last executing test programs:

1m49.75295744s ago: executing program 2 (id=973):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f00000001c0)={0x0, [[0x1], [0x0, 0x100003], [0x91]], '\x00', [{0x0, 0xfffffffe}], '\x00', 0x300})

1m49.625015063s ago: executing program 2 (id=974):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_names\x00')
utimensat(r0, 0x0, 0x0, 0x0)

1m49.500853108s ago: executing program 2 (id=975):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005, 0x800}, 0x48)
close(r0)

1m49.296272778s ago: executing program 2 (id=976):
unshare(0x600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000040000000a"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r0, 0x9e, &(0x7f0000000140)}, 0x5)

1m49.156486866s ago: executing program 2 (id=979):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
syz_read_part_table(0x5bf, &(0x7f0000000280)="$eJzs079La3cUAPBz8xpuX9vXhPLoG9pBeBlfW7DDc0igIjFkaURscWjn4mAHSwcHUdShk63/QMVfi4t0LAhdihZEIU7iKP4DiotTismtFXEoqH0qn89wT+73fE/OvZzvDR60XPyR/WqlEZHGs+w2vbxr6spKvn19Gl+tVfvrXQO9g0MRSXwTEdWP32vnkvPLk38rfstiI/uXetrdXNzuO1kr7rzc2yot57L8Rq7TbfRwpdBe+G7+1t+Zx2O9slmYmR2rzY1XRvZrE0efxzudxOul8uTXL8rD2cHa6MTf77p/qdmzuttqHEfxn4+go3XbjbkXrs5/4fn0wfTZl0n8+NmrDw7+nPwlOwOnyZt+UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LFbfxqFmdmx2tx4ZeSHnyK+Xf6k+tHP1e/nXy+VJ9MX5eFcZ99G7tryt27cv7J50X+qNnFUavas7rYax78++zS/1Tzr/ivb9yq5aSfuo2z+cT7//drE0cLzty9yrUszP00iPrxa/O7/9pgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwANS7a93DfQODkUk7fu+XDF/HltpJ59k+/JZbGTr9bS7ubjdd7JW3Hm5t1VaHkijq12Xi5iKiNHDlULEF9e1fNIJ79/pe/Hf/B0AAP//iZh0Hg==")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

1m48.704766182s ago: executing program 2 (id=983):
io_uring_enter(0xffffffffffffffff, 0x4713, 0xf521, 0x20, &(0x7f00000001c0)={[0x84df]}, 0x8)
io_setup(0x3ff, 0x0)
syz_mount_image$udf(&(0x7f0000001000), &(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="005190ee291f6d8f56a3f13e29ffde000026a8e453b68805b475693f96aa95cbd8c2c8c252ea5f5e06f2fc70d1665986feca7b04ec15a173cc7cd79f293406ec4c3f4be0afca2575b5ed1c3d9f713b9a076ce935a0f5663e5cb782e12c749d577411973289113755e22980bedacddb7881170909b6bf00cc920616988e3d63ab848d"], 0x1, 0xffb, &(0x7f00000010c0)="$eJzs3U1sHOd5B/DnHS5FUg7qtR0rTpUW67SpZcVxKUqKWcsopIglEFSwCVPMoUANr8SVsjBFLkiqkYN+qD3kkF7oS4v01AJJE+REoEAPQQ++FbkUPOTUk9PYhoHCxR4stEUBsZjdd8WlJJuCKX5I/v0A8T+cfd7ZmRWe3dnFvpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+8QdnRo+lvd4LAGA3vTz96uiY138A+Ew57/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABbS1HETyLFazfa6fXO713D55rzV6/NTEzefdhI6owc6NSX/4aPjR0/cfLrL4z38pPH329fjFemz5+pnV240lpsLC01Zmsz882LC7ONe97Cdsff7mjnAahdeePq7KVLS7Wx549vuvla9f2hRw5VT40ffnaiVzszMTk53VdTGfzU936HdP82xUPkQBTxv5Hih8UHqR4RRWy/F7Z47thpI1Ep+69zEDMTk50DmWvW55fLG6d6jVCJqPYNOt3rkV3oxW05HXG9/H8qd/hoeXjTrfpi/cJcozZVX1xuLjcX5qdSd2/L46lFEeMpohUR7aG93nn2m8Eo4peR4sMftNOFiBjo9cFXX55+dXRs6w1UdmEnP+Zuq4MRa8UD0LOwTw1FEa9FisdWR+Ni7qtO27wb8UyZz0VcLfPtFCtlvhSRyieIIxE3vJ7AA60SRfx1pPjoVDvN9nq/c1557lu1b85fWuir7Z1XPvDvD3aTcxP2seEoot4542+nT/9hFwAAAAAAAAAAAACwO4p4K1I8/YsjqRX9c0qb85dr5+sX5rrfCu5997+WR62vr69XUzdHc07lbOVcybmacy1nO2e1yONzTuVs5VzJuZpzLWc7Z3Ugj885lbOVcyXnas61nO2c1Uoen3MqZyvnSs7VnGs523s05xEAAAAAAAAAAAAAAAAAAICH10gU8beR4sf/9Sed60pH57r0j54aP/Ubn+u/ZvxTW2ynrH0+In5W3Ns1eQ/ka41PpamUih04MGBLw1HEn+Xr//3lXu8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwLxRRxAuR4js/b6dIEXE64vXo5jtDe713AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAvRhORdyIFH/zh8Od39eKiD+KiJvrN9cj/mf95vr9ttdHDAAAAAAAAAAAAAAAAAAAAPtQKuJfI8WPD7dTNSKuVd8feuRQ9dT44WcnBmIgUlnSX//K9PkztbMLV1qLjaWlxmxtZr55cWG2ca93N3yuOX/12szE5I4czJZGdnj/R4bPLrTeXGxe/vbyXW8/OHzmwtLyYv3i3W+OkahE1PrXHO3s8MzEZGen55r1+c7QqXSvewwAAAAAAAAAAAAAAAAAAMCDYDAV8XeR4q3xn9yad17pzvmv3F77o5ciirw8keef35qG3vm7Ab/W+bsB3eVHT42/+Jtf7l++65T1o50J9bWZicnJ6b7VlcE7S4fz/Y5u75CBrOz/1yPFGz+tpafzus39P3Cr9kd/utHv12/f0Mf0/Hb7/7G+deV9plTEk5Hi8L88FU939vNg3PE3M3LdX0WKb9z8Uq6LA2Xdl/Ptj3d+Dl9qzjVGy9p/jhSPNjbXfiXXPrFRe+yeH1h4AJT9/0+R4tXvrd7qjdz/uQM3ura//389Pzv0zgd2qv8f71tXzff7W/fn0OEzb+nN775Rn5trLFqwYMHCrYW9fmYCdlp5/v9vkeL65L/fer+bz/8/1/1t4/3/f//5xvn/i7dvaIfO/5/oW/difjcyWIkYXr7SGjwUMbz05ne/1rxSv9y43Jg/OX7i5PjvnXhhfPBA7739xtK2Hyp46JT9/4+R4uz3fxq/k9dtfv9/98//Dt6+oR3q/8/3rTu46f3Ktg8dPvPK/l+LFH9Rfzueyes+6fO/3ud9R/KHcCO9G3eo/5/sW1fLP470rTsyEOFDeQAAAAAAAAAAPqtSKuK383za0S3m034lUnzv95/LdelQWXc6317t/Bx+eWH+a2fm5hYu1pfrF+YatelW/WKjHPtspPjPD7+Uxxad+bW9+cbdOb4bc3GfjBRvHe/Vdufi9r6b+PmN2mNl7c8ixYmTm2t732N6cqN2rKz9v0jx/drdaw9t1B4va38VKVZu1nq1B8vasVz7hY3a5y8uzM3uwH8LAOyowVTER5HiH56opN7r2718//+OF70d+v7vF/rWze7SfOVtP6gAAAAAAAAAAAAAAAAAsE2DqYg/jhRnj/39rbn8m+f/9a4Dvnn+3+2udeb5VTvX//+45U8z/696fw4TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCimK+N1I8dqNdnpnqPy9a/hcc/7qtZmJybsPG0mdkQOd+vLf8LGx4ydOfv2F8V5+8vj77YvxyvT5M7WzC1dai42lpcZsbWa+eXFhtnHPW9ju+Nsd7TwAtStvXJ29dGmpNvb88U03X6u+P/TIoeqp8cPPTvRqZyYmJ6f7aiqDn/re75Du36Z4iByIIq5Hih8WH6RfDkUUsf1e2OK5Y6eNRKXsv85BzExMdg5krlmfXy5vnOo1QiWi2jfodK9HdqEXt+V0xPWIKModPloe3nSrvli/MNeoTdUXl5vLzYX5qdTd2/J4alHEeIpoRUR7aK93nv1mMIr4dqT48Aft9B9DEQO9Pvjqy9Ovjo5tvYHKLuzkx9xtdTBirXgAehb2qaEo4r1I8djqaPxqqNtXnbZ5N+KZMp+LuFrm2ylWynwpIpVPEEcibng9gQdaJYp4PFJ8dKqd3h3Kvd85rzz3rdo35y8t9NX2zisf+PcHu8m5CfvYcBTxQeeMv53e83oOAAAAAAAAAAAAAPtcEU9Fiqd/cSR15ofemlPanL9cO1+/MNf9Wn/vu/+1PGp9fX29mro5mnMqZyvnSs7VnGs52zmrRR6fcypnK+dKztWcaznbOasDeXzOqZytnCs5V3Ou5WznrFby+JxTOVs5V3Ku5lzL2d6jOY8AAAAAAAAAAAAAAAAAADz8iijipUjxnZ+30/pQ9/qyr0c333E9IHio/X8AAAD//7rgW9Y=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff02", 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x200080c0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)

1m43.984965237s ago: executing program 0 (id=1009):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, 0x0, 0x0)

1m43.926379335s ago: executing program 0 (id=1010):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0xffff, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x8, 0xc, 0xd2, 0x4, 0x5, 0xf4, 0x5, 0x5, 0x5, 0x1, 0x4, 0x4, 0x7, 0x9}, 0xe)

1m43.856159954s ago: executing program 0 (id=1011):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x64, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xa7}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004000}, 0x20004000)

1m43.846785418s ago: executing program 0 (id=1012):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
clock_gettime(0x3, &(0x7f0000000040))

1m42.066477814s ago: executing program 0 (id=1013):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8000, 0x2)

1m41.992463841s ago: executing program 0 (id=1014):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa0402, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000080))
r2 = syz_open_pts(r1, 0x2000)
io_setup(0x1, &(0x7f0000002500)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000400)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x5, r2, &(0x7f0000000380)="a3", 0x1}])

1m33.454235289s ago: executing program 32 (id=983):
io_uring_enter(0xffffffffffffffff, 0x4713, 0xf521, 0x20, &(0x7f00000001c0)={[0x84df]}, 0x8)
io_setup(0x3ff, 0x0)
syz_mount_image$udf(&(0x7f0000001000), &(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="005190ee291f6d8f56a3f13e29ffde000026a8e453b68805b475693f96aa95cbd8c2c8c252ea5f5e06f2fc70d1665986feca7b04ec15a173cc7cd79f293406ec4c3f4be0afca2575b5ed1c3d9f713b9a076ce935a0f5663e5cb782e12c749d577411973289113755e22980bedacddb7881170909b6bf00cc920616988e3d63ab848d"], 0x1, 0xffb, &(0x7f00000010c0)="$eJzs3U1sHOd5B/DnHS5FUg7qtR0rTpUW67SpZcVxKUqKWcsopIglEFSwCVPMoUANr8SVsjBFLkiqkYN+qD3kkF7oS4v01AJJE+REoEAPQQ++FbkUPOTUk9PYhoHCxR4stEUBsZjdd8WlJJuCKX5I/v0A8T+cfd7ZmRWe3dnFvpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+8QdnRo+lvd4LAGA3vTz96uiY138A+Ew57/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABbS1HETyLFazfa6fXO713D55rzV6/NTEzefdhI6owc6NSX/4aPjR0/cfLrL4z38pPH329fjFemz5+pnV240lpsLC01Zmsz882LC7ONe97Cdsff7mjnAahdeePq7KVLS7Wx549vuvla9f2hRw5VT40ffnaiVzszMTk53VdTGfzU936HdP82xUPkQBTxv5Hih8UHqR4RRWy/F7Z47thpI1Ep+69zEDMTk50DmWvW55fLG6d6jVCJqPYNOt3rkV3oxW05HXG9/H8qd/hoeXjTrfpi/cJcozZVX1xuLjcX5qdSd2/L46lFEeMpohUR7aG93nn2m8Eo4peR4sMftNOFiBjo9cFXX55+dXRs6w1UdmEnP+Zuq4MRa8UD0LOwTw1FEa9FisdWR+Ni7qtO27wb8UyZz0VcLfPtFCtlvhSRyieIIxE3vJ7AA60SRfx1pPjoVDvN9nq/c1557lu1b85fWuir7Z1XPvDvD3aTcxP2seEoot4542+nT/9hFwAAAAAAAAAAAACwO4p4K1I8/YsjqRX9c0qb85dr5+sX5rrfCu5997+WR62vr69XUzdHc07lbOVcybmacy1nO2e1yONzTuVs5VzJuZpzLWc7Z3Ugj885lbOVcyXnas61nO2c1Uoen3MqZyvnSs7VnGs523s05xEAAAAAAAAAAAAAAAAAAICH10gU8beR4sf/9Sed60pH57r0j54aP/Ubn+u/ZvxTW2ynrH0+In5W3Ns1eQ/ka41PpamUih04MGBLw1HEn+Xr//3lXu8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwLxRRxAuR4js/b6dIEXE64vXo5jtDe713AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAvRhORdyIFH/zh8Od39eKiD+KiJvrN9cj/mf95vr9ttdHDAAAAAAAAAAAAAAAAAAAAPtQKuJfI8WPD7dTNSKuVd8feuRQ9dT44WcnBmIgUlnSX//K9PkztbMLV1qLjaWlxmxtZr55cWG2ca93N3yuOX/12szE5I4czJZGdnj/R4bPLrTeXGxe/vbyXW8/OHzmwtLyYv3i3W+OkahE1PrXHO3s8MzEZGen55r1+c7QqXSvewwAAAAAAAAAAAAAAAAAAMCDYDAV8XeR4q3xn9yad17pzvmv3F77o5ciirw8keef35qG3vm7Ab/W+bsB3eVHT42/+Jtf7l++65T1o50J9bWZicnJ6b7VlcE7S4fz/Y5u75CBrOz/1yPFGz+tpafzus39P3Cr9kd/utHv12/f0Mf0/Hb7/7G+deV9plTEk5Hi8L88FU939vNg3PE3M3LdX0WKb9z8Uq6LA2Xdl/Ptj3d+Dl9qzjVGy9p/jhSPNjbXfiXXPrFRe+yeH1h4AJT9/0+R4tXvrd7qjdz/uQM3ura//389Pzv0zgd2qv8f71tXzff7W/fn0OEzb+nN775Rn5trLFqwYMHCrYW9fmYCdlp5/v9vkeL65L/fer+bz/8/1/1t4/3/f//5xvn/i7dvaIfO/5/oW/difjcyWIkYXr7SGjwUMbz05ne/1rxSv9y43Jg/OX7i5PjvnXhhfPBA7739xtK2Hyp46JT9/4+R4uz3fxq/k9dtfv9/98//Dt6+oR3q/8/3rTu46f3Ktg8dPvPK/l+LFH9Rfzueyes+6fO/3ud9R/KHcCO9G3eo/5/sW1fLP470rTsyEOFDeQAAAAAAAAAAPqtSKuK383za0S3m034lUnzv95/LdelQWXc6317t/Bx+eWH+a2fm5hYu1pfrF+YatelW/WKjHPtspPjPD7+Uxxad+bW9+cbdOb4bc3GfjBRvHe/Vdufi9r6b+PmN2mNl7c8ixYmTm2t732N6cqN2rKz9v0jx/drdaw9t1B4va38VKVZu1nq1B8vasVz7hY3a5y8uzM3uwH8LAOyowVTER5HiH56opN7r2718//+OF70d+v7vF/rWze7SfOVtP6gAAAAAAAAAAAAAAAAAsE2DqYg/jhRnj/39rbn8m+f/9a4Dvnn+3+2udeb5VTvX//+45U8z/696fw4TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCimK+N1I8dqNdnpnqPy9a/hcc/7qtZmJybsPG0mdkQOd+vLf8LGx4ydOfv2F8V5+8vj77YvxyvT5M7WzC1dai42lpcZsbWa+eXFhtnHPW9ju+Nsd7TwAtStvXJ29dGmpNvb88U03X6u+P/TIoeqp8cPPTvRqZyYmJ6f7aiqDn/re75Du36Z4iByIIq5Hih8WH6RfDkUUsf1e2OK5Y6eNRKXsv85BzExMdg5krlmfXy5vnOo1QiWi2jfodK9HdqEXt+V0xPWIKModPloe3nSrvli/MNeoTdUXl5vLzYX5qdTd2/J4alHEeIpoRUR7aK93nv1mMIr4dqT48Aft9B9DEQO9Pvjqy9Ovjo5tvYHKLuzkx9xtdTBirXgAehb2qaEo4r1I8djqaPxqqNtXnbZ5N+KZMp+LuFrm2ylWynwpIpVPEEcibng9gQdaJYp4PFJ8dKqd3h3Kvd85rzz3rdo35y8t9NX2zisf+PcHu8m5CfvYcBTxQeeMv53e83oOAAAAAAAAAAAAAPtcEU9Fiqd/cSR15ofemlPanL9cO1+/MNf9Wn/vu/+1PGp9fX29mro5mnMqZyvnSs7VnGs52zmrRR6fcypnK+dKztWcaznbOasDeXzOqZytnCs5V3Ou5WznrFby+JxTOVs5V3Ku5lzL2d6jOY8AAAAAAAAAAAAAAAAAADz8iijipUjxnZ+30/pQ9/qyr0c333E9IHio/X8AAAD//7rgW9Y=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff02", 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x200080c0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)

