last executing test programs:

45.763249624s ago: executing program 4 (id=1815):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f00000000c0)=0x80000020)

44.872650448s ago: executing program 4 (id=1825):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0xfffffffc, @empty}, 0x1c)
sendto$inet6(r0, &(0x7f0000000000)="b4", 0x1, 0x4000600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}}, 0x1, 0xa2ac}, &(0x7f0000000040)=0x90)

44.381242803s ago: executing program 4 (id=1832):
r0 = syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000040)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x0, 0xc, "00000000020000000000002100", "00004702", "0052008f", '\x00', ["fdfeffbf84a438dfc5d5c010", "d78cb8b0211a83be12ff0bff", "0000efffffffffffbfff00", "000003cefd70f14003556000"]})
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000100)={0xfffffffffffffff7, 0xffffffffffffffff, 0x2, 0x9, 0x6, 0x7fff, "16b0bc450cfc47961ed5d8167d4f7865", 0x1, 0x52, 0x1, 0x49, 0x9, 0x9, 0xd})
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000140)={"4497acf4", 0xb, 0x5, 0x0, 0x3, 0x1000006, 'U\x00', "1575a859", "0725eade", '\'q6O', ["aabe8459c62224475793e8a7", "7f9ce2d2c4f439ff80e1d1c8", "fa0700f22b42a3023be516d1"]})

44.271370058s ago: executing program 4 (id=1834):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000000c0)={[{@grpquota}, {@nogrpid}, {@quota}, {@nobh}]}, 0xff, 0x511, &(0x7f0000000ac0)="$eJzs3c9vI2cZAOB3nDhxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP2zNXJCpxgiN/AOeeuHNBcOOyHJD4EYE2SByMZjzOerN2Ntps7BA/jzSa+ebz+n2/tWa+zJt4JoCxdT0i7kfEVER8GBHz+f4kX+K9zpK+7uHhvbWjw3trSbTbH/wjyfrTfdHzb1LX8vcsRcQPvhPx4+TJuM39g63VWq26m7cXW/Wdxeb+wa3N+upGdaO6XamsLK8svXP77cpzG+tr9al868sPfn//Gz9N05rL9/SO41kknSH32x8RxeM4qcmI+N55gl0iE/l4pkadCM+kEBEvR8Tr2fE/HxPZpwkAXGXt9ny053vbAMBVV8hqYEmhnNcC5qJQKJc7NbxXYrZQazRbN+829rbXO7WyhSgW7m7Wqkt5rXAhiknaXs62H7UrnfZ0t307Il6KiJ9Pz2Tt8lqjtj7KH3wAYIxdOzH//3u6M/8DAFdcadQJAABDZ/4HgPFj/geA8WP+B4Dx05n/Z0adBgAwRKde/7sfEABcSer/ADBWvv/+++nSPsrvf73+0f7eVuOjW+vV5la5vrdWXmvs7pQ3Go2N7J499ae9X63R2Fl+K/Y+XvjmTrO12Nw/uFNv7G237mT39b5TLWav6nurbABgSF567bM/JemM/O5MtkTPsxyKI80MuGiFUScAjMzEqBMARsZf98D4Osc1vvIAXBF9HtH7mFK/Lwi12+32xaUEXLAbX1D/h3HVU//3V8AwZtT/YXyp/8P4areTsz7zP876QgDgclPjBwb8/v/lfP2b/JcDP1o/+YpPLzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNy6z/8t588Cn4tCoVyOeCEiFqKY3N2sVZci4sWI+ON0cTptL484ZwDgvAp/TfLnf92Yf3Pusa5Xrx1vTkXET375wS8+Xm21dv8QMZX8c7q7v/Vpvr8y/OwBgNOl1/rdeTpb91zIPzy8t9ZdhpnT374dEaVO/KPDqTg6jj8Zk9m6FMWImP1Xkrc7kp7axXnc/yQiPt9v/EnMZTWQzpNPT8ZPY78w1PiFx+IXsr7OOv2/+NxzyAXGzWfp+ee9fsdfIa5n6/7Hfyk7Q51ffv5L32rtKDsHPorfPf9NDDj/XT9rjLd+993O1syTfZ9EfHEyohv7qOf8042fDIj/5hnj//lLr74+qK/9q4gb0T9+b6zFVn1nsbl/cGuzvrpR3ahuVyoryytL79x+u7KY1agXB88Gf3/35ouD+tLxzw6IX3rK+L96xvH/+r8f/vArp8T/+hv94hfilVPip3Pi184Yf3X2t6VBfWn89QHjf9rnf/OM8R/85eCJx4YDAKPT3D/YWq3Vqrv/7xtzxc6ALks+Ni5iI/2EL0EafTe+NaxYU9G/62dvdA6BE13t9jPFGnTGeB5VN+AyOD7oI+I/o04GAAAAAAAAAAAAAADoaxjfWBr1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi6/hcAAP//leLMXA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0x0, &(0x7f0000000180))

43.900406227s ago: executing program 4 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b80), &(0x7f0000000b40)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000280)={r2}, 0xc)

43.253471978s ago: executing program 4 (id=1844):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x34, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x3}]}, 0x34}}, 0x0)

42.801033361s ago: executing program 32 (id=1844):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x34, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x3}]}, 0x34}}, 0x0)

34.794275807s ago: executing program 0 (id=1892):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x3}}, @qdisc_kind_options=@q_codel={{0xa}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xf, 0x4, 0x3, 0x7, 0x0, 0x2, 0xef}}, {0x4}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

34.465617803s ago: executing program 0 (id=1894):
pipe(&(0x7f0000000200))
r0 = syz_io_uring_setup(0xb5c, &(0x7f0000000640)={0x0, 0x498, 0x10, 0x1, 0x165}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

