last executing test programs:

2m30.642760812s ago: executing program 1 (id=35):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000100)={[{@nodiscard}, {@nocheckpoint_merge}, {@discard_unit_block}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x1f}}, {@discard}, {@noacl}, {@fsync_mode_posix}, {@alloc_mode_def}, {@discard_unit_block}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfdffff}}]}, 0x1, 0x5517, &(0x7f0000005880)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eTuhEAiCKNj3qf7JRmzo0uDGIEIVCIcZRlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ile15f3jE9jT/LttPHreCT5d9VYumqsPWhsPRjzr8eNLwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GTnXl7rqMIAgH9zX32oNEbJIuIDXOjGpre1tTtxoQQX/glCSG/b2FsfbRa2BDEbd5J1N6JLEUGJu/4PXbfQTd11kUUF18qZRzJJK14fnblNfj84c74ZhjnfmYGQb84kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLL1zk7cTZuZIu6Ux24/WFtO/Z09fXJz4+58ainOmkz6yfBifSebay8RAAAADo5uVd9HxL3+5mLqOzN5/d+vzkk1/7fPFHFVz++t+6u+qv1T++Xn+89vDzRTjJMuen5lPDrxcCq9xzfL6Xbsb8/o5Xc+f/fSzR9I5/3157b6+f3Mvr51691BHh5qIlsA4N84XvVlUP0+lPphm4kBsJ/19u5UB6r6vzvTSl4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjdpaj6eqOIuI+d5OnNx5sLZc9IeX6/s3N+7OV+3MjRsb8eXONdMl+hFxfmU8OtHobKbb1WvXLy2Nx6MrzQcvR0Rbo79dTv/ShxOcHNHK/RH8T0GnfNjTks+TEbT4QwkAgH2pX7YsXroYsbmYjmWzEX98t7v+f60Wx676f+0v6//7F8/cro9Vr/+Hjc1w+i2sXv504eq162+sXF66MLow+vjNk8O3hqfOnj59diF/V7LgjQkAAAD/zaBsqa6/1y/q/87sw+v/R2txTFj/f/bN8Iv6WF31/yPtLPq1nQkAAMDB9uwrv/+WPeJ4NhjE50urq1eGxXZ7/2SxbSHVf+xQ2er1f3e27awAAACAJmytZ7vW/8/V4phw/f/p71/4MSKOVdfpRsSRcv3/+PIn43PNTmlqNfHnxG3PEQAAgHYdKVt9/b+ff//f2f7koRMRr79axOW/AZyo/u++99UP9bHq3/+fam6KU6kzV9yPvJ+L6M21nREAAAD72eGypWL/1/7m4kc/Hf1g4Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKb9GQAA//9wNz5R")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2042, 0x58)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

2m29.357756016s ago: executing program 2 (id=40):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0x7000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x1aca, 0x1f480, 0x0, 0x396})
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@jqfmt_vfsold}, {@user_xattr}, {@nodioread_nolock}, {@nogrpid}, {@norecovery}, {@errors_remount}, {@nodioread_nolock}, {@nojournal_checksum}]}, 0x1, 0x590, &(0x7f0000000b00)="$eJzs3d9rW2UfAPDvSX9s6/a+62CM9xWRwi6c6NK19ccEwXkpOhzo/QhtLKPpMpp0rHWw7cLdeCNDEHEgXnin4KWXw3/Av2KgwyGj6IU3lZOetNmSrG2WNZn5fOCU5znnJM/zzXmeJ8/pk5AABtZE+icX8f+I+DyJOBwRSXZsOLKDExvnrT24OptuSayvf/hHUjsvzdefq/64g1nmfxHx86cRL+eay62srC4USqXiUpafrC5emqysDMWFxcJ8cb54cXpm5vRrM9NvvvF612J96dxfX31w593Tnx1f+/KHe0duJXEmDmXHGuN4AtcbMxMxkb0mI3HmkROn9nehtD6S9LoCdGQo6+cjkY4Bh2Mo6/XAv9+1iFjv1NsdPxLoC0nn/R94ptXnAfV7+y7dBz8z7r+zcQPUHP/wxv9GYn/t3mhsLXnozii93x3vQvlpGT/9dvtWukX3/g8BsK3rNyLi1PBw8/iXZONf507t4JxHyzD+wd65k85/Xmk1/8ltzn+ixfznYIu+24nt+3/uXheKaSud/73Vcv67uWg1PpTl/lOb840kH18oFdOx7b8RcSJG9qX5qceUcXrt7nq7Y43zv3RLy6/PBbN63BveFw+99nOFauEJw950/0bEcy3nv8nm9U9aXP/09Ti3wzKOFW+/0O7Y9vE/XevfRrzY8vpvrWglW+uTqyeb1ycna+1hst4qmv1589gv7cpvjn809jL+9PqPPT7+8aRxvbay+zK+2f93sd2xh+KP9u2/Udr+R5OPaunRbN+VQrW6NBUxmrzfvH9667H1fHZ+Mnwj4sTxx49/rdr/gRZr2u3cPPr98zuKv7H9/7jz538S6fWf29X1333i7nuffL3r+Del1//VWupEtmcn49929RrruDUDAAAAAABA/8pFxKFIcvnNdC6Xz298vuNojOVK49kXVeei9l3Z8RjJ1Ve6Dzd8HmIq+zxsPT/9SH4mIo5ExBdDB2r5/Gy5NNfr4AEAAAAAAAAAAAAAAAAAAKBPHGzz/f/Ur0O9rh3w1PnJbxhc2/b/bvzSE9CXvP/D4BrtdQWAnvH+D4NL/4fB1dD/9/WyHsDe8/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBXnTt7Nt3W1x5cnU3zc5dXlhfKl0/OFSsL+cXl2fxseelSfr5cni8V87Plxe2er1QuX5qajuUrk9VipTpZWVk9v1hevlg9f2GxMF88XxzZk6gAAAAAAAAAAAAAAAAAAADg2VJZWV0olErFJQmJjhLD/VGNjUTapBv2XKsnRntdsRaJ37/ri2q0S/R6ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf8EAAD//1oRL9w=")
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000100)=0x800)
io_uring_enter(r0, 0x3ab, 0x6933, 0x17, 0x0, 0x0)

2m28.980736949s ago: executing program 1 (id=41):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x4, 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x80186e84, &(0x7f0000000080)={@desc={0x40002, 0x0, @desc1}})

2m27.894573681s ago: executing program 2 (id=45):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4e20, @remote}, 0x10, 0x0}, 0x3000d041)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f000000000000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

2m27.889250221s ago: executing program 1 (id=46):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
rt_sigqueueinfo(0xffffffffffffffff, 0x28, &(0x7f00000000c0)={0x2, 0x0, 0xfffffff7})

2m27.722272971s ago: executing program 1 (id=48):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000000040)={[{@nodatacow}, {@flushoncommit}]}, 0x11, 0x5109, &(0x7f000000f400)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVioGFVN1SiVkNOURwgUIUFNSJSKOpGrmXvP7J1zdx6Odx1v+vtJ3jkz//O8c2c85947ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8fjt3xhotaxd981SPf/u4Db//44Y8s3P3EVz51RwjTtce7snDXxac+11s5+Z7vHfrpF7+wad2jp/vzcnk8rKn+6c7vfCLW+ou1IXyjK4TeNLB+OAv05feHY32vGg5hXVgM1EvMDGUl0obDDwZDOBIWA/WqvjUYwnAhsO3R7z/0mWrinsEQLg0hVNI2flzJ2hhMA5f1Z4GhNHBrbxb4nzOZeuCb3VkAzll8MdR3+oXpxgxjS5drsv/1LVvHXlzp8HpiYqx5vt9uXeFOFfSnD0yf09NWqo4VUXp5HPdqWwWvttJ2vsvTVvwglX9CObMYqoTuXTM37Dgwtz8+0h0mJnqa1bRCz/NjT31059mkV81+GDswtiz74b2f//nHvvTktfff98l3XP/gM78fP9dunixs0mJ6pVVCvs+tmucx2uL9ZBW8/EqfksbbPm21Ii/xD12f/tnf/kmreGn+P9Z6/h9353jb3ZA71np6JJubx0eGY+LUSDY3BwAAgFVjNRw1nf/K1VOt6ivN/8c7O/8fT/nnk/lstMdD2FJL3D4awiW1x7PAsdjcB0dDeG0tNd0Y2JoEjofwilriinpVSYmBWGI8CfxqJA9sSQInYmA6CXw5Bu5KAp+IgYUksDMGjieBt8ZAmG0cxx+P5OPoODAYA9uzjbgQr0J4eiS2lmyrx+tVAQAALJN8dtjXeLdwrcO5ZojTy4XBdhniFdhNM1SSGtIZbH1a1bSG3nY1dLeroT7u+dbDL9Xc1a7m0mUYXY0Z9n70d38WWijN/ydbz/8rS3Skq3T+P4Tran9j7u48MlePb59uyAAAAACcgzVbb9nWKl6a/2/p7Pr/eEykp5A5PBwPQ+weDWGyMZBVe3U5kJ31XpMHAAAAYDWon4+vnwufzW+zS7TT+XQ5//RZ5o8n/rcsmf/X73zTTa36W5r/T3d2/f9Q423WiROxF58dDWGgEPhh7GU1UDMeAz97S2MgH/+JuAHujFXlFybUq7ozltgeA5NJ4EizEo/US1zSGMifrHrjt9fHMZuXKAQAAADgvIuHA+J5+Xj9/2MHTr6tVbnS/H/72V3/X5sHly7vn1sTwobeEHrSLwY8PJQtDBgDw1154rtDWV09aVWHhkK4pjqwtKon8vX/e9M1Bh8dzKqKgUte99WnLqsm/m4whA3FwI/ef3RTNbE/CdQbf99gCK+pjjZt/OsDWeN9aeP3DoTw6kKgXtUHB0KoNtafVvX9Sv47BmlVD1ZCuKgQqFe1uRLCwQDAKhX/K91VfHDfwdt275ibm9m7gol4DH8w3DA7NzOx89a5XZUmfdqV9LlhGaND5TE1XQ4p8Xi+RNGx564a6SRd/57gZLEv+XH80oWD+f34WaivNs6pvoa7V6ZDfsPry02EwiepF2vIQ8VKFp/EUv0xf39YEwYO7JvZO/HhHfv3792Y/e00+1T2Nw4q21Yb0201tFTfLoDd4/JiJRv237xnw76Dt62fvXnHjTM3ztwyNfnGTZs3TU1u3ryhOqrJ7G+boV6+VNXJUM8cPf9DfWVvoZLz8a4hISGx2hLztx9d0+rtpzT/39N6/h/fdeI7f74+Q7Pz/2PxNH/2+OJp/u0xcKTT8/9jzc7m1y8MGE8C8zEw7zQ/AAAALw3xcGQ87BiPWvcfvfI3rcqV5v/znX3/f5nW/68vXf+uZsv8XxFLTDZb/z9d5r++/v98s/X/02X+6+v/H3kR1v8/UA8km+Rp6/8DAAAvBedv/f+2y/unPxBQytB2ef/0BwJKGdou49/pDwSc9fr/Uzf99BehhdL8/67O5v8W7gcAAIALx93/9NRrWsVL8/8jnc3/z//6f6HZ9f/jzQLTzRYGtP4fAAAAq1Sz9f/OjP7F+1qVK83/Fzqb/8fLLrobcsdaT49ka9qFdE27UyP1rwwAAADA6tAdJib6OszbsDLq1hfe5mP5UqCt0kU/vPq/bmxVX2n+f7yz+X/D9zLu/fzPP/alJ6+9//R9n3zH9Q8+8/vxxfP/AAAAwMrp9LgEAAAAAAAAAAAAAADw4jvwgX891Spe+v5/uK72eLPv/8ff/YvfL3h5Q+5Ya/v1//L72979wMHakoUPj4Tw+mJg9+Hd60L+2/yXFwMPXX/FxdXE4bTEd37y1l9WEx9IA+9c/7Jnq4lrksD2uEjiK9JA/FXFZ9cmgbi84r+ngbg9FtJAfx749NpsHF3ptvr1cLatutJt9R/DIYwWAvVt9Y3hrI2udID3JIH6AD+UBuIA35MHutNePbAm61UMDMeif7Mm6xUAABes+CmwL9wwOzczGT/Cx9tX9jbeRg1Llh0qV9vTYfOP50uTHXvuqpFO0j3pZ9HF3xrvC5XqEDaWPq4Ws3TVRrk8tbTZdC9vMuR2q72t1Kbrbz6iwWxEEztvndvV13bgV7bPMtXbNsvG0mSnmKW7tkk7qKWDvnQwog63TQddjve7w8RET5LrTTE4Fhq02yM6/b5+cZ2/ZntBMc+hub7nW9VXmv+PdTb/rxTH9Wz+YwDz8Zf1/nLUMv8AAACwsj699Q/3xX/fGX3vf7bKW5r/j3c2/48HxvJTwdnRjuPx9/9vHw2h9tP6Y1ngWGzug6MhvLaWmo4lsh/Uf1csMZkFjsUDJlfEEtunG6saiIGFJPCrkTxwPAmciIH8KMVXQ34o5+6REDbVUtc1ltgTS4wlgffGwHgSmIiBySSwNga2JIHfrM0D00ngX2IgzDZuq39Ym28rAACAs5HPs/oa74Z0nrfQ2y5DV7sMQ+0ydLfLUGmXodko4v2vxQx9xfPxeYb4UF9a62BSSylD/DH8s+5XKUN4pDFnWrDUdP1KkrHGnDHDtoXDa0MLpfn/ZGfz/6HG26z1E3H+v/j7f1ngh7F7n42Xjo/HwM/e0hjIDwyciJPdO+tVTecl8kn7nbHElhgYTwJ7YmBLEth+XR44cnFjIJ9p1xu/vd74bF6iEAAAAIDzLh4giIdp4vz/vwee/+tW5Urz/y2dzf9je2uKjX0i1vqLtSF8o2uxN/XA+uEsEI9jDMevx79qOIR1hQMc9RIzQ1mJ/qTh8IPB7Bvq/WlV3xrMvnwQ72979PsPfaaauGcwhEsLR1/qbfy4krUxmAYu688CQ2ng1t4sEI/81APf7M4CcM7qRwXjDpVf6lI3tnS5JvvfS+U3QdPhlY6BLpFvqe9crZRK+kB+TLXu7J62UnWsjHT7H/dqWw2vtufz/4Pr/fJqK36QOpNsnuoQu3fN3LDjwNz++Ejxm6wlK/Q8F7+l2kl6GfbD+Rfe26i7aaSSdmAyefuYXLrc0vthV6zu3s///GNfevLa++/75Duuf/CZ34+362C7/Td+UfiWm/535GRh8660Ssj3uQv+/SR9YNr7yWr4byB9YNzTFkK4Y+GSp1vFS/P/6c7m/73Jbc0f4sbcNxrCGwob9+G4+d82mr0PFgLZu+RF5UB2yv3JkabvnAAAALDc6oc76scLZvPb7ILwdJ5czj99lvnj8YotS+bvtN8fufTSf2wVL83/t7ee/w8k3XT+3/l/Vojz/0u60A9FD6QPzJ/ToehSdayI0svD+f+wCl5tpTM1zv8H5/+X7N8ynP9vzvn/lpz/X90u9Ket9Clpjw9dIYTBr1/9SKt4af6/p7P5v/X/ll60r77+3/Zm6//tabb+37z1/wAAgBXVZKG5dJ5XWr2vlCFdva+Uoe0CgW2XGLT+31mv/zf0V+//XWihNP+f72z+H3eHNcXWV8v6f+PXNanqrhjYY2FAAAAALkTNDhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw4vrVyaG3t4q/+apHvv3dB97+8cMfWbj7ia986o4QZmuPd2XhrotPfa63cvI93zv00y9+YdO6R09X8nJ9+e0fNeSOtZ4eCeFI4ZHhmDg1Ur2zGNj27gcO9lYTD4+E8PpiYPfh3euqiS+PhHB5MfDQ9VdcXE0cTkt85ydv/WU18YE08M71L3u2mrgmD3Sl3b1/bdbdrrS7n1kbwmghUO/uTWsbq6q3cW0e6E7b+PvhrI0YGI5F7xvO2oiBuVhidiCEDb0h9KRV/XMlq6onrerblayqnrSqj1dCuCaE0JtW9ZP+rKredOT/1p9VFQOXvO6rT11WTRzpD2FDMfCj9x/dVE18KAnUG//T/hBeU91l0sa/1pc13pc2fk9fCK8OIfSnJZ7pzUr0pyWe6A3hokKg3vif94ZwMPCSEN98dhUf3Hfwtt075uZm9q5goj9vazDcMDs3M7Hz1rldlaRPzXQV0mcOlePdHY798ac+urN6e+y5q0Y6Sffm5fpqXZ7qa7h75XL1vmuFeh/7NVSsZPH5KNUf8/eHNWHgwL6ZvRMf3rF//96N2d9Os09lf3vyaLatNi7XturUC91Wlxcr2bD/5j0b9h28bf3szTtunLlx5papyTdu2rxpanLz5g3VUU1mf5djqEfL8Z4VHuorewuVnI83AAkJidWW6G54d5u80P/LLn3QX+xoX6jU3qBL04pilq7aKJdj0Ftbx89y0NUeNf+c0nZEG0sTh1KWqfZZrixNJhazDGZZap/rSpPDYk3dtU0a73eHiYmm/9ONNd4tbr7fLrF5O/VYvuk6TQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA///jqU04")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x2000)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x64942, 0x0)
sendfile(r1, r1, 0x0, 0x1000200201005)