1m29.716360425s ago: executing program 1 (id=1048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000004f700000400000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0}, 0x20)

1m29.716100257s ago: executing program 1 (id=1049):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000002c0)={@mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x25}, 0x1, 0x6, 0x0, 0x100, 0x4, 0x540000, r1})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e24, 0xd, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7177}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}}, 0x2, 0x0, 0x80000003, 0xbc, 0xad75dd0d214466b5, 0x7c35, 0x7}, 0x9c)

1m29.710821633s ago: executing program 1 (id=1050):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000001600)={0x54, r1, 0x1, 0xfffffffd, 0x0, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x51}, {0xc, 0x8f, 0xfffffffffffffffe}, {0xc}}]}, 0x54}}, 0x0)

1m29.710322818s ago: executing program 1 (id=1051):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)

1m29.33484093s ago: executing program 1 (id=1052):
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r0, 0x80079a0)
lseek(r0, 0x0, 0x4)

1m26.599872315s ago: executing program 33 (id=1014):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa0402, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000080))
r2 = syz_open_pts(r1, 0x2000)
io_setup(0x1, &(0x7f0000002500)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000400)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x5, r2, &(0x7f0000000380)="a3", 0x1}])

1m23.790949169s ago: executing program 1 (id=1058):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f00000001c0)={@can, {0x0}, 0x0, 0x5}, 0xa0)

1m23.434348403s ago: executing program 34 (id=1058):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f00000001c0)={@can, {0x0}, 0x0, 0x5}, 0xa0)

25.415398973s ago: executing program 3 (id=1301):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="380000003e0007010000000000000000017c00000800f880040008800c00018006000600800a00000800028004"], 0x38}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

25.345375738s ago: executing program 3 (id=1302):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000040)={0x1, 0x0, &(0x7f0000000000)=[<r1=>0x0]})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000180)={r1, 0x0, 0x0, 0x0, 0x0})

25.299826982s ago: executing program 3 (id=1303):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@delalloc}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x600, &(0x7f00000021c0)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxak26QWq15s68EeChbsQcRDQ5PU0O0PmhRsLZiCBwUFEa8ivfgPeJfevYmg3jwLVaSioNKV2Z1NN5vdJKbZ3TTz+cBmn+eZ2X2e706ezDMzeXYCKKzx7EcasSfi3pkkYqxp2WjUF47n69397cbZ7JFEtfr6r0kkeVlj/SR/3plnhiPi2+MRj5ZW1jt/7fr5qUq17r2IgwsXLh+cv3b9wNyFqXMz52YuTh564fCRiRcnD09uSpw78+cTJ1978uP3335+9rvKgSSOxunBd6ejJY7NMh7jcS8Psbl8ICKOZIk2n8vDZhuEUGil/PdxMCIej7Eo1XJ1YzH3UV8bB3RVtRRRBQoq0f+hoBrjgMax/fqOg093eVTSO3eO1Q+AVsY/UD83EsO1Y6Mdd5OmI6P6uY1dm1B/Vsc/N/Z+nj1i2XmIP5e2zsAm1NPJ4s2IeKJd/EmtbbtqkWbxp8vakUTEREQM5e175QHakDSlu3EeZjUbjT+NiKP5c1Z+fIP1j7fkex0/AMV0+1i+I1/Mcvf3f9nYozH+aXeSf7TNvmsj+r3/6zz+a+zvh2vhpy3jsGzMcqr9Ww62Fvz04YlPO9XfPP7LHln9jbFgL9y5GbG3Jf4PsmDz8U8Wf9Jm/JutcuboUnbVy0Cvfv/LiU7L+h1/9VbEvrbHP/dHpVlqleuTB2fnKjMT9Z9t6/j6m7e+7FR/v+PPtv+ODvE3bf+09XXZZ3J5nXV8derWhU7LRteMP/15KKkfbw7lJe9MLSxcmYwYSk7mqzSVH1q9LY11Gu+Rxb//mfb9f9nv/83l7zPS+JO5DpffOH+307KNbP+mi8n3qutsQydZ/NNrb/8V/T8r+2Sddfzx5tWnOi1bLf6RBwkMAAAAAAAACiitXYNN0vJSOk3L5fp82cdiR1q5NL/w7OylqxenI/bX/h9yMG1c6R6r55MsP5n/P2wjf6gl/1xE7I6Iz0ojtXz57KXKdL+DBwAAAAAAAAAAAAAAAAAAgC1iZz7/v3Gf6t9L9fn/QEF08wZzwNam/0Nx1fr/ils8AUVg/w/Fpf9Dcen/UFz6PxSX/g/Fpf9Dcen/UFz6PwAAAABsS7ufvv1jEhGLL43UHpmhfJkZQbC9Dfa7AUDflPrdAKBvli79G+xD4dTH/2t0/r/yLwfsTZOAHkvaFdYGB9XVO//ttq8EAAAAAAAAAAAAALpg357O8//NDYbtzbQ/KK4HmP/vqwPgIeer/6G4HOMDa83iH+60wPx/AAAAAAAAAAAAAOiZ0dojScv5XODRSNNyOeL/EbErBpPZucrMREQ8EhE/lAb/l+Un+91oAAAAAAAAAAAAAAAAAAAA2Gbmr10/P1WpzFxpTvy9omR7Jxp3Qe1BXS/Hf3xVJL3/WEYiou8bpWuJgaaSJGIx2/JbomFX5mNrNKOW6PMfJgAAAAAAAAAAAAAAAAAAKKCmucft7f2ixy0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN67f///7iX6HSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HD6NwAA//9L8j8y")
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x41, &(0x7f0000000880)={[{@nouser_xattr}, {@nodiscard}, {@usrjquota}, {@grpjquota}, {@grpjquota}, {@minixdf}, {@quota}, {@noload}, {@block_validity}]}, 0x64, 0x51c, &(0x7f0000001740)="$eJzs3c9rJFkdAPBvdbpjMpOZZNWDLrj+2JXMoNOdbNzd4GFdQfS0oK73MSadENJJh3RndxIWN4N/gCCigie9eBH8AwRZ8OJRhAU9KyqK6IwevDgl1V2dmWS6O5mZnnQ2/flAdb2qV1Xf9zqp6npVj6oARtYnIuK1iLiXpun1iJjO5xfyIQ7aQ7bc3TtvL2dDEmn6xj+TSPJ5nW0l+fhyvtpERHz9KxHfSh6O29jb31iq1ao7+XSlubldaezt31jfXFqrrlW3FhbmX158ZfGlxbmB1PNKRLz6pb/+4Ls/+/Krv/rsW3+6+fdr386KNZXnP1iPR1RsfU50z2xXvXQkO1th5zGDnUfFVg1zk92WGHtozu2nXCYAALrLzvE/GBGfiojrMR1j+eksAAAAcHGkX5iKsSQi7W68x3wAAADgfaTQ6gObFMp5X4CpKBTK5XYf3g/HpUKt3mh+ZrW+u7XS7is7E6XC6nqtOpf3FZ6JUpJNz7fS96dfPDa9EBHPRMT3pydb0+Xlem1l2Bc/AAAAYERcPtb+/890u/0PAAAAXDAzwy4AAAAA8NRp/wMAAMDFp/0PAAAAF9pXX389G9LO+69X3tzb3ai/eWOl2tgob+4ul5frO9vltXp9rfXMvs2Ttler17c/F1u7tyrNaqNZaezt39ys7241b673ekM2AAAA8LQ98/F3/5BExMHnJ1tDZvx0q55yMeC8Kh6mknzcZbf+49X2+C9nVCjgTIwNuwDA0BSHXQBgaErDLgAwdMkJ+T077/w2H39ysOUBAAAGb/ajve//F/quedA/Gzj37MQwutz/h9HVuv9/2p68ThbgQik5A4CR98T3/0+Upo9UIAAAYOCmWkNSKOeX96aiUCiXI660XgtQSlbXa9W5iLgaEb+fLn0gm55vrZmc2GYAAAAAAAAAAAAAAAAAAAAAAAAAANrSNIkUAAAAuNAiCn9Lft1+lv/s9AtTx68PjCf/nY78FaFv/fiNH95aajZ35rP5/zqc3/xRPv/FYVzBAAAAgJHwSC/w77TTO+14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiku3feXu4MJyz6ziDj/uOLETHTLX4xJlrjiShFxKV/J1F8YL0kIsYGEH8y+/hIt/hJVqzDkN3iTw4g/sHtvvFjJv8WusW/PID4MMrezY4/rx3b/44cWLrvf8WII9OPq/fxLw6Pf2M99v8rp4zx7Hu/qPSMfzvi2WL3408nftIj/vOnjP/Nb+zv98pLfxIx2/X3JzkSq9Lc3K409vZvrG8urVXXqlsLC/MvL76y+NLiXGV1vVbNP7vG+N7HfnmvX/0v9Yg/06f+VyPihVPW/3/v3brzoXay1C3+tefz+Encj/+bn+ZLPBy/kP/2fTpPZ/mznfRBO/2g537+u+f61X+lR/1P+vtf61/t8U7i+te+8+f+iwIAZ6mxt7+xVKtVdy5sImuln4NiSOSJ8XP0X/fOQDeYpmma7VNPsJ0kzsPX0koM+8gEAAAM2v2T/mGXBAAAAAAAAAAAAAAAAAAAAEbXWTxO7HjMg8NUMohHaAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMT/AwAA//+VPdXC")
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

25.086904055s ago: executing program 3 (id=1305):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000600)={[{@force}, {@nodecompose}, {@gid}, {@nls={'nls', 0x3d, 'macinuit'}}, {@gid}, {@type={'type', 0x3d, "1e4310ee"}}, {@nobarrier}, {@nobarrier}]}, 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

24.854295753s ago: executing program 3 (id=1306):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6c733d63703836302c6465636f6d706f73652c747970653de7d1b73f2c666f7263652c6e6f626172726965722c6e6f6465636f6d706f73652c009b6040155c7209e54a134e5e27fc0b97987830ddc20ac1835cc4bf44129f88db"], 0x23, 0x6e6, &(0x7f0000000600)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsR0nsds4abvPR3p+v/fe78/3ff3zs/2aygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9OdeXfJXuO88fDjD87d/6jR2arkS1a/tF+7He19RmjlS8xERDlfj6iyV3/XBvR3b6Suk+2404SdLRIHx629S2uU5kO8boGn3b2I8sSA/fWIExExlX8OiPzqUDri8A7dSFc5AAAAeDqVD6rw4qN4FJsxfTThAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPMh6fxmYJIvpaI8E0n++//fz6tlqtXjDfcAXz7g+Ps3jigQAAAAAAAAADh8EzvFM4/iUWzGdLHdTrJ/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYzxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUnxG1QTv/evRxAAAAwFErvhNPJ//rFNpJ9p3/lex7/1S8G6uxEcuxEc1YiuvZvYDOt/7SP1uN5oOtxkq67O74W/8eKY6sx4gox3t7jDyb1Ti13WIhvhs/iPMxE1djLZbjR7EYG7EUM1FLTyIWI4l6rXP3ol7E2RtvOe/qSk8oV/tjO9O3fTqLpBY3YjmL7UJcqxa9lbIaSZzuGu1P1Yi+DL2XZif5Zm7IHF3ver5+nd+XybVfHLKP8ahnZz6xnZHZNPd5Nl4anPvCiPOkf6S5KG3fgzq5M0q62T9SkfMfjpLzE/k6zfUvenN+2Ea8ldafifko5bMv4pXenN/+wv2Xext/6V9/u3qztHrr5o3182M8pbGaKAr9mWh0ZeLV/WdfnolmmonW8JmY6N8x9QTncYiqeTY6F7bhrpbfyUqL8VrXFHwnrsdSXIrZmIvLMRtfj/lo9MywUz15rTRWenOSvdZKu69vA2/B5s5+savSLw+ofLTSvLzUldfuK109O5bvufKrmO3K0sv7z77HeReofC4vpGP8bPsd52nQk4n82lxEV7xB7ZGJ37bTx/Xm6q21m4u3hxzvXL5OohLv916bf/fEJ/NE0vmSXnEr2VaWk1oxX9Jjn9mOtjdf1fxfXDrtSruOndo+Vo/pWI7v7flKreaf4Xb31Dn26sBjjezY6a5jPZ9y4p1oZp9C+swcTVYBGNqJ109Uaw9r/6h9WPt57WbtzalvT16e/Hw1Jv5e+XP5D6Xfl76RvB4fxk9i+rgjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58H6nbu3FpvNpbUxFqqPOVaUDqyz9cJwHUY9Yv+xkrxQHXc2noLCf6b2zUYtxjT6HyNinzrVJx4iGf98TifyoXRY/HBatqddHqF5pWg1uE4l1qf2egYnd573qN9abP633VOnFl0vGeA5d3Fj5fbF9Tt3v7K8svj20ttLq/OXL12+1Pja3Fcv3lhuLs12Ho87SmAc1u/cLR93DAAAAAAAAAAAAMBo8r/+3+j7o//h/zdC5YA61bX1wSOfOcKzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5lC2/FRCuSmJu9MJtuP9hqNNOlKO/UrEREKSKSH0ckn0Rcic4S9a7ukr3GeePhxx+cu/9RY6evSlG/tF+74bTyJWYiopyvDzY5oJvd/V3r6q/1WOEl22eYJuxskTg4bv8PAAD//0D08is=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0xeffffffe, 0x3})

24.562208421s ago: executing program 3 (id=1310):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD")
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'batadv_slave_1\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x3d}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

24.368438298s ago: executing program 35 (id=1310):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD")
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'batadv_slave_1\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x3d}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

8.23207125s ago: executing program 4 (id=1408):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="b80000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000009000128009000100766c616e00000000800002800c0002000e0000000a000000340004800c00010017900000020000000c000100f04ae965cb0b00000c00010004000000002000000c000100001000000900000006000100020000000c0002000a0000000c000000280003800c00010008000000090000000c00010009000000030000000c000100090000000080000008000500", @ANYRES32=r2], 0xb8}}, 0x2)

8.115445699s ago: executing program 4 (id=1409):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0xff32, 0x0}, 0xe07e872420dfefca)
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty=0xf5ff}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0x0)

8.036319922s ago: executing program 4 (id=1410):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = socket(0x1d, 0x2, 0x6)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

7.102060678s ago: executing program 4 (id=1417):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1000400, &(0x7f00000001c0)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@usrquota}, {@nodiscard}, {@uid}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x9c)
lseek(r0, 0x12, 0x0)

6.371305806s ago: executing program 4 (id=1419):
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001"], 0xa0}, 0x4004881)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000600)=[{{&(0x7f0000000140)=@nfc_llcp, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)=""/180}, {&(0x7f0000000280)=""/122}, {&(0x7f0000000400)=""/165}, {&(0x7f00000004c0)=""/142}, {&(0x7f0000000640)=""/70}, {&(0x7f00000006c0)=""/179}], 0x0, &(0x7f0000000580)=""/70, 0x11}}], 0x40000000000029d, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

5.910883117s ago: executing program 4 (id=1424):
request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9rust\xe3c*s\xb8dn::e\x00\x00', 0x0)

5.777399251s ago: executing program 36 (id=1424):
request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9rust\xe3c*s\xb8dn::e\x00\x00', 0x0)

2.669599922s ago: executing program 5 (id=1442):
clock_getres(0x6, &(0x7f0000000000))

2.596462866s ago: executing program 5 (id=1443):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r2)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001500)={0x34, r3, 0x1, 0x4000, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x34}}, 0x0)

732.672839ms ago: executing program 5 (id=1452):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x40000, 0x0)
ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f00001859c0)={0x1, &(0x7f0000130b40)=[{0xa000002, 0xf00, 0x0, 0xfffeffff, 0x1ff}]})

633.860128ms ago: executing program 6 (id=1453):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1})

633.516994ms ago: executing program 5 (id=1454):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}], 0x1)
r1 = syz_io_uring_setup(0x881, &(0x7f0000000480)={0x0, 0xe7ae, 0x0, 0x2, 0x3}, &(0x7f0000000440)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