34.086835672s ago: executing program 0 (id=1905):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f00000003c0)={[{@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@user_xattr}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xc00)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)

33.297761951s ago: executing program 0 (id=1899):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000000c0)={[{@grpquota}, {@nogrpid}, {@quota}, {@nobh}]}, 0xff, 0x511, &(0x7f0000000ac0)="$eJzs3c9vI2cZAOB3nDhxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP2zNXJCpxgiN/AOeeuHNBcOOyHJD4EYE2SByMZjzOerN2Ntps7BA/jzSa+ebz+n2/tWa+zJt4JoCxdT0i7kfEVER8GBHz+f4kX+K9zpK+7uHhvbWjw3trSbTbH/wjyfrTfdHzb1LX8vcsRcQPvhPx4+TJuM39g63VWq26m7cXW/Wdxeb+wa3N+upGdaO6XamsLK8svXP77cpzG+tr9al868sPfn//Gz9N05rL9/SO41kknSH32x8RxeM4qcmI+N55gl0iE/l4pkadCM+kEBEvR8Tr2fE/HxPZpwkAXGXt9ny053vbAMBVV8hqYEmhnNcC5qJQKJc7NbxXYrZQazRbN+829rbXO7WyhSgW7m7Wqkt5rXAhiknaXs62H7UrnfZ0t307Il6KiJ9Pz2Tt8lqjtj7KH3wAYIxdOzH//3u6M/8DAFdcadQJAABDZ/4HgPFj/geA8WP+B4Dx05n/Z0adBgAwRKde/7sfEABcSer/ADBWvv/+++nSPsrvf73+0f7eVuOjW+vV5la5vrdWXmvs7pQ3Go2N7J499ae9X63R2Fl+K/Y+XvjmTrO12Nw/uFNv7G237mT39b5TLWav6nurbABgSF567bM/JemM/O5MtkTPsxyKI80MuGiFUScAjMzEqBMARsZf98D4Osc1vvIAXBF9HtH7mFK/Lwi12+32xaUEXLAbX1D/h3HVU//3V8AwZtT/YXyp/8P4areTsz7zP876QgDgclPjBwb8/v/lfP2b/JcDP1o/+YpPLzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNy6z/8t588Cn4tCoVyOeCEiFqKY3N2sVZci4sWI+ON0cTptL484ZwDgvAp/TfLnf92Yf3Pusa5Xrx1vTkXET375wS8+Xm21dv8QMZX8c7q7v/Vpvr8y/OwBgNOl1/rdeTpb91zIPzy8t9ZdhpnT374dEaVO/KPDqTg6jj8Zk9m6FMWImP1Xkrc7kp7axXnc/yQiPt9v/EnMZTWQzpNPT8ZPY78w1PiFx+IXsr7OOv2/+NxzyAXGzWfp+ee9fsdfIa5n6/7Hfyk7Q51ffv5L32rtKDsHPorfPf9NDDj/XT9rjLd+993O1syTfZ9EfHEyohv7qOf8042fDIj/5hnj//lLr74+qK/9q4gb0T9+b6zFVn1nsbl/cGuzvrpR3ahuVyoryytL79x+u7KY1agXB88Gf3/35ouD+tLxzw6IX3rK+L96xvH/+r8f/vArp8T/+hv94hfilVPip3Pi184Yf3X2t6VBfWn89QHjf9rnf/OM8R/85eCJx4YDAKPT3D/YWq3Vqrv/7xtzxc6ALks+Ni5iI/2EL0EafTe+NaxYU9G/62dvdA6BE13t9jPFGnTGeB5VN+AyOD7oI+I/o04GAAAAAAAAAAAAAADoaxjfWBr1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi6/hcAAP//leLMXA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0x0, &(0x7f0000000180))

32.557372848s ago: executing program 0 (id=1902):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000))
read$dsp(r0, &(0x7f0000000300)=""/79, 0x4f)

31.529242479s ago: executing program 0 (id=1908):
r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00)
close_range(r0, 0xffffffffffffffff, 0x0)

31.066862682s ago: executing program 33 (id=1908):
r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00)
close_range(r0, 0xffffffffffffffff, 0x0)

22.040788589s ago: executing program 3 (id=1968):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000000)={0x0, {{0x2, 0x4e20, @broadcast}}}, 0x88)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6410, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48)

21.732941514s ago: executing program 3 (id=1962):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
fcntl$notify(r0, 0x402, 0x31)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='environ\x00')
readv(r1, &(0x7f00000004c0)=[{&(0x7f0000000140)=""/44, 0x2c}], 0x1)

21.439420488s ago: executing program 3 (id=1965):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x3, &(0x7f00000027c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x9, 0x3, 0xc4f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000340)=""/211, &(0x7f0000000080), &(0x7f0000000440), 0x3, r0}, 0x38)

