][ T7493] SQUASHFS error: Unable to read metadata cache entry [106]
[  173.629996][ T7464] BTRFS info (device loop5): enabling free space tree
[  173.630906][ T7510] loop1: detected capacity change from 0 to 256
[  173.669799][ T7493] SQUASHFS error: Unable to read inode 0x11f
[  173.697786][ T7510] exfat: Deprecated parameter 'utf8'
[  173.861331][ T7510] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  173.878969][ T6296] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  173.898809][ T7513] loop3: detected capacity change from 0 to 4096
[  173.990906][   T30] audit: type=1800 audit(1757402553.108:25): pid=7510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.455" name="file1" dev="loop1" ino=1048619 res=0 errno=0
[  174.184625][ T7479] loop2: detected capacity change from 0 to 32768
[  174.354466][ T7479] JBD2: Ignoring recovery information on journal
[  174.525312][ T7479] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  174.782238][   T30] audit: type=1800 audit(1757402553.888:26): pid=7479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.447" name="file1" dev="loop2" ino=17058 res=0 errno=0
[  175.059880][ T5874] ocfs2: Unmounting device (7,2) on (node local)
[  175.992507][ T7556] loop2: detected capacity change from 0 to 2048
[  176.098823][ T7559] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  176.256014][ T7538] loop1: detected capacity change from 0 to 32768
[  176.276955][ T7538] btrfs: Unknown parameter 'ref_verify'
[  176.349304][ T7559] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  176.395538][ T7559] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  176.439825][ T7559] Remounting filesystem read-only
[  176.455880][ T5874] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  176.857310][ T7569] loop5: detected capacity change from 0 to 4096
[  176.961114][ T7569] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  176.998886][ T7569] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  177.086328][ T7569] ntfs3(loop5): ino=1c, mi_enum_attr
[  177.175919][ T7569] ntfs3(loop5): ino=1b, "file0" ntfs_readdir
[  177.371547][ T1094] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  177.408056][ T7578] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  177.449831][ T6296] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  177.489730][ T6296] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  177.570145][ T6296] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  177.581446][   T36] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  177.738771][ T7584] netlink: 44 bytes leftover after parsing attributes in process `syz.0.485'.
[  177.795813][ T7581] netlink: 44 bytes leftover after parsing attributes in process `syz.0.485'.
[  177.818771][ T7587] netlink: 44 bytes leftover after parsing attributes in process `syz.0.485'.
[  177.926879][ T7586] loop5: detected capacity change from 0 to 4096
[  178.039003][ T7593] loop2: detected capacity change from 0 to 64
[  178.049498][ T7591] macsec1: entered allmulticast mode
[  178.069871][ T7595] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  178.085640][ T7591] macvlan0: entered allmulticast mode
[  178.115367][ T7591] veth1_vlan: entered allmulticast mode
[  178.237799][ T7591] macvlan0: left allmulticast mode
[  178.249966][ T7591] veth1_vlan: left allmulticast mode
[  178.290480][ T7597] loop1: detected capacity change from 0 to 64
[  178.312482][ T5874] hfs: node 4:3 still has 1 user(s)!
[  178.477374][ T1118] ntfs3(loop3): ino=5, mi_enum_attr
[  179.064969][ T7615] loop2: detected capacity change from 0 to 64
[  179.164393][ T7619] loop3: detected capacity change from 0 to 64
[  179.244340][ T7619] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  179.718003][ T7607] loop0: detected capacity change from 0 to 32768
[  179.758635][ T7631] loop5: detected capacity change from 0 to 512
[  179.802868][ T7607] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.496 (7607)
[  179.913377][ T7607] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  179.935283][ T7607] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  179.973927][ T7631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  180.065106][ T7631] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  180.116393][ T5873] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  180.224050][ T7659] loop3: detected capacity change from 0 to 1024
[  180.228321][ T7607] BTRFS info (device loop0): enabling ssd optimizations
[  180.279849][ T5873] usb 2-1: Using ep0 maxpacket: 8
[  180.281976][ T7607] BTRFS info (device loop0): enabling free space tree
[  180.295173][ T5873] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  180.309870][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.310102][   T24] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  180.354400][ T5873] pvrusb2: Hardware description: Terratec Grabster AV400
[  180.377954][ T6296] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  180.414180][ T5873] pvrusb2: **********
[  180.418232][ T5873] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  180.430079][ T5873] pvrusb2: Important functionality might not be entirely working.