530.673943ms ago: executing program 6 (id=1455):
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x2440)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000000c0)={"0e00", 0x0, 0x5, 0x4, 0x0, 0x0, "f759ca14860e4041836dd400", '\x00\x00\a\x00', "032000", '\x00', ["03c200e1ffffff00", "808e8889dc7fb3eacf821b00", "2971088d5453005a4e5200", "ff812500004000"]})

456.32132ms ago: executing program 6 (id=1456):
r0 = socket(0xa, 0x5, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x84, 0x34, 0x0, &(0x7f0000000100))

307.319452ms ago: executing program 6 (id=1457):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0xff, 0x14fe, &(0x7f0000008900)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x3000)

184.710909ms ago: executing program 5 (id=1458):
r0 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000640)={[{@fat=@dos1xfloppy}, {@fat=@nfs}, {@fat=@tz_utc}, {@fat=@nocase}, {@nodots}, {@dots}, {@dots}, {@fat=@codepage={'codepage', 0x3d, '932'}}, {@nodots}, {@nodots}, {@fat=@sys_immutable}, {@fat=@sys_immutable}, {@nodots}, {@nodots}, {@fat=@discard}, {@dots}, {@nodots}, {@fat=@fmask={'fmask', 0x3d, 0x7}}, {@dots}, {@nodots}, {@fat=@fmask={'fmask', 0x3d, 0x1}}, {@dots}]}, 0x0, 0x1fb, &(0x7f0000000440)="$eJzs3T1rU1EYB/Dnpm1y62I2QRQOuDhIUVeXilQQA4LSQSeF6tKKYJfo0n4MP6AfQDoFQa6kN+lNUqM2ze315febnnv+nLdwSLLk5OW1t7s77/bffL7yKfI8i9ZmbMYgi260Yuww5mrNjwCAP9WgKOJLUZps7zS3JACgZvM+/yd8+0n3LLKaFgYA1ObZ8xeP7/d6W09TyiOOistl82F/uywePupt3U7HulWvo35/e+Ukv5NmvzsM87W4NMrvlv3TdN6Omzci1toRkVJ68KQ3k3dip8Z9AwAAAAAAAAAAAAAAAAAAAABAk65HGutG3LpXtlb3+2xsTOZD66O8fJq4H2jm/p7VuLo6eqyuByoOLmpjAAAAAAAAAAAAAAAAAAAA8BfZ//Bx99Xe3uv3VdGJiOmWsxTZaODjlpVxcfZxLqhoxdJHXtqWO/W/CPmPDkBVtJcz1/ovTlS27EOSFu7+9VyHf7ZYcF/tiDjX7K350aAoit88xmOdpt6cAAAAAAAAAAAAAAAAAADgP1P96Pd0ljexIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoQPX//wsUBxFxKhqOmk2NfDLZepM7BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F/2PQAA///L8Sfd")
getdents64(r0, &(0x7f00000002c0)=""/189, 0xbd)

125.456899ms ago: executing program 6 (id=1459):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000380)={0x0, 0x4}, 0x8)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)

506.102µs ago: executing program 5 (id=1460):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x9, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0xff03}, @TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PTYPE={0x6, 0xa}]}, {0x4}, {0xc, 0x5}, {0xc, 0x9, {0x4c}}}}]}]}, 0x70}}, 0x0)

0s ago: executing program 6 (id=1461):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x4b)
unshare(0x28000600)

kernel console output (not intermixed with test programs):