21.059903837s ago: executing program 3 (id=1969):
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000000c0)=ANY=[], 0x7, 0xf45, &(0x7f00000077c0)="$eJzs3U1sHNUdAPA36+/YxGs+DZSQQisCBTskkZregkA9Ii69g0JCIwxFDT0Q8RF6QFRCFAlxqjhQcaFUSpFaCVS1Qj21PbXqrSfUC72kUqJeGilxFec9e/fZk11P7Nmv30/6++2bNzv//2QtZ2Z29m0ARlZj7eeRI4tFCB988f4Trz1b/O7qsnvX19i/9rOIvWYIYaKlX2Tb+youuHzh1eNbtUU4tPYz9cOT59efOxtCOBv2hy9DM3y6vHLxkw8fP/DZW9O3v3vm+dd3affX5fsBAADD6NxfV/754L//8vDCpXP7joWp9eXp+LwZ+7PxuP9gPFBOx8uN0N4vWqLVZLbeWIxGtt5Ytt54lme8JN9Etp2JkvUmN+Wb2pR/rKWf7ycAAAAMonRe2wxFY6mt32gsLV0777/qq/nJYunFUysnT/eoUAAAAKCy/76xdtOtEEIIIYQQQggxItHogxrqj9X5Xl+BAAAAAEZNPl/YJmd3dqau9a01u8t//rHG1s+HHVD377/8g5X/4zf9xQEAoLphPZpM+5WOo9M8Bvk8gmPt3W0f/zfat7OxoS6VzSs4KPMNltU5VnMdVZXVv93XsVfK6s/nw+xXZfXn83T2q7L6p2quo6qy+qdrrqOqsvpnaq6jqrL699RcR1Vl9c/WXEdVZfXP1VxHVWX131RzHVWV1b+35jqqKqt/UG6rLau/WXMdVZXVv1BzHVWV1X9zzXVUVVb/LTXXUVVZ/bfWXEev3BPb9O+wLxtvPX/Oz+kG5RwPAAAARt3/zP8nhiNm+qAGIYQQoodxWx/U0Fex8TZf72sRQgxEFNfuI+95HbsXb/Ty4gMAAADQF9KF0/Sp99UojY91GB/vMD7RYXyyw/hUh3EAAAAghN+/ffLO94qNz/nnn+nf7nx4ad6oNP/Sducxyucj3G7+G533rH1rF7edf1DmLQMAAGC0FN//8spDT3z08sKlc/uOtZz9Xonnu2ke0PF4beDz2E/3Bcxl/SKdQx9rz9MoWS+/PnBT2faeusEdBQAAgBGWzt+boVg75W6s9xuNpaWN8/HFMFGcPLVy4mDsp+9n+fP8xNTV5Y/WWzYAAACwDRvn+0VjaYvz//Q9vothslh68dTKydPX+nPryycardcF5jeWF63XBZrZ8kMlyw/Hfvr+zh/Oz6wtXzr+o5Vnd3rnAQAAYEScfuXM88+srJz48ZYP0qfZr7fOdh6kzxds51khFGFnsnsw4A/SxI79Us9QP+jd3yQAAGB3fP31+xM/OTz3x2uf/9+Y/y59/n9/7Dfj3H5/iyuk+wTS5wA2fV7/6fY882XrvdS+XjNbbyzGVFb3dMt2Qst8g+l5C2X5mu3bmSzJN5vlm8vy5fMUjGfrp3wz2fJ8fsK03ny2PJ+HcTzLUWT57wsAAABQbvnlF15aPv3KmUdOvfDMcyeeO/Hi4UNHv3f06MFHv/vo8tp9/cutd/cDAAAAg2jjpt9eVwIAAAAAAAAAAAAAAAAAAACjq46vE+v1PgIAAMCo+88bIYSzQoiSuPYVmDu/3Y1vouz9PorhjZk+qEGIEY2iD2oQQxuXrjM21gf1CTEE8Yfx4TxWX13Nv2keAAAAYHddvvDq8dZ2k7PFjuZb31p8N/ZKzJvauUf+sXA10mrnH2u/XrJnR6th1NX9+y//YOX/+M2dzT+dHnT996/RvoFj1fI+sPyrxdb8d413mT/f/6eq5T+Q5X8gdJd/9aMs/9PV8j+Y5d/TZf5N+/9StfwPxfyLsX/g/m7zt7/+U7FN+zHTZf7vZPv/bOg2f7b/zS4TZh6O+QFgFDU6rzJVRx07LR0lpOPo2dhP+5tu58jvftju8X8j2874DVfevt10HHRH7Kfjpbksb7Ld+mez7d1Usc7coNxVUlb/Tr2Ou62s/oma66iqrP7Jmuuoqqz+QfmjWVb/dM11VFVWf7fnob1WVv+gXFcuq3+25jqqKqt/ruY6qiqrf7v/j/dKWf17a66jqrL652uuo6qy+iteVqtdWf0LNddRVVn9N9dcR1Vl9d9Scx1VldV/a8119MrdsS07H07nn/NxLPWbWX9qi3/LLq4tAAAAADVYe5+kD+YhEKJjHJnrfQ1CVI7pPqhB9FfM9EENYrQjvvvT8zqEGI5YXb2yelWv6xDierG62uMLEPTU7n6aGYB+5e//aPP6jzav/2jz+nM96R7+IusnYx3GxzuMT3QYn8zG89/XqQ7jt2TbXY3S+K2t4zObx2/b6vmNjfG9HbZ/R4fxxQ7jd3YYv6vD+N0dxgEAABgNt8fW+SEAAAAMr9d+/fk7v33g6QsLl87tOxYmN807fzD2p+J762/Hfj7vfTIR3/P/aez/MrZ/iu2/svXdfwIAAAC7L31PjPf/AQAAYHil7yl1/g8AAADDayG2zv8BAABgeN0cW+f/AAAAMMSK6a0XxzZdF7gvtt3O6wcA9L9vxPae2O6L7b2x/WZs03HA/bH9Vk31AQA75xc/+NnR94qN+f4PZ+OX4/LUbnL22pWCotE+k/9MbPfE9ttd1pN/H0C3+ZO9XebZrfzzN5gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgejbWfR44sFiF88MX7T/x88p2/X1127/oa+9d+FrHXDCFMrD8vjW70fxNXvHzh1eOt7ZXYFuFQKEKxvjw8eX4902wI4WzYH74MzfDp8srFTz58/MBnb03f/u6Z51/fxX+Ctv0DAACAYfT/AAAA///90hkC")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0)