2m27.541079272s ago: executing program 2 (id=50):
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'wlan1\x00', 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000380)=ANY=[], 0x0)

2m25.603508235s ago: executing program 1 (id=54):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000001c0)=ANY=[], 0x1, 0xf1e, &(0x7f0000006600)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcRXnvfXuiye7nqxnd72/n/T32zdvPP//eCNnZjz7JgBjq7H+9fDhpSKED754/4nXni1+d2XZva019q1/LWKvGUKYausX2fa+igsunX/12GZtEQ6uf0398OS51vfOhRDOhH3hy9AMn66sXvjkw8f3f/bW7O3vnn7+9W3a/ZZ8PwAAYCc6+5fVfzz4rz8/vHjx7N6jYaa1PB2fN2N/Lh73H4gHyul4uRE6+0VbtJvO1puI0cjWm8jWm8zyTJbkm8q2M1Wy3nSXfBNtyzbbTwAAABhF6by2GYrGcke/0Vhevnref8VXC9PF8osnV0+cGlChAAAAQGX/fWP9plshhBBCCCGEEH2M1j3KQ1CLEFdibWGw1x8AAACA8ZPPF3aNM/2dqau1tWZv+c891tj8+6EP6v73L/9o5f/4Tb9xAACobqceTab9SsfRaR6DfB7Biez7tnr838i2M7nFOsvmFRyV+QbL6sx/rsOqrP6tvo+DUlZ/Ph/msCqrP5+nc1iV1T9Tcx1VldU/W3MdVZXVv6vmOqoqq393zXVUVVb/XM11VFVW/3zNdVRVVv9NNddRVVn9e2quo6qy+kflttqy+ps111FVWf2LNddRVVn9N9dcR1Vl9d9Scx1VldV/a811DMo9sU0/h73ZePv5c35ONyrneAAAADDu/mf+PyGEGNto3esyBLUIIW40bhuCGoQQQgxzvDHYyw8AAADAEEifC0ifel+L0vhEl/HJLuNTXcanu4zPdBkHAAAAQvj92yfufK/Y+Jz/jc6Htz5vVGNj/qWtzmOUz0e41fw3Ou9Z2trV+i9sOf+ozFsGAADAeCm+/+Xlh5746OXFi2f3Hm07+74cz3fTPKCT8drA57Gf7guYz/pFOoc+2pmnUbJefn3gprLtPXWDOwoAAABjLJ2/N0OxfsrdaPUbjeXljfPxpTBVnDi5evxA7Kfns/xpYWpUHrUEAAAAY2vjfL9oLG9y/p+e47sUpovlF0+unjh1tT/fWj7VaL8usLCxfP16waOt7XUuP1iy/FDsp+d3/nBh1/ry5WM/Wn223zsPAAAAY+LUK6eff2Z19fiPN32RPs1+vXW28iJ9vmAr3xVCEfqT3QsvvOj1xQB/KQEAANvi66/fn/rJofk/XP38/8b8d+nz//tivxnn9vtrXCHdJ5A+B3DN5/Wf7syzULbeS53rNbP1JmLMZHXPtm0nhI35BtP3LZbla3ZuZ7ok31yWbz7Ll89TMJmtn/LtyZbn8xOm9Ray5fk8jJNZjiLLf18AAACAcisvv/DSyqlXTj9y8oVnnjv+3PEXDx088r0jRw48+t1HV9bv619pv7sfAAAAGEUbN/0OuhIAAAAAAAAAAAAAAAAAAAAYX3U8TmzQ+wgAAADj7j9vhBDOCCFK4uojMPu/3Y0nUQ5+H8XOjV1DUIMQQoh+x8XrjE0MQX1CiKGNtbX8SfMAAAAA2+vS+VePtbfXOFP0NV9ra/GvsZdj3tTOP/L3xSuRVjv3WOf1kt19rYZxV/e/f/lHK//Hb/Y3/2x60fPvv0bnBo5Wy/vAyq+W2vPfNdlj/nz/n6qWf3+W/4HQW/61j7L8T1fL/2CWf3eP+a/Z/5eq5X8o5l+K/f3395q/8/2fiW3aj13XS9r2X+d3sv1/NvSaP9v/Zo87nHk45geAcdQYdAHbJB0lpOPoudhP+xsPN0N+98NWj/8b2XYmb7jyzu2m46A7Yj8dL81neZOt1j+Xbe+minXmRuWukrL6+/U+brey+qdqrqOqsvqna66jqrL6Z2quo6qy+mdrrqOqsvqvex46RMrqH5XrymX1z9VcR1Vl9c/XXEdVZfVv9f/xQSmrf0/NdVRVVv9CzXVUVVZ/xctqtSurf7HmOqoqq//mmuuoqqz+W2quo6qy+m+tuY5BuTu2ZefD6fxzIY6lfjPrz2zys9yp1xYAAABg1Pzb/H9iVOLw/OBrEEKIvsWuIahBjHfEv/4MvA4hdkasrV1eu2LQdQhxvVhbG/QVCAZpez/NDMCw8vt/vHn/x5v3f7x5/7medA9/kfWTiS7jk13Gp7qMT2fj+b/XmS7jt2TbXYvS+K1dxm/rMr6ny/gdXcaXuozf2WX8ri7jd3cZBwAAYDzcHlvnhwAAALBzvfbrz9/57QNPn1+8eHbv0TB9zbzzB2J/Jv5t/e3Yz+e9T6bi3/x/Gvu/jO0fY/vPbH33nwAAAMD2S8+J8fd/AAAA2LnSc0qd/wMAAMDOtRhb5/8AAACwc90cW+f/AAAAsIMVs5svjm26LnBfbHud1w8AGH7fiO09sd0b23tj+83YpuOA+2P7rZrqAwD65xc/+NmR94qN+f4PZeOX4vLUXuPM1SsFRaNzJv9dsd0d22/3WE/+PIBe8yd7esyzXfkXbjA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBzNNa/Hj68VITwwRfvP/Hz6Xf+dmXZva019q1/LWKvGUKYan1fGt3o/yaueOn8q8fa28uxLcLBUISitTw8ea6VaS6EcCbsC1+GZvh0ZfXCJx8+vv+zt2Zvf/f0869v44+gY/8AAABgJ/p/AAAA//9D9Bis")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
creat(&(0x7f0000000040)='./file1\x00', 0xd)

2m24.772956823s ago: executing program 1 (id=56):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r1, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, "8000"}, 0x0, 0x2, {}, 0x20800})
close_range(r0, 0xffffffffffffffff, 0x0)

2m24.319954289s ago: executing program 2 (id=58):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb77, &(0x7f0000000c40)="$eJzs3c9vFFUcAPDvzG5LKWgX40GMCTUeIDFsW0BB4gE8Gg8mkqAnXPuDNCxgaE0sIbHcTLyowZMnT2qiR6+GGPXkweiJ/8CQEFP4A2pmdnZZ6W5LYcuQ8vkks/vePJb3nSbffW86bzoBPLHGs5c0Ym9EfJ5EjBX704gYzksjEcutf3dn5cp0tiWxuvrOv0kkEXF75cp0+/9Kivdd2Us1/2T89UvEM5W1/S4sXT7XaDZnLxX1icXzH04sLF0+OH++cXb27OyFQ69OHp567cixV44M7FiXjqaf/fnmG99dO/P1Hz8ee+HTJE7E7qKt+zgGZTzGOz+TbtWIeG/QnZWkUhxPr+MEAODxk3bN4fbGWFTyUstY1OdLDQ4AAAAYiE8iYhUAAADY5hLn/wAAALDNtdcB3F65Mt3eyl2RADwqt05GRK2V/+37+1st1VjO30diKCJG7yRddwa17veuDaD/8Yj44auj+7Ittug+fKC35asR8Vyv8T/J87+W/xWPtfmfRsTkAPofv6cu/+HReZj8PzGA/uU/AAAAAAAADM71k60L+Wuv/6Wd9T/R4/pfpce1uwex8fW/9OYAugF6uHUy4vWuZ/vc6cr/Qq1S1J7K1wMMJXPzzdnJiHg6Ig7E0I6sPrVOH9/+dPzvfm3d6/+yLeu/vRawiONmdcf/PzPTWGw8zDEDLbeuRjxf7ZX/SWf8T/qs/337Pvv47fTPc/3aNs5/YKusfhOxv+f4f/eJbsn6z+ebyOcDE+1ZwVqnX/z1+379y38oTzb+j66f/7Wk+3mdC5vvY3L04Nl+bQ86/x9OTuVPFR0u9n3cWFy8NBUxnLy1dv+hzccM21E7H9r5kuX/gZd6n/+vN//Pkuz94lsijYhG8Z7VP7inzx1nfv+iXzzGfyhPlv8zmxr/N1/48t2VU/36v7/x/0g+ph8o9vj9H6zvfhO07DgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcZJGxO5I0nqnnKb1esSuiHg2RtPmxYXFl+cufnRhJmuLqMVQOjffnJ2MiLFWPcnqU3n5bv3QPfXDEbEnIq6N7czr9emLzZmyDx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICOXRGxO5K0HhFpXk7Ter3V9s9Y2dEBAAAAA1MrOwAAAABgyzn/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh7dl3/UYSEcvHd+ZbZrhoGyo1MmCrpWUHAJSmUnYAQGmqZQcAlMY5PpBs0D7St8UMAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJsn/v9RtJRCwf35lvmeGibajUyICtlpYdAFCaStkBAKWplh0AUBrn+ECyQftI3xYzCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnycLS5XONZnP2koKCgkKnUPY3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvZfwEAAP//vlL7zw==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1, 0x3a, 'usrjquota=', 0x3a, '\x00\x03!\f\xee\x998r~\b\x13\x89\xae\xf1\x06hz\xcc\xd6\xbb\xb8\x19\x90\x9e\xdb\xa2F\xfa_F(\x05\b\x13\x82\x12\xad\x0f^\xdc\xf2\xb5', 0x3a, './file2', 0x3a, [0x46]}, 0x5c)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

2m23.500962517s ago: executing program 2 (id=60):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2}, 0x48)
close(r0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000780))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f00000014c0), &(0x7f0000001500)=r0}, 0x1d)

2m23.08572827s ago: executing program 2 (id=61):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000)
r1 = socket$inet6(0xa, 0x802, 0x88)
sendto$inet6(r1, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x20009, @mcast2}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

2m22.373195922s ago: executing program 32 (id=61):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000)
r1 = socket$inet6(0xa, 0x802, 0x88)
sendto$inet6(r1, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x20009, @mcast2}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

2m8.889516976s ago: executing program 33 (id=56):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r1, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, "8000"}, 0x0, 0x2, {}, 0x20800})
close_range(r0, 0xffffffffffffffff, 0x0)

1m44.304960345s ago: executing program 0 (id=160):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f00000002c0)="a6", 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)

1m44.022142052s ago: executing program 0 (id=162):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x20004, <r2=>r0, 0x80000})
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2})
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000140)=0x6)

1m43.665001213s ago: executing program 0 (id=163):
unshare(0x6a040000)
syz_usb_connect(0x3, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000e7d77f40c523998685f8c81803010902"], 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4}}, 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xffffffd9, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

1m42.019576678s ago: executing program 0 (id=170):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x8010, &(0x7f0000000480)=ANY=[@ANYBLOB="00e611ed6229b237ad2a184a94283e2b34c24caf7280c18475708140abe763dfb52cdb0ba0cdc8c572346d0a832984b36248c4fa844eda0af4b1652605421a7821dcfde12aa77458d811a84538a156b05b0ec3eaf24a90ceb5b7463d9fd38b49d41fbfa868653605702abe43d9c2c30aed4da0b8cc18c6b369f086a965442c1217f19a67a534064b7236a6660000000000"], 0x2, 0x18a, &(0x7f00000001c0)="$eJzs271u2mAUxvHHxnwU+kFLP6SqQ6eqSzFQibZbeykIXIRiEhSygCIluY8s2XJVuYIwZMsUIoztBIeJYJuE/2/hHB+9+DC8vEcIC8DW+quvMmQoN0u+FMpHFSPtlgAkZOq/3kx9pSmArZG5TrsDAOmY/JMGki6vDtvK5IKx4FMQzOqFIDHzD+aHyYmpz5a/3ijoRXS+OJO+Be9vFJesl4phveRdsyL17yrP6+ZLvdJrvVFZb/VOFb/eCdd/fNwwBADAljBUjeYLF0z977lOLcyzXl5X0T+kc17eCOvz/GeY57282t5zOzF+CgCrMFU9v59H938msv8tf/8DePqGo/FOy3Wd/YSC4PeBRG+6nkDHG9HGWoKsNqINgiWBpYRverG0lPIXE4DY2Qf9gT0cjX/0+q2u03V2m41m80/t96+67Q3+9uL4D+AZuTv00+4EAAAAAAAAAAAAAACs6r0+pN0CAAAAgITE9lyRIelU/LMYAAAAAAAAAAAAAAAAAIAY3AYAAP//XTAW7A==")
r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
fdatasync(r0)

1m41.359312317s ago: executing program 0 (id=173):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f00000000c0)=[0x0, 0x0, <r3=>0x0], &(0x7f0000000000), 0x3, r1})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000000)={0x7, r3, r1})

1m40.673216566s ago: executing program 0 (id=177):
setresgid(0x0, 0xee00, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x15)
setuid(0xee00)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

1m39.875014553s ago: executing program 34 (id=177):
setresgid(0x0, 0xee00, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x15)
setuid(0xee00)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

1m26.109041124s ago: executing program 4 (id=266):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x80047458, &(0x7f00000000c0)=0x40000)

1m25.844795069s ago: executing program 4 (id=268):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x3)
r2 = openat(r1, &(0x7f0000000080)='.\x00', 0x0, 0x44)
fchown(r2, 0xee01, 0x0)

1m25.564885555s ago: executing program 4 (id=272):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa1000000000000070100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000100000000000000000000850000007500000095"], 0x0, 0x0, 0x5c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)

1m25.354945017s ago: executing program 4 (id=273):
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1200808, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYRES64, @ANYRESOCT, @ANYRES8, @ANYRES16], 0x1, 0x1e6, &(0x7f0000000140)="$eJzs20tu00Acx/HfJGkSQ4HyXCCkILGADUmaikqsWs7BqmrTqsIFhNkkQsJcAM7AObgMB4AFO1YY+ZGm9aM1E9y0zfez8Xh+/dvjuu6MolgAFtamHsrIqBnuPGivfLltStU1qx4YgMoFyfZPYMOxqgJwXtR/p3uSFYA/n/EAOCs/X0jfJf349WFb9eyqPsz9SV5rZfNP0v1Gkpu2nPT64qv0eFJvrmTrG/E2zq/mHv/Jo8n5l3VN13VDK7qpW8aXifKdw/p7VmsgAAAWjVH3tLwr1QvSePLOrgqmlrT7LTurTzW1u+8OB6fka4V5K8q722/cnRPOAiBPrdTzX6wePX/9gnRJivLVZL9tO0wAFfBG45Zcd/jOG4WTfNQYv9py/6nhWFWVaZjKjpzfaKZ6go+SDns2bY8c6FiPc/T33PE6sw/exJ/SKB05ZcpryoteWgxjIxuFU8BsN8X4VuXLn5V7XbM1NlTqhzs598K60TqjP/7jjXn/ZwJQtd77g7c9bzR+un+wtTfcG74e9PvP15+tra4PetHKvnfS+h7ARTad9HXk20AAAAAAAAAAAAAAAOAiuaO74Sb92i4AAACAS+i/vTPUUOHrVvO+RgAAAAAAAAAAAAAAAAAALpu/AQAA///U5AZL")
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}, {@nfs_export_on}]})

1m24.401068443s ago: executing program 4 (id=278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x902, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000280)={0x0, &(0x7f0000000040)=[@cpuid={0x64, 0x18, {0x40000000, 0x9cdeff16}}], 0x18})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000002c0)={0x2, 0x0, [{0xb, 0x1, 0x7, 0x7, 0x7f, 0xf}, {0x0, 0xffff0002, 0x4, 0xb, 0x8, 0x5, 0x80}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m23.92875917s ago: executing program 4 (id=281):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "fc0300", 0x10, 0x2c, 0x0, @local, @mcast2, {[@fragment={0x3a}], @ndisc_rs}}}}, 0x46)
write$tun(r0, &(0x7f0000000240)=ANY=[], 0xfdef)

1m23.121567747s ago: executing program 35 (id=281):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "fc0300", 0x10, 0x2c, 0x0, @local, @mcast2, {[@fragment={0x3a}], @ndisc_rs}}}}, 0x46)
write$tun(r0, &(0x7f0000000240)=ANY=[], 0xfdef)

1m1.317854764s ago: executing program 6 (id=405):
unshare(0x22020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002140)=@base={0x19, 0x4, 0x8, 0x2}, 0x50)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x2)

1m1.025863262s ago: executing program 6 (id=407):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000340)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5800003a, r0, 0x0)