 T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.756237][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.759490][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.762373][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.765500][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.770031][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.773480][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.776544][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.787457][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.790656][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.802781][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.807766][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.814977][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.822953][ T7543] ldm_validate_partition_table(): Disk read failed.
[  154.826308][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.834165][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.838024][ T7543] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  154.841804][ T7543] Buffer I/O error on dev nbd1, logical block 0, async page read
[  154.845410][ T7543] Dev nbd1: unable to read RDB block 0
[  154.848751][ T7543]  nbd1: unable to read partition table
[  154.858587][ T7543] ldm_validate_partition_table(): Disk read failed.
[  154.861727][ T7543] Dev nbd1: unable to read RDB block 0
[  154.864604][ T7543]  nbd1: unable to read partition table
[  155.044692][ T7935] loop0: detected capacity change from 0 to 1024
[  155.120310][ T7935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.125548][ T7935] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.169041][   T33] audit: type=1800 audit(1757559982.836:10): pid=7935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.771" name="file1" dev="loop0" ino=15 res=0 errno=0
[  155.182555][ T7935] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  155.185779][ T7940] netlink: 12 bytes leftover after parsing attributes in process `syz.2.772'.
[  155.236478][ T5989] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.636982][ T7958] syz_tun: entered allmulticast mode
[  156.679882][ T7958] syz_tun: left allmulticast mode
[  156.695149][ T7959] loop1: detected capacity change from 0 to 4096
[  156.702319][ T7959] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  156.781772][ T7959] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  156.785777][ T7959] ntfs3(loop1): Failed to load $Extend (-22).
[  156.790727][ T7959] ntfs3(loop1): Failed to initialize $Extend.
[  157.087115][ T7963] tipc: Started in network mode
[  157.097499][ T7963] tipc: Node identity 4, cluster identity 4711
[  157.100120][ T7963] tipc: Node number set to 4
[  157.535482][ T7980] loop0: detected capacity change from 0 to 128
[  157.544167][ T7980] EXT4-fs (loop0): Test dummy encryption mode enabled
[  157.635852][ T7980] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  157.641713][ T7980] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  157.842593][ T7990] netlink: 'syz.1.791': attribute type 12 has an invalid length.
[  157.851239][ T7990] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.791'.
[  158.025513][ T7980] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  158.121824][ T5989] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  158.298765][ T8004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.798'.
[  158.751987][ T8032] loop1: detected capacity change from 0 to 512
[  158.792040][ T8032] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  158.952120][ T8042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.625799][ T8054] wg2: entered promiscuous mode
[  159.630239][ T8054] wg2: entered allmulticast mode
[  159.988877][  T791] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  160.138959][  T791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.147636][  T791] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  160.160178][  T791] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  160.166001][  T791] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  160.172096][  T791] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  160.175736][  T791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.187815][  T791] usb 2-1: config 0 descriptor??
[  160.194068][  T791] hdpvr 2-1:0.0: Could not find bulk-in endpoint
[  160.208742][  T791] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[  160.367887][ T8095] loop2: detected capacity change from 0 to 2048
[  160.399175][ T6042] usb 2-1: USB disconnect, device number 14
[  160.403416][ T7608] Dev loop2: RDB in block 1 has bad checksum
[  160.412888][ T8095] Dev loop2: RDB in block 1 has bad checksum
[  160.459381][ T8097] loop0: detected capacity change from 0 to 4096
[  161.684909][ T8117] loop2: detected capacity change from 0 to 32768
[  161.728275][ T8117] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  161.765058][ T8117] XFS (loop2): Ending clean mount
[  161.778763][ T8117] XFS (loop2): Quotacheck needed: Please wait.
[  161.801416][ T8129] loop0: detected capacity change from 0 to 1024
[  161.823851][ T8117] XFS (loop2): Quotacheck: Done.
[  161.911188][ T5985] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  162.126905][ T8138] overlayfs: workdir and upperdir must be separate subtrees
[  162.133032][  T791] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  162.228224][ T8146] loop2: detected capacity change from 0 to 1024
[  162.249537][ T8146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.258571][ T8146] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.278993][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 13)
[  162.299409][ T8149] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  162.312682][ T8146] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  162.320597][ T8146] EXT4-fs (loop2): This should not happen!! Data will be lost
[  162.320597][ T8146] 
[  162.320661][  T791] usb 1-1: Using ep0 maxpacket: 16
[  162.329998][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.338060][  T791] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.340160][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.347373][  T791] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  162.349213][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.356249][  T791] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  162.358625][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.367364][  T791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.369151][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.371006][  T791] usb 1-1: Product: syz
[  162.377804][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.385525][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.391054][  T791] usb 1-1: Manufacturer: syz
[  162.395676][ T8146] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.861: lblock 3 mapped to illegal pblock 3 (length 1)
[  162.396122][  T791] usb 1-1: SerialNumber: syz
[  162.839439][  T791] usb 1-1: cannot find UAC_HEADER
[  162.884686][  T791] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  162.905985][  T791] usb 1-1: USB disconnect, device number 14
[  162.935077][ T7608] udevd[7608]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  163.148282][ T5985] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.233087][ T8153] syz_tun: tun_net_xmit 42
[  163.558987][  T791] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  163.717647][  T791] usb 3-1: Using ep0 maxpacket: 8
[  163.722504][  T791] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  163.726267][  T791] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  163.732105][  T791] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  163.736526][  T791] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  163.740951][  T791] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  163.746719][  T791] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  163.750765][  T791] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.758405][ T5845] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  163.847530][ T6042] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  163.907392][ T5845] usb 1-1: Using ep0 maxpacket: 8
[  163.910710][ T5845] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xAD, changing to 0x8D
[  163.915017][ T5845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  163.919705][ T5845] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[  163.923737][ T5845] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  163.930977][ T5845] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=3a.9f
[  163.935016][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.939047][ T5845] usb 1-1: Product: syz
[  163.940598][ T5845] usb 1-1: Manufacturer: syz
[  163.942087][ T5845] usb 1-1: SerialNumber: syz
[  163.945787][ T5845] usb 1-1: config 0 descriptor??
[  163.950651][ T5845] kvaser_usb 1-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  163.961029][  T791] usb 3-1: GET_CAPABILITIES returned 0
[  163.964180][  T791] usbtmc 3-1:16.0: can't read capabilities
[  164.017512][ T6042] usb 2-1: Using ep0 maxpacket: 16
[  164.024297][ T6042] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  164.028745][ T6042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.032371][ T6042] usb 2-1: Product: syz
[  164.034240][ T6042] usb 2-1: Manufacturer: syz
[  164.036291][ T6042] usb 2-1: SerialNumber: syz
[  164.041759][ T6042] usb 2-1: config 0 descriptor??
[  164.160069][ T5845] usb 1-1: USB disconnect, device number 15
[  164.178080][   T10] usb 3-1: USB disconnect, device number 12
[  164.249324][ T6042] dvb_usb_dtv5100 2-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71
[  164.257254][ T6042] usb 2-1: USB disconnect, device number 15
[  164.297605][    C0] syz_tun: tun_net_xmit 42
[  164.776262][ T8178] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  164.864691][ T8184] binder: 8183:8184 ioctl c0306201 200000000040 returned -14
[  165.191964][ T8199] loop0: detected capacity change from 0 to 256
[  165.219690][ T8199] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  165.260673][ T8199] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  165.285632][ T8199] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  165.326437][   T33] audit: type=1800 audit(1757559992.996:11): pid=8199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.878" name="file1" dev="loop0" ino=1048644 res=0 errno=0
[  165.347383][    C0] syz_tun: tun_net_xmit 42
[  165.826666][ T8201] loop2: detected capacity change from 0 to 32768
[  165.830953][ T8201] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.879 (8201)
[  165.839168][ T8201] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.843444][ T8201] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  165.877386][ T5845] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  165.951776][ T8201] BTRFS info (device loop2): enabling ssd optimizations
[  165.954746][ T8201] BTRFS info (device loop2): enabling free space tree
[  166.056094][ T5985] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  166.154885][ T5845] usb 1-1: Using ep0 maxpacket: 16
[  166.753111][ T8231] loop2: detected capacity change from 0 to 32768
[  166.793356][ T8231] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  166.795703][ T5845] usb 1-1: config 0 has an invalid interface number: 3 but max is 0
[  166.823178][ T8231] XFS (loop2): Ending clean mount
[  166.833785][ T8231] XFS (loop2): Quotacheck needed: Please wait.
[  166.841128][ T5845] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.845351][ T5845] usb 1-1: config 0 has no interface number 0
[  166.852235][ T5845] usb 1-1: New USB device found, idVendor=eb1a, idProduct=2875, bcdDevice=6f.3f
[  166.866478][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.870930][ T5845] usb 1-1: Product: syz
[  166.873294][ T5845] usb 1-1: Manufacturer: syz
[  166.882175][ T5845] usb 1-1: SerialNumber: syz
[  166.886559][ T5845] usb 1-1: config 0 descriptor??
[  166.893309][ T8231] XFS (loop2): Quotacheck: Done.
[  166.974609][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'.
[  167.074061][ T5985] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.418826][ T5845] usb 1-1: USB disconnect, device number 16
[  168.286236][ T8268] loop0: detected capacity change from 0 to 2048
[  168.305617][ T8268] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  168.324184][ T8272] dummy0: entered promiscuous mode
[  168.326857][ T8272] dummy0: entered allmulticast mode
[  168.330163][ T8268] UDF-fs: warning (device loop0): udf_fill_super: No partition found (2)
[  168.373086][ T8274] loop1: detected capacity change from 0 to 256
[  168.383913][ T8274] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  168.742664][ T8284] loop0: detected capacity change from 0 to 4096
[  168.749956][ T8284] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  168.853079][ T8293] loop0: detected capacity change from 0 to 1024
[  168.937720][   T10] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  168.953210][ T1093] hfsplus: b-tree write err: -5, ino 3
[  169.071930][ T8300] netlink: 108 bytes leftover after parsing attributes in process `syz.0.913'.
[  169.087523][   T10] usb 2-1: Using ep0 maxpacket: 16
[  169.092039][   T10] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  169.100599][   T10] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  169.104874][   T10] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  169.125846][   T10] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  169.134414][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.139917][   T10] usb 2-1: Product: syz
[  169.141715][   T10] usb 2-1: Manufacturer: syz
[  169.143861][   T10] usb 2-1: SerialNumber: syz
[  169.286602][ T8308] loop0: detected capacity change from 0 to 8
[  169.295179][ T8308] unable to read id index table
[  169.565797][   T10] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[  169.839308][ T8323] Driver unsupported XDP return value 0 on prog  (id 107) dev N/A, expect packet loss!
[  170.373362][   T10] usb 2-1: 2:1: cannot get freq at ep 0x82
[  170.473028][   T10] usb 2-1: USB disconnect, device number 16
[  170.540806][ T7668] udevd[7668]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  170.615322][ T8339] futex_wake_op: syz.2.928 tries to shift op by -1; fix this program
[  170.662406][ T8341] loop0: detected capacity change from 0 to 512
[  170.675889][ T8341] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.929: corrupted in-inode xattr: invalid ea_ino
[  170.696165][ T8341] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.929: couldn't read orphan inode 15 (err -117)
[  170.703348][ T8341] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.703452][ T8345] loop2: detected capacity change from 0 to 2048
[  170.721983][ T8345] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  170.844032][ T5989] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.920969][ T8348] loop0: detected capacity change from 0 to 2048
[  170.978719][ T8348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.988410][ T8348] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.058861][ T5989] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.361787][ T8377] tmpfs: Bad value for 'mpol'
[  171.374807][ T8375] loop1: detected capacity change from 0 to 4096
[  171.379712][ T8375] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  171.406115][ T8375] ntfs3(loop1): $Secure::$SDH is corrupted.
[  171.417596][ T8375] ntfs3(loop1): Failed to initialize $Secure (-22).
[  171.427676][ T5845] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  171.591158][ T5845] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  171.598381][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.612664][ T5845] usb 3-1: config 0 descriptor??
[  171.619103][ T5845] gspca_main: cpia1-2.14.0 probing 0813:0001
[  171.779486][  T791] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  171.929284][  T791] usb 2-1: Using ep0 maxpacket: 32
[  171.937623][  T791] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  171.941818][  T791] usb 2-1: config 0 has no interface number 0
[  171.950277][  T791] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  171.961454][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.964982][  T791] usb 2-1: Product: syz
[  171.974334][  T791] usb 2-1: Manufacturer: syz
[  171.976348][  T791] usb 2-1: SerialNumber: syz
[  171.986647][  T791] usb 2-1: config 0 descriptor??
[  171.997568][  T791] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  172.027897][ T5845] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[  172.203980][  T791] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  172.213743][   T33] audit: type=1804 audit(1757559999.876:12): pid=8407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.959" name="/newroot/280/bus/file0" dev="overlay" ino=1480 res=1 errno=0
[  172.225544][  T791] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  172.434632][ T5845] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[  172.596615][ T8417] loop0: detected capacity change from 0 to 8192
[  172.606530][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  172.610349][  T791] usb 2-1: USB disconnect, device number 17
[  172.619120][  T791] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  172.639661][ T5845] usb 3-1: USB disconnect, device number 13
[  172.640491][  T791] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  172.651668][ T7608]  loop0: p3 p4
[  172.653309][ T7608] loop0: partition table partially beyond EOD, truncated
[  172.656465][ T7608] loop0: p3 start 8323105 is beyond EOD, truncated
[  172.660385][  T791] quatech2 2-1:0.51: device disconnected
[  172.679940][ T8417]  loop0: p3 p4
[  172.681434][ T8417] loop0: partition table partially beyond EOD, truncated
[  172.683894][ T8417] loop0: p3 start 8323105 is beyond EOD, truncated
[  172.736487][ T7608] udevd[7608]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  172.753533][ T7608] udevd[7608]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  173.117420][ T5845] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  173.298331][ T5845] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  173.305935][ T5845] usb 1-1: config 220 has 1 interface, different from the descriptor's value: 3
[  173.323242][ T5845] usb 1-1: config 220 interface 0 has no altsetting 0
[  173.335106][ T5845] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  173.343687][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.353513][ T5845] usb 1-1: Product: syz
[  173.359114][ T5845] usb 1-1: Manufacturer: syz
[  173.365760][ T5845] usb 1-1: SerialNumber: syz
[  173.615885][ T5845] usb 1-1: Found UVC 0.00 device syz (8086:0b07)
[  173.634424][ T5845] usb 1-1: No valid video chain found.
[  173.644729][ T5845] usb 1-1: USB disconnect, device number 17
[  174.217673][ T8444] netlink: 44 bytes leftover after parsing attributes in process `syz.0.977'.
[  174.335514][ T8448] loop2: detected capacity change from 0 to 2048
[  174.389781][ T7667]  loop2: p1 p3 p4
[  174.396996][ T7667] loop2: p4 size 589824 extends beyond EOD, truncated
[  174.512865][ T8448]  loop2: p1 p3 p4
[  174.518727][ T8448] loop2: p4 size 589824 extends beyond EOD, truncated
[  174.679554][ T8455] loop0: detected capacity change from 0 to 256
[  174.715351][ T8455] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  174.727243][ T7496] udevd[7496]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  174.733548][ T7667] udevd[7667]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  174.746278][ T7608] udevd[7608]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  174.772847][  T791] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  174.840969][ T8457] loop2: detected capacity change from 0 to 4096
[  174.854791][ T8457] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  174.918720][ T8457] UDF-fs: Scanning with blocksize 512 failed
[  174.926484][ T8457] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.945341][   T33] audit: type=1800 audit(1757560002.616:13): pid=8457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.983" name="bus" dev="loop2" ino=1347 res=0 errno=0
[  175.561923][ T8466] loop0: detected capacity change from 0 to 32768
[  175.594394][ T8466] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.633605][ T8466] XFS (loop0): Ending clean mount
[  175.638848][ T8466] XFS (loop0): Quotacheck needed: Please wait.
[  175.676690][ T8466] XFS (loop0): Quotacheck: Done.
[  175.792287][ T5989] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.905166][  T791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.337430][    T9] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  176.487581][    T9] usb 1-1: Using ep0 maxpacket: 16
[  176.494181][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.498888][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.506565][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.513006][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.516774][    T9] usb 1-1: Product: syz
[  176.520946][    T9] usb 1-1: Manufacturer: syz
[  176.523342][    T9] usb 1-1: SerialNumber: syz
[  176.587613][  T791] usb 2-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79
[  176.604489][  T791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.621444][  T791] usb 2-1: Product: syz
[  176.745982][    T9] usb 1-1: 0:2 : does not exist
[  176.756488][    T9] usb 1-1: unit 9 not found!
[  176.766904][    T9] usb 1-1: 4:0: cannot get min/max values for control 1 (id 4)
[  176.776560][    T9] usb 1-1: 4:0: cannot get min/max values for control 2 (id 4)
[  176.786126][    T9] usb 1-1: 4:0: cannot get min/max values for control 3 (id 4)
[  176.807668][    T9] usb 1-1: USB disconnect, device number 18
[  176.844337][ T7608] udevd[7608]: setting mode of /dev/snd/controlC3 to 020660 failed: No such file or directory
[  176.863627][ T7608] udevd[7608]: setting owner of /dev/snd/controlC3 to uid=0, gid=29 failed: No such file or directory
[  176.903938][  T791] usb 2-1: Manufacturer: syz
[  176.938171][  T791] usb 2-1: SerialNumber: syz
[  178.512425][   T33] audit: type=1326 audit(1757560006.176:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.0.1005" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f034018eba9 code=0x0
[  178.578924][  T791] usb 2-1: config 0 descriptor??
[  178.593206][  T791] usb 2-1: can't set config #0, error -71
[  178.697616][  T791] usb 2-1: USB disconnect, device number 18
[  181.870869][  T791] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  182.457079][ T8546] loop1: detected capacity change from 0 to 1024
[  182.480587][ T8546] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  182.507036][ T8546] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  182.517674][ T8546] EXT4-fs (loop1): orphan cleanup on readonly fs
[  182.527613][ T8546] Quota error (device loop1): v2_read_file_info: Can't read info structure
[  182.534863][ T8546] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  182.557415][ T8546] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  182.565689][ T8546] EXT4-fs (loop1): 1 truncate cleaned up