[  180.437918][ T5873] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  180.450576][ T5873] pvrusb2: **********
[  180.557658][   T24] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  180.567500][ T2346] pvrusb2: Invalid write control endpoint
[  180.586908][   T24] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  180.611596][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  180.654811][   T24] usb 3-1: config 1 has no interface number 0
[  180.705913][   T24] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  180.746789][ T5864] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  180.780636][   T24] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  180.810144][   T24] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  180.819411][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.867976][ T5873] usb 2-1: USB disconnect, device number 2
[  180.916998][ T2346] pvrusb2: Invalid write control endpoint
[  180.919075][   T24] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  180.955393][ T2346] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  180.999613][ T2346] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  181.038888][ T2346] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  181.073041][ T2346] pvrusb2: Device being rendered inoperable
[  181.106408][ T2346] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  181.135539][ T2346] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  181.254314][ T2346] pvrusb2: Attached sub-driver cx25840
[  181.268848][ T7675] Invalid/unusable pipe
[  181.279978][ T2346] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  181.321590][ T2346] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  181.568438][   T24] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  181.889826][ T5934] usb 3-1: USB disconnect, device number 4
[  181.918842][ T5934] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  182.064760][ T7684] loop1: detected capacity change from 0 to 256
[  182.182361][ T7684] FAT-fs (loop1): Directory bread(block 64) failed
[  182.220387][ T7684] FAT-fs (loop1): Directory bread(block 65) failed
[  182.259951][ T7684] FAT-fs (loop1): Directory bread(block 66) failed
[  182.266543][ T7684] FAT-fs (loop1): Directory bread(block 67) failed
[  182.309922][ T7684] FAT-fs (loop1): Directory bread(block 68) failed
[  182.343553][ T7684] FAT-fs (loop1): Directory bread(block 69) failed
[  182.365397][ T7684] FAT-fs (loop1): Directory bread(block 70) failed
[  182.390014][ T7684] FAT-fs (loop1): Directory bread(block 71) failed
[  182.420549][ T7684] FAT-fs (loop1): Directory bread(block 72) failed
[  182.425781][ T7671] loop3: detected capacity change from 0 to 32768
[  182.453059][ T7684] FAT-fs (loop1): Directory bread(block 73) failed
[  182.468534][ T7671] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.516 (7671)
[  182.572585][ T7671] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  182.574173][ T7689] loop5: detected capacity change from 0 to 256
[  182.633248][ T7671] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  182.675269][ T7689] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  182.746115][ T7690] netlink: 360 bytes leftover after parsing attributes in process `syz.2.523'.