1m0.740900958s ago: executing program 6 (id=408):
r0 = socket$inet6(0xa, 0x3, 0x9)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x81, @empty, 0x1}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@private1, 0x800, 0x0, 0x103, 0x1, 0x0, 0x4}, 0x20)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e22, 0x38b5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, 0x2}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x180000, @empty}, 0x1c)

1m0.560934279s ago: executing program 6 (id=409):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x4, @desc3})
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "4135ae1e0fe721441705322225930e6c1e3e2a51747cb4d42e2b253a6e0236805b4377f7ab1a9b01c103a4c6a7ef54e60000d7264c39ea00c508ba6062696118", 0x3f}, 0x48, 0xffffffffffffffff)
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

59.540902298s ago: executing program 6 (id=412):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, &(0x7f00000005c0)={0x0, 0xa, 0x5, "6c21e940b0"}, 0x0, 0x0, 0x0, 0x0})

56.768838629s ago: executing program 6 (id=431):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='./file0/file0\x00')
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')

41.683033266s ago: executing program 36 (id=431):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='./file0/file0\x00')
sync()
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')

6.166251981s ago: executing program 7 (id=687):
r0 = socket(0x1, 0x80802, 0x0)
r1 = epoll_create1(0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x10000001})

4.46621508s ago: executing program 3 (id=699):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80b00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000080)={0x81, 0x0, 0x2})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000bc0)={0x2, 0x0, @ioapic={0x33325000, 0x40b, 0xa, 0xfffffffc, 0x0, [{0xc, 0x6, 0x6, '\x00', 0xb4}, {0x83, 0x7, 0x4, '\x00', 0x4b}, {0xfc, 0xe, 0x7, '\x00', 0xf8}, {0x0, 0xd, 0x40, '\x00', 0x2}, {0x8, 0x10, 0x8, '\x00', 0xa8}, {0x2, 0x6, 0x6, '\x00', 0xff}, {0x6, 0xe, 0x47, '\x00', 0x6}, {0x5, 0x8c, 0x4, '\x00', 0xe9}, {0xe, 0x4, 0x8, '\x00', 0x1}, {0x5, 0x7, 0x6, '\x00', 0x4}, {0x2, 0x69, 0x15, '\x00', 0x8}, {0xe, 0x7, 0x6, '\x00', 0x7}, {0x4, 0x8a, 0x80, '\x00', 0xdd}, {0x3, 0xf1, 0x6, '\x00', 0x9}, {0x7, 0x65, 0xb, '\x00', 0xfd}, {0x6, 0x9b, 0x19, '\x00', 0x5}, {0x7, 0x2, 0x24, '\x00', 0xa}, {0xef, 0x6, 0x9, '\x00', 0x4}, {0xf, 0x6, 0x6, '\x00', 0x9}, {0x9, 0x3, 0x3, '\x00', 0x4}, {0x1, 0x3, 0x7, '\x00', 0x4}, {0xd, 0x40, 0x7, '\x00', 0x9}, {0xfe, 0xfd, 0x7, '\x00', 0xff}, {0x92, 0x6, 0xfa}]}})

4.413508183s ago: executing program 7 (id=700):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x0, 0x0, &(0x7f0000000140))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x397)
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f0000000540), 0x4, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

4.153862568s ago: executing program 3 (id=702):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x10, 0x0, 0x5, 0x80}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)=[0xffffffffffffffff], 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x8)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

4.041464475s ago: executing program 3 (id=703):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="be6f88", 0x3}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280100000b008002", @ANYRES32=r2], 0x20, 0x6044}, 0x6)

3.95307262s ago: executing program 7 (id=704):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r1, 0x80)
accept4$netrom(r1, 0x0, 0x0, 0x800)

3.758973451s ago: executing program 3 (id=707):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x10, 0x2c, 0x0, @remote, @local, {[@routing={0x8, 0x0, 0x2, 0x21}, @dstopts={0x4}]}}}}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6004000000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aae638005b"], 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x18, 0x2c, 0x0, @remote, @local, {[@routing={0x2b, 0x2, 0x2, 0x1, 0x0, [@empty]}]}}}}}, 0x0)

3.624352189s ago: executing program 3 (id=708):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x32)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresuid(0x0, r1, 0x0)
add_key(&(0x7f00000003c0)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000380)='i', 0x1, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

3.491827546s ago: executing program 8 (id=709):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000180)={0x40, 0xc, 0x8, "61bcc4b3b6ade544"}, 0x0, 0x0})
syz_usb_connect$cdc_ncm(0x4, 0xc1, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x18, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xaf, 0x2, 0x1, 0x6, 0x50, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xb3a9}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x3, 0xff, 0x6}, {0x6, 0x24, 0x1a, 0xc, 0x14}, [@network_terminal={0x7, 0x24, 0xa, 0x5, 0x9, 0x5, 0x58}, @mbim={0xc, 0x24, 0x1b, 0x4, 0x2, 0xa9, 0xc, 0x9, 0x3}, @acm={0x4, 0x24, 0x2, 0x2}, @acm={0x4}, @acm={0x4, 0x24, 0x2, 0x2}, @mdlm_detail={0x34, 0x24, 0x13, 0x80, "ae0d62dced1e43f3661806f2f73f4b9c36d86a093869c2cd3c8b264833bfbdcb10547b267c48acfc0657fbf61a64cad2"}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0xe, 0xc}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x6, 0xb, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x9, 0x3, 0x7}}}}}}}]}}, 0x0)
syz_usb_connect(0x3, 0xf5, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f00000000c0)=ANY=[])
syz_usb_control_io(r0, 0x0, 0x0)

3.488771147s ago: executing program 3 (id=710):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x3a, 0x37, 0x5, 0x20, 0x781, 0x5, 0x5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xe6, 0x2, 0x2, 0x5b, 0xbd, 0x97, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000006c0)={0x44, &(0x7f0000000580)={0x0, 0x16, 0x1, 'T'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000100)={0x40, 0x12, 0x1, "ec"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)

3.172744505s ago: executing program 5 (id=712):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000740), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000080)=0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f00000000c0)={{}, 0x0, 0x0, 0x0, 0x0, 0xfffffffe})

2.695336963s ago: executing program 7 (id=713):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000079db8540da0b77010b7d000000010902120001000000000904", @ANYRES32, @ANYRES8=r0], 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r1, 0x0, 0x0)

1.977476014s ago: executing program 5 (id=714):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(r0, &(0x7f0000000540)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0xffffffff, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB='\a'], 0xd7)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000300), 0x8)

1.117646645s ago: executing program 8 (id=715):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x659b, 0x55)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @local}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x7d, 0x4)
recvfrom$inet(r0, 0x0, 0x0, 0x2043, 0x0, 0x0)

1.031798869s ago: executing program 7 (id=716):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xf1, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000003c0)=0x5, 0x4)
sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)

911.543816ms ago: executing program 8 (id=717):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000240)={0x1d, r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x4, 0x400008, 0xfff7, 0x80, 0xcc, 0x9, 0x0, 0x0, 0x4, 0x5}}, 0x50)
sendfile(r0, r2, &(0x7f0000000040), 0x10)

911.413877ms ago: executing program 5 (id=718):
openat(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', 0x8040, 0x104)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x40, 0x83)
fsync(r0)

506.31643ms ago: executing program 8 (id=719):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2, r0}, 0xc)

505.36425ms ago: executing program 5 (id=727):
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
close(r1)
socket(0x23, 0x80805, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x40000000})

317.886951ms ago: executing program 8 (id=720):
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
r1 = socket(0x2, 0x1, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SOCK(r2, 0xab00, r1)
ioctl$NBD_DISCONNECT(r0, 0xab08)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

317.720121ms ago: executing program 5 (id=721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f0000000180)=0x20000, &(0x7f00000001c0)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, &(0x7f0000000500)=0x2000000, &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{r0}, &(0x7f00000004c0), &(0x7f00000005c0)='%pK    \x00'}, 0x20)

188.452969ms ago: executing program 7 (id=722):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r0, &(0x7f0000000540)=""/88, 0x58)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

105.231034ms ago: executing program 5 (id=723):
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x42000, 0x0)
read$FUSE(r0, &(0x7f0000002600)={0x2020, 0x0, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
setreuid(r1, r1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x2, @local, 0x9}, 0x1c)
getpriority(0x2, r2)

0s ago: executing program 8 (id=724):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
r0 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x9, 0xa, 0x3})
mq_timedreceive(r0, 0x0, 0xfffffffffffffee3, 0x1, 0x0)
mq_timedreceive(r0, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mq_timedreceive(r0, &(0x7f0000000640)=""/155, 0x9b, 0x1000, 0x0)

kernel console output (not intermixed with test programs):