[  182.578647][ T8546] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.644519][ T5987] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.749854][ T8549] ptrace attach of "/syz-executor exec"[5987] was attempted by "\x09                                        0                                           "[8549]
[  183.097034][ T8555] random: crng reseeded on system resumption
[  185.820647][  T791] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  187.330933][  T791] usb 2-1: Using ep0 maxpacket: 8
[  187.764036][  T791] usb 2-1: unable to get BOS descriptor or descriptor too short
[  188.430393][ T8582] loop1: detected capacity change from 0 to 256
[  188.467945][ T8582] exFAT-fs (loop1): bogus number of FAT structure
[  188.470841][ T8582] exFAT-fs (loop1): failed to read boot sector
[  188.473656][ T8582] exFAT-fs (loop1): failed to recognize exfat type
[  188.642115][  T791] usb 2-1: unable to read config index 0 descriptor/start: -71
[  188.671956][  T791] usb 2-1: can't read configurations, error -71
[  190.472191][ T5936] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  190.479562][ T5936] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  190.485211][ T5936] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  190.492349][ T5936] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  190.495960][ T5936] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  190.571219][ T8595] lo speed is unknown, defaulting to 1000
[  190.901999][ T8595] chnl_net:caif_netlink_parms(): no params data found
[  191.153637][ T8595] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.156925][ T8595] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.163661][ T8595] bridge_slave_0: entered allmulticast mode
[  191.168041][ T8595] bridge_slave_0: entered promiscuous mode
[  191.172818][ T8595] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.176101][ T8595] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.186637][ T8595] bridge_slave_1: entered allmulticast mode
[  191.198230][ T8595] bridge_slave_1: entered promiscuous mode
[  191.205975][ T8594] loop1: detected capacity change from 0 to 8192
[  191.355938][ T8595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.387504][ T8595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.550213][ T8595] team0: Port device team_slave_0 added
[  191.554960][ T8595] team0: Port device team_slave_1 added
[  191.687487][ T8595] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.690979][ T8595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.740752][ T8595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.770691][ T8595] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.774415][ T8595] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.841241][ T8595] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.882060][ T8606] loop1: detected capacity change from 0 to 128
[  191.934449][ T8606] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  192.060566][ T1088] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  192.134608][ T8595] hsr_slave_0: entered promiscuous mode
[  192.155199][ T8595] hsr_slave_1: entered promiscuous mode
[  192.180763][ T8595] debugfs: 'hsr0' already exists in 'hsr'
[  192.183372][ T8595] Cannot create hsr debugfs directory
[  192.547601][   T55] Bluetooth: hci3: command tx timeout
[  192.793703][ T8595] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  192.813868][ T8595] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  192.839751][ T8595] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  192.870713][ T8595] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  193.104932][ T8595] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.150289][ T8595] 8021q: adding VLAN 0 to HW filter on device team0
[  193.173473][ T1093] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.178016][ T1093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.221138][ T1093] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.224383][ T1093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.573288][ T8626] loop1: detected capacity change from 0 to 512
[  193.601733][ T8626] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.677526][ T8626] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  193.680746][ T8626] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  193.701247][ T8626] EXT4-fs (loop1): orphan cleanup on readonly fs
[  193.704133][ T8626] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  193.734911][ T8595] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.784515][ T8595] veth0_vlan: entered promiscuous mode
[  193.794065][ T8595] veth1_vlan: entered promiscuous mode
[  193.798586][ T8626] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  193.804922][ T8626] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  193.831521][ T8626] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1051: bg 0: block 40: padding at end of block bitmap is not set
[  193.850133][ T8595] veth0_macvtap: entered promiscuous mode
[  193.856220][ T8595] veth1_macvtap: entered promiscuous mode
[  193.861117][ T8626] EXT4-fs (loop1): Remounting filesystem read-only
[  193.874402][ T8626] EXT4-fs (loop1): 1 truncate cleaned up
[  193.901977][ T8626] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.908741][ T8595] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.926965][ T8595] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.972302][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.978328][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.982048][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.985824][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.240106][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.243448][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.339780][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.344424][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.478005][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  194.486619][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  194.696699][ T8629] Bluetooth: hci3: command tx timeout
[  196.218990][ T5936] Bluetooth: hci0: command 0x0406 tx timeout
[  196.221733][ T5936] Bluetooth: hci2: command 0x0406 tx timeout
[  196.779553][ T5936] Bluetooth: hci3: command tx timeout
[  197.755293][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  197.788440][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  197.793265][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  197.807929][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  197.831477][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  197.883886][ T8639] lo speed is unknown, defaulting to 1000
[  198.064045][ T8639] chnl_net:caif_netlink_parms(): no params data found
[  198.285618][ T8639] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.289557][ T8639] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.293524][ T8639] bridge_slave_0: entered allmulticast mode
[  198.301382][ T8639] bridge_slave_0: entered promiscuous mode
[  198.306221][ T8639] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.309912][ T8639] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.314952][ T8639] bridge_slave_1: entered allmulticast mode
[  198.322024][ T8639] bridge_slave_1: entered promiscuous mode
[  198.510927][ T8639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.522741][ T8639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.583998][ T8639] team0: Port device team_slave_0 added
[  198.590743][ T8639] team0: Port device team_slave_1 added
[  198.642022][ T8639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.646214][ T8639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.668014][ T8639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.674857][ T8639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.681654][ T8639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.693598][ T8639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.771034][ T8639] hsr_slave_0: entered promiscuous mode
[  198.774632][ T8639] hsr_slave_1: entered promiscuous mode
[  198.788368][ T8639] debugfs: 'hsr0' already exists in 'hsr'
[  198.791085][ T8639] Cannot create hsr debugfs directory
[  198.868435][   T55] Bluetooth: hci3: command tx timeout
[  199.433364][ T6464] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.783940][ T8639] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  199.890599][ T6011] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.904552][   T55] Bluetooth: hci2: command tx timeout
[  199.951300][ T8639] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  199.973784][ T8639] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  200.004506][ T8639] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  200.225594][ T8639] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.253458][ T8661] loop3: detected capacity change from 0 to 512
[  200.274814][ T8661] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.314210][ T8639] 8021q: adding VLAN 0 to HW filter on device team0
[  200.328250][ T8661] EXT4-fs (loop3): Test dummy encryption mode enabled
[  200.353806][ T8661] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  200.372908][ T8661] EXT4-fs (loop3): 1 truncate cleaned up
[  200.377015][ T8661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.453804][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  200.467757][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.470849][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.474905][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  200.485862][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  200.490516][ T5936] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  200.494232][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  200.542532][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.545833][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.643348][ T8664] lo speed is unknown, defaulting to 1000
[  200.853926][ T8664] chnl_net:caif_netlink_parms(): no params data found
[  201.063712][ T8664] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.069810][ T8664] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.073761][ T8664] bridge_slave_0: entered allmulticast mode
[  201.081633][ T8664] bridge_slave_0: entered promiscuous mode
[  201.131548][ T8639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.135186][ T8664] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.141987][ T8664] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.155692][ T8664] bridge_slave_1: entered allmulticast mode
[  201.160675][ T8664] bridge_slave_1: entered promiscuous mode
[  201.573872][ T8664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.643350][ T6011] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.673639][ T8664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.834694][ T8664] team0: Port device team_slave_0 added
[  201.842716][ T8664] team0: Port device team_slave_1 added
[  201.941587][ T8664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.944779][ T8664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.959453][ T8664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.973407][ T8664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.976476][ T8664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.994497][   T55] Bluetooth: hci2: command tx timeout
[  201.997230][ T8664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.026634][ T8639] veth0_vlan: entered promiscuous mode
[  202.127092][ T8664] hsr_slave_0: entered promiscuous mode
[  202.141321][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.146826][ T8664] hsr_slave_1: entered promiscuous mode
[  202.172557][ T8664] debugfs: 'hsr0' already exists in 'hsr'
[  202.195363][ T8664] Cannot create hsr debugfs directory
[  202.276398][ T8639] veth1_vlan: entered promiscuous mode
[  202.548287][   T55] Bluetooth: hci1: command tx timeout
[  202.562616][ T8639] veth0_macvtap: entered promiscuous mode
[  202.608655][ T8639] veth1_macvtap: entered promiscuous mode
[  202.714719][ T8639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.751624][ T8639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.795724][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.813244][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.822187][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.841835][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.956185][ T8664] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  202.986621][ T8664] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  203.036406][ T8664] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  203.071357][ T8664] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  203.091359][  T453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.115309][  T453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.252327][ T6011] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.314498][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.356986][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.746316][ T8664] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.856773][ T8664] 8021q: adding VLAN 0 to HW filter on device team0
[  203.948807][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.952003][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.996488][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.999990][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.071048][   T55] Bluetooth: hci2: command tx timeout
[  204.507473][   T33] audit: type=1326 audit(1757560032.176:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.543919][   T33] audit: type=1326 audit(1757560032.176:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.606333][   T33] audit: type=1326 audit(1757560032.196:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.619976][   T55] Bluetooth: hci1: command tx timeout
[  204.636283][ T8664] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.664460][   T33] audit: type=1326 audit(1757560032.196:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.706052][   T33] audit: type=1326 audit(1757560032.196:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.720976][   T33] audit: type=1326 audit(1757560032.196:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.731547][   T33] audit: type=1326 audit(1757560032.196:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.772389][   T33] audit: type=1326 audit(1757560032.196:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.811267][   T33] audit: type=1326 audit(1757560032.196:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=301 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.845896][   T33] audit: type=1326 audit(1757560032.196:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8717 comm="syz.4.1070" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42fcd8eba9 code=0x7ffc0000
[  204.949707][ T6011] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.340117][ T8664] veth0_vlan: entered promiscuous mode
[  205.350665][ T8664] veth1_vlan: entered promiscuous mode
[  205.405088][ T8664] veth0_macvtap: entered promiscuous mode
[  205.412860][ T8664] veth1_macvtap: entered promiscuous mode
[  205.676191][ T8664] batman_adv: batadv0: Interface activated: batadv_slave_0
[  205.695543][ T8664] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.726327][ T5967] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.739811][ T5967] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.745458][ T5967] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.779915][ T5967] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.900652][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.904057][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.953357][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.956726][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.137878][   T55] Bluetooth: hci2: command tx timeout
[  206.575973][ T8742] loop3: detected capacity change from 0 to 4096
[  206.691222][ T8742] ntfs3(loop3): ino=b, mi_enum_attr
[  206.702276][ T8742] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  206.708211][   T55] Bluetooth: hci1: command tx timeout
[  206.736552][ T8742] ntfs3(loop3): Failed to load $Extend (-22).
[  206.742725][ T8742] ntfs3(loop3): Failed to initialize $Extend.
[  208.143747][ T6011] bridge_slave_1: left allmulticast mode
[  208.146402][ T6011] bridge_slave_1: left promiscuous mode
[  208.188122][ T6011] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.262961][ T6011] bridge_slave_0: left allmulticast mode
[  208.294729][ T6011] bridge_slave_0: left promiscuous mode
[  208.329959][ T6011] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.793882][   T55] Bluetooth: hci1: command tx timeout
[  209.887252][ T8782] loop3: detected capacity change from 0 to 32768
[  212.168552][ T8694] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  212.357613][ T8694] usb 4-1: Using ep0 maxpacket: 16
[  212.539371][ T8694] usb 4-1: unable to get BOS descriptor or descriptor too short
[  212.544637][ T8694] usb 4-1: too many configurations: 233, using maximum allowed: 8
[  212.575292][ T8694] usb 4-1: unable to read config index 0 descriptor/start: -71
[  212.603877][ T8694] usb 4-1: can't read configurations, error -71
[  213.889874][ T8805] loop3: detected capacity change from 0 to 4096
[  213.961131][ T8805] ntfs3(loop3): ino=19, mi_enum_attr
[  213.963611][ T8805] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  214.375063][ T6011] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.401099][ T6011] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.408026][ T6011] bond0 (unregistering): Released all slaves
[  214.533461][ T8775] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  215.113651][ T8818] vivid-007: =================  START STATUS  =================
[  215.124444][ T8818] vivid-007: Generate PTS: true
[  215.136136][ T8818] vivid-007: Generate SCR: true
[  215.141229][ T8818] tpg source WxH: 320x240 (Y'CbCr)
[  215.144788][ T8818] tpg field: 1
[  215.150020][ T8818] tpg crop: (0,0)/320x240
[  215.156647][ T8818] tpg compose: (0,0)/320x240
[  215.171766][ T8818] tpg colorspace: 8
[  215.174211][ T8818] tpg transfer function: 0/0
[  215.176375][ T8818] tpg Y'CbCr encoding: 0/0
[  215.191749][ T8818] tpg quantization: 0/0
[  215.198190][ T8818] tpg RGB range: 0/2
[  215.206748][ T8818] vivid-007: ==================  END STATUS  ==================
[  215.773320][ T8830] loop4: detected capacity change from 0 to 4096
[  215.885566][ T8834] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  215.998462][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  216.166111][   T24] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  216.184722][   T24] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  216.200501][   T24] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  216.252916][   T24] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  216.256859][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.369203][   T24] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  216.372948][   T24] usb 6-1: invalid MIDI out EP 0
[  216.397588][ T6011] tipc: Left network mode
[  216.587657][ T8842] loop4: detected capacity change from 0 to 4096
[  216.679646][ T8666] udevd[8666]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  216.711414][ T8842] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  216.741958][   T24] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  216.805671][ T8842] ntfs3(loop4): ino=1a, mi_enum_attr
[  216.829264][   T24] usb 6-1: USB disconnect, device number 2
[  216.838323][ T8842] ntfs3(loop4): ino=1a, mi_enum_attr
[  216.845842][ T8842] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  217.231085][ T8851] loop4: detected capacity change from 0 to 1024
[  217.290964][ T8854] netlink: 'syz.3.1112': attribute type 1 has an invalid length.
[  217.467328][    C0] sched: DL replenish lagged too much
[  217.853896][ T8867] loop3: detected capacity change from 0 to 1024
[  217.857673][ T8867] EXT4-fs: Ignoring removed nobh option
[  217.860080][ T8867] EXT4-fs: Ignoring removed bh option
[  217.934221][ T8867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.967484][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  217.967500][   T33] audit: type=1800 audit(1757560045.616:26): pid=8867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1117" name="file1" dev="loop3" ino=15 res=0 errno=0
[  218.113105][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.056816][   T24] libceph: connect (1)[c::]:6789 error -101
[  219.069872][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  219.382658][ T8893] ceph: No mds server is up or the cluster is laggy
[  219.396731][   T24] libceph: connect (1)[c::]:6789 error -101
[  219.436717][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  219.602044][ T8909] loop3: detected capacity change from 0 to 128
[  219.642760][ T8909] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  219.683102][ T8909] hpfs: filesystem error: improperly stopped
[  219.689132][ T8909] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  219.692345][ T8909] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories
[  219.707210][ T8909] hpfs: You really don't want any checks? You are crazy...
[  219.712507][ T8909] hpfs: hpfs_map_sector(): read error
[  219.716913][ T8909] hpfs: code page support is disabled
[  219.725718][ T8909] hpfs: hpfs_map_4sectors(): unaligned read
[  219.733733][ T8909] hpfs: hpfs_map_4sectors(): unaligned read
[  219.736543][ T8909] hpfs: filesystem error: unable to find root dir
[  219.973085][ T8914] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1132'.
[  220.276937][ T8920] loop4: detected capacity change from 0 to 4096
[  220.389470][ T8923] Bluetooth: hci0: Frame reassembly failed (-84)
[  220.416482][ T4519] Bluetooth: hci0: Frame reassembly failed (-84)
[  220.430018][ T8920] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  220.443050][ T8920] ntfs3(loop4): Failed to load $UpCase (-22).
[  221.804325][ T8936] loop5: detected capacity change from 0 to 32768
[  221.837944][ T8936] 
[  221.837944][ T8936]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  221.837944][ T8936] 
[  221.870752][ T8936] read_mapping_page failed!
[  221.872938][ T8936] ERROR: (device loop5): txCommit: 
[  221.872938][ T8936] 
[  222.457553][   T55] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  234.259577][ T8664] 
[  234.259577][ T8664]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.259577][ T8664] 
[  234.279272][ T8664] 
[  234.279272][ T8664]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.279272][ T8664] 
[  234.611820][ T6011] hsr_slave_0: left promiscuous mode
[  234.645461][ T6011] hsr_slave_1: left promiscuous mode
[  234.668027][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.671133][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.733972][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.765971][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.907388][ T6011] veth1_macvtap: left promiscuous mode
[  234.909823][ T6011] veth0_macvtap: left promiscuous mode
[  234.932267][ T6011] veth1_vlan: left promiscuous mode
[  235.160901][ T8959] loop5: detected capacity change from 0 to 128
[  235.201019][ T8959] befs: (loop5): invalid magic header
[  236.268841][ T6011] team0 (unregistering): Port device vlan0 removed