[  182.825241][ T7689] exFAT-fs (loop5): error, data size is invalid(150994954)
[  182.903401][ T7689] exFAT-fs (loop5): Filesystem has been set read-only
[  182.934241][ T7671] BTRFS info (device loop3): enabling ssd optimizations
[  182.976753][ T7671] BTRFS info (device loop3): enabling free space tree
[  183.129008][ T7710] loop2: detected capacity change from 0 to 8
[  183.159442][ T6039] ------------[ cut here ]------------
[  183.165521][ T6039] WARNING: kernel/rcu/sync.c:177 at rcu_sync_dtor+0xcd/0x180, CPU#0: kworker/0:6/6039
[  183.175400][ T6039] Modules linked in:
[  183.179671][ T6039] CPU: 0 UID: 0 PID: 6039 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT(full) 
[  183.189145][ T6039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  183.199498][ T6039] Workqueue: events destroy_super_work
[  183.205358][ T6039] RIP: 0010:rcu_sync_dtor+0xcd/0x180
[  183.210752][ T6039] Code: 18 e8 87 c7 00 00 43 0f b6 44 25 00 84 c0 0f 85 82 00 00 00 83 3b 00 75 1f 5b 41 5c 41 5d 41 5e 41 5f 5d e9 85 b4 de 09 cc 90 <0f> 0b 90 e9 66 ff ff ff 90 0f 0b 90 eb 8a 90 0f 0b 90 eb db 89 d9
[  183.231207][ T6039] RSP: 0018:ffffc9000aa9f9c8 EFLAGS: 00010246
[  183.238517][ T6039] RAX: 0000000000000002 RBX: ffff88807eb48350 RCX: 7b5ecd201a2fa700
[  183.247589][ T6039] RDX: 0000000000000000 RSI: ffffffff8c035de0 RDI: ffff88807eb48350
[  183.256027][ T6039] RBP: 0000000000000260 R08: ffffffff8e1df86f R09: 1ffffffff1c3bf0d
[  183.264207][ T6039] R10: dffffc0000000000 R11: fffffbfff1c3bf0e R12: dffffc0000000000
[  183.272281][ T6039] R13: 1ffff1100fd6906a R14: ffff88807eb48350 R15: dffffc0000000000
[  183.280384][ T6039] FS:  0000000000000000(0000) GS:ffff8881259f1000(0000) knlGS:0000000000000000
[  183.289356][ T6039] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  183.296045][ T6039] CR2: 0000001b33409ff8 CR3: 0000000069db4000 CR4: 00000000003526f0
[  183.304139][ T6039] Call Trace:
[  183.307450][ T6039]  <TASK>
[  183.310702][ T6039]  percpu_free_rwsem+0x40/0x80
[  183.315508][ T6039]  destroy_super_work+0xee/0x130
[  183.320586][ T6039]  ? process_scheduled_works+0x9ef/0x17b0
[  183.326356][ T6039]  process_scheduled_works+0xae1/0x17b0
[  183.332044][ T6039]  ? __pfx_process_scheduled_works+0x10/0x10
[  183.339105][ T6039]  worker_thread+0x8a0/0xda0
[  183.344719][ T6039]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.351171][ T6039]  ? __kthread_parkme+0x7b/0x200
[  183.356168][ T6039]  kthread+0x711/0x8a0
[  183.360335][ T6039]  ? __pfx_worker_thread+0x10/0x10
[  183.365491][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.370197][ T6039]  ? _raw_spin_unlock_irq+0x23/0x50
[  183.375442][ T6039]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.380841][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.385472][ T6039]  ret_from_fork+0x47c/0x820
[  183.390233][ T6039]  ? __pfx_ret_from_fork+0x10/0x10
[  183.395408][ T6039]  ? __switch_to_asm+0x39/0x70
[  183.400634][ T6039]  ? __switch_to_asm+0x33/0x70
[  183.405436][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.410145][ T6039]  ret_from_fork_asm+0x1a/0x30
[  183.414986][ T6039]  </TASK>
[  183.418035][ T6039] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  183.425337][ T6039] CPU: 0 UID: 0 PID: 6039 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT(full) 