d by syz.5.90 (6481)
[  102.742939][ T6481] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  102.753454][ T1624] usb 1-1: Using ep0 maxpacket: 32
[  102.772100][ T1624] usb 1-1: config 0 has an invalid interface number: 230 but max is 0
[  102.787249][ T1624] usb 1-1: config 0 has no interface number 0
[  102.793849][ T6481] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  102.802576][ T6481] BTRFS info (device loop5): setting nodatacow, compression disabled
[  102.814673][ T1624] usb 1-1: config 0 interface 230 has no altsetting 0
[  102.838085][ T1624] usb 1-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  102.853796][ T6481] BTRFS info (device loop5): turning on flush-on-commit
[  102.860785][ T6481] BTRFS info (device loop5): using free space tree
[  102.869094][ T1624] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.883347][ T1624] usb 1-1: Product: syz
[  102.887538][ T1624] usb 1-1: Manufacturer: syz
[  102.892148][ T1624] usb 1-1: SerialNumber: syz
[  102.918998][ T1624] usb 1-1: config 0 descriptor??
[  102.938265][ T1624] ums-usbat 1-1:0.230: USB Mass Storage device detected
[  102.967978][ T1624] ums-usbat 1-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  103.012632][ T6481] BTRFS info (device loop5): enabling ssd optimizations
[  103.046749][ T6481] BTRFS info (device loop5): auto enabling async discard
[  103.682597][ T6274] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  103.978999][  T788] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  104.183527][  T788] usb 4-1: Using ep0 maxpacket: 32
[  104.208193][  T788] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  104.234165][  T788] usb 4-1: config 0 has no interface number 0
[  104.240334][  T788] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  104.283439][  T788] usb 4-1: config 0 interface 85 has no altsetting 0
[  104.305635][  T788] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  104.333342][  T788] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.354063][  T788] usb 4-1: Product: syz
[  104.383502][  T788] usb 4-1: Manufacturer: syz
[  104.420412][  T788] usb 4-1: SerialNumber: syz
[  104.440487][  T788] usb 4-1: config 0 descriptor??
[  105.061066][  T788] appletouch 4-1:0.85: Geyser mode initialized.
[  105.084883][  T788] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.85/input/input5
[  105.213719][ T6180] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  105.290334][  T788] usb 4-1: USB disconnect, device number 4
[  105.339637][ T1624] ums-usbat: probe of 1-1:0.230 failed with error -5
[  105.361922][  T788] appletouch 4-1:0.85: input: appletouch disconnected
[  105.439535][ T6180] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  105.462103][ T6180] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  105.465376][ T5802] usb 1-1: USB disconnect, device number 6
[  105.493707][ T6180] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  105.521601][ T6180] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  105.547444][ T6180] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.590738][ T6557] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  105.605534][ T6180] hub 6-1:1.0: bad descriptor, ignoring hub
[  105.611503][ T6180] hub: probe of 6-1:1.0 failed with error -5
[  105.633911][ T6180] cdc_wdm 6-1:1.0: skipping garbage
[  105.641619][ T6180] cdc_wdm 6-1:1.0: skipping garbage
[  105.656821][ T6552] loop4: detected capacity change from 0 to 32768
[  105.663778][ T6180] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  105.669710][ T6180] cdc_wdm 6-1:1.0: Unknown control protocol
[  105.686063][ T6552] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.104 (6552)
[  105.730570][ T6552] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  105.742901][ T6552] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  105.752951][ T6552] BTRFS info (device loop4): using free space tree
[  105.996113][ T6552] BTRFS info (device loop4): enabling ssd optimizations
[  106.029735][ T6552] BTRFS info (device loop4): auto enabling async discard
[  106.174252][ T5802] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  106.345621][ T6557] usb 6-1: reset full-speed USB device number 2 using dummy_hcd
[  106.395360][ T5802] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  106.416386][ T5802] usb 4-1: config 0 has no interface number 0
[  106.422833][ T6084] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  106.433829][ T5802] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  106.464983][ T5802] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  106.491363][ T5802] usb 4-1: config 0 interface 255 has no altsetting 0
[  106.511850][ T5802] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  106.540862][ T5802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.575101][ T6557] usb 6-1: device firmware changed
[  106.597544][ T5802] usb 4-1: config 0 descriptor??
[  106.614373][ T6557] cdc_wdm 6-1:1.0: Error autopm - -16
[  106.621298][  T788] usb 6-1: USB disconnect, device number 2
[  106.638204][ T5802] ums-realtek 4-1:0.255: USB Mass Storage device detected
[  106.843381][  T788] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  106.900744][ T5802] usb 4-1: USB disconnect, device number 5
[  107.057113][  T788] usb 6-1: config 1 has an invalid descriptor of length 108, skipping remainder of the config
[  107.112709][  T788] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  107.151258][  T788] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  107.208693][  T788] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  107.241159][  T788] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.277573][ T6585] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  107.335428][  T788] hub 6-1:1.0: bad descriptor, ignoring hub
[  107.374839][  T788] hub: probe of 6-1:1.0 failed with error -5
[  107.381492][  T788] cdc_wdm 6-1:1.0: skipping garbage
[  107.423559][  T788] cdc_wdm 6-1:1.0: skipping garbage
[  107.429996][  T788] cdc_wdm: probe of 6-1:1.0 failed with error -22
[  107.793796][  T788] usb 6-1: USB disconnect, device number 3
[  108.905042][ T6647] block nbd5: NBD_DISCONNECT
[  108.926374][ T6647] block nbd5: Send disconnect failed -32
[  108.970510][ T6647] block nbd5: Disconnected due to user request.
[  108.993485][ T6647] block nbd5: shutting down sockets
[  109.047627][ T6625] loop4: detected capacity change from 0 to 32768
[  109.097963][ T6625] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.113 (6625)
[  109.144450][ T6625] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  109.194618][ T6625] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  109.218084][ T6625] BTRFS info (device loop4): using free space tree
[  109.422479][ T6625] BTRFS info (device loop4): enabling ssd optimizations
[  109.470286][ T6625] BTRFS info (device loop4): auto enabling async discard
[  110.162099][   T49] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  110.349725][ T6084] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.632540][ T6703] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  111.146764][ T6652] loop3: detected capacity change from 0 to 65536
[  111.273169][ T6652] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  111.499578][ T6652] XFS (loop3): Ending clean mount
[  111.787920][ T6735] loop5: detected capacity change from 0 to 256
[  111.872461][ T6735] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  111.912142][ T5765] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  111.938215][ T6735] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  112.029759][ T6739] loop4: detected capacity change from 0 to 4096
[  112.087209][ T6735] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  112.204122][ T6746] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  112.304937][ T6743] loop0: detected capacity change from 0 to 4096
[  112.374368][ T6743] NILFS (loop0): invalid segment: Checksum error in segment payload
[  112.419432][ T6743] NILFS (loop0): trying rollback from an earlier position
[  112.496420][ T6743] NILFS (loop0): recovery complete
[  112.512330][ T6752] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  112.584715][   T27] kauditd_printk_skb: 27 callbacks suppressed
[  112.584729][   T27] audit: type=1800 audit(1770225390.625:39): pid=6743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.135" name="file1" dev="loop0" ino=12 res=0 errno=0
[  113.861099][ T6778] netlink: 108 bytes leftover after parsing attributes in process `syz.3.134'.
[  113.943560][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  114.153541][    T9] usb 5-1: Using ep0 maxpacket: 8
[  114.181319][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  114.207553][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  114.242908][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  114.263928][ T6790] loop0: detected capacity change from 0 to 4096
[  114.266406][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.300221][ T6790] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  114.326819][ T6770] loop5: detected capacity change from 0 to 32768
[  114.338127][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.355518][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.386624][ T6770] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.141 (6770)
[  114.463999][ T6770] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  114.494766][ T6770] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  114.540557][ T6770] BTRFS info (device loop5): force clearing of disk cache
[  114.570373][ T6770] BTRFS info (device loop5): enabling auto defrag
[  114.593894][ T6770] BTRFS info (device loop5): enabling ssd optimizations
[  114.627761][ T6770] BTRFS info (device loop5): max_inline at 0
[  114.643536][    T9] usb 5-1: GET_CAPABILITIES returned 0
[  114.649076][    T9] usbtmc 5-1:16.0: can't read capabilities
[  114.661406][ T6770] BTRFS info (device loop5): enabling disk space caching
[  114.689680][ T6770] BTRFS info (device loop5): disk space caching is enabled
[  114.763783][ T1624] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  114.868889][    C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  114.879705][ T6770] BTRFS info (device loop5): rebuilding free space tree
[  114.909049][   T23] usb 5-1: USB disconnect, device number 4
[  114.932942][ T6770] BTRFS info (device loop5): disabling free space tree
[  114.941599][ T6770] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  114.953218][ T6770] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  114.982032][ T1624] usb 4-1: Using ep0 maxpacket: 16
[  114.989240][ T1624] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  115.003439][ T1624] usb 4-1: config 0 has no interface number 0
[  115.041963][ T1624] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  115.062043][ T1624] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.109829][ T1624] usb 4-1: Product: syz
[  115.118109][ T1624] usb 4-1: Manufacturer: syz
[  115.122743][ T1624] usb 4-1: SerialNumber: syz
[  115.147508][ T1624] usb 4-1: config 0 descriptor??
[  115.167843][ T1624] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  115.179102][   T49] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  115.264998][ T6274] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  115.498294][ T6818] loop0: detected capacity change from 0 to 2048
[  115.610828][ T6818] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.957019][ T6822] Falling back ldisc for ptm0.
[  116.369589][ T6838] loop0: detected capacity change from 0 to 1024
[  116.413808][ T1624] gspca_spca1528: reg_w err -71
[  116.418786][ T1624] spca1528: probe of 4-1:0.1 failed with error -71
[  116.468718][ T1624] usb 4-1: USB disconnect, device number 6
[  116.736194][ T4700] hfsplus: b-tree write err: -5, ino 3
[  116.783666][ T5763] hfsplus: node 4:3 still has 2 user(s)!
[  116.933526][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  117.010650][ T6851] netlink: 12 bytes leftover after parsing attributes in process `syz.0.158'.
[  117.144842][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.183202][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  117.227443][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.272035][    T9] usb 5-1: config 0 descriptor??
[  117.608020][ T6833] loop5: detected capacity change from 0 to 40427
[  117.701588][ T6833] F2FS-fs (loop5): invalid crc value
[  117.750641][ T6833] F2FS-fs (loop5): Found nat_bits in checkpoint
[  117.841729][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  117.866524][    T9] usbhid: probe of 5-1:0.0 failed with error -71
[  117.910993][    T9] usb 5-1: USB disconnect, device number 5
[  118.064813][ T6833] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  118.173326][   T27] audit: type=1800 audit(1770225396.205:40): pid=6833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.154" name="file1" dev="loop5" ino=10 res=0 errno=0
[  118.283434][   T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  118.337984][ T6274] syz-executor: attempt to access beyond end of device
[  118.337984][ T6274] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  118.398957][ T6892] process 'syz.3.166' launched './file2' with NULL argv: empty string added
[  118.399940][ T6274] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  118.505048][   T23] usb 1-1: config 0 has no interfaces?
[  118.534070][   T23] usb 1-1: New USB device found, idVendor=23c5, idProduct=8699, bcdDevice=f8.85
[  118.543152][   T23] usb 1-1: New USB device strings: Mfr=200, Product=24, SerialNumber=3
[  118.581330][   T23] usb 1-1: Product: syz
[  118.604083][   T23] usb 1-1: Manufacturer: syz
[  118.618096][   T23] usb 1-1: SerialNumber: syz
[  118.636039][   T23] usb 1-1: config 0 descriptor??
[  118.884693][ T6881] netlink: 12 bytes leftover after parsing attributes in process `syz.0.163'.
[  118.917937][ T5802] usb 1-1: USB disconnect, device number 7
[  119.081644][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  119.373509][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  119.400777][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  119.483031][    T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  119.526667][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  119.562320][    T9] usb 5-1: SerialNumber: syz
[  119.692376][ T6921] loop0: detected capacity change from 0 to 64
[  119.848963][    T9] usb 5-1: 0:2 : does not exist
[  119.942869][    T9] usb 5-1: USB disconnect, device number 6
[  120.034936][ T6921] loop0: detected capacity change from 64 to 0
[  120.041901][ T5754] udevd[5754]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  120.087299][    C0] I/O error, dev loop0, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  120.096539][ T6927] Unable to read inode block
[  120.184610][ T5763] syz-executor: attempt to access beyond end of device
[  120.184610][ T5763] loop0: rw=0, sector=8, nr_sectors = 2 limit=0
[  120.213676][ T5763] Unable to read inode block
[  120.235425][ T5763] syz-executor: attempt to access beyond end of device
[  120.235425][ T5763] loop0: rw=0, sector=8, nr_sectors = 2 limit=0
[  120.269199][ T5763] Unable to read inode block
[  120.788164][ T4451] kworker/u4:8: attempt to access beyond end of device
[  120.788164][ T4451] loop0: rw=0, sector=8, nr_sectors = 2 limit=0
[  120.827067][ T4451] Unable to read inode block
[  120.916755][ T6926] loop5: detected capacity change from 0 to 32768
[  121.052096][ T6926] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.354059][ T6926] XFS (loop5): Ending clean mount
[  121.417918][ T6926] XFS (loop5): Quotacheck needed: Please wait.
[  121.631442][ T6926] XFS (loop5): Quotacheck: Done.
[  122.083088][ T6274] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.260927][ T6964] binder: 6963:6964 ioctl 40046205 0 returned -22
[  122.461692][ T5084] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  122.477392][ T5084] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  122.486679][ T5084] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  122.495858][ T5084] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  122.504793][ T5084] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  122.512197][ T5084] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  123.129688][ T6969] chnl_net:caif_netlink_parms(): no params data found
[  123.338427][ T6999] loop3: detected capacity change from 0 to 2048
[  123.345382][ T6994] A link change request failed with some changes committed already. Interface sit1 may have been left with an inconsistent configuration, please check.
[  123.436169][ T6999] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.529654][ T6969] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.538084][ T6969] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.546442][ T6969] bridge_slave_0: entered allmulticast mode
[  123.554318][ T6969] bridge_slave_0: entered promiscuous mode
[  123.562968][ T7005] input: syz1 as /devices/virtual/input/input6
[  123.564558][ T6969] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.576933][ T6969] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.581716][ T6999] UDF-fs: warning (device loop3): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 3200 lbcount: 4096 extent 56+4096
[  123.599895][ T6969] bridge_slave_1: entered allmulticast mode
[  123.617734][ T6969] bridge_slave_1: entered promiscuous mode
[  123.731617][ T7009] loop4: detected capacity change from 0 to 512
[  123.770419][ T6969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  123.794727][ T6969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  123.881751][ T6969] team0: Port device team_slave_0 added
[  123.912469][ T6969] team0: Port device team_slave_1 added
[  124.010497][ T7014] loop3: detected capacity change from 0 to 256
[  124.095782][ T7014] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.123487][ T7014] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  124.155827][ T6969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.162806][ T6969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.271897][ T6969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  124.285522][ T7014] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[  124.315155][ T6969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.322130][ T6969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.348043][    C0] vkms_vblank_simulate: vblank timer overrun
[  124.487900][ T6969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  124.597381][ T5773] Bluetooth: hci3: command tx timeout
[  124.812435][ T6969] hsr_slave_0: entered promiscuous mode
[  124.827373][ T7033] trusted_key: syz.4.200 sent an empty control message without MSG_MORE.
[  124.844222][ T6969] hsr_slave_1: entered promiscuous mode
[  124.854586][ T6969] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  124.862435][ T6969] Cannot create hsr debugfs directory
[  125.358966][ T6969] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  125.380647][ T6969] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  125.407674][ T6969] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  125.432529][ T6969] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  125.497386][ T7031] loop5: detected capacity change from 0 to 32768
[  125.527243][ T7031] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 scanned by syz.5.199 (7031)
[  125.604592][ T7031] BTRFS info (device loop5): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  125.644257][ T7031] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  125.678718][ T7031] BTRFS info (device loop5): using free space tree
[  125.818910][ T6969] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.931755][ T7031] BTRFS info (device loop5): enabling ssd optimizations
[  125.943670][ T7031] BTRFS info (device loop5): auto enabling async discard
[  125.971164][ T6969] 8021q: adding VLAN 0 to HW filter on device team0
[  126.017097][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.024292][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.136399][ T5006] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.143610][ T5006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.225389][ T7080] binder: 7079:7080 ioctl c06c4124 0 returned -22
[  126.255529][ T6274] BTRFS info (device loop5): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  126.538768][ T7087] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  126.684206][ T5773] Bluetooth: hci3: command tx timeout
[  126.872138][ T7097] netlink: 4 bytes leftover after parsing attributes in process `syz.4.208'.
[  126.914537][ T7099] loop5: detected capacity change from 0 to 512
[  127.015225][ T7099] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.095849][ T7099] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  127.200094][ T7099] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.209: corrupted inode contents
[  127.217281][ T6969] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.252432][ T7099] EXT4-fs error (device loop5): ext4_dirty_inode:6124: inode #2: comm syz.5.209: mark_inode_dirty error
[  127.267838][ T7099] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.209: corrupted inode contents
[  127.352067][ T7099] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.209: mark_inode_dirty error
[  127.487136][ T7118] syz.4.212 uses obsolete (PF_INET,SOCK_PACKET)
[  127.693102][ T7122] loop3: detected capacity change from 0 to 2048
[  127.738346][ T7122] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  127.771525][ T7122] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  128.029244][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.339915][ T6969] veth0_vlan: entered promiscuous mode
[  128.377295][ T6969] veth1_vlan: entered promiscuous mode
[  128.491740][ T6969] veth0_macvtap: entered promiscuous mode
[  128.537480][ T6969] veth1_macvtap: entered promiscuous mode
[  128.550476][ T7144] netlink: 92 bytes leftover after parsing attributes in process `syz.3.217'.
[  128.599337][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.632111][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.660817][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.717442][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.731000][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.750369][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.763577][ T5773] Bluetooth: hci3: command tx timeout
[  128.769828][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.780789][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.795446][ T6969] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.810824][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.826170][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.838594][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.877376][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.890920][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.902345][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.912685][ T6969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.935484][ T6969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.959310][ T6969] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.015655][ T6969] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.049168][ T6969] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.088620][ T6969] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.137461][ T6969] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.313882][ T7160] vcan0: tx drop: invalid da for name 0xffffffffffffffff