[  236.798447][ T8975] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1150'.
[  237.389378][ T8983] loop5: detected capacity change from 0 to 1024
[  237.412521][ T8983] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  237.434209][ T8983] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  237.463704][ T8983] EXT4-fs (loop5): orphan cleanup on readonly fs
[  237.481579][ T8983] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.1154: Freeing blocks not in datazone - block = 0, count = 4096
[  237.494110][ T8983] EXT4-fs (loop5): 1 orphan inode deleted
[  237.507142][ T8983] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  237.531950][ T6011] team0 (unregistering): Port device team_slave_1 removed
[  237.659783][ T6011] team0 (unregistering): Port device team_slave_0 removed
[  237.686030][ T8664] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.853913][ T8988] loop5: detected capacity change from 0 to 512
[  237.945236][ T8988] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1155: casefold flag without casefold feature
[  237.958540][ T8988] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1155: couldn't read orphan inode 15 (err -117)
[  237.984385][ T8988] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.025367][ T8988] EXT4-fs warning (device loop5): ext4_empty_dir:3089: inode #2: comm syz.5.1155: directory missing '.'
[  238.096722][ T8664] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.274369][ T8992] loop5: detected capacity change from 0 to 256
[  238.286336][ T8992] exfat: Deprecated parameter 'utf8'
[  238.291338][ T8992] exfat: Deprecated parameter 'namecase'
[  238.293923][ T8992] exfat: Deprecated parameter 'namecase'
[  238.301974][ T8992] exfat: Deprecated parameter 'utf8'
[  238.320302][ T8992] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x9270b71c, utbl_chksum : 0xe619d30d)
[  239.071998][ T8994] loop5: detected capacity change from 0 to 32768
[  239.085900][ T8994] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1157 (8994)
[  239.115374][ T8994] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  239.140697][ T8994] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  239.526815][ T8957] unknown channel width for channel at 909000KHz?
[  239.661419][ T8994] BTRFS info (device loop5): enabling ssd optimizations
[  239.677780][ T8994] BTRFS info (device loop5): turning on async discard
[  239.680808][ T8994] BTRFS info (device loop5): enabling free space tree
[  240.252152][ T8664] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  240.443259][   T33] audit: type=1326 audit(1757560068.116:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.495415][   T33] audit: type=1326 audit(1757560068.116:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.607702][   T33] audit: type=1326 audit(1757560068.116:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.670477][   T33] audit: type=1326 audit(1757560068.116:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.721650][   T33] audit: type=1326 audit(1757560068.116:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.767421][   T33] audit: type=1326 audit(1757560068.116:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.872758][   T33] audit: type=1326 audit(1757560068.116:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.958127][   T33] audit: type=1326 audit(1757560068.116:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  240.967235][   T33] audit: type=1326 audit(1757560068.116:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  241.031911][   T33] audit: type=1326 audit(1757560068.116:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9009 comm="syz.3.1158" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3debb8eba9 code=0x7fc00000
[  241.298376][ T9037] loop3: detected capacity change from 0 to 1024
[  241.514216][ T9037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.896856][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.661094][ T6011] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.782068][ T9075] pim6reg1: entered promiscuous mode
[  242.784477][ T9075] pim6reg1: entered allmulticast mode
[  242.860655][ T6011] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.066945][ T6011] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.246030][ T6011] netdevsim netdevsim2  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.854260][ T6011] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.891583][ T9104] loop5: detected capacity change from 0 to 128
[  244.915077][ T9104] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  244.950404][ T6011] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.998557][ T9104] FAT-fs (loop5): FAT read failed (blocknr 128)
[  245.048886][ T6011] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.341357][ T6011] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.379973][ T9121] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  245.481782][ T9132] loop4: detected capacity change from 0 to 256
[  245.491108][ T9123] loop3: detected capacity change from 0 to 40427
[  245.516882][ T9132] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  245.534437][ T9123] F2FS-fs (loop3): invalid crc value
[  245.572316][ T9123] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  245.576481][ T9123] F2FS-fs (loop3): Start checkpoint disabled!
[  245.584061][ T9123] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  245.674051][ T9123] bio_check_eod: 7490 callbacks suppressed
[  245.674067][ T9123] syz.3.1187: attempt to access beyond end of device
[  245.674067][ T9123] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  245.728890][ T4682] kworker/u10:6: attempt to access beyond end of device
[  245.728890][ T4682] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  245.735902][ T4682] CPU: 1 UID: 0 PID: 4682 Comm: kworker/u10:6 Not tainted syzkaller #0 PREEMPT(full) 
[  245.735916][ T4682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  245.735922][ T4682] Workqueue: writeback wb_workfn (flush-7:3)
[  245.735938][ T4682] Call Trace:
[  245.735942][ T4682]  <TASK>
[  245.735946][ T4682]  dump_stack_lvl+0x189/0x250
[  245.735960][ T4682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.735968][ T4682]  ? __pfx_queue_work_on+0x10/0x10
[  245.735976][ T4682]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  245.735988][ T4682]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.736003][ T4682]  f2fs_handle_critical_error+0x37c/0x540
[  245.736018][ T4682]  f2fs_write_end_io+0x886/0xb60
[  245.736034][ T4682]  __submit_merged_bio+0x27a/0x6a0
[  245.736047][ T4682]  __submit_merged_write_cond+0x255/0x530
[  245.736060][ T4682]  f2fs_write_data_pages+0x261d/0x3000
[  245.736081][ T4682]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  245.736094][ T4682]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  245.736116][ T4682]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  245.736131][ T4682]  ? trace_f2fs_writepages+0x7f/0x200
[  245.736141][ T4682]  ? f2fs_write_node_pages+0x478/0x6e0
[  245.736152][ T4682]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  245.736196][ T4682]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  245.736206][ T4682]  do_writepages+0x32e/0x550
[  245.736218][ T4682]  ? reacquire_held_locks+0x127/0x1d0
[  245.736225][ T4682]  ? writeback_sb_inodes+0x384/0x1010
[  245.736238][ T4682]  __writeback_single_inode+0x145/0xff0
[  245.736247][ T4682]  ? do_raw_spin_unlock+0x4d/0x240
[  245.736257][ T4682]  writeback_sb_inodes+0x6c7/0x1010
[  245.736277][ T4682]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  245.736304][ T4682]  ? rcu_is_watching+0x15/0xb0
[  245.736315][ T4682]  wb_writeback+0x43b/0xaf0
[  245.736328][ T4682]  ? queue_io+0x3d1/0x590
[  245.736337][ T4682]  ? __pfx_wb_writeback+0x10/0x10
[  245.736350][ T4682]  ? _raw_spin_unlock_irq+0x23/0x50
[  245.736362][ T4682]  wb_workfn+0x409/0xef0
[  245.736376][ T4682]  ? __pfx_wb_workfn+0x10/0x10
[  245.736385][ T4682]  ? __lock_acquire+0xab9/0xd20
[  245.736400][ T4682]  ? process_scheduled_works+0x9ef/0x17b0
[  245.736410][ T4682]  ? _raw_spin_unlock_irq+0x23/0x50
[  245.736419][ T4682]  ? process_scheduled_works+0x9ef/0x17b0
[  245.736425][ T4682]  ? process_scheduled_works+0x9ef/0x17b0
[  245.736432][ T4682]  process_scheduled_works+0xae1/0x17b0
[  245.736452][ T4682]  ? __pfx_process_scheduled_works+0x10/0x10
[  245.736467][ T4682]  worker_thread+0x8a0/0xda0
[  245.736475][ T4682]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.736489][ T4682]  ? __kthread_parkme+0x7b/0x200
[  245.736501][ T4682]  kthread+0x711/0x8a0
[  245.736511][ T4682]  ? __pfx_worker_thread+0x10/0x10
[  245.736518][ T4682]  ? __pfx_kthread+0x10/0x10
[  245.736527][ T4682]  ? _raw_spin_unlock_irq+0x23/0x50
[  245.736536][ T4682]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.736542][ T4682]  ? __pfx_kthread+0x10/0x10
[  245.736551][ T4682]  ret_from_fork+0x3fc/0x770
[  245.736560][ T4682]  ? __pfx_ret_from_fork+0x10/0x10
[  245.736570][ T4682]  ? __switch_to_asm+0x39/0x70
[  245.736586][ T4682]  ? __switch_to_asm+0x33/0x70
[  245.736593][ T4682]  ? __pfx_kthread+0x10/0x10
[  245.736602][ T4682]  ret_from_fork_asm+0x1a/0x30
[  245.736618][ T4682]  </TASK>
[  245.736621][ T4682] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  245.853696][ T6011] bridge_slave_1: left allmulticast mode
[  245.855880][ T6011] bridge_slave_1: left promiscuous mode
[  245.862530][ T6011] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.880522][ T6011] bridge_slave_0: left allmulticast mode
[  245.882445][ T6011] bridge_slave_0: left promiscuous mode
[  245.884520][ T6011] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.999354][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  246.174530][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.180028][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  246.202061][    T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  246.210556][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  246.214026][    T9] usb 5-1: SerialNumber: syz
[  246.331991][   T33] kauditd_printk_skb: 6 callbacks suppressed
[  246.332001][   T33] audit: type=1326 audit(1757560074.006:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9157 comm="syz.5.1196" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61138eba9 code=0x7ffc0000
[  246.370313][   T33] audit: type=1326 audit(1757560074.016:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9157 comm="syz.5.1196" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61138eba9 code=0x7ffc0000
[  246.390048][   T33] audit: type=1326 audit(1757560074.016:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9157 comm="syz.5.1196" exe="/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fe61138eba9 code=0x7ffc0000
[  246.399412][   T33] audit: type=1326 audit(1757560074.016:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9157 comm="syz.5.1196" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61138eba9 code=0x7ffc0000
[  246.444324][    T9] usb 5-1: 0:2 : does not exist
[  246.508087][   T33] audit: type=1326 audit(1757560074.016:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9157 comm="syz.5.1196" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe61138eba9 code=0x7ffc0000
[  246.543394][    T9] usb 5-1: USB disconnect, device number 2
[  246.566639][ T9164] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1198'.
[  246.980338][ T8963] udevd[8963]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  247.212013][ T6011] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.219696][ T6011] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.225077][ T6011] bond0 (unregistering): Released all slaves
[  247.398091][   T24] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  247.506996][ T9181] loop5: detected capacity change from 0 to 512
[  247.554398][ T9181] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1205: casefold flag without casefold feature
[  247.569062][ T9181] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1205: couldn't read orphan inode 15 (err -117)
[  247.574854][   T24] usb 4-1: config 2 has an invalid interface number: 20 but max is 0
[  247.579200][   T24] usb 4-1: config 2 has no interface number 0
[  247.583715][ T9181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.600701][   T24] usb 4-1: New USB device found, idVendor=0c0b, idProduct=a109, bcdDevice=17.a3
[  247.606671][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.614072][   T24] usb 4-1: Product: syz
[  247.617100][   T24] usb 4-1: Manufacturer: syz
[  247.620778][   T24] usb 4-1: SerialNumber: syz
[  247.808065][ T8664] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.873652][   T24] ums-datafab 4-1:2.20: USB Mass Storage device detected
[  247.916077][   T24] ums-datafab 4-1:2.20: Quirks match for vid 0c0b pid a109: 1
[  247.996762][   T24] ums-sddr55 4-1:2.20: USB Mass Storage device detected
[  248.084319][   T24] usb 4-1: USB disconnect, device number 4
[  248.328012][ T9193] block nbd5: Attempted send on invalid socket
[  248.328232][ T6011] bond0 (unregistering): Released all slaves
[  248.331063][ T9193] blk_print_req_error: 24 callbacks suppressed
[  248.331077][ T9193] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  248.342718][ T9193] ADFS-fs (nbd5): error: unable to read block 3, try 0
[  249.867591][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  249.892629][ T9243] loop8: detected capacity change from 0 to 8
[  249.907520][ T9243] Dev loop8: unable to read RDB block 8
[  249.917971][ T9243]  loop8: unable to read partition table
[  249.920735][ T9243] loop8: partition table beyond EOD, truncated
[  249.932467][ T9243] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5)
[  250.054234][   T24] usb 6-1: config 1 has an invalid interface number: 7 but max is 0
[  250.063304][   T24] usb 6-1: config 1 has no interface number 0
[  250.066013][   T24] usb 6-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  250.078929][   T24] usb 6-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 65
[  250.083070][   T24] usb 6-1: config 1 interface 7 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  250.088782][ T6011] hsr_slave_0: left promiscuous mode
[  250.091955][ T9251] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1228'.
[  250.108851][ T6011] hsr_slave_1: left promiscuous mode
[  250.110521][   T24] usb 6-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  250.114959][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.118796][   T24] usb 6-1: Product: syz
[  250.119525][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.120863][   T24] usb 6-1: Manufacturer: syz
[  250.123880][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.125971][   T24] usb 6-1: SerialNumber: syz
[  250.140072][ T9233] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  250.154314][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.163870][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.202393][ T6011] hsr_slave_0: left promiscuous mode
[  250.215158][ T6011] hsr_slave_1: left promiscuous mode
[  250.228789][ T9258] comedi comedi0: Minor 3 could not be opened
[  250.318158][ T6011] veth1_macvtap: left promiscuous mode
[  250.320649][ T6011] veth0_macvtap: left promiscuous mode
[  250.327666][ T6011] veth1_vlan: left promiscuous mode
[  250.333495][ T6011] veth0_vlan: left promiscuous mode
[  250.371700][   T24] usb 6-1: Error in usbnet_get_endpoints (-71)
[  250.394093][   T24] usb 6-1: USB disconnect, device number 3
[  250.411106][ T6011] veth1_macvtap: left promiscuous mode
[  250.418829][ T6011] veth0_macvtap: left promiscuous mode
[  250.422346][ T6011] veth1_vlan: left promiscuous mode
[  250.431003][ T6011] veth0_vlan: left promiscuous mode
[  251.162437][ T9267] loop3: detected capacity change from 0 to 32768
[  251.832060][ T9289] loop3: detected capacity change from 0 to 1024
[  251.836219][ T9289] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  251.935142][ T9289] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  251.941578][ T9289] EXT4-fs (loop3): orphan cleanup on readonly fs
[  251.995946][ T9289] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  252.006225][ T9292] binder: 9291:9292 ioctl c0306201 200000000080 returned -14
[  252.013771][ T9289] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  252.031459][ T9289] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1242: Failed to acquire dquot type 0
[  252.038080][ T9289] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  252.042581][ T9289] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  252.066655][ T9289] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1242: Failed to acquire dquot type 0
[  252.105814][ T9289] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1242: Freeing blocks not in datazone - block = 0, count = 4096
[  252.152703][ T9289] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  252.158953][ T6011] team0 (unregistering): Port device team_slave_1 removed
[  252.160675][ T9289] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  252.166768][ T9289] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1242: Failed to acquire dquot type 0
[  252.191549][ T9289] EXT4-fs (loop3): 1 orphan inode deleted
[  252.199668][ T9289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.257445][ T6011] team0 (unregistering): Port device team_slave_0 removed
[  252.278912][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.352989][ T9298] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  252.726059][ T9312] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1254'.
[  252.808148][ T9316] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  252.822229][ T9316] CIFS mount error: No usable UNC path provided in device string!
[  252.822229][ T9316] 
[  252.835584][ T9316] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  252.948838][ T9320] loop5: detected capacity change from 0 to 128
[  252.972540][ T9320] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  252.982212][ T9320] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.036467][ T8664] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  253.466777][ T9332] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  253.542034][ T9334] loop5: detected capacity change from 0 to 1024
[  253.568266][ T9334] hfsplus: bad catalog entry type
[  253.599153][  T453] hfsplus: b-tree write err: -5, ino 4
[  253.974572][ T9346] loop5: detected capacity change from 0 to 1024
[  254.015749][   T33] audit: type=1800 audit(1757560081.686:48): pid=9346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1270" name="file1" dev="loop5" ino=2 res=0 errno=0
[  254.038893][ T9346] hfsplus: invalid catalog entry type
[  254.090130][   T27] hfsplus: bad catalog folder entry
[  254.092778][   T27] hfsplus: bad catalog file entry
[  254.797631][   T24] lo speed is unknown, defaulting to 1000
[  254.800303][   T24] syz0: Port: 1 Link DOWN
[  254.827203][ T9308] netlink: 'syz.3.1252': attribute type 1 has an invalid length.
[  254.835480][ T9308] netlink: 'syz.3.1252': attribute type 2 has an invalid length.
[  255.029080][ T9360] sctp: [Deprecated]: syz.4.1276 (pid 9360) Use of int in max_burst socket option deprecated.
[  255.029080][ T9360] Use struct sctp_assoc_value instead
[  255.502066][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.504792][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  255.644039][ T9382] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1283'.
[  255.798737][   T55] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  255.803137][   T55] CPU: 1 UID: 0 PID: 55 Comm: kworker/u11:0 Not tainted syzkaller #0 PREEMPT(full) 
[  255.803158][   T55] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  255.803193][   T55] Workqueue: hci2 hci_rx_work
[  255.803220][   T55] Call Trace:
[  255.803229][   T55]  <TASK>
[  255.803235][   T55]  dump_stack_lvl+0x189/0x250
[  255.803252][   T55]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.803264][   T55]  ? __pfx__printk+0x10/0x10
[  255.803284][   T55]  ? kernfs_path_from_node+0x250/0x290
[  255.803295][   T55]  ? kernfs_path_from_node+0x2f/0x290
[  255.803309][   T55]  sysfs_create_dir_ns+0x259/0x280
[  255.803323][   T55]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  255.803336][   T55]  ? do_raw_spin_unlock+0x4d/0x240
[  255.803352][   T55]  kobject_add_internal+0x59f/0xb40
[  255.803369][   T55]  kobject_add+0x155/0x220
[  255.803382][   T55]  ? __pfx_kobject_add+0x10/0x10
[  255.803392][   T55]  ? _raw_spin_unlock+0x28/0x50
[  255.803407][   T55]  ? get_device_parent+0x366/0x3a0
[  255.803421][   T55]  device_add+0x408/0xb50
[  255.803455][   T55]  hci_conn_add_sysfs+0xd5/0x1e0
[  255.803473][   T55]  le_conn_complete_evt+0xc3a/0x1220
[  255.803492][   T55]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  255.803504][   T55]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  255.803514][   T55]  ? __asan_memcpy+0x40/0x70
[  255.803529][   T55]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  255.803540][   T55]  ? skb_pull_data+0xfb/0x200
[  255.803557][   T55]  hci_le_conn_complete_evt+0x187/0x450
[  255.803576][   T55]  hci_event_packet+0x78f/0x1200
[  255.803591][   T55]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  255.803606][   T55]  ? __pfx_hci_event_packet+0x10/0x10
[  255.803619][   T55]  ? kcov_remote_start+0x4d3/0x7f0
[  255.803631][   T55]  ? lockdep_hardirqs_on+0x90/0x150
[  255.803642][   T55]  ? hci_send_to_monitor+0xe2/0x570
[  255.803654][   T55]  hci_rx_work+0x46a/0xe80
[  255.803672][   T55]  ? process_scheduled_works+0x9ef/0x17b0
[  255.803683][   T55]  process_scheduled_works+0xae1/0x17b0
[  255.803709][   T55]  ? __pfx_process_scheduled_works+0x10/0x10
[  255.803728][   T55]  worker_thread+0x8a0/0xda0
[  255.803753][   T55]  kthread+0x711/0x8a0
[  255.803766][   T55]  ? __pfx_worker_thread+0x10/0x10
[  255.803774][   T55]  ? __pfx_kthread+0x10/0x10
[  255.803786][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.803804][   T55]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.803811][   T55]  ? __pfx_kthread+0x10/0x10
[  255.803822][   T55]  ret_from_fork+0x3fc/0x770
[  255.803834][   T55]  ? __pfx_ret_from_fork+0x10/0x10
[  255.803847][   T55]  ? __switch_to_asm+0x39/0x70
[  255.803860][   T55]  ? __switch_to_asm+0x33/0x70
[  255.803872][   T55]  ? __pfx_kthread+0x10/0x10
[  255.803885][   T55]  ret_from_fork_asm+0x1a/0x30
[  255.803910][   T55]  </TASK>
[  255.803937][   T55] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  255.938331][ T9376] loop3: detected capacity change from 0 to 512
[  255.949759][   T55] Bluetooth: hci2: failed to register connection device
[  255.974278][ T9392] loop5: detected capacity change from 0 to 512
[  256.001848][ T9376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.023393][ T9376] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.080949][ T9392] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  256.095066][ T9392] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.151708][ T6011] IPVS: stop unused estimator thread 0...
[  256.233690][ T8664] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  256.410278][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.506052][ T9409] netlink: 'syz.4.1289': attribute type 9 has an invalid length.