[  183.434707][ T6039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  183.444776][ T6039] Workqueue: events destroy_super_work
[  183.450343][ T6039] Call Trace:
[  183.453625][ T6039]  <TASK>
[  183.456561][ T6039]  dump_stack_lvl+0x99/0x250
[  183.461158][ T6039]  ? __asan_memcpy+0x40/0x70
[  183.465750][ T6039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.470950][ T6039]  ? __pfx__printk+0x10/0x10
[  183.475557][ T6039]  vpanic+0x237/0x6d0
[  183.479538][ T6039]  ? __pfx_vpanic+0x10/0x10
[  183.484042][ T6039]  ? is_bpf_text_address+0x292/0x2b0
[  183.489351][ T6039]  ? is_bpf_text_address+0x26/0x2b0
[  183.494563][ T6039]  panic+0xb9/0xc0
[  183.498289][ T6039]  ? __pfx_panic+0x10/0x10
[  183.502714][ T6039]  ? ret_from_fork_asm+0x1a/0x30
[  183.507679][ T6039]  __warn+0x334/0x4c0
[  183.511664][ T6039]  ? rcu_sync_dtor+0xcd/0x180
[  183.516349][ T6039]  ? rcu_sync_dtor+0xcd/0x180
[  183.521036][ T6039]  report_bug+0x2be/0x4f0
[  183.525377][ T6039]  ? rcu_sync_dtor+0xcd/0x180
[  183.530068][ T6039]  ? rcu_sync_dtor+0xcd/0x180
[  183.534759][ T6039]  ? rcu_sync_dtor+0xcf/0x180
[  183.539443][ T6039]  handle_bug+0x84/0x160
[  183.543701][ T6039]  exc_invalid_op+0x1a/0x50
[  183.548206][ T6039]  asm_exc_invalid_op+0x1a/0x20
[  183.553054][ T6039] RIP: 0010:rcu_sync_dtor+0xcd/0x180
[  183.558340][ T6039] Code: 18 e8 87 c7 00 00 43 0f b6 44 25 00 84 c0 0f 85 82 00 00 00 83 3b 00 75 1f 5b 41 5c 41 5d 41 5e 41 5f 5d e9 85 b4 de 09 cc 90 <0f> 0b 90 e9 66 ff ff ff 90 0f 0b 90 eb 8a 90 0f 0b 90 eb db 89 d9
[  183.578044][ T6039] RSP: 0018:ffffc9000aa9f9c8 EFLAGS: 00010246
[  183.584141][ T6039] RAX: 0000000000000002 RBX: ffff88807eb48350 RCX: 7b5ecd201a2fa700
[  183.592116][ T6039] RDX: 0000000000000000 RSI: ffffffff8c035de0 RDI: ffff88807eb48350
[  183.600095][ T6039] RBP: 0000000000000260 R08: ffffffff8e1df86f R09: 1ffffffff1c3bf0d
[  183.608070][ T6039] R10: dffffc0000000000 R11: fffffbfff1c3bf0e R12: dffffc0000000000
[  183.616058][ T6039] R13: 1ffff1100fd6906a R14: ffff88807eb48350 R15: dffffc0000000000
[  183.624068][ T6039]  ? kfree+0x4d/0x6d0
[  183.628150][ T6039]  percpu_free_rwsem+0x40/0x80
[  183.632920][ T6039]  destroy_super_work+0xee/0x130
[  183.637861][ T6039]  ? process_scheduled_works+0x9ef/0x17b0
[  183.643761][ T6039]  process_scheduled_works+0xae1/0x17b0
[  183.649343][ T6039]  ? __pfx_process_scheduled_works+0x10/0x10
[  183.655350][ T6039]  worker_thread+0x8a0/0xda0
[  183.659955][ T6039]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.666310][ T6039]  ? __kthread_parkme+0x7b/0x200
[  183.671266][ T6039]  kthread+0x711/0x8a0
[  183.675342][ T6039]  ? __pfx_worker_thread+0x10/0x10
[  183.680457][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.685051][ T6039]  ? _raw_spin_unlock_irq+0x23/0x50
[  183.690253][ T6039]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.695455][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.700049][ T6039]  ret_from_fork+0x47c/0x820
[  183.704653][ T6039]  ? __pfx_ret_from_fork+0x10/0x10
[  183.709775][ T6039]  ? __switch_to_asm+0x39/0x70
[  183.714545][ T6039]  ? __switch_to_asm+0x33/0x70
[  183.719306][ T6039]  ? __pfx_kthread+0x10/0x10
[  183.723901][ T6039]  ret_from_fork_asm+0x1a/0x30
[  183.728686][ T6039]  </TASK>
[  183.732010][ T6039] Kernel Offset: disabled
[  183.736330][ T6039] Rebooting in 86400 seconds..