[  129.584111][ T7163] loop4: detected capacity change from 0 to 2048
[  129.661802][ T7163] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  129.726703][ T7163] UDF-fs: Scanning with blocksize 512 failed
[  129.791263][ T7163] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  130.131032][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.209453][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.367875][ T4700] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.405133][ T4700] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.539099][ T7174] loop3: detected capacity change from 0 to 2048
[  130.741615][ T7184] loop6: detected capacity change from 0 to 16
[  130.821421][ T7184] erofs: (device loop6): mounted with root inode @ nid 36.
[  130.833690][ T5773] Bluetooth: hci3: command tx timeout
[  131.394293][ T7207] loop4: detected capacity change from 0 to 512
[  131.424275][ T7207] EXT4-fs: Ignoring removed nobh option
[  131.456696][ T7207] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  131.500773][ T7207] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  131.523820][  T788] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  131.610093][ T7207] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  131.719904][ T7207] EXT4-fs (loop4): 1 truncate cleaned up
[  131.743789][  T788] usb 6-1: Using ep0 maxpacket: 16
[  131.770381][  T788] usb 6-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  131.771062][ T7207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.809250][  T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.835837][ T7221] loop3: detected capacity change from 0 to 764
[  131.838998][  T788] usb 6-1: Product: syz
[  131.887075][  T788] usb 6-1: Manufacturer: syz
[  131.912565][  T788] usb 6-1: SerialNumber: syz
[  131.940202][  T788] usb 6-1: config 0 descriptor??
[  131.953256][  T788] ums-onetouch 6-1:0.0: USB Mass Storage device detected
[  132.057449][ T7207] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2969: inode #15: comm syz.4.234: corrupted xattr block 33: invalid header
[  132.120970][ T7221] rock: directory entry would overflow storage
[  132.146400][ T7231] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  132.146422][ T7221] rock: sig=0x4f50, size=4, remaining=3
[  132.178272][ T7207] EXT4-fs (loop4): Remounting filesystem read-only
[  132.183186][ T7221] iso9660: Corrupted directory entry in block 4 of inode 1792
[  132.185367][    T8] usb 6-1: USB disconnect, device number 4
[  132.225367][ T7207] EXT4-fs warning (device loop4): ext4_evict_inode:272: xattr delete (err -117)
[  132.368248][ T7236] loop6: detected capacity change from 0 to 2048
[  132.411624][ T6084] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.455408][ T7236] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  132.514592][ T7236] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  132.573388][ T7236] UDF-fs: Scanning with blocksize 512 failed
[  132.627730][ T7236] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.723513][   T27] audit: type=1800 audit(1770225410.755:41): pid=7236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.240" name="file1" dev="loop6" ino=838 res=0 errno=0
[  132.773073][ T7242] block nbd4: shutting down sockets
[  132.886151][ T7245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.243'.
[  132.921078][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  132.943441][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  133.209371][ T7254] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.358100][ T7261] input: syz1 as /devices/virtual/input/input7
[  134.017940][ T7285] loop5: detected capacity change from 0 to 64
[  134.221068][ T7294] batadv_slave_1: entered promiscuous mode
[  134.244547][ T7294] netlink: 4 bytes leftover after parsing attributes in process `syz.3.257'.
[  134.273413][   T27] audit: type=1800 audit(1770225412.305:42): pid=7285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.254" name="file1" dev="loop5" ino=21 res=0 errno=0
[  134.274805][ T7294] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.602670][ T7294] batadv_slave_1 (unregistering): left promiscuous mode
[  134.642419][ T7294] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.757651][ T7302] loop6: detected capacity change from 0 to 1024
[  134.949470][ T7302] hfsplus: xattr searching failed
[  135.004565][ T7306] hfsplus: xattr searching failed
[  135.031526][ T7302] hfsplus: xattr searching failed
[  135.059730][ T7302] hfsplus: xattr searching failed
[  135.080064][ T7310] loop5: detected capacity change from 0 to 2048
[  135.148998][ T7310] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  135.205775][ T7310] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  136.133417][   T23] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  136.210933][ T7343] loop5: detected capacity change from 0 to 4096
[  136.327540][ T7350] loop4: detected capacity change from 0 to 64
[  136.364343][   T23] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  136.396118][   T23] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  136.444417][   T23] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  136.483739][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  136.522927][   T23] usb 7-1: SerialNumber: syz
[  136.606806][ T7350] overlayfs: upper fs needs to support d_type.
[  136.663972][ T7350] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  136.689134][ T7350] overlayfs: failed to set xattr on upper
[  136.733516][ T7350] overlayfs: ...falling back to redirect_dir=nofollow.
[  136.762743][   T23] usb 7-1: 0:2 : does not exist
[  136.770277][ T7350] overlayfs: ...falling back to index=off.
[  136.784252][ T7350] overlayfs: ...falling back to uuid=null.
[  136.787838][ T7358] loop3: detected capacity change from 0 to 1024
[  136.831610][ T7350] overlayfs: ...falling back to xino=off.
[  136.857874][   T23] usb 7-1: USB disconnect, device number 2
[  136.900772][ T7350] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  136.985639][ T5754] udevd[5754]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.085341][   T12] hfsplus: b-tree write err: -5, ino 3
[  137.454128][ T7371] loop5: detected capacity change from 0 to 4096
[  137.770908][ T7381] loop3: detected capacity change from 0 to 512
[  137.815194][ T7381] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #2: block 3: comm syz.3.282: lblock 0 mapped to illegal pblock 3 (length 1)
[  137.903322][ T7381] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.282: error -117 reading directory block
[  137.923996][ T7381] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  137.934690][ T7381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.168721][   T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.264809][   T23] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  138.465646][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.481509][   T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.518502][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.552346][   T23] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  138.576511][   T23] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  138.591888][ T7395] overlayfs: metacopy with no lower data found - abort lookup (/file1)
[  138.607584][   T23] usb 4-1: Manufacturer: syz
[  138.654242][   T23] usb 4-1: config 0 descriptor??
[  138.707864][   T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.887664][   T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.903189][ T7400] loop5: detected capacity change from 0 to 512
[  138.926786][ T7400] EXT4-fs: inline encryption not supported
[  138.941845][ T7400] EXT4-fs: Ignoring removed i_version option
[  138.993692][ T7384] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 255: padding at end of block bitmap is not set
[  139.072479][ T7400] EXT4-fs (loop5): 1 orphan inode deleted
[  139.124771][ T7400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.215833][ T7400] netlink: 48 bytes leftover after parsing attributes in process `syz.5.287'.
[  139.319397][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.524796][ T5084] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  139.547127][ T5084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  139.573376][ T5084] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  139.580889][   T23] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input8
[  139.604133][ T5084] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  139.618673][ T5084] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  139.627781][ T5084] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  139.694880][   T23] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input9
[  139.742245][   T23] input: syz Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input10
[  139.770587][   T23] input: syz Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input11
[  139.817353][   T23] uclogic 0003:256C:006D.0001: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.3-1/input0
[  139.838002][   T23] usb 4-1: USB disconnect, device number 7
[  140.206131][ T7425] loop5: detected capacity change from 0 to 512
[  140.305474][ T7416] fido_id[7416]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  140.321409][ T7425] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  140.389727][ T5765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.405975][ T7425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.436283][ T7427] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -11 0
[  140.446712][ T7425] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  140.792344][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.069370][ T7447] validate_nla: 44 callbacks suppressed
[  141.069385][ T7447] netlink: 'syz.5.295': attribute type 1 has an invalid length.
[  141.443676][ T7447] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  141.504969][ T7447] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  141.562156][ T7447] bond1: (slave ip6gre1): making interface the new active one
[  141.594269][ T7447] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  141.719656][ T5084] Bluetooth: hci1: command tx timeout
[  141.853561][   T42] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  142.054025][ T7406] chnl_net:caif_netlink_parms(): no params data found
[  142.066708][   T42] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.087301][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  142.118740][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  142.150162][   T42] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  142.208875][   T42] usb 7-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  142.240330][   T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.271006][   T42] usb 7-1: config 0 descriptor??
[  142.299429][ T7467] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  142.550936][   T42] usbhid 7-1:0.0: can't add hid device: -71
[  142.567231][   T42] usbhid: probe of 7-1:0.0 failed with error -71
[  142.583992][   T42] usb 7-1: USB disconnect, device number 3
[  142.618337][ T7406] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.656335][ T7406] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.679320][ T7406] bridge_slave_0: entered allmulticast mode
[  142.690757][ T7406] bridge_slave_0: entered promiscuous mode
[  142.709795][ T7406] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.728543][ T7406] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.740843][ T7406] bridge_slave_1: entered allmulticast mode
[  142.823061][ T7406] bridge_slave_1: entered promiscuous mode
[  142.915405][   T49] hsr_slave_0: left promiscuous mode
[  142.954121][   T49] hsr_slave_1: left promiscuous mode
[  142.970744][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.986932][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.038360][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.048180][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.066818][   T49] bridge_slave_1: left allmulticast mode
[  143.072592][   T49] bridge_slave_1: left promiscuous mode
[  143.094745][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.103469][   T42] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  143.115987][   T49] bridge_slave_0: left allmulticast mode
[  143.121678][   T49] bridge_slave_0: left promiscuous mode
[  143.139657][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.272317][   T49] veth1_macvtap: left promiscuous mode
[  143.296941][   T49] veth0_macvtap: left promiscuous mode
[  143.302613][   T49] veth1_vlan: left promiscuous mode
[  143.338982][   T42] usb 7-1: Using ep0 maxpacket: 32
[  143.363875][   T49] veth0_vlan: left promiscuous mode
[  143.377734][   T42] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.385419][ T7512] mmap: syz.3.310 (7512) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  143.410525][   T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.464683][   T42] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  143.501072][   T42] usb 7-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  143.534500][   T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.568822][   T42] usb 7-1: config 0 descriptor??
[  143.807059][ T5084] Bluetooth: hci1: command tx timeout
[  144.041901][   T42] hid-multitouch 0003:0EEF:72C4.0002: unknown main item tag 0xd
[  144.081394][   T42] hid-multitouch 0003:0EEF:72C4.0002: hidraw0: USB HID v0.00 Device [HID 0eef:72c4] on usb-dummy_hcd.6-1/input0
[  144.316201][   T42] usb 7-1: USB disconnect, device number 4
[  144.530072][ T7518] loop5: detected capacity change from 0 to 32768
[  144.590481][ T7518] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  144.683604][ T7518] XFS (loop5): Ending clean mount
[  144.710502][ T7518] XFS (loop5): Quotacheck needed: Please wait.
[  144.788578][ T7518] XFS (loop5): Quotacheck: Done.
[  144.931444][ T6274] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  145.002871][ T7533] netlink: 104 bytes leftover after parsing attributes in process `syz.6.315'.
[  145.429929][   T49] team0 (unregistering): Port device team_slave_1 removed
[  145.457823][ T7539] loop5: detected capacity change from 0 to 2048
[  145.532169][ T7539] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  145.560093][   T49] team0 (unregistering): Port device team_slave_0 removed
[  145.651321][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  145.663932][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.693589][ T5802] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  145.767961][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.873900][ T5084] Bluetooth: hci1: command tx timeout
[  145.913603][ T5802] usb 7-1: Using ep0 maxpacket: 16
[  145.930246][ T5802] usb 7-1: config index 0 descriptor too short (expected 16456, got 72)
[  145.949417][ T5802] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[  145.981292][ T5802] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[  145.992309][ T5802] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[  146.007901][ T5802] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  146.019332][ T5802] usb 7-1: config 0 has no interface number 0
[  146.025652][ T5802] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  146.049332][ T5802] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  146.065788][ T5802] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  146.082575][ T5802] usb 7-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  146.103318][ T5802] usb 7-1: config 0 interface 125 has no altsetting 0
[  146.110342][ T5802] usb 7-1: config 0 interface 125 has no altsetting 2
[  146.139998][ T5802] usb 7-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  146.168623][ T5802] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.182557][ T5802] usb 7-1: Product: syz
[  146.187409][ T5802] usb 7-1: Manufacturer: syz
[  146.212282][ T5802] usb 7-1: SerialNumber: syz
[  146.242239][ T5802] usb 7-1: config 0 descriptor??
[  146.258030][ T5802] usb 7-1: selecting invalid altsetting 2
[  146.458091][   T49] bond0 (unregistering): Released all slaves
[  146.622977][ T7406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.652254][ T7406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.698474][ T7538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.734166][ T7538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.829752][ T7406] team0: Port device team_slave_0 added
[  146.848456][ T7406] team0: Port device team_slave_1 added
[  146.988579][ T7406] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.000326][ T7406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.039501][ T7406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.067811][ T7406] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.089846][ T7406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.115791][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.139244][ T7406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.324018][ T5802] get_1284_register timeout
[  147.329016][    C0] usb 7-1: async_complete: urb error -104
[  147.335175][ T5802] uss720: probe of 7-1:0.125 failed with error -5
[  147.426244][ T5802] usb 7-1: USB disconnect, device number 5
[  147.430696][ T7406] hsr_slave_0: entered promiscuous mode
[  147.456519][ T7406] hsr_slave_1: entered promiscuous mode
[  147.507741][ T7406] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.528159][ T7406] Cannot create hsr debugfs directory
[  147.953544][ T5084] Bluetooth: hci1: command tx timeout
[  147.998385][ T7406] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  148.012072][ T7406] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  148.032687][ T7406] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  148.076679][ T7406] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  148.356514][ T7585] loop5: detected capacity change from 0 to 4096
[  148.477817][ T7406] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.665882][ T7406] 8021q: adding VLAN 0 to HW filter on device team0
[  148.736164][ T2108] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.743423][ T2108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.822619][ T2108] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.829844][ T2108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.157197][ T7610] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  149.226994][ T7610] netlink: 12 bytes leftover after parsing attributes in process `syz.5.334'.
[  149.295809][ T7610] vlan2: entered promiscuous mode
[  149.313760][ T7610] gretap0: entered promiscuous mode
[  149.747982][ T7406] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.456416][ T7640] loop6: detected capacity change from 0 to 32768
[  150.472212][ T7640] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.341 (7640)
[  150.545064][ T7640] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.555351][ T7640] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  150.564117][ T7640] BTRFS info (device loop6): enabling auto defrag
[  150.570635][ T7640] BTRFS info (device loop6): max_inline at 0
[  150.577148][ T7640] BTRFS info (device loop6): force clearing of disk cache
[  150.584714][ T7640] BTRFS info (device loop6): turning on sync discard
[  150.591438][ T7640] BTRFS info (device loop6): using free space tree
[  150.787704][ T7640] BTRFS info (device loop6): enabling ssd optimizations
[  150.812893][ T7640] BTRFS info (device loop6): rebuilding free space tree
[  150.852735][ T7406] veth0_vlan: entered promiscuous mode
[  150.968178][ T7623] loop5: detected capacity change from 0 to 32768
[  151.007802][ T7406] veth1_vlan: entered promiscuous mode
[  151.028933][ T7623] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.336 (7623)
[  151.060369][ T6969] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  151.138213][ T7623] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  151.166584][ T7623] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  151.196695][ T7406] veth0_macvtap: entered promiscuous mode
[  151.212911][ T7623] BTRFS info (device loop5): using free space tree
[  151.244513][ T7406] veth1_macvtap: entered promiscuous mode
[  151.398632][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.461617][ T7623] BTRFS info (device loop5): enabling ssd optimizations
[  151.497987][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.523648][ T7623] BTRFS info (device loop5): auto enabling async discard
[  151.552409][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.612984][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.649673][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.701008][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.730161][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.771810][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.829210][ T7406] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.928799][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.990798][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.022259][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.059535][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.095062][ T7406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.126259][ T7406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.155263][ T7406] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.228329][ T7406] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.253673][ T7406] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.263786][ T6274] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.283656][ T7406] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.302447][ T7406] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.708037][ T2108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.747476][ T2108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.900198][ T2108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.964055][ T2108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.797840][   T27] audit: type=1326 audit(1770225431.835:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  153.842923][ T7744] loop5: detected capacity change from 0 to 1024
[  153.915829][   T27] audit: type=1326 audit(1770225431.835:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  153.973710][   T27] audit: type=1326 audit(1770225431.865:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  153.981014][ T7744] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.023379][   T27] audit: type=1326 audit(1770225431.865:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff39d79ac22 code=0x7ffc0000
[  154.049695][   T27] audit: type=1326 audit(1770225431.875:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff39d75b78e code=0x7ffc0000
[  154.072439][   T27] audit: type=1326 audit(1770225431.875:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff39d79ace7 code=0x7ffc0000
[  154.095176][   T27] audit: type=1326 audit(1770225431.875:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff39d75b78e code=0x7ffc0000
[  154.124905][ T7744] ext4 filesystem being mounted at /67/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.205214][   T27] audit: type=1326 audit(1770225431.875:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff39d79ab4b code=0x7ffc0000