[  256.530280][ T9409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1289'.
[  256.629703][ T9411] : entered promiscuous mode
[  257.416765][ T9416] loop5: detected capacity change from 0 to 32768
[  257.480461][ T9416] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  257.663795][ T8664] ocfs2: Unmounting device (7,5) on (node local)
[  257.667703][   T55] Bluetooth: hci1: command 0x0405 tx timeout
[  257.922821][ T9444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1301'.
[  257.971610][ T9446] bridge0: port 3(erspan0) entered blocking state
[  257.986213][ T9446] bridge0: port 3(erspan0) entered disabled state
[  258.000217][ T9446] erspan0: entered allmulticast mode
[  258.010443][ T9446] erspan0: entered promiscuous mode
[  258.014024][ T9446] bridge0: port 3(erspan0) entered blocking state
[  258.019713][ T9446] bridge0: port 3(erspan0) entered forwarding state
[  258.035465][ T9449] erspan0: left allmulticast mode
[  258.038957][ T9449] erspan0: left promiscuous mode
[  258.044430][ T9449] bridge0: port 3(erspan0) entered disabled state
[  258.120926][ T9451] loop3: detected capacity change from 0 to 1024
[  258.130430][ T9451] EXT4-fs: Ignoring removed bh option
[  258.136433][ T9451] EXT4-fs: inline encryption not supported
[  258.143324][ T9451] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  258.151288][ T9451] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0001]
[  258.159425][ T9451] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.1303: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  258.167217][ T9451] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1303: couldn't read orphan inode 11 (err -117)
[  258.183248][ T9451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.233953][ T9451] System zones: 0-1, 3-12
[  258.239478][ T9451] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  258.282987][ T8595] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.359159][ T9457] loop3: detected capacity change from 0 to 1024
[  258.455320][ T8595] hfsplus: bad catalog entry type
[  258.542614][ T9455] loop5: detected capacity change from 0 to 32768
[  258.596827][   T33] audit: type=1800 audit(1757560086.266:49): pid=9455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1304" name="file1" dev="loop5" ino=4 res=0 errno=0
[  258.714835][  T453] hfsplus: b-tree write err: -5, ino 4
[  258.874957][ T5967] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.973979][ T5967] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.150739][ T5967] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.276507][ T5967] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.366437][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  259.374708][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  259.381595][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  259.385220][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  259.389625][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  259.499623][ T5967] bridge_slave_1: left allmulticast mode
[  259.510701][ T5967] bridge_slave_1: left promiscuous mode
[  259.523566][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.539727][ T5967] bridge_slave_0: left allmulticast mode
[  259.548125][ T5967] bridge_slave_0: left promiscuous mode
[  259.553369][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.145358][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.155728][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.162584][ T5967] bond0 (unregistering): Released all slaves
[  260.261078][ T5967] : left promiscuous mode
[  260.789216][ T9491] loop5: detected capacity change from 0 to 32768
[  260.880826][ T9491] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  260.917607][ T9491] XFS (loop5): Ending clean mount
[  260.927573][ T9491] XFS (loop5): Quotacheck needed: Please wait.
[  260.967704][ T9491] XFS (loop5): Quotacheck: Done.
[  261.113687][ T8664] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  261.226456][ T5967] hsr_slave_0: left promiscuous mode
[  261.260402][ T5967] hsr_slave_1: left promiscuous mode
[  261.278683][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.281865][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.305722][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.320673][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.408080][ T5967] veth1_macvtap: left promiscuous mode
[  261.412025][ T5967] veth0_macvtap: left promiscuous mode
[  261.414499][ T5967] veth1_vlan: left promiscuous mode
[  261.416833][ T5967] veth0_vlan: left promiscuous mode
[  261.427657][ T5936] Bluetooth: hci0: command tx timeout
[  261.498877][ T9520] loop4: detected capacity change from 0 to 32768
[  262.101284][ T9528] loop5: detected capacity change from 0 to 32768
[  262.264360][ T9528] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  262.264385][ T9528]   allowing incompatible features above 0.0: (unknown version)
[  262.264393][ T9528]   features: 
[  262.286624][ T9528] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  262.290637][ T9528] bcachefs (loop5): initializing new filesystem
[  262.311478][ T9528] bcachefs (loop5): going read-write
[  262.360014][ T9528] bcachefs (loop5): marking superblocks
[  262.409073][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  262.454419][ T9528] bcachefs (loop5): initializing freespace
[  262.476987][ T9528] bcachefs (loop5): done initializing freespace
[  262.506157][ T9528] bcachefs (loop5): reading snapshots table
[  262.509471][ T9528] bcachefs (loop5): reading snapshots done
[  262.531865][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  262.612558][ T9528] bcachefs (loop5): done starting filesystem
[  262.949158][ T8664] bcachefs (loop5): shutting down
[  262.956431][ T8664] bcachefs (loop5): going read-only
[  262.959003][ T8664] bcachefs (loop5): finished waiting for writes to stop
[  262.964202][ T8664] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  263.038395][ T8664] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 4
[  263.054518][ T8664] bcachefs (loop5): clean shutdown complete, journal seq 5
[  263.059835][ T8664] bcachefs (loop5): marking filesystem clean
[  263.105483][ T8664] bcachefs (loop5): shutdown complete
[  263.378952][ T9483] chnl_net:caif_netlink_parms(): no params data found
[  263.502917][ T5936] Bluetooth: hci0: command tx timeout
[  263.540637][ T9483] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.543468][ T9483] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.546543][ T9483] bridge_slave_0: entered allmulticast mode
[  263.553976][ T9483] bridge_slave_0: entered promiscuous mode
[  263.562076][ T9553] Falling back ldisc for ttyS3.
[  263.565302][ T9483] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.580126][ T9483] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.582626][ T9483] bridge_slave_1: entered allmulticast mode
[  263.585662][ T9483] bridge_slave_1: entered promiscuous mode
[  263.655855][ T9483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.667049][ T9483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.694601][ T9483] team0: Port device team_slave_0 added
[  263.702995][ T9483] team0: Port device team_slave_1 added
[  263.800424][ T9483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.803578][ T9483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.824082][ T9483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.835426][ T9483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.839994][ T9483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.854987][ T9483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.915472][ T9576] loop4: detected capacity change from 0 to 1024
[  263.945429][ T9483] hsr_slave_0: entered promiscuous mode
[  263.948089][ T9483] hsr_slave_1: entered promiscuous mode
[  264.054454][ T1088] hfsplus: b-tree write err: -5, ino 4
[  264.175045][ T9583] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1337'.
[  264.203024][ T9483] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  264.210328][ T9483] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  264.230687][ T9483] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  264.241816][ T9483] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  264.362360][ T9483] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.365414][ T9483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.368720][ T9483] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.371786][ T9483] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.416436][   T27] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.443061][   T27] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.632584][ T9483] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.670655][ T9483] 8021q: adding VLAN 0 to HW filter on device team0
[  264.692626][ T4519] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.695962][ T4519] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.724449][ T4519] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.727597][ T4519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.775542][ T9483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  264.794012][ T9483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  265.084587][ T9483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.114373][ T9603] loop5: detected capacity change from 0 to 32768
[  265.140641][ T9603] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1341 (9603)
[  265.156510][ T9597] loop4: detected capacity change from 0 to 40427
[  265.225805][ T9603] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  265.231493][ T9597] F2FS-fs (loop4): invalid crc value
[  265.248086][ T9603] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  265.332581][ T9597] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  265.337024][ T9597] F2FS-fs (loop4): Start checkpoint disabled!
[  265.348129][ T9597] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  265.390814][ T9603] BTRFS info (device loop5): allowing degraded mounts
[  265.393558][ T9603] BTRFS info (device loop5): enabling ssd optimizations
[  265.396431][ T9603] BTRFS info (device loop5): enabling free space tree
[  265.409733][ T9603] BTRFS info (device loop5): force zlib compression, level 3
[  265.480792][ T1206] kworker/u9:10: attempt to access beyond end of device
[  265.480792][ T1206] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  265.496394][ T1206] CPU: 0 UID: 0 PID: 1206 Comm: kworker/u9:10 Not tainted syzkaller #0 PREEMPT(full) 
[  265.496417][ T1206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  265.496425][ T1206] Workqueue: writeback wb_workfn (flush-7:4)
[  265.496449][ T1206] Call Trace:
[  265.496455][ T1206]  <TASK>
[  265.496461][ T1206]  dump_stack_lvl+0x189/0x250
[  265.496482][ T1206]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.496496][ T1206]  ? __pfx_queue_work_on+0x10/0x10
[  265.496509][ T1206]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  265.496539][ T1206]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  265.496567][ T1206]  f2fs_handle_critical_error+0x37c/0x540
[  265.496591][ T1206]  f2fs_write_end_io+0x886/0xb60
[  265.496620][ T1206]  __submit_merged_bio+0x27a/0x6a0
[  265.496642][ T1206]  __submit_merged_write_cond+0x255/0x530
[  265.496665][ T1206]  f2fs_write_data_pages+0x261d/0x3000
[  265.496727][ T1206]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  265.496752][ T1206]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  265.496793][ T1206]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  265.496810][ T1206]  ? look_up_lock_class+0x74/0x170
[  265.496831][ T1206]  ? trace_f2fs_writepages+0x7f/0x200
[  265.496848][ T1206]  ? f2fs_write_node_pages+0x478/0x6e0
[  265.496869][ T1206]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  265.496898][ T1206]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  265.496910][ T1206]  do_writepages+0x32e/0x550
[  265.496931][ T1206]  ? reacquire_held_locks+0x127/0x1d0
[  265.496944][ T1206]  ? writeback_sb_inodes+0x384/0x1010
[  265.496966][ T1206]  __writeback_single_inode+0x145/0xff0
[  265.496980][ T1206]  ? do_raw_spin_unlock+0x4d/0x240
[  265.496998][ T1206]  writeback_sb_inodes+0x6c7/0x1010
[  265.497036][ T1206]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  265.497087][ T1206]  ? rcu_is_watching+0x15/0xb0
[  265.497107][ T1206]  wb_writeback+0x43b/0xaf0
[  265.497128][ T1206]  ? queue_io+0x3d1/0x590
[  265.497145][ T1206]  ? __pfx_wb_writeback+0x10/0x10
[  265.497167][ T1206]  ? _raw_spin_unlock_irq+0x23/0x50
[  265.497218][ T1206]  wb_workfn+0x409/0xef0
[  265.497244][ T1206]  ? __pfx_wb_workfn+0x10/0x10
[  265.497262][ T1206]  ? __lock_acquire+0xab9/0xd20
[  265.497288][ T1206]  ? process_scheduled_works+0x9ef/0x17b0
[  265.497306][ T1206]  ? _raw_spin_unlock_irq+0x23/0x50
[  265.497320][ T1206]  ? process_scheduled_works+0x9ef/0x17b0
[  265.497331][ T1206]  ? process_scheduled_works+0x9ef/0x17b0
[  265.497344][ T1206]  process_scheduled_works+0xae1/0x17b0
[  265.497381][ T1206]  ? __pfx_process_scheduled_works+0x10/0x10
[  265.497407][ T1206]  worker_thread+0x8a0/0xda0
[  265.497423][ T1206]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  265.497446][ T1206]  ? __kthread_parkme+0x7b/0x200
[  265.497467][ T1206]  kthread+0x711/0x8a0
[  265.497484][ T1206]  ? __pfx_worker_thread+0x10/0x10
[  265.497495][ T1206]  ? __pfx_kthread+0x10/0x10
[  265.497511][ T1206]  ? _raw_spin_unlock_irq+0x23/0x50
[  265.497533][ T1206]  ? lockdep_hardirqs_on+0x9c/0x150
[  265.497543][ T1206]  ? __pfx_kthread+0x10/0x10
[  265.497558][ T1206]  ret_from_fork+0x3fc/0x770
[  265.497574][ T1206]  ? __pfx_ret_from_fork+0x10/0x10
[  265.497610][ T1206]  ? __switch_to_asm+0x39/0x70
[  265.497626][ T1206]  ? __switch_to_asm+0x33/0x70
[  265.497639][ T1206]  ? __pfx_kthread+0x10/0x10
[  265.497653][ T1206]  ret_from_fork_asm+0x1a/0x30
[  265.497681][ T1206]  </TASK>
[  265.630734][ T5936] Bluetooth: hci0: command tx timeout
[  265.645421][ T9483] veth0_vlan: entered promiscuous mode
[  265.656869][ T1206] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  265.677622][ T8664] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  265.687125][ T9483] veth1_vlan: entered promiscuous mode
[  265.742581][ T9483] veth0_macvtap: entered promiscuous mode
[  265.748802][ T9483] veth1_macvtap: entered promiscuous mode
[  265.763718][ T9483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.773724][ T9483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.785358][ T5967] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.789239][ T6011] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.793006][ T5967] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.796720][ T5967] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.056377][ T1206] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.075417][ T1206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.148343][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.152658][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.349789][ T9651] loop5: detected capacity change from 0 to 1024
[  266.373811][   T33] audit: type=1800 audit(1757560094.046:50): pid=9651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1345" name="file1" dev="loop5" ino=20 res=0 errno=0
[  266.825591][ T9655] Bluetooth: MGMT ver 1.23
[  266.828938][ T9655] raw_sendmsg: syz.4.1342 forgot to set AF_INET. Fix it!
[  266.834199][ T9655] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1342'.
[  266.894103][ T9662] loop6: detected capacity change from 0 to 128
[  266.917065][ T9662] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  266.926345][ T9662] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  267.056770][ T9483] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  267.657578][ T5936] Bluetooth: hci0: command tx timeout
[  268.147719][  T792] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  268.328696][  T792] usb 5-1: Using ep0 maxpacket: 16
[  268.340003][  T792] usb 5-1: unable to get BOS descriptor or descriptor too short
[  268.351054][  T792] usb 5-1: config 3 has an invalid interface number: 24 but max is 2
[  268.354740][  T792] usb 5-1: config 3 has an invalid interface number: 24 but max is 2
[  268.366162][  T792] usb 5-1: config 3 has an invalid interface number: 102 but max is 2
[  268.387013][  T792] usb 5-1: config 3 has 2 interfaces, different from the descriptor's value: 3
[  268.397494][  T792] usb 5-1: config 3 has no interface number 0
[  268.400119][  T792] usb 5-1: config 3 has no interface number 1
[  268.414976][  T792] usb 5-1: config 3 interface 24 has no altsetting 1
[  268.424119][  T792] usb 5-1: config 3 interface 102 has no altsetting 0
[  268.439434][  T792] usb 5-1: New USB device found, idVendor=22b8, idProduct=4244, bcdDevice=9d.e8
[  268.443526][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.457460][  T792] usb 5-1: Product: syz
[  268.467876][  T792] usb 5-1: Manufacturer: syz
[  268.472639][  T792] usb 5-1: SerialNumber: syz
[  268.743793][ T9683] loop5: detected capacity change from 0 to 32768
[  268.766993][ T9683] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1355 (9683)
[  268.812970][ T9683] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  268.815262][  T792] usb 5-1: USB disconnect, device number 3
[  268.835015][ T9683] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  269.012997][ T1206] BTRFS error (device loop5): bad fsid on logical 5287936 mirror 1
[  269.017808][ T9683] BTRFS warning (device loop5): failed to read root (objectid=4): -5
[  269.141313][ T9683] BTRFS error (device loop5): open_ctree failed: -5
[  269.607486][ T8694] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  269.669976][ T9706] loop6: detected capacity change from 0 to 40427
[  269.684876][ T9706] F2FS-fs (loop6): build fault injection rate: 1
[  269.705646][ T9706] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  269.714627][ T9706] F2FS-fs (loop6): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x6a/0x1b0
[  269.721164][ T9706] F2FS-fs (loop6): Failed to read F2FS meta data inode
[  269.761248][ T8694] usb 6-1: Using ep0 maxpacket: 16
[  269.769522][ T8694] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[  269.774494][ T8694] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  269.791450][ T8694] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  269.807530][ T8694] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  269.821219][ T8694] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  269.829751][ T8694] usb 6-1: config 0 has no interface number 0
[  269.834994][ T8694] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  269.847935][ T8694] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  269.859165][ T8694] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  269.866937][ T8694] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  269.880658][ T8694] usb 6-1: config 0 interface 125 has no altsetting 0
[  269.889936][ T8694] usb 6-1: config 0 interface 125 has no altsetting 2
[  269.900916][ T8694] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  269.906269][ T8694] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.917519][ T8694] usb 6-1: Product: syz
[  269.920754][ T8694] usb 6-1: Manufacturer: syz
[  269.925141][ T8694] usb 6-1: SerialNumber: syz
[  269.949276][ T8694] usb 6-1: config 0 descriptor??
[  269.960513][ T8694] usb 6-1: selecting invalid altsetting 2
[  270.465896][ T9737] loop4: detected capacity change from 0 to 128
[  270.475240][ T9737] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  270.854104][ T9756] netlink: 'syz.4.1370': attribute type 1 has an invalid length.
[  271.015751][  T792] usb 6-1: USB disconnect, device number 4
[  271.031444][ T9765] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1373'.
[  271.044104][ T9765] netlink: 120 bytes leftover after parsing attributes in process `syz.4.1373'.
[  271.065508][ T9765] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1373'.
[  271.147171][ T9771] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1375'.
[  271.285308][ T9775] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  271.694851][ T9791] loop6: detected capacity change from 0 to 32768
[  271.698682][ T9791] btrfs: Deprecated parameter 'usebackuproot'
[  271.701323][ T9791] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  271.708410][ T9791] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1380 (9791)
[  271.721958][ T9791] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  271.726163][ T9791] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  271.991899][ T9791] BTRFS info (device loop6): rebuilding free space tree
[  272.030536][ T9791] BTRFS info (device loop6): enabling ssd optimizations
[  272.033538][ T9791] BTRFS info (device loop6): using spread ssd allocation scheme
[  272.036784][ T9791] BTRFS info (device loop6): enabling free space tree
[  272.039817][ T9791] BTRFS info (device loop6): force clearing of disk cache
[  272.042840][ T9791] BTRFS info (device loop6): enabling auto defrag
[  272.045574][ T9791] BTRFS info (device loop6): doing ref verification
[  272.048546][ T9791] BTRFS info (device loop6): trying to use backup root at mount time
[  272.051810][ T9791] BTRFS info (device loop6): max_inline set to 4096
[  272.124691][ T9817] BTRFS info (device loop6): space_info DATA+METADATA (sub-group id 0) has 159744 free, is not full
[  272.130066][ T9817] BTRFS info (device loop6): space_info total=3276800, used=45056, pinned=12288, reserved=16384, may_use=3043328, readonly=0 zone_unusable=0
[  272.136240][ T9817] BTRFS info (device loop6): global_block_rsv: size 1441792 reserved 1441792
[  272.140720][ T9817] BTRFS info (device loop6): trans_block_rsv: size 0 reserved 0
[  272.144037][ T9817] BTRFS info (device loop6): chunk_block_rsv: size 0 reserved 0
[  272.147474][ T9817] BTRFS info (device loop6): delayed_block_rsv: size 0 reserved 0
[  272.150880][ T9817] BTRFS info (device loop6): delayed_refs_rsv: size 819200 reserved 778240
[  272.465867][ T9483] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.501275][ T9815] usb usb8: usbfs: process 9815 (syz.4.1378) did not claim interface 0 before use
[  272.936403][ T9831] loop5: detected capacity change from 0 to 128
[  272.940816][ T9831] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  272.946048][ T9831] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  273.178605][ T6042] usb 7-1: new low-speed USB device number 2 using dummy_hcd
[  273.199625][ T9836] program syz.4.1390 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  273.510986][ T6042] usb 7-1: string descriptor 0 read error: -22
[  273.513964][ T6042] usb 7-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  273.525326][ T6042] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.543140][ T6042] usb 7-1: config 0 descriptor??
[  273.547937][ T6042] usbtest 7-1:0.0: FX2 device
[  273.549909][ T6042] usbtest 7-1:0.0: low-speed {control intr-in intr-out} tests (+alt)
[  273.758694][ T5845] usb 7-1: USB disconnect, device number 2
[  273.807534][ T6242] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  273.856749][  T453] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  273.928652][ T9843] loop5: detected capacity change from 0 to 256