20.500929115s ago: executing program 3 (id=1972):
r0 = socket$tipc(0x1e, 0x1, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x6, 0x24d}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10000, 0x1})
io_uring_enter(r1, 0x1c4c, 0x0, 0x1, 0x0, 0x0)

19.453200607s ago: executing program 3 (id=1975):
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000380)=@delqdisc={0x434, 0x25, 0x100, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0xf}, {0xa, 0x7}, {0x0, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x3, 0xfffffff8, 0x4, 0x40, 0x2, 0x2, 0x5, 0x7fff, 0x4, 0x1, 0x6, 0x1c8, 0x7, 0x0, 0x5, 0x0, 0x8, 0x9, 0x9, 0x9, 0xf5, 0x200, 0x1, 0x5, 0x6, 0xfff, 0x9, 0x1, 0x80, 0x10000, 0x0, 0x6, 0xff, 0x4, 0x6, 0x9, 0xe6c1, 0x6, 0x65, 0x6, 0x5, 0x71, 0x1f146d7e, 0x80000001, 0x89, 0xe9, 0x80000001, 0x2, 0xff, 0x8, 0xffff8dc2, 0x400, 0x0, 0x2, 0xffff, 0xb5, 0x3ff, 0x0, 0x5, 0xa000000, 0x0, 0x5, 0x8, 0x3, 0x0, 0x401, 0x5, 0x8, 0x4ad1, 0x1, 0x25ae, 0x1, 0xfff, 0x6, 0xe, 0xffffffff, 0x7, 0x5, 0x3ff, 0xfff, 0x8, 0xf, 0x0, 0x4, 0x626cfd3b, 0x0, 0x60df8662, 0x2, 0x5, 0x4, 0xc6, 0x8, 0x7, 0xfffffffa, 0x9, 0x4, 0x1, 0x3, 0x0, 0x7, 0x2, 0xffff8000, 0xe13, 0x8, 0x7, 0xc, 0xfdc1, 0x7ff, 0x4, 0xfffffff0, 0x4, 0x7fff, 0x40, 0x1, 0x1f1f, 0x3, 0x665195e5, 0x5, 0x7, 0x5, 0x8, 0x7, 0x4, 0x800, 0x101, 0x400, 0x2, 0x6, 0xd, 0x9, 0x7, 0xc5, 0x99, 0x4, 0x2e9, 0x4, 0x3, 0x401, 0xfffffffe, 0x7, 0x80000000, 0x8, 0x0, 0x4, 0x37, 0x4, 0x31, 0x2, 0x2, 0x3, 0x6, 0x1, 0x690c, 0x0, 0x9, 0x2, 0xe, 0xb, 0x8, 0x5597, 0x3, 0x4, 0x7fff, 0x62, 0xf6, 0x5, 0x0, 0x7fffffff, 0x9, 0x9, 0x2, 0x100, 0x6, 0x101, 0x5, 0x2, 0x3, 0x4, 0xfc8d, 0x8, 0x3ff, 0x3, 0xaeb3, 0x3, 0x5, 0x9, 0xfc, 0x8000, 0x1, 0x7, 0x20000, 0x4, 0x2, 0x9f85, 0x65, 0x85, 0x0, 0x2, 0x4, 0x6, 0x7, 0xd92, 0x40, 0xfff, 0xe1, 0x8, 0x426, 0x5, 0x9, 0x1, 0x1000, 0x9, 0x36ae765f, 0x401, 0x9, 0x200000, 0x3, 0x4, 0x5, 0x0, 0x89, 0x5, 0x80000000, 0x4007, 0x1, 0x41632842, 0x6, 0x10, 0x2, 0x8001, 0x5, 0x100, 0x8, 0x9, 0xfe64, 0xd, 0x1c2, 0x2, 0x6, 0x2, 0x80000001, 0xa, 0x6, 0xfffffffc, 0x5, 0x3, 0x7f, 0x8001, 0x5, 0x3, 0x6, 0x8001, 0x10001, 0x5, 0xb, 0x7]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
unshare(0x22020400)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