[  154.305745][   T27] audit: type=1326 audit(1770225431.935:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff39d75b78e code=0x7ffc0000
[  154.330609][  T788] libceph: connect (1)[c::]:6789 error -101
[  154.340461][  T788] libceph: mon0 (1)[c::]:6789 connect error
[  154.352696][  T788] libceph: connect (1)[c::]:6789 error -101
[  154.358927][  T788] libceph: mon0 (1)[c::]:6789 connect error
[  154.396199][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.401394][   T27] audit: type=1326 audit(1770225431.935:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.5.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff39d75b78e code=0x7ffc0000
[  154.628543][  T788] libceph: connect (1)[c::]:6789 error -101
[  154.637881][  T788] libceph: mon0 (1)[c::]:6789 connect error
[  154.693516][ T7729] loop7: detected capacity change from 0 to 40427
[  154.760310][ T7729] F2FS-fs (loop7): invalid crc value
[  154.820712][ T7729] F2FS-fs (loop7): Found nat_bits in checkpoint
[  155.082827][ T7729] F2FS-fs (loop7): Start checkpoint disabled!
[  155.093000][ T7756] ceph: No mds server is up or the cluster is laggy
[  155.139054][ T7729] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  155.164873][  T788] libceph: connect (1)[c::]:6789 error -101
[  155.170990][  T788] libceph: mon0 (1)[c::]:6789 connect error
[  156.631624][ T7793] loop6: detected capacity change from 0 to 32768
[  156.717905][ T7793] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.023213][ T7793] XFS (loop6): Ending clean mount
[  157.180619][    T9] XFS (loop6): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xd0, xfs_rmapbt block 0x14 
[  157.199541][    T9] XFS (loop6): Unmount and run xfs_repair
[  157.206852][    T9] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  157.219877][    T9] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  157.229107][    T9] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 80  ................
[  157.281014][    T9] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  157.290663][    T9] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  157.307236][    T9] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  157.330529][    T9] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  157.347714][    T9] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  157.358938][    T9] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  157.374579][ T7793] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x14 len 4 error 74
[  157.419474][ T7793] XFS (loop6): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x183c/0x1e00 (fs/xfs/libxfs/xfs_defer.c:598).  Shutting down filesystem.
[  157.486345][ T7793] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  157.593874][ T6969] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.087103][ T7867] loop5: detected capacity change from 0 to 512
[  158.127958][ T7867] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  158.199850][ T7867] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.269880][ T7867] ext4 filesystem being mounted at /77/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.417201][ T7867] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.386: corrupted inode contents
[  158.501467][ T7867] EXT4-fs error (device loop5): ext4_dirty_inode:6124: inode #2: comm syz.5.386: mark_inode_dirty error
[  158.542620][ T7867] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.386: corrupted inode contents
[  158.566567][ T7867] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.386: mark_inode_dirty error
[  158.771456][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.364219][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805def9400: rx timeout, send abort
[  159.809855][ T7920] loop7: detected capacity change from 0 to 4096
[  159.864378][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805defa800: rx timeout, send abort
[  159.874416][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805def9400: abort rx timeout. Force session deactivation
[  160.372655][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805defa800: abort rx timeout. Force session deactivation
[  160.456302][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  160.599617][ T7918] loop5: detected capacity change from 0 to 32768
[  160.632713][ T7918] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.400 (7918)
[  160.674977][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.690272][ T7918] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  160.705215][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.711201][ T7940] loop7: detected capacity change from 0 to 1024
[  160.723968][ T7918] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  160.749833][ T7918] BTRFS info (device loop5): using free space tree
[  160.759856][    T9] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  160.785254][    T9] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  160.818323][    T9] usb 4-1: Manufacturer: syz
[  160.844544][    T9] usb 4-1: config 0 descriptor??
[  160.938191][ T7940] hfsplus: failed to extend attributes file
[  160.988880][ T7962] loop6: detected capacity change from 0 to 128
[  161.003817][ T7918] BTRFS info (device loop5): enabling ssd optimizations
[  161.010804][ T7918] BTRFS info (device loop5): auto enabling async discard
[  161.117164][ T7962] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.178371][ T7962] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.307015][ T7962] syz.6.409 (pid 7962) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  161.367920][ T6274] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  161.665511][ T7972] loop7: detected capacity change from 0 to 4096
[  161.710641][    T9] uclogic 0003:256C:006D.0003: interface is invalid, ignoring
[  161.761682][ T7962] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)"
[  161.841470][ T7972] ntfs3: loop7: Mark volume as dirty due to NTFS errors
[  161.933260][    T9] usb 4-1: USB disconnect, device number 8
[  161.953174][ T7972] ntfs3: loop7: Failed to load $Extend (-22).
[  161.963477][ T7972] ntfs3: loop7: Failed to initialize $Extend.
[  161.999796][ T6969] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  162.239757][ T7987] loop5: detected capacity change from 0 to 512
[  162.410902][ T7987] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.455303][  T788] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  162.492342][ T7987] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.715729][  T788] usb 7-1: Using ep0 maxpacket: 32
[  162.738056][  T788] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.760439][ T8003] netlink: 'syz.3.415': attribute type 11 has an invalid length.
[  162.783384][  T788] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.819914][  T788] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  162.852914][  T788] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.865416][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.905620][  T788] usb 7-1: config 0 descriptor??
[  162.925625][  T788] hub 7-1:0.0: USB hub found
[  163.154594][  T788] hub 7-1:0.0: 1 port detected
[  163.177641][ T8011] loop5: detected capacity change from 0 to 128
[  163.229231][ T8011] EXT4-fs (loop5): Test dummy encryption mode enabled
[  163.286388][ T8011] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.353820][ T8011] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.681330][ T8011] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  163.750042][  T788] hub 7-1:0.0: activate --> -90
[  164.033077][ T8031] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  164.162845][    T9] usb 7-1: USB disconnect, device number 6
[  164.237786][ T6274] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  164.413760][  T788] usb 7-1-port1: config error
[  164.869824][ T8068] loop6: detected capacity change from 0 to 1024
[  164.873425][ T1624] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  164.896067][ T8068] EXT4-fs: Ignoring removed orlov option
[  164.926764][ T8070] gretap1: entered allmulticast mode
[  164.944320][ T8068] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  165.000706][ T8068] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.120741][ T1624] usb 8-1: Using ep0 maxpacket: 32
[  165.160275][ T1624] usb 8-1: config 0 has an invalid interface number: 184 but max is 0
[  165.180975][ T1624] usb 8-1: config 0 has no interface number 0
[  165.230486][ T1624] usb 8-1: config 0 interface 184 has no altsetting 0
[  165.298941][ T1624] usb 8-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  165.329231][ T1624] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.354876][ T1624] usb 8-1: Product: syz
[  165.359204][ T1624] usb 8-1: Manufacturer: syz
[  165.369987][ T1624] usb 8-1: SerialNumber: syz
[  165.392748][ T1624] usb 8-1: config 0 descriptor??
[  165.414025][ T8084] UBIFS error (pid: 8084): cannot open "./file0", error -22
[  165.423233][ T1624] smsc75xx v1.0.0
[  166.113973][ T5846] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  166.284637][ T8104] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40
[  166.313431][ T5846] usb 6-1: Using ep0 maxpacket: 32
[  166.330678][ T5846] usb 6-1: config 2 has an invalid interface number: 88 but max is 0
[  166.339352][ T5846] usb 6-1: config 2 has no interface number 0
[  166.345720][ T5846] usb 6-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  166.359981][ T5846] usb 6-1: config 2 interface 88 has no altsetting 0
[  166.373131][ T5846] usb 6-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  166.389983][ T5846] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.398172][ T5846] usb 6-1: Product: syz
[  166.402558][ T5846] usb 6-1: Manufacturer: syz
[  166.423395][ T5846] usb 6-1: SerialNumber: syz
[  166.458194][ T1624] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  166.474337][ T8095] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  166.662782][ T1624] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  166.677114][ T1624] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  166.689573][ T1624] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  166.700353][ T8095] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  166.700423][ T1624] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  166.721562][ T1624] smsc75xx: probe of 8-1:0.184 failed with error -71
[  166.776900][ T1624] usb 8-1: USB disconnect, device number 2
[  166.866553][ T8112] loop3: detected capacity change from 0 to 2048
[  166.902226][ T8112] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  166.919192][ T8112] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.569914][ T8127] syz.7.448: attempt to access beyond end of device
[  167.569914][ T8127] loop7: rw=2048, sector=0, nr_sectors = 8 limit=0
[  167.727905][ T5846] asix 6-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  167.745151][ T8130] loop3: detected capacity change from 0 to 4096
[  167.752972][ T5846] asix: probe of 6-1:2.88 failed with error -71
[  167.758233][ T8132] loop7: detected capacity change from 0 to 1024
[  167.766103][ T5846] usb 6-1: USB disconnect, device number 5
[  167.851687][ T8132] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.873034][ T8130] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  167.904974][ T8130] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  168.021606][ T8132] EXT4-fs (loop7): Online defrag not supported with bigalloc
[  168.124012][ T7406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.738877][ T8156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.457'.
[  169.123509][ T5802] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  169.303519][ T5802] usb 8-1: Using ep0 maxpacket: 32
[  169.315870][ T5802] usb 8-1: config 0 has an invalid interface number: 182 but max is 0
[  169.344688][ T5802] usb 8-1: config 0 has no interface number 0
[  169.350821][ T5802] usb 8-1: config 0 interface 182 has no altsetting 0
[  169.385244][ T5802] usb 8-1: New USB device found, idVendor=05e9, idProduct=0009, bcdDevice=73.db
[  169.417457][ T5802] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.436755][ T5802] usb 8-1: Product: syz
[  169.440958][ T5802] usb 8-1: Manufacturer: syz
[  169.457582][ T5802] usb 8-1: SerialNumber: syz
[  169.493730][ T5802] usb 8-1: config 0 descriptor??
[  169.505395][ T5802] hub 8-1:0.182: bad descriptor, ignoring hub
[  169.511515][ T5802] hub: probe of 8-1:0.182 failed with error -5
[  169.728864][ T5802] kaweth 8-1:0.182: Firmware present in device.
[  169.924359][ T5802] kaweth 8-1:0.182: Statistics collection: 0
[  169.937406][ T5802] kaweth 8-1:0.182: Multicast filter limit: 0
[  169.949027][ T5802] kaweth 8-1:0.182: MTU: 0
[  169.953879][ T8167] loop3: detected capacity change from 0 to 32768
[  169.960187][ T5802] kaweth 8-1:0.182: Read MAC address 00:00:00:00:00:00
[  170.102469][ T8167] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  170.307447][ T8167] (syz.3.462,8167,1):ocfs2_change_extent_flag:5208 ERROR: Owner 17058 tried to clear 1 flags on an extent that didn't have them
[  170.328434][ T8167] (syz.3.462,8167,1):ocfs2_mark_extent_written:5272 ERROR: status = -5
[  170.339247][ T8167] (syz.3.462,8167,1):ocfs2_write_cluster:1163 ERROR: status = -5
[  170.352954][ T8167] (syz.3.462,8167,1):ocfs2_write_cluster_by_desc:1248 ERROR: status = -5
[  170.394325][ T8167] (syz.3.462,8167,1):ocfs2_write_begin_nolock:1820 ERROR: status = -5
[  170.402881][ T8167] (syz.3.462,8167,1):ocfs2_write_begin:1907 ERROR: status = -5
[  170.554963][ T5765] ocfs2: Unmounting device (7,3) on (node local)
[  170.590353][ T5802] kaweth 8-1:0.182: kaweth interface created at eth13
[  170.883736][ T5802] usb 8-1: USB disconnect, device number 3
[  171.500979][ T8203] loop3: detected capacity change from 0 to 512
[  171.521721][ T8203] EXT4-fs: Ignoring removed nobh option
[  171.533586][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  171.533600][   T27] audit: type=1326 audit(1770225449.555:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.7.470" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdeaef9aeb9 code=0x0
[  171.579764][ T8203] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  171.649050][ T8203] EXT4-fs (loop3): 1 truncate cleaned up
[  171.684496][ T8203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.779750][ T8203] netlink: 182 bytes leftover after parsing attributes in process `syz.3.471'.
[  171.889085][ T5765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.567399][ T8237] loop5: detected capacity change from 0 to 32768
[  173.605224][ T8237] XFS: attr2 mount option is deprecated.
[  173.665626][ T8237] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.870928][ T8282] loop7: detected capacity change from 0 to 512
[  173.925280][ T8237] XFS (loop5): Ending clean mount
[  173.926602][ T8282] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.982542][ T8282] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.113087][ T6274] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.228599][ T7406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.635110][ T8294] loop5: detected capacity change from 0 to 256
[  174.672923][ T8294] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  174.676227][ T8280] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  174.711497][ T8280] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  174.902899][ T8296] loop3: detected capacity change from 0 to 1024
[  174.929636][ T8296] EXT4-fs: Ignoring removed bh option
[  174.940339][ T8296] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  174.990887][ T8296] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.036292][ T8296] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4047: comm syz.3.491: Allocating blocks 385-513 which overlap fs metadata
[  175.062969][ T8296] EXT4-fs (loop3): pa ffff88807775cbc8: logic 16, phys. 129, len 24
[  175.071666][ T8296] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 8
[  175.201138][ T5765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.380005][ T8309] Bluetooth: hci0: unsupported parameter 178
[  175.389044][ T8309] Bluetooth: hci0: invalid length 0, exp 2 for type 5
[  176.932838][ T8334] loop7: detected capacity change from 0 to 32768
[  176.956709][ T8352] loop3: detected capacity change from 0 to 8192
[  176.998197][ T8352] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  177.047542][ T8352] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  177.057417][ T8352] REISERFS (device loop3): using ordered data mode
[  177.067413][ T8352] reiserfs: using flush barriers
[  177.085217][ T8334] JBD2: Ignoring recovery information on journal
[  177.126587][ T8352] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  177.204082][ T8352] REISERFS (device loop3): checking transaction log (loop3)
[  177.226417][ T8334] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  177.238009][ T8352] REISERFS (device loop3): Using r5 hash to sort names
[  177.257176][ T8352] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  177.751126][ T7406] ocfs2: Unmounting device (7,7) on (node local)
[  178.843162][ T8375] loop3: detected capacity change from 0 to 40427
[  178.877033][ T8375] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  178.893383][ T8375] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  178.946211][ T8375] F2FS-fs (loop3): invalid crc value
[  179.028838][ T8375] F2FS-fs (loop3): Found nat_bits in checkpoint
[  179.234304][ T8375] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  179.241391][ T8375] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  179.325673][   T27] audit: type=1800 audit(1770225457.365:66): pid=8375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.511" name="file1" dev="loop3" ino=10 res=0 errno=0
[  179.679578][ T8413] loop7: detected capacity change from 0 to 8192
[  179.739902][ T8413] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  179.794664][ T8413] REISERFS (device loop7): found reiserfs format "3.6" with non-standard journal
[  179.813583][ T8413] REISERFS (device loop7): using ordered data mode
[  179.820149][ T8413] reiserfs: using flush barriers
[  179.910101][ T8413] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  179.977340][ T8413] REISERFS (device loop7): checking transaction log (loop7)
[  180.303552][ T8413] REISERFS (device loop7): Using tea hash to sort names
[  180.375009][ T8413] REISERFS warning (device loop7): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  180.435050][ T8413] REISERFS (device loop7): Created .reiserfs_priv - reserved for xattr storage.
[  180.680870][ T5773] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  180.699828][ T5773] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  180.713094][ T5773] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  180.726122][ T5773] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  180.737321][ T5773] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  180.744903][ T5773] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  180.803431][  T788] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  181.025667][  T788] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  181.074898][  T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.099430][  T788] usb 4-1: config 0 descriptor??
[  181.224656][ T8441] syzkaller1: entered promiscuous mode
[  181.238307][ T8441] syzkaller1: entered allmulticast mode
[  181.460854][ T8432] chnl_net:caif_netlink_parms(): no params data found
[  181.692664][ T8432] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.700199][ T8432] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.707977][ T8432] bridge_slave_0: entered allmulticast mode
[  181.717080][ T8432] bridge_slave_0: entered promiscuous mode
[  181.728099][ T8432] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.735714][ T8432] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.743943][ T8432] bridge_slave_1: entered allmulticast mode
[  181.751829][ T8432] bridge_slave_1: entered promiscuous mode
[  181.830410][ T8432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.852734][ T8432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.937132][ T8432] team0: Port device team_slave_0 added
[  181.959974][ T8432] team0: Port device team_slave_1 added
[  182.021553][ T8432] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.049475][ T8432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.085195][ T8432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.104223][ T8432] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.111282][ T8432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.150262][ T8432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.263849][ T8432] hsr_slave_0: entered promiscuous mode
[  182.270622][ T8432] hsr_slave_1: entered promiscuous mode
[  182.281323][ T8432] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  182.291602][ T8432] Cannot create hsr debugfs directory
[  182.362752][  T788] usb 4-1: Cannot set autoneg
[  182.374621][  T788] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[  182.393366][  T788] usb 4-1: USB disconnect, device number 9
[  182.701596][ T8476] loop5: detected capacity change from 0 to 764
[  182.748447][ T8476] rock: directory entry would overflow storage
[  182.759768][ T8476] rock: sig=0x4654, size=5, remaining=4
[  182.765525][ T8432] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  182.778882][ T8432] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  182.786398][ T8476] isofs: isofs_export_get_parent(): child directory not normalized!
[  182.801166][ T8432] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  182.816947][ T8432] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  182.835349][ T5084] Bluetooth: hci4: command tx timeout
[  183.198628][ T8432] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.311471][ T8432] 8021q: adding VLAN 0 to HW filter on device team0
[  183.357063][ T4451] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.364262][ T4451] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.443137][ T2108] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.450320][ T2108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.636572][ T8432] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  183.648482][ T8432] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.803634][ T5809] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  183.993377][ T5809] usb 6-1: Using ep0 maxpacket: 8
[  184.021401][ T5809] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  184.036965][ T8498] loop3: detected capacity change from 0 to 32768
[  184.045825][ T5809] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  184.063351][ T5809] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  184.130275][ T5809] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  184.131345][ T8498] JBD2: Ignoring recovery information on journal
[  184.147586][ T5809] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  184.147636][ T5809] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  184.172010][ T5809] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.189578][ T8432] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.271755][ T8498] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  184.412860][ T5809] usb 6-1: GET_CAPABILITIES returned 0