[  273.935135][ T9843] vfat: Bad value for 'utf8'
[  273.959805][ T6242] usb 5-1: Using ep0 maxpacket: 8
[  273.972441][ T6242] usb 5-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice=3a.11
[  273.984776][ T6242] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.988877][ T6242] usb 5-1: Product: syz
[  273.990781][ T6242] usb 5-1: Manufacturer: syz
[  273.992723][ T6242] usb 5-1: SerialNumber: syz
[  274.001902][ T6242] usb 5-1: config 0 descriptor??
[  274.010251][ T6242] gspca_main: vc032x-2.14.0 probing 046d:0896
[  274.216524][ T6242] gspca_vc032x: reg_r err -71
[  274.218847][ T6242] vc032x 5-1:0.0: probe with driver vc032x failed with error -71
[  274.227387][ T6242] usb 5-1: USB disconnect, device number 4
[  274.321866][ T9847] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1395'.
[  274.625984][ T9858] loop6: detected capacity change from 0 to 1024
[  274.653740][ T9858] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  274.659567][ T9858] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.671051][   T33] audit: type=1800 audit(1757560102.346:51): pid=9858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1400" name="file1" dev="loop6" ino=15 res=0 errno=0
[  274.672303][ T9858] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #15: comm syz.6.1400: lblock 0 mapped to illegal pblock 0 (length 1)
[  274.694008][ T9858] EXT4-fs error (device loop6): ext4_ext_remove_space:2955: inode #15: comm syz.6.1400: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  274.743042][ T9483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  274.864715][ T9869] loop6: detected capacity change from 0 to 1024
[  274.878258][ T9869] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  274.890619][ T9869] EXT4-fs (loop6): orphan cleanup on readonly fs
[  274.895701][ T9869] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0
[  274.910211][ T9869] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  274.915971][ T9869] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1403: Failed to acquire dquot type 0
[  274.924382][ T9869] EXT4-fs (loop6): 1 truncate cleaned up
[  274.932696][ T9869] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  274.984618][ T9483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.012104][ T9874] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  275.865862][   T33] audit: type=1800 audit(1757560103.536:52): pid=9888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1411" name="/" dev="9p" ino=2 res=0 errno=0
[  275.983240][ T9890] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  276.033975][ T9894] syz.6.1415: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  276.051141][ T9894] CPU: 1 UID: 0 PID: 9894 Comm: syz.6.1415 Not tainted syzkaller #0 PREEMPT(full) 
[  276.051164][ T9894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  276.051172][ T9894] Call Trace:
[  276.051207][ T9894]  <TASK>
[  276.051215][ T9894]  dump_stack_lvl+0x189/0x250
[  276.051240][ T9894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.051257][ T9894]  ? __pfx__printk+0x10/0x10
[  276.051276][ T9894]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  276.051292][ T9894]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  276.051307][ T9894]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  276.051324][ T9894]  warn_alloc+0x214/0x310
[  276.051347][ T9894]  ? stack_depot_save_flags+0x40/0x860
[  276.051367][ T9894]  ? __pfx_warn_alloc+0x10/0x10
[  276.051388][ T9894]  ? kasan_save_track+0x4f/0x80
[  276.051406][ T9894]  ? xskq_create+0x56/0x170
[  276.051419][ T9894]  ? xsk_init_queue+0xb0/0x110
[  276.051435][ T9894]  ? xsk_setsockopt+0x4dc/0x8d0
[  276.051450][ T9894]  ? do_sock_setsockopt+0x17c/0x1b0
[  276.051465][ T9894]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  276.051477][ T9894]  ? do_syscall_64+0xfa/0x3b0
[  276.051491][ T9894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.051506][ T9894]  __vmalloc_node_range_noprof+0x125/0x12f0
[  276.051538][ T9894]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  276.051557][ T9894]  ? __kasan_kmalloc+0x93/0xb0
[  276.051572][ T9894]  vmalloc_user_noprof+0xad/0xf0
[  276.051586][ T9894]  ? xskq_create+0xbf/0x170
[  276.051596][ T9894]  xskq_create+0xbf/0x170
[  276.051607][ T9894]  xsk_init_queue+0xb0/0x110
[  276.051627][ T9894]  xsk_setsockopt+0x4dc/0x8d0
[  276.051646][ T9894]  ? __pfx_xsk_setsockopt+0x10/0x10
[  276.051663][ T9894]  ? __pfx_aa_sk_perm+0x10/0x10
[  276.051683][ T9894]  ? aa_sock_opt_perm+0xff/0x1b0
[  276.051704][ T9894]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  276.051720][ T9894]  ? __pfx_xsk_setsockopt+0x10/0x10
[  276.051740][ T9894]  do_sock_setsockopt+0x17c/0x1b0
[  276.051758][ T9894]  __x64_sys_setsockopt+0x13f/0x1b0
[  276.051776][ T9894]  do_syscall_64+0xfa/0x3b0
[  276.051787][ T9894]  ? lockdep_hardirqs_on+0x9c/0x150
[  276.051798][ T9894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.051810][ T9894]  ? exc_page_fault+0x9f/0xf0
[  276.051821][ T9894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.051831][ T9894] RIP: 0033:0x7f3aaff8eba9
[  276.051843][ T9894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.051853][ T9894] RSP: 002b:00007f3ab0ea6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  276.051892][ T9894] RAX: ffffffffffffffda RBX: 00007f3ab01d5fa0 RCX: 00007f3aaff8eba9
[  276.051901][ T9894] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  276.051909][ T9894] RBP: 00007f3ab0011e19 R08: 0000000000000052 R09: 0000000000000000
[  276.051918][ T9894] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.051926][ T9894] R13: 00007f3ab01d6038 R14: 00007f3ab01d5fa0 R15: 00007ffffa99a118
[  276.051949][ T9894]  </TASK>
[  276.053399][ T9894] Mem-Info:
[  276.413554][ T9894] active_anon:11044 inactive_anon:0 isolated_anon:0
[  276.413554][ T9894]  active_file:9871 inactive_file:38694 isolated_file:0
[  276.413554][ T9894]  unevictable:1768 dirty:395 writeback:0
[  276.413554][ T9894]  slab_reclaimable:10694 slab_unreclaimable:56798
[  276.413554][ T9894]  mapped:21781 shmem:6013 pagetables:1516
[  276.413554][ T9894]  sec_pagetables:0 bounce:0
[  276.413554][ T9894]  kernel_misc_reclaimable:0
[  276.413554][ T9894]  free:272042 free_pcp:20219 free_cma:0
[  276.457431][ T9894] Node 0 active_anon:19348kB inactive_anon:0kB active_file:38052kB inactive_file:137156kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:52724kB dirty:1404kB writeback:0kB shmem:7712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6916kB pagetables:2948kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  276.489730][ T9894] Node 1 active_anon:29384kB inactive_anon:0kB active_file:1432kB inactive_file:17620kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:34400kB dirty:176kB writeback:0kB shmem:19944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6192kB pagetables:3048kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  276.538436][ T9894] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  276.623420][ T9894] lowmem_reserve[]: 0 811 811 811 811
[  276.639682][ T9894] Node 0 DMA32 free:165112kB boost:0kB min:33660kB low:42072kB high:50484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19448kB inactive_anon:0kB active_file:38052kB inactive_file:137156kB unevictable:3536kB writepending:1404kB present:1556484kB managed:830900kB mlocked:0kB bounce:0kB free_pcp:39092kB local_pcp:14820kB free_cma:0kB
[  276.718411][ T9894] lowmem_reserve[]: 0 0 0 0 0
[  276.739921][ T9894] Node 1 DMA32 free:458616kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  276.801217][ T9894] lowmem_reserve[]: 0 0 854 854 854
[  276.822438][ T9894] Node 1 Normal free:448000kB boost:0kB min:36612kB low:45764kB high:54916kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31544kB inactive_anon:0kB active_file:1432kB inactive_file:17620kB unevictable:3536kB writepending:240kB present:1048576kB managed:874952kB mlocked:0kB bounce:0kB free_pcp:36436kB local_pcp:20732kB free_cma:0kB
[  276.835734][ T9894] lowmem_reserve[]: 0 0 0 0 0
[  276.840936][ T9894] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  276.858826][ T9894] Node 0 DMA32: 580*4kB (UME) 1209*8kB (UME) 1078*16kB (UME) 302*32kB (UME) 327*64kB (UME) 182*128kB (UM) 84*256kB (UM) 34*512kB (UM) 26*1024kB (UM) 8*2048kB (UM) 0*4096kB = 165048kB
[  276.882222][ T9894] Node 1 DMA32: 2*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 1*128kB (M) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 110*4096kB (M) = 458616kB
[  276.895264][ T9894] Node 1 Normal: 829*4kB (UE) 55*8kB (UE) 63*16kB (UME) 99*32kB (UE) 47*64kB (U) 9*128kB (UM) 20*256kB (UME) 6*512kB (ME) 14*1024kB (UME) 6*2048kB (U) 96*4096kB (UM) = 440124kB
[  276.914066][ T9894] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  276.924048][ T9894] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  276.928380][ T9894] 58645 total pagecache pages
[  276.930554][ T9894] 0 pages in swap cache
[  276.932423][ T9894] Free swap  = 124996kB
[  276.934297][ T9894] Total swap = 124996kB
[  276.935309][ T9904] loop4: detected capacity change from 0 to 32768
[  276.951463][ T9894] 786301 pages RAM
[  276.960946][ T9894] 0 pages HighMem/MovableOnly
[  276.975013][ T9894] 241344 pages reserved
[  276.976371][ T9894] 0 pages cma reserved
[  276.995946][ T8639] read_mapping_page failed!
[  277.011300][ T8639] ERROR: (device loop4): txCommit: 
[  277.011300][ T8639] 
[  277.022216][ T8639] read_mapping_page failed!
[  277.029329][ T8639] ERROR: (device loop4): txCommit: 
[  277.029329][ T8639] 
[  277.202298][ T9924] loop6: detected capacity change from 0 to 2048
[  277.220945][ T9924] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  277.224093][ T9924] UDF-fs: Scanning with blocksize 512 failed
[  277.232522][ T9924] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  277.353526][ T9929] sg_write: process 300 (syz.5.1422) changed security contexts after opening file descriptor, this is not allowed.
[  277.510984][ T5967] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.645146][ T5967] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.735334][ T5967] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.761596][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  277.769536][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  277.774169][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  277.781040][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  277.789539][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  277.832440][ T5967] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.990214][ T5967] bridge_slave_1: left allmulticast mode
[  277.997685][ T5967] bridge_slave_1: left promiscuous mode
[  278.000389][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.006212][ T5967] bridge_slave_0: left allmulticast mode
[  278.010408][ T5967] bridge_slave_0: left promiscuous mode
[  278.013860][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.739710][ T5967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.745689][ T5967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.751796][ T5967] bond0 (unregistering): Released all slaves
[  278.769673][ T9955] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  278.807560][ T9941] chnl_net:caif_netlink_parms(): no params data found
[  279.159528][ T9983] loop5: detected capacity change from 0 to 128
[  279.166765][ T9983] EXT4-fs (loop5): Test dummy encryption mode enabled
[  279.409620][ T9983] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  279.425023][ T9983] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  279.496343][ T9941] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.502204][ T9941] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.506846][ T9941] bridge_slave_0: entered allmulticast mode
[  279.512117][ T9941] bridge_slave_0: entered promiscuous mode
[  279.569108][ T9983] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  279.581320][ T9941] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.674445][ T9941] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.679211][ T9941] bridge_slave_1: entered allmulticast mode
[  279.683863][ T9941] bridge_slave_1: entered promiscuous mode
[  279.783672][ T9941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.793400][ T9941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  280.174592][   T55] Bluetooth: hci2: command tx timeout
[  280.244308][ T5967] hsr_slave_0: left promiscuous mode
[  280.246666][ T5967] hsr_slave_1: left promiscuous mode
[  280.249661][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.252135][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.261857][ T5967] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.265146][ T5967] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.276151][ T8664] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  280.305249][ T5967] veth1_macvtap: left promiscuous mode
[  280.307081][ T5967] veth0_macvtap: left promiscuous mode
[  280.309581][ T5967] veth1_vlan: left promiscuous mode
[  280.311615][ T5967] veth0_vlan: left promiscuous mode
[  281.536090][ T5967] team0 (unregistering): Port device team_slave_1 removed
[  281.580170][ T5967] team0 (unregistering): Port device team_slave_0 removed
[  281.668803][T10017] loop6: detected capacity change from 0 to 32768
[  281.728538][T10017] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  281.819867][ T9483] ocfs2: Unmounting device (7,6) on (node local)
[  282.122330][T10023] loop6: detected capacity change from 0 to 4096
[  282.168905][T10024] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  282.243102][   T55] Bluetooth: hci2: command tx timeout
[  282.641469][ T9941] team0: Port device team_slave_0 added
[  282.669917][ T9941] team0: Port device team_slave_1 added
[  282.786644][ T9941] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.807969][ T9941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.843812][ T9941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.869504][ T9941] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.872427][ T9941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.911630][ T9941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.043246][ T9941] hsr_slave_0: entered promiscuous mode
[  283.052669][T10047] loop6: detected capacity change from 0 to 256
[  283.055996][ T9941] hsr_slave_1: entered promiscuous mode
[  283.058337][T10047] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  283.063076][T10047] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  283.071917][ T9941] debugfs: 'hsr0' already exists in 'hsr'
[  283.074375][ T9941] Cannot create hsr debugfs directory
[  283.074891][T10047] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  283.203412][T10049] loop5: detected capacity change from 0 to 256
[  283.469794][ T5967] ------------[ cut here ]------------
[  283.471738][ T5967] WARNING: CPU: 0 PID: 5967 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x26d/0x2f0
[  283.474889][ T5967] Modules linked in:
[  283.477544][ T5967] CPU: 0 UID: 0 PID: 5967 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  283.482293][ T5967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  283.486162][ T5967] Workqueue: netns cleanup_net
[  283.488095][ T5967] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  283.489947][ T5967] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 db 91 00 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 99 4c e1 f7 e8 34 20 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 26 20 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  283.496088][ T5967] RSP: 0018:ffffc9000329f898 EFLAGS: 00010293
[  283.498251][ T5967] RAX: ffffffff8a228eac RBX: ffff888110e7c880 RCX: ffff888020c83980
[  283.500934][ T5967] RDX: 0000000000000000 RSI: ffffffff8dba8965 RDI: ffff888020c83980
[  283.503661][ T5967] RBP: ffffc9000329f9b0 R08: ffffffff8fa3a037 R09: 1ffffffff1f47406
[  283.506364][ T5967] R10: dffffc0000000000 R11: fffffbfff1f47407 R12: ffffffff8f632900
[  283.509151][ T5967] R13: 1ffff92000653f40 R14: ffff888110e7dd00 R15: dffffc0000000000
[  283.511824][ T5967] FS:  0000000000000000(0000) GS:ffff8880b8615000(0000) knlGS:0000000000000000
[  283.514818][ T5967] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  283.517051][ T5967] CR2: 0000001b31e21ff8 CR3: 000000003d55a000 CR4: 00000000000006f0
[  283.519833][ T5967] Call Trace:
[  283.521013][ T5967]  <TASK>
[  283.522123][ T5967]  xfrm_net_exit+0x2d/0x70
[  283.523633][ T5967]  ops_undo_list+0x49a/0x990
[  283.525282][ T5967]  ? __pfx_ops_undo_list+0x10/0x10
[  283.527539][ T5967]  ? do_raw_spin_unlock+0x4d/0x240
[  283.530052][ T5967]  cleanup_net+0x4c5/0x800
[  283.531557][ T5967]  ? __pfx_cleanup_net+0x10/0x10
[  283.533111][ T5967]  ? _raw_spin_unlock_irq+0x23/0x50
[  283.534775][ T5967]  ? process_scheduled_works+0x9ef/0x17b0
[  283.536613][ T5967]  ? process_scheduled_works+0x9ef/0x17b0
[  283.538526][ T5967]  process_scheduled_works+0xae1/0x17b0
[  283.540329][ T5967]  ? __pfx_process_scheduled_works+0x10/0x10
[  283.542266][ T5967]  worker_thread+0x8a0/0xda0
[  283.544221][ T5967]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  283.546718][ T5967]  ? __kthread_parkme+0x7b/0x200
[  283.548471][ T5967]  kthread+0x711/0x8a0
[  283.549758][ T5967]  ? __pfx_worker_thread+0x10/0x10
[  283.551468][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.553005][ T5967]  ? _raw_spin_unlock_irq+0x23/0x50
[  283.554737][ T5967]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.556451][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.558052][ T5967]  ret_from_fork+0x3fc/0x770
[  283.559767][ T5967]  ? __pfx_ret_from_fork+0x10/0x10
[  283.561447][ T5967]  ? __switch_to_asm+0x39/0x70
[  283.563029][ T5967]  ? __switch_to_asm+0x33/0x70
[  283.565014][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.566836][ T5967]  ret_from_fork_asm+0x1a/0x30
[  283.568871][ T5967]  </TASK>
[  283.570132][ T5967] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  283.573124][ T5967] CPU: 0 UID: 0 PID: 5967 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  283.577132][ T5967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  283.581561][ T5967] Workqueue: netns cleanup_net
[  283.583688][ T5967] Call Trace:
[  283.585088][ T5967]  <TASK>
[  283.586335][ T5967]  dump_stack_lvl+0x99/0x250
[  283.588258][ T5967]  ? __asan_memcpy+0x40/0x70
[  283.590170][ T5967]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.592238][ T5967]  ? __pfx__printk+0x10/0x10
[  283.594026][ T5967]  vpanic+0x281/0x750
[  283.595557][ T5967]  ? __pfx__printk+0x10/0x10
[  283.597476][ T5967]  ? __pfx_vpanic+0x10/0x10
[  283.599320][ T5967]  ? is_bpf_text_address+0x292/0x2b0
[  283.601149][ T5967]  panic+0xb9/0xc0
[  283.602669][ T5967]  ? __pfx_panic+0x10/0x10
[  283.604509][ T5967]  __warn+0x31b/0x4b0
[  283.606204][ T5967]  ? xfrm_state_fini+0x26d/0x2f0
[  283.608008][ T5967]  ? xfrm_state_fini+0x26d/0x2f0
[  283.609692][ T5967]  report_bug+0x2be/0x4f0
[  283.611387][ T5967]  ? xfrm_state_fini+0x26d/0x2f0
[  283.613351][ T5967]  ? xfrm_state_fini+0x26d/0x2f0
[  283.615114][ T5967]  ? xfrm_state_fini+0x26f/0x2f0
[  283.616972][ T5967]  handle_bug+0x84/0x160
[  283.618588][ T5967]  exc_invalid_op+0x1a/0x50
[  283.620357][ T5967]  asm_exc_invalid_op+0x1a/0x20
[  283.622328][ T5967] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  283.624438][ T5967] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 db 91 00 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 99 4c e1 f7 e8 34 20 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 26 20 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  283.631623][ T5967] RSP: 0018:ffffc9000329f898 EFLAGS: 00010293
[  283.633781][ T5967] RAX: ffffffff8a228eac RBX: ffff888110e7c880 RCX: ffff888020c83980
[  283.636839][ T5967] RDX: 0000000000000000 RSI: ffffffff8dba8965 RDI: ffff888020c83980
[  283.639774][ T5967] RBP: ffffc9000329f9b0 R08: ffffffff8fa3a037 R09: 1ffffffff1f47406
[  283.642759][ T5967] R10: dffffc0000000000 R11: fffffbfff1f47407 R12: ffffffff8f632900
[  283.645936][ T5967] R13: 1ffff92000653f40 R14: ffff888110e7dd00 R15: dffffc0000000000
[  283.648922][ T5967]  ? xfrm_state_fini+0x26c/0x2f0
[  283.650668][ T5967]  ? xfrm_state_fini+0x26c/0x2f0
[  283.652688][ T5967]  xfrm_net_exit+0x2d/0x70
[  283.654415][ T5967]  ops_undo_list+0x49a/0x990
[  283.656291][ T5967]  ? __pfx_ops_undo_list+0x10/0x10
[  283.658102][ T5967]  ? do_raw_spin_unlock+0x4d/0x240
[  283.660129][ T5967]  cleanup_net+0x4c5/0x800
[  283.661931][ T5967]  ? __pfx_cleanup_net+0x10/0x10
[  283.663881][ T5967]  ? _raw_spin_unlock_irq+0x23/0x50
[  283.665776][ T5967]  ? process_scheduled_works+0x9ef/0x17b0
[  283.667986][ T5967]  ? process_scheduled_works+0x9ef/0x17b0
[  283.670162][ T5967]  process_scheduled_works+0xae1/0x17b0
[  283.672484][ T5967]  ? __pfx_process_scheduled_works+0x10/0x10
[  283.674827][ T5967]  worker_thread+0x8a0/0xda0
[  283.676692][ T5967]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  283.678905][ T5967]  ? __kthread_parkme+0x7b/0x200
[  283.680786][ T5967]  kthread+0x711/0x8a0
[  283.682037][ T5967]  ? __pfx_worker_thread+0x10/0x10
[  283.683954][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.685742][ T5967]  ? _raw_spin_unlock_irq+0x23/0x50
[  283.687544][ T5967]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.689643][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.691108][ T5967]  ret_from_fork+0x3fc/0x770
[  283.693029][ T5967]  ? __pfx_ret_from_fork+0x10/0x10
[  283.694723][ T5967]  ? __switch_to_asm+0x39/0x70
[  283.696376][ T5967]  ? __switch_to_asm+0x33/0x70
[  283.698114][ T5967]  ? __pfx_kthread+0x10/0x10
[  283.699609][ T5967]  ret_from_fork_asm+0x1a/0x30
[  283.701287][ T5967]  </TASK>
[  283.703053][ T5967] Kernel Offset: disabled
[  283.704912][ T5967] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:08:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000044 RBX=0000000000000044 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000329f030
R8 =ffff888021b28237 R9 =1ffff11004365046 R10=dffffc0000000000 R11=ffffffff854f6e80
R12=dffffc0000000000 R13=ffffffff99b008e1 R14=ffffffff99df5420 R15=0000000000000000
RIP=ffffffff854f6efc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b31e21ff8 CR3=000000003d55a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f XMM01=0000000000000000 0000000000000000
XMM02=ffff000000000000 ffffffffffffff00 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81b44ffb RBX=1ffff11009608341 RCX=ffff8881012a5640 RDX=0000000080000001
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc900006af7e0 RSP=ffffc900006af658
R8 =ffffffff8fa3a037 R9 =1ffffffff1f47406 R10=dffffc0000000000 R11=fffffbfff1f47407
R12=ffff88804b041a08 R13=dffffc0000000000 R14=ffff88813663b1c0 R15=0000000000000000
RIP=ffffffff81bfaef8 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c15000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b34c1cff8 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fe6115a7498 00007fe6115a7470 XMM03=00007fe6115a74a8 00007fe6115a74a0
XMM04=00007fe61210d100 00007fe6115a7460 XMM05=00007fe6115a7478 00007fe6115a74c0
XMM06=00007fe6115a74b8 00007fe6115a74b0 XMM07=00007fe6115a74a8 00007fe6115a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fe611412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