18.990304579s ago: executing program 34 (id=1975):
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000380)=@delqdisc={0x434, 0x25, 0x100, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0xf}, {0xa, 0x7}, {0x0, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x3, 0xfffffff8, 0x4, 0x40, 0x2, 0x2, 0x5, 0x7fff, 0x4, 0x1, 0x6, 0x1c8, 0x7, 0x0, 0x5, 0x0, 0x8, 0x9, 0x9, 0x9, 0xf5, 0x200, 0x1, 0x5, 0x6, 0xfff, 0x9, 0x1, 0x80, 0x10000, 0x0, 0x6, 0xff, 0x4, 0x6, 0x9, 0xe6c1, 0x6, 0x65, 0x6, 0x5, 0x71, 0x1f146d7e, 0x80000001, 0x89, 0xe9, 0x80000001, 0x2, 0xff, 0x8, 0xffff8dc2, 0x400, 0x0, 0x2, 0xffff, 0xb5, 0x3ff, 0x0, 0x5, 0xa000000, 0x0, 0x5, 0x8, 0x3, 0x0, 0x401, 0x5, 0x8, 0x4ad1, 0x1, 0x25ae, 0x1, 0xfff, 0x6, 0xe, 0xffffffff, 0x7, 0x5, 0x3ff, 0xfff, 0x8, 0xf, 0x0, 0x4, 0x626cfd3b, 0x0, 0x60df8662, 0x2, 0x5, 0x4, 0xc6, 0x8, 0x7, 0xfffffffa, 0x9, 0x4, 0x1, 0x3, 0x0, 0x7, 0x2, 0xffff8000, 0xe13, 0x8, 0x7, 0xc, 0xfdc1, 0x7ff, 0x4, 0xfffffff0, 0x4, 0x7fff, 0x40, 0x1, 0x1f1f, 0x3, 0x665195e5, 0x5, 0x7, 0x5, 0x8, 0x7, 0x4, 0x800, 0x101, 0x400, 0x2, 0x6, 0xd, 0x9, 0x7, 0xc5, 0x99, 0x4, 0x2e9, 0x4, 0x3, 0x401, 0xfffffffe, 0x7, 0x80000000, 0x8, 0x0, 0x4, 0x37, 0x4, 0x31, 0x2, 0x2, 0x3, 0x6, 0x1, 0x690c, 0x0, 0x9, 0x2, 0xe, 0xb, 0x8, 0x5597, 0x3, 0x4, 0x7fff, 0x62, 0xf6, 0x5, 0x0, 0x7fffffff, 0x9, 0x9, 0x2, 0x100, 0x6, 0x101, 0x5, 0x2, 0x3, 0x4, 0xfc8d, 0x8, 0x3ff, 0x3, 0xaeb3, 0x3, 0x5, 0x9, 0xfc, 0x8000, 0x1, 0x7, 0x20000, 0x4, 0x2, 0x9f85, 0x65, 0x85, 0x0, 0x2, 0x4, 0x6, 0x7, 0xd92, 0x40, 0xfff, 0xe1, 0x8, 0x426, 0x5, 0x9, 0x1, 0x1000, 0x9, 0x36ae765f, 0x401, 0x9, 0x200000, 0x3, 0x4, 0x5, 0x0, 0x89, 0x5, 0x80000000, 0x4007, 0x1, 0x41632842, 0x6, 0x10, 0x2, 0x8001, 0x5, 0x100, 0x8, 0x9, 0xfe64, 0xd, 0x1c2, 0x2, 0x6, 0x2, 0x80000001, 0xa, 0x6, 0xfffffffc, 0x5, 0x3, 0x7f, 0x8001, 0x5, 0x3, 0x6, 0x8001, 0x10001, 0x5, 0xb, 0x7]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
unshare(0x22020400)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

4.649866959s ago: executing program 2 (id=2056):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x121601, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404)
write$sequencer(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="8103"], 0x8)
ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404)

4.377538153s ago: executing program 2 (id=2059):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000000000040ef1747600000000000010902240001000000000904000001030006000921000000012205000905810300"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000540)={0x14, &(0x7f0000000000)=ANY=[], 0x0}, 0x0)

4.190390142s ago: executing program 5 (id=2062):
syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x80243)
r0 = syz_io_uring_setup(0x892, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0x3, 0xbfdffdfc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

3.975141053s ago: executing program 5 (id=2066):
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
r3 = socket$isdn(0x22, 0x2, 0x22)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0x0, &(0x7f0000000600)=[{&(0x7f0000001080)=""/216, 0xd8}], 0x1, 0x0, 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3.697477127s ago: executing program 5 (id=2070):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x2}, 0xe)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x0, 0x0)

3.409410911s ago: executing program 5 (id=2073):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106161154d00000000000109022400010000000009040400010300000009210000000122f80409058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect(0x2, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x66, &(0x7f0000000380)=@string={0x66, 0x3, "bdfe0f24feb4666f62af81d147eab4c97634f98a7615c27d0aade25d8b1fed994e9602d2e315b8243f9f11cd6f47f1387dc9da7112e0ab8b579dbc1a27d9542bfeb7dcd196b27b8fc5401640e8a626029ce5bf7c9ebdd764abaeaef8fa73d181f730e448"}}]})
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

2.858691558s ago: executing program 1 (id=2078):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x84, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x4}, @CTA_EXPECT_NAT={0x6c, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x4}, @CTA_EXPECT_NAT_TUPLE={0x4}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x50, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x97}}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @private=0xa010100}}}]}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

2.639295319s ago: executing program 1 (id=2081):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@newneigh={0x30, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, r2, 0x20, 0x1}, [@NDA_DST_MAC={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x30}}, 0x0)

2.60882541s ago: executing program 6 (id=2082):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x1b9, 0x0, &(0x7f00000005c0)="b44c806309624431ed3373010001000000bf7e47d5fe008c6390009c5bbd873094563683b7ee0fae7a6a53200386ce51def6a4effb9de8b4645c2b9c0614907dac12c6d34a8266e6124b925240080cd4f4e5b5da601596c31f13000000f9cba69ec2fb5f06f39de10c18941abbe216ee8238978423a386f1ad52f5b94a04d44d24f1b4c21a101072a73a268822a9070069f2937232f7d6aafb23ad4ff02595a61cbe23c016c285bc0fe7bf9d47ef4ccba8bb12c94eea701a141646189aa3353f9735cf8bdd08d7c235854e443f57b9174b4444dcb81d7832f6c401620d597bc3fba4080aa33058948b7f275dc6fb15c03785eb593530d428a79f4a56784deffc0fed32517ee6b37ecb34abeb9cb11b518e13624e1b5126d92d223fef6352d39055e3f392530d6e86a873b09929b041d1dab7a38734751df78aa2af844abed17b82a6e26ecb11bcbfccefbb80f51b8855ac2d91988284befc516bc10b85de0439cd7a1fbcd3998f792b91f739f081a9aba188738b04b9f056ed7d7a8e7c4b2ac5b89e5107809aa3292154aead90896afd12a4563c7f171a2cd47e7b1d669c0e7d300bea87f3f84d49da0ebe1ac21d2104840000000000000000", 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xfffffff6}, 0x50)
r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x2)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

2.481486267s ago: executing program 1 (id=2083):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='noadinicb,partition=00000000000000000005,noadinicb,mode=00000000000000000003324,gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000,\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r0, &(0x7f0000000400)=""/4096, 0xc00)