[  184.445370][ T5809] usbtmc 6-1:16.0: can't read capabilities
[  184.521896][ T8521] loop7: detected capacity change from 0 to 2048
[  184.651416][ T8503] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90
[  184.680714][ T8521] EXT4-fs (loop7): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.705140][   T42] usb 6-1: USB disconnect, device number 6
[  184.854469][ T5765] ocfs2: Unmounting device (7,3) on (node local)
[  184.872505][   T41] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  184.916228][ T5773] Bluetooth: hci4: command tx timeout
[  184.943240][   T41] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  185.006943][   T41] EXT4-fs (loop7): This should not happen!! Data will be lost
[  185.006943][   T41] 
[  185.035643][   T41] EXT4-fs (loop7): Total free blocks count 0
[  185.041879][   T41] EXT4-fs (loop7): Free/Dirty block details
[  185.052031][   T41] EXT4-fs (loop7): free_blocks=2415919104
[  185.059093][   T41] EXT4-fs (loop7): dirty_blocks=16
[  185.064926][   T41] EXT4-fs (loop7): Block reservation details
[  185.071040][   T41] EXT4-fs (loop7): i_reserved_data_blocks=1
[  185.107135][ T7406] EXT4-fs (loop7): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  185.238965][ T8432] veth0_vlan: entered promiscuous mode
[  185.299713][ T8432] veth1_vlan: entered promiscuous mode
[  185.359127][ T8543] loop7: detected capacity change from 0 to 64
[  185.434493][ T8432] veth0_macvtap: entered promiscuous mode
[  185.472499][ T8432] veth1_macvtap: entered promiscuous mode
[  185.489511][ T8543] Trying to free block not in datazone
[  185.576633][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.613234][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.639475][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.652991][ T8548] 9pnet: p9_errstr2errno: server reported unknown error _vlan
[  185.670946][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.698606][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.725722][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.743789][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.757973][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.790199][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.830042][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.851840][ T8432] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.904612][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.938292][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.967888][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.999200][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.048537][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.061446][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.080849][ T8432] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.091513][ T8432] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.136612][ T8432] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.199160][ T5773] Bluetooth: hci0: command 0x0406 tx timeout
[  186.246781][ T8432] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.322980][ T8432] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.363482][ T8432] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.403498][ T8432] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.440370][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'.
[  186.727321][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.775015][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.907399][ T4451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.938370][ T4451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.994969][ T5084] Bluetooth: hci4: command tx timeout
[  187.463454][ T5846] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  187.696857][ T5846] usb 6-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  187.744769][ T5846] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  187.787050][ T5846] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  187.802436][ T8577] loop3: detected capacity change from 0 to 32768
[  187.810957][ T5846] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  187.845087][ T5846] usb 6-1: SerialNumber: syz
[  187.889059][ T8577] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  188.015947][ T8577] XFS (loop3): Ending clean mount
[  188.058652][ T8577] XFS (loop3): Quotacheck needed: Please wait.
[  188.076719][ T5846] usb 6-1: 0:2 : does not exist
[  188.138817][ T5846] usb 6-1: USB disconnect, device number 7
[  188.140806][ T8622] loop7: detected capacity change from 0 to 1024
[  188.243386][ T8577] XFS (loop3): Quotacheck: Done.
[  188.296763][ T7420] udevd[7420]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  188.375306][   T27] audit: type=1800 audit(1770225466.405:67): pid=8577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.545" name="file1" dev="loop3" ino=4420 res=0 errno=0
[  188.394427][ T8622] hfsplus: xattr search failed
[  188.534117][ T5765] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  188.701284][ T8609] loop8: detected capacity change from 0 to 32768
[  188.813329][ T8609] ocfs2: Slot 0 on device (7,8) was already allocated to this node!
[  188.881095][ T8609] JBD2: Ignoring recovery information on journal
[  189.044941][ T8609] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  189.073496][ T5084] Bluetooth: hci4: command tx timeout
[  189.486981][ T8609] syz.8.550 (8609) used greatest stack depth: 19280 bytes left
[  189.621633][ T8432] ocfs2: Unmounting device (7,8) on (node local)
[  189.901552][ T8628] loop5: detected capacity change from 0 to 40427
[  189.934936][ T8628] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  189.973819][ T8628] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  190.016438][ T8628] F2FS-fs (loop5): invalid crc value
[  190.059656][ T8628] F2FS-fs (loop5): Found nat_bits in checkpoint
[  190.245903][ T8628] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  190.262363][ T8628] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  190.904294][ T8641] loop7: detected capacity change from 0 to 40427
[  190.922821][ T8646] loop8: detected capacity change from 0 to 32768
[  190.936757][ T8641] F2FS-fs (loop7): build fault injection attr: rate: 25, type: 0x7ffff
[  190.954291][ T5802] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  190.963802][ T8641] F2FS-fs (loop7): build fault injection attr: rate: 0, type: 0x7698c
[  190.983679][ T8641] F2FS-fs (loop7): invalid crc value
[  191.004762][ T8646] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  191.020964][ T8641] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  191.079560][ T8641] F2FS-fs (loop7): Found nat_bits in checkpoint
[  191.174649][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.201343][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.225993][ T5802] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  191.236476][ T8641] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0
[  191.247131][ T5802] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  191.268694][ T5802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.344842][ T5802] usb 4-1: config 0 descriptor??
[  191.373003][ T8641] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  191.394865][ T8432] ocfs2: Unmounting device (7,8) on (node local)
[  191.481989][ T8641] F2FS-fs (loop7): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  191.560014][ T8641] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_mpage_readpages+0xc1a/0x1ea0
[  191.579034][ T8641] syz.7.560: attempt to access beyond end of device
[  191.579034][ T8641] loop7: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  191.669201][ T7406] syz-executor: attempt to access beyond end of device
[  191.669201][ T7406] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  191.701600][ T7406] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  191.777249][ T5802] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  191.828584][ T5802] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  191.978534][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  191.993771][ T8663] loop8: detected capacity change from 0 to 2048
[  192.041824][ T8663] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.056760][ T8663] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.197025][    T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  192.213655][    T9] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  192.233468][    T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  192.253171][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.278156][ T8658] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  192.290792][    T9] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  192.320842][ T8432] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.547220][ T5846] usb 6-1: USB disconnect, device number 8
[  193.249547][ T8683] Zero length message leads to an empty skb
[  193.398080][ T8677] loop7: detected capacity change from 0 to 32768
[  193.439367][ T8677] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 scanned by syz.7.569 (8677)
[  193.509104][ T8677] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  193.527460][ T8685] loop5: detected capacity change from 0 to 4096
[  193.548013][ T8677] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm
[  193.573556][ T8677] BTRFS info (device loop7): metadata ratio 2
[  193.579685][ T8677] BTRFS info (device loop7): allowing degraded mounts
[  193.644503][ T8677] BTRFS info (device loop7): force zlib compression, level 3
[  193.652331][ T8677] BTRFS info (device loop7): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  193.742516][ T8677] BTRFS info (device loop7): use zstd compression, level 3
[  193.781439][ T8677] BTRFS info (device loop7): force clearing of disk cache
[  193.817304][ T8677] BTRFS info (device loop7): turning on flush-on-commit
[  193.844431][ T8677] BTRFS warning (device loop7): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  193.867541][ T8685] EXT4-fs: Ignoring removed nobh option
[  193.893402][ T8677] BTRFS info (device loop7): trying to use backup root at mount time
[  193.901532][ T8677] BTRFS info (device loop7): using free space tree
[  193.918083][ T8685] EXT4-fs (loop5): Test dummy encryption mode enabled
[  193.948388][ T5846] usb 4-1: USB disconnect, device number 10
[  193.994192][ T8685] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.104019][ T8677] BTRFS info (device loop7): enabling ssd optimizations
[  194.129540][ T8677] BTRFS info (device loop7): rebuilding free space tree
[  194.149596][ T8692] loop3: detected capacity change from 0 to 8192
[  194.272093][ T8692] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  194.273166][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.369969][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  194.376556][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  194.567425][ T7406] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.658892][ T8713] loop5: detected capacity change from 0 to 2048
[  194.781081][ T8687] loop8: detected capacity change from 0 to 40427
[  194.813534][    T9] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  194.835203][ T8713] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.904195][ T8713] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.915407][ T8687] F2FS-fs (loop8): build fault injection attr: rate: 25, type: 0x7ffff
[  194.971640][ T8687] F2FS-fs (loop8): build fault injection attr: rate: 0, type: 0x7698c
[  195.035138][ T8687] F2FS-fs (loop8): invalid crc value
[  195.104067][ T8687] F2FS-fs (loop8): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  195.139481][ T8687] F2FS-fs (loop8): Found nat_bits in checkpoint
[  195.139732][    T9] usb 4-1: config 9 has an invalid interface number: 1 but max is 0
[  195.220151][    T9] usb 4-1: config 9 has no interface number 0
[  195.252143][    T9] usb 4-1: config 9 interface 1 has no altsetting 0
[  195.337725][ T8687] F2FS-fs (loop8): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0
[  195.430171][    T9] usb 4-1: string descriptor 0 read error: -22
[  195.453510][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=b140, bcdDevice=75.36
[  195.502033][ T8687] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  195.509968][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.524639][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.566387][    T9] cx231xx 4-1:9.1: New device   @ 1.5 Mbps (2040:b140) with 1 interfaces
[  195.593323][    T9] cx231xx 4-1:9.1: Not found matching IAD interface
[  195.681822][ T8687] F2FS-fs (loop8): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  195.871223][ T8687] F2FS-fs (loop8): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_mpage_readpages+0xc1a/0x1ea0
[  195.936513][ T8687] syz.8.574: attempt to access beyond end of device
[  195.936513][ T8687] loop8: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  196.077255][ T8692] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  196.143544][ T8692] FAT-fs (loop3): Filesystem has been set read-only
[  196.150640][ T8432] syz-executor: attempt to access beyond end of device
[  196.150640][ T8432] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  196.185617][ T8692] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  196.207737][ T8432] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  196.229842][ T8692] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  196.311682][ T5809] usb 4-1: USB disconnect, device number 11
[  196.645906][ T8748] netlink: 'syz.5.585': attribute type 7 has an invalid length.
[  196.691577][ T8748] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  196.701069][ T8748] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  196.709923][ T8748] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  196.718723][ T8748] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  196.776752][ T8748] netlink: 'syz.5.585': attribute type 7 has an invalid length.
[  197.354508][ T5765] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  197.886318][ T8757] loop5: detected capacity change from 0 to 32768
[  197.935840][ T8757] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.586 (8757)
[  198.016604][ T8757] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  198.050012][ T8757] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  198.102564][ T8757] BTRFS info (device loop5): metadata ratio 2
[  198.118729][ T8776] loop7: detected capacity change from 0 to 512
[  198.125582][ T8757] BTRFS info (device loop5): allowing degraded mounts
[  198.132441][ T8757] BTRFS info (device loop5): force zlib compression, level 3
[  198.169180][ T8757] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  198.203482][ T8757] BTRFS info (device loop5): use zstd compression, level 3
[  198.210826][ T8757] BTRFS info (device loop5): force clearing of disk cache
[  198.244867][ T8757] BTRFS info (device loop5): turning on flush-on-commit
[  198.251983][ T8757] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  198.263088][ T8776] EXT4-fs error (device loop7): ext4_get_branch:178: inode #13: block 2: comm syz.7.591: invalid block
[  198.275875][ T8757] BTRFS info (device loop5): trying to use backup root at mount time
[  198.303555][ T8757] BTRFS info (device loop5): using free space tree
[  198.328498][ T8776] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.591: invalid indirect mapped block 10 (level 1)
[  198.350589][ T8776] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.591: invalid indirect mapped block 8 (level 1)
[  198.500090][ T8757] BTRFS info (device loop5): enabling ssd optimizations
[  198.512626][ T8776] EXT4-fs (loop7): 1 truncate cleaned up
[  198.569026][ T8805] warning: `syz.3.594' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  198.572655][ T8776] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.613718][ T8757] BTRFS info (device loop5): rebuilding free space tree
[  198.941372][ T7406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.034380][ T8814] loop8: detected capacity change from 0 to 2048
[  199.183674][ T8814] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  199.191402][ T8814] UDF-fs: Scanning with blocksize 512 failed
[  199.214176][ T6274] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  199.270148][ T8814] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  199.536447][ T8823] loop7: detected capacity change from 0 to 128
[  199.553594][ T7420] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop5 scanned by udevd (7420)
[  199.684990][ T8823] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  199.819781][ T4700] failed to send hello msg
[  199.827336][ T8823] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  199.860493][ T4700] failed while handling packet from 1:60042
[  200.090886][ T7406] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.142242][ T8837] netlink: 12 bytes leftover after parsing attributes in process `syz.5.604'.
[  201.304192][ T8843] loop5: detected capacity change from 0 to 4096
[  201.343269][    C1] sched: RT throttling activated
[  201.438151][ T8846] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  202.011589][ T8843] syz.5.607 (8843) used greatest stack depth: 19176 bytes left
[  202.343790][ T8838] loop8: detected capacity change from 0 to 40427
[  202.443699][ T8838] F2FS-fs (loop8): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  202.465183][ T8853] loop5: detected capacity change from 0 to 256
[  202.510891][ T8838] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  202.514947][ T8840] loop7: detected capacity change from 0 to 262144
[  202.528998][ T8840] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop7 scanned by syz.7.606 (8840)
[  202.552834][ T8838] F2FS-fs (loop8): build fault injection attr: rate: 0, type: 0x35f7
[  202.555404][ T8853] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  202.562247][ T8840] BTRFS info (device loop7): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  202.584005][ T8840] BTRFS info (device loop7): using xxhash64 (xxhash64-generic) checksum algorithm
[  202.593359][ T8840] BTRFS info (device loop7): setting nodatasum
[  202.599551][ T8840] BTRFS info (device loop7): using free space tree
[  202.615676][ T8838] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x7ffff
[  202.644735][ T8838] F2FS-fs (loop8): Image doesn't support compression
[  202.713396][ T8838] F2FS-fs (loop8): invalid crc value
[  202.882835][ T8838] F2FS-fs (loop8): Found nat_bits in checkpoint
[  202.883169][ T8840] BTRFS error (device loop7): balance: invalid convert data profile single
[  202.959198][ T7406] BTRFS info (device loop7): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  203.085995][ T8875] netlink: 164 bytes leftover after parsing attributes in process `syz.5.612'.
[  203.107270][ T8838] F2FS-fs (loop8): Start checkpoint disabled!
[  203.643399][    T9] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  203.860752][    T9] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  203.882349][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.904603][ T8868] loop3: detected capacity change from 0 to 32768
[  203.930397][    T9] usb 6-1: config 0 descriptor??
[  203.958437][    T9] cp210x 6-1:0.0: cp210x converter detected
[  204.007429][ T8868] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  204.185157][ T8868] XFS (loop3): Ending clean mount
[  204.254812][ T8868] XFS (loop3): Quotacheck needed: Please wait.
[  204.365850][    T9] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  204.446767][    T9] usb 6-1: cp210x converter now attached to ttyUSB0
[  204.474579][ T8868] XFS (loop3): Quotacheck: Done.
[  204.625790][    T9] usb 6-1: USB disconnect, device number 9
[  204.676275][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  204.728767][    T9] cp210x 6-1:0.0: device disconnected
[  204.759965][ T5765] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  205.184873][ T8883] loop8: detected capacity change from 0 to 32768
[  205.199014][ T8883] XFS: ikeep mount option is deprecated.
[  205.318306][ T8883] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  205.430708][ T8909] loop5: detected capacity change from 0 to 2048
[  205.503500][ T8909] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  205.577577][ T8909] UDF-fs: warning (device loop5): udf_rmdir: empty directory has nlink != 2 (0)
[  205.617320][ T8909] UDF-fs: warning (device loop5): udf_rmdir: parent dir link count too low (2)
[  205.692210][ T8883] XFS (loop8): Ending clean mount
[  205.718687][ T8883] XFS (loop8): Quotacheck needed: Please wait.
[  205.869776][ T8883] XFS (loop8): Quotacheck: Done.
[  206.111337][ T8432] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  206.587885][ T8910] loop3: detected capacity change from 0 to 32768
[  206.639196][ T8910] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  206.700715][ T8910] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  206.711322][ T8923] loop8: detected capacity change from 0 to 256
[  206.916529][ T8910] XFS (loop3): Ending clean mount
[  206.991186][ T8910] XFS (loop3): Quotacheck needed: Please wait.
[  207.090480][ T8929] loop8: detected capacity change from 0 to 128
[  207.119223][ T8910] XFS (loop3): Quotacheck: Done.
[  207.159194][ T8929] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  207.255694][ T8914] loop7: detected capacity change from 0 to 40427
[  207.287478][ T8914] F2FS-fs (loop7): invalid crc value
[  207.306138][ T8914] F2FS-fs (loop7): Found nat_bits in checkpoint
[  207.353951][ T8928] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.452301][ T8928] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.491583][ T8914] F2FS-fs (loop7): Start checkpoint disabled!
[  207.492208][ T5765] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.518937][ T8914] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  207.521579][ T8928] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.594280][ T8928] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.654052][ T8929] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.736245][ T8928] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  207.852483][ T8934] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  208.099125][ T8943] loop5: detected capacity change from 0 to 512
[  208.163818][ T8943] EXT4-fs (loop5): orphan cleanup on readonly fs
[  208.212182][ T8943] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #15: comm syz.5.632: corrupted inode contents
[  208.337132][ T8943] EXT4-fs (loop5): Remounting filesystem read-only
[  208.380296][ T8943] EXT4-fs (loop5): 1 orphan inode deleted
[  208.404038][ T8943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  208.557487][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.759451][ T8961] loop8: detected capacity change from 0 to 512
[  208.796605][ T8961] EXT4-fs (loop8): Test dummy encryption mode enabled
[  208.867110][ T8961] EXT4-fs (loop8): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.921077][ T8970] loop3: detected capacity change from 0 to 256
[  208.978587][ T8970] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d)
[  209.026035][ T8961] EXT4-fs error (device loop8): ext4_add_entry:2486: inode #2: comm syz.8.636: Directory hole found for htree leaf block 0