2.381445682s ago: executing program 6 (id=2084):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x10, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r0, 0x58, &(0x7f0000000080)={0x0, <r1=>0x0}}, 0x10)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000140)={r1}, 0xc)
bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce, 0x8, 0x0, 0x0}}, 0x10)

2.342695014s ago: executing program 2 (id=2085):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r2, @ANYBLOB="050034006e000000080026008a09000008009f0006"], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4800)

2.225955799s ago: executing program 6 (id=2086):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x123f41, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1b)
mount_setattr(0xffffffffffffffff, 0x0, 0x9000, &(0x7f0000001dc0)={0x0, 0x10008f, 0x120000}, 0x20)
write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[], 0xff2e)

2.129390954s ago: executing program 2 (id=2087):
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
r1 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000000)="d5", 0x101d0}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f00000011c0)=""/4096, 0x1000}], 0x1}, 0x0)

1.876953607s ago: executing program 2 (id=2089):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f00000002c0)={0x9a00000000000000, 0xdddd0000, 0x5, 0x4, 0x6})

1.841379339s ago: executing program 1 (id=2090):
unshare(0x6a040000)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="100100df6b042b20"], 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @broadcast}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x7})

1.832976229s ago: executing program 6 (id=2091):
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x87f64000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x2f, &(0x7f0000abaff9), 0x10)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