[  209.141682][ T8961] EXT4-fs (loop8): Remounting filesystem read-only
[  209.340806][ T8432] EXT4-fs (loop8): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  209.432478][ T8978] loop5: detected capacity change from 0 to 4096
[  209.485774][ T8978] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.559419][ T8978] EXT4-fs (loop5): Test dummy encryption mode enabled
[  209.646802][ T8978] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  209.682807][ T8987] loop3: detected capacity change from 0 to 4096
[  209.692359][ T8978] System zones: 0-5
[  209.745336][ T8978] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.793676][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  209.878126][   T27] audit: type=1800 audit(1770225487.915:68): pid=8978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.641" name="file1" dev="loop5" ino=15 res=0 errno=0
[  209.910097][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  209.993523][ T8993] EXT4-fs (loop5): shut down requested (2)
[  210.149564][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.200875][ T5809] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  210.372766][ T9000] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  210.485356][ T5809] usb 9-1: config 0 has no interfaces?
[  210.495455][ T5809] usb 9-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  210.526708][ T5809] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.579120][ T5809] usb 9-1: Product: syz
[  210.583466][ T5809] usb 9-1: Manufacturer: syz
[  210.588206][ T5809] usb 9-1: SerialNumber: syz
[  210.599210][ T5809] usb 9-1: config 0 descriptor??
[  210.922847][ T9009] loop5: detected capacity change from 0 to 2048
[  210.970661][ T9009] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.089574][ T9016] netlink: 28 bytes leftover after parsing attributes in process `syz.7.656'.
[  211.099058][ T5809] usb 9-1: USB disconnect, device number 2
[  211.106288][ T9016] netlink: 28 bytes leftover after parsing attributes in process `syz.7.656'.
[  211.247587][ T2108] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  211.331988][ T2108] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  211.376755][ T2108] EXT4-fs (loop5): This should not happen!! Data will be lost
[  211.376755][ T2108] 
[  211.411325][ T9026] loop3: detected capacity change from 0 to 512
[  211.413226][ T2108] EXT4-fs (loop5): Total free blocks count 0
[  211.423052][ T9026] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.661: corrupted in-inode xattr: invalid ea_ino
[  211.447800][ T9026] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.661: couldn't read orphan inode 15 (err -117)
[  211.470744][ T9026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.490003][ T2108] EXT4-fs (loop5): Free/Dirty block details
[  211.497604][ T9024] loop7: detected capacity change from 0 to 2048
[  211.508063][ T2108] EXT4-fs (loop5): free_blocks=4096
[  211.530663][ T2108] EXT4-fs (loop5): dirty_blocks=976
[  211.549299][ T9024] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.564074][ T2108] EXT4-fs (loop5): Block reservation details
[  211.570263][ T2108] EXT4-fs (loop5): i_reserved_data_blocks=61
[  211.612129][ T9024] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  211.653934][ T9024] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  211.654940][ T2108] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 944 with error 28
[  211.736709][ T5765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.753405][ T9024] EXT4-fs (loop7): This should not happen!! Data will be lost
[  211.753405][ T9024] 
[  211.787546][ T9024] EXT4-fs (loop7): Total free blocks count 0
[  211.848456][ T9024] EXT4-fs (loop7): Free/Dirty block details
[  211.877471][ T9024] EXT4-fs (loop7): free_blocks=2415919104
[  211.905865][ T9024] EXT4-fs (loop7): dirty_blocks=16
[  211.935023][ T9024] EXT4-fs (loop7): Block reservation details
[  211.941193][ T9024] EXT4-fs (loop7): i_reserved_data_blocks=1
[  212.025598][ T9024] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  212.066633][ T9038] loop5: detected capacity change from 0 to 1024
[  212.120992][ T9040] netlink: 56 bytes leftover after parsing attributes in process `syz.3.664'.
[  212.229271][ T4451] hfsplus: b-tree write err: -5, ino 4
[  212.973494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  213.217528][   T27] audit: type=1326 audit(1770225491.255:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  213.280235][   T27] audit: type=1326 audit(1770225491.255:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff39d73c2d9 code=0x7ffc0000
[  213.373343][   T27] audit: type=1326 audit(1770225491.255:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff39d73c2d9 code=0x7ffc0000
[  213.453797][   T27] audit: type=1326 audit(1770225491.255:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff39d73c2d9 code=0x7ffc0000
[  213.536831][   T27] audit: type=1326 audit(1770225491.255:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  213.617472][   T27] audit: type=1326 audit(1770225491.285:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  213.694187][   T27] audit: type=1326 audit(1770225491.285:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff39d73c2d9 code=0x7ffc0000
[  213.730592][ T9070] loop8: detected capacity change from 0 to 512
[  213.783571][   T27] audit: type=1326 audit(1770225491.285:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  213.849035][ T9070] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.883362][   T27] audit: type=1326 audit(1770225491.285:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.5.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff39d79aeb9 code=0x7ffc0000
[  213.969937][ T9061] loop7: detected capacity change from 0 to 32768
[  213.986530][ T9070] EXT4-fs (loop8): shut down requested (1)
[  214.081297][ T9061] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  214.104595][ T8432] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.283492][ T9061] XFS (loop7): Ending clean mount
[  214.342655][ T9063] loop3: detected capacity change from 0 to 32768
[  214.379602][ T9063] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.673 (9063)
[  214.511357][ T9063] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  214.518094][ T7406] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  214.543569][ T9063] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  214.615086][ T9063] BTRFS info (device loop3): force zlib compression, level 3
[  214.622855][ T9063] BTRFS info (device loop3): force clearing of disk cache
[  214.703423][ T9063] BTRFS info (device loop3): turning off barriers
[  214.732024][ T9063] BTRFS info (device loop3): doing ref verification
[  214.777084][ T9063] BTRFS info (device loop3): enabling disk space caching
[  214.806626][ T9063] BTRFS info (device loop3): disk space caching is enabled
[  215.033914][ T9063] BTRFS info (device loop3): enabling ssd optimizations
[  215.063446][ T9063] BTRFS info (device loop3): auto enabling async discard
[  215.114811][ T9063] BTRFS info (device loop3): rebuilding free space tree
[  215.265969][ T9063] BTRFS info (device loop3): disabling free space tree
[  215.299896][ T9063] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  215.343491][ T9063] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  215.529128][ T9119] loop5: detected capacity change from 0 to 4096
[  215.551619][ T5765] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  215.554298][ T9119] EXT4-fs: Ignoring removed nomblk_io_submit option
[  215.655624][ T9119] EXT4-fs (loop5): Test dummy encryption mode enabled
[  215.683413][ T9119] EXT4-fs (loop5): stripe (97) is not aligned with cluster size (16), stripe is disabled
[  215.760684][ T9119] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[  215.800558][ T9119] System zones: 0-5
[  215.834309][ T9119] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.065762][ T6274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.913864][ T5773] Bluetooth: hci2: command 0x0406 tx timeout
[  217.215720][ T9156] loop7: detected capacity change from 0 to 128
[  217.298694][ T9156] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  217.314098][ T9161] loop5: detected capacity change from 0 to 128
[  217.321067][ T9156] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  217.381622][ T9161] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  217.467348][ T9161] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.568283][ T7406] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  217.602454][ T6274] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  218.404680][ T5846] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  218.453519][ T6180] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  218.593502][ T5846] usb 9-1: Using ep0 maxpacket: 32
[  218.603529][ T5846] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  218.622001][ T5846] usb 9-1: config 0 has no interface number 0
[  218.632599][ T5846] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  218.655332][ T6180] usb 4-1: Using ep0 maxpacket: 32
[  218.665436][ T5846] usb 9-1: config 0 interface 85 has no altsetting 0
[  218.684908][ T6180] usb 4-1: config 0 has an invalid interface number: 230 but max is 0
[  218.696569][ T5846] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  218.718194][ T6180] usb 4-1: config 0 has no interface number 0
[  218.743347][ T5846] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.751505][ T6180] usb 4-1: config 0 interface 230 has no altsetting 0
[  218.781867][ T5846] usb 9-1: Product: syz
[  218.794557][ T6180] usb 4-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  218.805605][ T5846] usb 9-1: Manufacturer: syz
[  218.810226][ T5846] usb 9-1: SerialNumber: syz
[  218.838375][ T6180] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.870914][ T6180] usb 4-1: Product: syz
[  218.877865][ T5846] usb 9-1: config 0 descriptor??
[  218.901867][ T6180] usb 4-1: Manufacturer: syz
[  218.907549][ T6180] usb 4-1: SerialNumber: syz
[  218.928323][ T6180] usb 4-1: config 0 descriptor??
[  218.949558][ T6180] ums-usbat 4-1:0.230: USB Mass Storage device detected
[  218.970705][ T6180] ums-usbat 4-1:0.230: Quirks match for vid 0781 pid 0005: 1
[  219.068860][ T9186] loop5: detected capacity change from 0 to 32768
[  219.087214][ T9186] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.712 (9186)
[  219.139146][ T9186] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  219.150180][ T9186] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  219.172264][ T9186] BTRFS info (device loop5): using free space tree
[  219.193504][    T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  219.282258][ T9186] BTRFS info (device loop5): enabling ssd optimizations
[  219.296584][ T9186] BTRFS info (device loop5): auto enabling async discard
[  219.386606][    T9] usb 8-1: config 0 has an invalid interface number: 255 but max is 0
[  219.395198][    T9] usb 8-1: config 0 has no interface number 0
[  219.401401][    T9] usb 8-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  219.429539][    T9] usb 8-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  219.443185][    T9] usb 8-1: config 0 interface 255 has no altsetting 0
[  219.452380][    T9] usb 8-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  219.480192][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.518908][    T9] usb 8-1: config 0 descriptor??
[  219.523938][ T5846] appletouch 9-1:0.85: Geyser mode initialized.
[  219.530580][ T5846] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input12
[  219.550967][    T9] ums-realtek 8-1:0.255: USB Mass Storage device detected
[  219.569230][ T6274] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  219.720203][ T7421] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop5 scanned by udevd (7421)
[  219.836588][ T5846] usb 9-1: USB disconnect, device number 3
[  219.894248][    T9] usb 8-1: USB disconnect, device number 4
[  219.963946][ T5846] appletouch 9-1:0.85: input: appletouch disconnected
[  221.279468][ T6180] ums-usbat: probe of 4-1:0.230 failed with error -5
[  221.374412][ T9234] block nbd8: NBD_DISCONNECT
[  221.386422][ T9234] block nbd8: Send disconnect failed -32
[  221.402688][ T9234] block nbd8: Disconnected due to user request.
[  221.427992][ T9234] block nbd8: shutting down sockets
[  221.510797][ T5846] usb 4-1: USB disconnect, device number 12
[  221.874170][   T28] INFO: task syz-executor:5764 blocked for more than 143 seconds.
[  221.887317][   T28]       Not tainted syzkaller #0
[  221.892603][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  221.914885][   T28] task:syz-executor    state:D stack:21704 pid:5764  ppid:1      flags:0x00004002
[  221.938595][   T28] Call Trace:
[  221.942383][   T28]  <TASK>
[  221.948355][   T28]  __schedule+0x1553/0x45a0
[  221.958466][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  221.971753][   T28]  ? lock_chain_count+0x20/0x20
[  221.981438][   T28]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  221.992142][   T28]  ? asan.module_dtor+0x20/0x20
[  222.004587][   T28]  ? _raw_spin_unlock+0x40/0x40
[  222.012360][   T28]  ? prepare_to_wait_event+0x3db/0x470
[  222.062411][   T28]  ? prepare_to_wait_event+0x434/0x470
[  222.082086][   T28]  schedule+0xbd/0x170
[  222.102258][   T28]  wb_wait_for_completion+0x173/0x2a0
[  222.130771][   T28]  ? __bpf_trace_writeback_inode_template+0x100/0x100
[  222.148764][   T28]  ? wake_bit_function+0x200/0x200
[  222.159672][   T28]  sync_inodes_sb+0x1c9/0xa10
[  222.165785][   T28]  ? filemap_fdatawrite_range+0x160/0x160
[  222.171655][   T28]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  222.182777][   T28]  ? nilfs_put_super+0x150/0x150
[  222.190992][   T28]  ? get_nr_dirty_inodes+0x1d4/0x220
[  222.206100][   T28]  sync_filesystem+0x171/0x220
[  222.210994][   T28]  generic_shutdown_super+0x6f/0x2b0
[  222.223127][   T28]  kill_block_super+0x44/0x90
[  222.231223][   T28]  deactivate_locked_super+0x97/0x100
[  222.243360][   T28]  cleanup_mnt+0x43b/0x4d0
[  222.247919][   T28]  task_work_run+0x1d4/0x260
[  222.252611][   T28]  ? task_work_cancel+0x220/0x220
[  222.264951][   T28]  ? do_exit+0x955/0x2460
[  222.269413][   T28]  ? kmem_cache_free+0xf8/0x270
[  222.280784][   T28]  do_exit+0x95a/0x2460
[  222.286988][   T28]  ? put_task_struct+0xc0/0xc0
[  222.291880][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  222.326700][   T28]  ? lock_chain_count+0x20/0x20
[  222.331626][   T28]  ? _raw_spin_lock_irq+0xbb/0xf0
[  222.341311][   T28]  ? _raw_spin_lock_irqsave+0x100/0x100
[  222.350551][   T28]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  222.367245][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.372590][   T28]  ? lockdep_hardirqs_on+0x98/0x150
[  222.378438][   T28]  do_group_exit+0x21b/0x2d0
[  222.383502][   T28]  __x64_sys_exit_group+0x3f/0x40
[  222.388664][   T28]  do_syscall_64+0x55/0xa0
[  222.401494][   T28]  ? clear_bhb_loop+0x40/0x90
[  222.415680][   T28]  ? clear_bhb_loop+0x40/0x90
[  222.420424][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  222.445257][   T28] RIP: 0033:0x7fc56759aeb9
[  222.449742][   T28] RSP: 002b:00007ffdeb39b1f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  222.510019][   T28] RAX: ffffffffffffffda RBX: 00007fc5676047ae RCX: 00007fc56759aeb9
[  222.533101][   T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  222.551401][   T28] RBP: 000000000000000c R08: 0000000000000000 R09: 00007fc56760471f
[  222.569246][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdeb39c4b0
[  222.582612][   T28] R13: 00007fc56760471f R14: 000055555ada14e8 R15: 00007ffdeb39d580
[  222.591257][   T28]  </TASK>
[  222.595061][   T28] 
[  222.595061][   T28] Showing all locks held in the system:
[  222.602893][   T28] 1 lock held by khungtaskd/28:
[  222.608185][   T28]  #0: ffffffff8d131fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  222.618449][   T28] 2 locks held by kworker/u4:5/79:
[  222.623886][   T28] 2 locks held by getty/5523:
[  222.631298][   T28]  #0: ffff8880319ea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  222.642114][   T28]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  222.652542][   T28] 2 locks held by syz-executor/5764:
[  222.657918][   T28]  #0: ffff8880268380e0 (&type->s_umount_key#68){++++}-{3:3}, at: deactivate_super+0xa4/0xe0
[  222.668252][   T28]  #1: ffff888140b8a7d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x1ad/0xa10
[  222.679563][   T28] 1 lock held by segctord/6047:
[  222.685384][   T28] 1 lock held by syz.6.431/8079:
[  222.690345][   T28]  #0: ffff8880268380e0 (&type->s_umount_key#68){++++}-{3:3}, at: super_lock+0x17f/0x3a0
[  222.702598][   T28] 
[  222.708887][   T28] =============================================
[  222.708887][   T28] 
[  222.717726][   T28] NMI backtrace for cpu 1
[  222.722096][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted syzkaller #0
[  222.729303][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.739374][   T28] Call Trace:
[  222.742668][   T28]  <TASK>
[  222.745609][   T28]  dump_stack_lvl+0x18c/0x250
[  222.750313][   T28]  ? show_regs_print_info+0x20/0x20
[  222.755533][   T28]  ? load_image+0x400/0x400
[  222.760067][   T28]  nmi_cpu_backtrace+0x3a6/0x3e0
[  222.765030][   T28]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  222.771209][   T28]  ? _printk+0xde/0x130
[  222.775378][   T28]  ? load_image+0x400/0x400
[  222.779895][   T28]  ? load_image+0x400/0x400
[  222.784416][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  222.790501][   T28]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  222.796508][   T28]  watchdog+0xf3d/0xf80
[  222.800681][   T28]  ? watchdog+0x1e1/0xf80
[  222.805034][   T28]  kthread+0x2fa/0x390
[  222.809115][   T28]  ? hungtask_pm_notify+0x90/0x90
[  222.814159][   T28]  ? kthread_blkcg+0xd0/0xd0
[  222.818767][   T28]  ret_from_fork+0x48/0x80
[  222.823196][   T28]  ? kthread_blkcg+0xd0/0xd0
[  222.827800][   T28]  ret_from_fork_asm+0x11/0x20
[  222.832588][   T28]  </TASK>
[  222.837431][   T28] Sending NMI from CPU 1 to CPUs 0:
[  222.843032][    C0] NMI backtrace for cpu 0
[  222.843042][    C0] CPU: 0 PID: 6047 Comm: segctord Not tainted syzkaller #0
[  222.843057][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.843066][    C0] RIP: 0010:lockdep_hardirqs_off+0x7f/0x100
[  222.843087][    C0] Code: 65 8b 05 0c 49 7e 75 85 c0 74 56 65 4c 8b 35 08 78 7f 75 48 c7 c7 00 c9 ca 8a e8 2c 14 00 00 65 c7 05 e9 48 7e 75 00 00 00 00 <49> 89 9e 88 0a 00 00 41 8b 86 78 0a 00 00 ff c0 41 89 86 78 0a 00
[  222.843099][    C0] RSP: 0018:ffffc90004eef288 EFLAGS: 00000086
[  222.843112][    C0] RAX: 0000000000000000 RBX: ffffffff8a8de26f RCX: 3881bd1541501b00
[  222.843123][    C0] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c81e0
[  222.843134][    C0] RBP: ffffc90004eef340 R08: ffffffff8e8adfaf R09: 1ffffffff1d15bf5
[  222.843144][    C0] R10: dffffc0000000000 R11: fffffbfff1d15bf6 R12: dffffc0000000000
[  222.843155][    C0] R13: ffff8880594e8000 R14: ffff888021673c00 R15: 1ffff920009dde58
[  222.843166][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  222.843179][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  222.843188][    C0] CR2: 00007fdeaf1e0ad8 CR3: 000000000cf32000 CR4: 00000000003506f0
[  222.843201][    C0] DR0: 000000000000afe8 DR1: 0000000000000000 DR2: 0000000000000000
[  222.843210][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  222.843219][    C0] Call Trace:
[  222.843224][    C0]  <TASK>
[  222.843234][    C0]  ? _raw_spin_lock_irqsave+0x8f/0x100
[  222.843249][    C0]  trace_hardirqs_off+0x12/0x40
[  222.843270][    C0]  _raw_spin_lock_irqsave+0x8f/0x100
[  222.843286][    C0]  ? _raw_spin_lock+0x40/0x40
[  222.843305][    C0]  debug_check_no_obj_freed+0x13a/0x540
[  222.843333][    C0]  free_unref_page_prepare+0x1da/0x8c0
[  222.843357][    C0]  free_unref_page+0x32/0x2e0
[  222.843379][    C0]  __unfreeze_partials+0x1cf/0x210
[  222.843396][    C0]  put_cpu_partial+0x17c/0x250
[  222.843410][    C0]  ? put_cpu_partial+0x6e/0x250
[  222.843426][    C0]  __slab_free+0x319/0x400
[  222.843441][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  222.843458][    C0]  ? _raw_spin_unlock+0x40/0x40
[  222.843473][    C0]  ? __phys_addr+0xba/0x170
[  222.843493][    C0]  qlist_free_all+0x75/0xd0
[  222.843513][    C0]  kasan_quarantine_reduce+0x143/0x160
[  222.843533][    C0]  __kasan_slab_alloc+0x22/0x80
[  222.843550][    C0]  slab_post_alloc_hook+0x6e/0x4b0
[  222.843572][    C0]  kmem_cache_alloc+0x11a/0x2d0
[  222.843590][    C0]  ? nilfs_segbuf_new+0x4c/0x250
[  222.843611][    C0]  nilfs_segbuf_new+0x4c/0x250
[  222.843629][    C0]  nilfs_segctor_do_construct+0xafd/0x68a0
[  222.843650][    C0]  ? verify_lock_unused+0x140/0x140
[  222.843677][    C0]  ? verify_lock_unused+0x140/0x140
[  222.843710][    C0]  ? nilfs_transaction_unlock+0x220/0x220
[  222.843733][    C0]  ? nilfs_bmap_test_and_clear_dirty+0x50/0x70
[  222.843756][    C0]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  222.843771][    C0]  ? __lock_acquire+0x7d40/0x7d40
[  222.843787][    C0]  ? __rwlock_init+0x150/0x150
[  222.843807][    C0]  ? do_raw_spin_unlock+0x121/0x230
[  222.843825][    C0]  ? _raw_spin_unlock+0x28/0x40
[  222.843839][    C0]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  222.843854][    C0]  nilfs_segctor_construct+0x17b/0x690
[  222.843878][    C0]  nilfs_segctor_thread+0x536/0x10d0
[  222.843913][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  222.843927][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  222.843942][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  222.843959][    C0]  ? wake_bit_function+0x200/0x200
[  222.843975][    C0]  ? __kthread_parkme+0x7a/0x1c0
[  222.843993][    C0]  kthread+0x2fa/0x390
[  222.844007][    C0]  ? nilfs_iput_work_func+0x70/0x70
[  222.844021][    C0]  ? kthread_blkcg+0xd0/0xd0
[  222.844035][    C0]  ret_from_fork+0x48/0x80
[  222.844051][    C0]  ? kthread_blkcg+0xd0/0xd0
[  222.844065][    C0]  ret_from_fork_asm+0x11/0x20
[  222.844090][    C0]  </TASK>
[  222.854768][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  222.854780][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted syzkaller #0
[  222.854796][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.854807][   T28] Call Trace:
[  222.854813][   T28]  <TASK>
[  222.854819][   T28]  dump_stack_lvl+0x18c/0x250
[  222.854848][   T28]  ? show_regs_print_info+0x20/0x20
[  222.854869][   T28]  ? load_image+0x400/0x400
[  222.854898][   T28]  panic+0x2dc/0x730
[  222.854914][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  222.854939][   T28]  ? bpf_jit_dump+0xd0/0xd0
[  222.854955][   T28]  ? __irq_work_queue_local+0x13a/0x3b0
[  222.854979][   T28]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  222.855008][   T28]  watchdog+0xf7c/0xf80
[  222.855029][   T28]  ? watchdog+0x1e1/0xf80
[  222.855054][   T28]  kthread+0x2fa/0x390
[  222.855069][   T28]  ? hungtask_pm_notify+0x90/0x90
[  222.855088][   T28]  ? kthread_blkcg+0xd0/0xd0
[  222.855104][   T28]  ret_from_fork+0x48/0x80
[  222.855122][   T28]  ? kthread_blkcg+0xd0/0xd0
[  222.855138][   T28]  ret_from_fork_asm+0x11/0x20
[  222.855170][   T28]  </TASK>
[  222.855974][   T28] Kernel Offset: disabled
[  223.326200][   T28] Rebooting in 86400 seconds..