1.588363431s ago: executing program 6 (id=2093):
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0xc03, &(0x7f0000008040)=ANY=[], 0x2, 0x5fbf, &(0x7f0000002080)="$eJzs3VtvHGf9B/DfHrw+9N/U6kWVf8QhTTm0lCaNkzYtp6ZC4gIEVKpyn8i4VYQLKAkVrSzsKhL3SFyj8iK4BqHeIBWJl8AbiGT3hghEBo39PM54vPbaJN5Zez4fyZn97TPjfSZfj2fXc3gCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvf+/ti52IuP5+emI+4v+iF9GNmC3rs/HXiNX7ef5+RJyOzeZ4JiJOTUeUy2/+81TE5Yj49FTE+sbKYvn0wgH78cpb9/72w7d/tPbbL/7l7//+5Pd/qre/9cl3f/DH1Yj507/53X9WH8+6AwAAQFsURVF0Nj/mR5xJn++7TXcKABiLvP8vkvy8Wv0odT92aro/arVard6tGG61WkTEWnWZ8j2Dw/EAcMysxf2mu0CD5N9q/Yh4oulOABOt03QHOBLrGyuLnZRvp7o/OLvVns8F2ZH/Wmf7+o69pqPUzzEZ18/X3ejF03v0Z3ZMfZgkOf9uPf/rW+2DNN9R5z8ue+U/2Lr0qXVy/r16/jUnJ//u0PzbKuffP1T+PfkDAAAAAMAEy3//n2/4+O/0o6/Kgex3/PfsmPoAAAAAAAAAAI/bAcb/Kx9czfPXx//bZvw/AAAAmFjlZ/XSx6cePrfXvdjK5691Ip6szQ+0TLpYZq7pfgAAAAAAAAAAAABAm/S3zuG91omYiogn5+aKoii/qur1YT3q8sdd29cf2qzpX/IAALDl01O1a/k7ETMRcS3d629qbm6uKGZm54q5YnY6v58dTM8Us5XPtXlaPjc9OMAb4v6gKL/ZTGW5qlGfl0e1179f+VqDoneAjo1Hg4EDQERs7Y3W7ZFOmKJ4Kpp+l8PxYPs/eWz/HETTP6cAAADA0SuKouik23mfScf8u013CgAYi7z/rx8XUKvVarVaffLqqmK41WoREWvVZcr3DIbjB4BjZi3uN90FGiT/VutHxOmmOwFMtE7THeBIrG+sLHZSvp3q/iCN757PBdmR/1pnc7m8/LDpKPVzTMb183U3evH0Hv15Zkx9mCQ5/249/+tb7YM031HnPy575V+u53wD/Wlazr9Xz7/m5OTfHZp/W+X8+4fKvyd/AAAAAACYYPnv//OO/+ZVBgAAAAAAAIBjZ31jZTFf95qP/39uyHyu/zyZcv4d+bdSzr9bz792Qk6v8vjemw/z/2xjZfHj/7/yhTyd+PyneoPytac63V5/65yff+Zbmy7Fy7vmL+cppt6Jm7EcS3FxV/vUjvaFEe2XdrUPyvbZ3H4+FuPnsRw/2W6fHnFi1MyI9mJEe86/Z/tvpZx/v/JV5j+X2ju1aeneR91d2311Oux1rv74wZXdW9f43Y3e9rpVlet3roH+bP6fPDGIX95eunX+Vzfu3Ll1MdJkx7MLkSaPWc5/Kn3l/J9/bqs9/96vbq/3PhocOv9JcTf6e+b/XOVxub4vjLlvTcj5D9JXzj/vgYZv/8c5/723/xcb6A8AAAAAAAAAAAAAAADspyiKzUtEr0bEq+n6n6auzQQAxivv/4t8M4xErVar1Wr1yauriuHeqBYR8efqMuV7hl8P+2YAwCR7EBH/aLoTNEb+LZbv91dOv9R0Z4Cxuv3Bhz+9sby8dOv2/7J00Xv8PQIAAAAAAAAADiuP/3m2Mv7z5nlAtXGjd4z/+mac/WxjZfH9+X99/tiN/9kd9DbHOk8r9GxUx+fePULxudh//O/+iNebGtE+GNE+PaJ9ZkT70As9KnL+z6aMc/5n0ortN/5rzr8+HfGSjdpv/NfnG+hP03L+59JYzzn/r9bmq+Zf/OE4j//b3ZH/hTvv/eLC7Q8+fOnmezfeXXp36WeXLi+8fnHhyuXXXr7wzs3lpfRvgz0+Wjn/PPa180DbJeefM5d/u+T8v5xq+bdLzv8rqZZ/u+T88/s9+bdLzj9/9tnO/0Gz/WI8cv4vpNr23y45/6+lWv7tkvN/MdXyb5ec/9dTLf92yfm/lGr5t0vO/3yq5d8uOf8LqZZ/u+T88xEu+bdLzj+f2SD/dsn5L6Ra/u2S87+Uavm3S87/cqrl3y45/1dSLf92yfm/mupD5O/eXydAzv9Kqm3/7ZLzfy3V8m+XnP/rqZZ/u+T8v5Fq+bdLzv+bqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8vxMPLyaVf3vk/N9Ite2/XR7e/98DDzzwID9o+jcTAAAAAAAAAAAAAFA3jtOJm15HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI1d53w/87Ju9NsTeJIbwYmBtDBhYvOsX/PL/18FASCm0DSGBvpEa116bTfxWr00AIbERNEUCqVxwQSslBYSqXKQKahM1SDSiUqU2vWmv2psqrdSoQlGonKg3jQquzpzneTwzOzuz6921Z875fBD+eWfOzDx75szsfsf6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQb8O9k3/Yl2VZ/n/tj5Esuzz/+6psX/7lzM5LvUIAAABgsT6s/fnttemEffO4UN02f3f9P3733Llz57LsT9Z96tV8BqNZtmZllhXnBcM/OdmwTfB8NtzXX/d1f4ebH+hw/mCH84c6nL+iw/krO5w/3OH8WTtgllXF6zG1K9tU++tIsUuzddlQ7bxNLS71fN/K/v74Wk5NX+0y54YOZ1PZ0Wwym5h1mb7af1n27ob8tu7P4m31193W+izLzv7s2YNxDX1hH2/KGm6spv6+++DubPTnP3v24JMjv7iu1ey4G2atNMs2b8zX+UKWnX+5KuvLVqZ9EtfZX7fO9S3WOdCwzr7a5fK/N6/z7DzXGb/v4bDOf2qzzvXhtKduzLJsJptzm2bPZ/3Z6qZbTft7uDgi8uvI78pPZIMLOk42zOM4yS/z4xsbj5PmYzLu/w1hnwzOsYb6u+ODr62Ytd8v9DjJv+tuOFbz634ov9Hh4fqXVhuO1XybZ2+a+xhoed+1OAbSsVx3DGzsdAz0rxioHQP959e8seEY2DrrMv1ZX+223r+p/TEwfvrYyfHpp5+5Y+rYgSOTRyaPb9+xbc/Wbbt27J4YPzx1dDL8ubBd2kNWZ/3pGNwYnmviMXhL07b1h+S5N4rHwetX77q+1VzIGoaX6HGwmDVk4Xj54s35gi7vz+Y4xvNtXti8+MdB+rlf9zgYrHsctHxObfE4GJzH4yDf5uzm+f3MHKz7v9UaWj0XLsUxMFJ3DCzm52H9Gi7k52F+m4/dOvdz4fqwrhdvW+jPw4FZx0D8tvrCYy8/Jf2+N7w77JfZx8U1+RmXrcjOTE+e2vLUgdOnT23NwrgoPll3XzUfL6vrvqds1vHSv+DjZd/nPtp1TYvTR8K+Gr69/X2Vb7NjrP19VXt2b70/G07dloWxxC72/mz10yzfnylLtNmf+TYv3LH43wVTLql7/hvq9Pw3MDRYPP8NpL0x1PD8N/uuGaitLMvO3jG/57+h8P/Ffv5b1yXPf/m+emxL+2Mg3+bF8YUeA4Ntn/9uDLMvrOfWkBiG63L/R7XzZ4rDtO6+7HjcDA4OheNmMN5i43GzfdZl8mvLb3vzxIUdN5tvbLyvGn5vKeFxk++rVyfaHzf5Nu9tXfxzx6r417rnjhWdjoGhgRX5eofSQVA8351bFY+BLdnB7ER2NDuULpPfy/ltjW2b3zGwIvx/sZ87ruqSYyDfV69ta38M5Nv87fal/d1pczglbVP3u1Pz6wtzZf5rBs9fX/NuW+rMn6/zMzvavzaUb/PTHQvNGe330+3hlMta7Kfmx89cx/ShrPN+WqpjOl/n0TvbvzaVb7Nu5zyPp31Zlr3z0lvF613F67t/ceafv9vwum+r15Tfeemtz1/9wx8uZP0AAFy4j2p/zqwoftes+xfr+fz7PwAAANATYu7vDzOR/wEAAKA0Yu4fCDOR/wEAAKA0Yu4fDDPZ1+nd8crhib6vv/rhc1l6N8BzQTw/vgzy0Mpiu9jxnglfj547Lz/9nreGHvzec/O77f4sy/73gWtbbv/Eyriuwsm4zoHG02e56oZ53f7jj5zfrv79E872F9cfv5/5vgwUu8rv/ts9tesdvbWY7z2Q1ebDMy8+X7v+PcXXcfv3/6PY7hvhTUv2He5ruPzmsJ5NYY6G95R5aNX5/ZDPeLnvvHvk7z/96Pnbi5fr27im9m2+tqW43vgeUa/8ZbF9/L7nWv9fv/St7+TbP3VT6/U/1996/e+H6/1xmP/zQXF6/T7/Xt36/yCsP95evNyWN3/Qcv1v/1Wx/dvhuHg9zOb13/1H133Y6v6Kt7NvsLhcvP2JP7uvdrl4ffH6m9c/PH5Pw/5ovv733iyuZ++T/z1Qv308Pd5O9Phg4/HdF+7fhh55lmXf+nrWsJ+zoeJy7zStP17fycHW67+9aZ0n33iidvnm7yf65iP3tvx+43r2/flIw/fzypqw//pX/UN+ve9fG47HcP4vZorra34v07fXND7fxO1fHyket/H6xpvW/0rT+mduyPdd5/Xf//Ni/W/ftbJh/fvWhuPp48XstP4jf7q24fJvfLZYz6mvjh0/MX1mKr7HwUjT43jl8KrVl13+sTVrw3Np89f7T5x+YvLU6MToRJaN9uBbBi73+t8M87+KMbP0t1D4l8HiuHv5weLn1i1DxdevhNMfD/dn/Pn4zT8eajhem+/3meFiLnb9t4V1zNf6TT/ZPa8N/3PH26/+68Nfav69IH4/J68Yrn1/r224snZe33vF+c3PV538+xWNj+sfrSvm98N+PRfemXnjlcXtNV9/fG+Sl79QPH7jb3Lx8lnT+4mMDDR+H4td/4/C7zE/uKrx+S8eH99/rundnEeyvnwJM+H5IZspzo9bxf398tkrW95efB+ebObqhSxzTtNPT48fnTp+5qnx05PTp8enn35m/7ETZ46f3l9779L9X+50+fOP79W1x/ehyZ07stqj/UQxltmlXv/JRw4e2jVx86HJwwfOHD79yMnJU0cOTk8fnDw0ffOBw4cnv9rp8lOH9m7dtmf7rm1jR6YO7d29Z8/2PWNTx0/kyygW1cHOia+MHT+1v3aR6b079my9884dE2PHThya3LtrYmLsTKfL1342jeWXfnLs1OTRA6enjk2OTU89M7l3656dO7d1fPfHYycPT4+OnzpzfPzM9OSp8eJ7GT1dOzn/2dfp8lTD9NrwfNekL/x2ft/tO9P74+be+tqcV1VsMtJ44k/De0F9Y3j77vl8HXP/UJiJf/8HAACA0oi5P3w+xfnX3eV/AAAAKI3wgX/hMyP9+z8AAACUUcz9w2EmFcn/+v/6/xfQ/091bf1//f9M/1//vwP9f/3/dvT/9f97ef36//r/dNZt/f+Y+1dlWSXzPwAAAFRBzP2rw0zkfwAAACiNmPsvCzOR/wEAAKA0Yu6/PMykIvlf/1//3+f/l6//35dlM/r/+v/dQv9f/78d/X/9/15ev/6//j+ddVv/P+b+j4WZVCT/AwAAQBXE3L8mzET+BwAAgNKIuX9tmIn8DwAAAKURc/9ImEmZ8v9dc5+l/1/1/v+A/n8J+/8+/7+g/98d9P/1/9vR/9f/7+X16//r/9NZt/X/Y+7/eJhJmfI/AAAAVFzM/Z8IM5H/AQAAoDRi7v9kmIn8DwAAAKURc/+6MJOK5H/9/6r3/33+f6b/v4z9/7il/r/+v/5/r/f/V4WT9f8b6f/r/+v/6//TXrf1/2PuvyLMpCL5HwAAAKog5v4rw0zkfwAAACiNmPs/FWYi/wMAAEBpxNx/VZhJRfK//r/+v/6//r/P/9f/X076/+Xo/8eT9f8b6f/r/+v/6//TXrf1/2PuvzrMpCL5HwAAAKog5v5rwkzkfwAAACiNmPuvDTOR/wEAAKA0Yu5fH2ZSkfyv/6//r/+v/6//r/+/nPT/9f/b0f/X/+/l9ev/6//TWbf1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu4fDTOpSP7X/9f/1//X/9f/1/9fTvr/+v/t6P/r//fy+vX/9f/prNv6/zH3bwgzqUj+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP2bwkwqkv/1//X/9f/L2v8f0P/X/+8K+v/6/+3o/+v/9/L69f/1/+ms2/r/MfffFGZSkfwPAAAAVRBz/81hJvI/AAAAlEbM/beEmcj/AAAAUBox928OM6lI/tf/1//X/y9r/9/n/+v/dwf9f/3/dvT/9f97ef36//r/dNZt/f+Y+28NM6lI/gcAAIAqiLn/tjAT+R8AAABKI+b+28NM5H8AAAAojZj7x8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O/r/+v+9vH79f/1/Ouu2/n/M/XeEmVQk/wMAAEAVxNy/JcxE/gcAAIDSiLl/PMxE/gcAAIDSiLl/IsykIvlf/1//X/9f/1//X/9/Oen/6/+3o/+v/9/L69f/1/+ns27r/8fcvzXMpCL5HwAAAHrUdQvZOOb+bWEm8j8AAACURsz928NM5H8AAAAojZj7d4SZVCT/6//r/+v/6//r/+v/Lyf9f/3/dur7//kl9f+r0v+f6ydNr6y/oP+v/09n3db/j7n/zjCTiuR/AAAAqIKY+3eGmcj/AAAAUBox9+8KM5md///m4q0KAAAAWEox9+8OM+n5f/+fX6+qUv3/A/env+r/F/T/9f8z/X/9/2Wm/6//347P/69q/39pXOr16//r/9NZt/X/Y+7fE2bS8/kfAAAAiGLu/39hJvI/AAAAlEbM/f8/zET+BwAAgNKIuf+Xwkwqkv8r1f+vo/9f0P/X/8/0//X/l5n+v/5/O/r/+v+9vP7u7f9/e3WW6f/THbqt/x9z/94wk4rkfwAAAKiCmPs/HWYyd/4fXv5VAQAAAEsp5v67wkz8+z8AAACURsz9+8JMKpL/9f/1//X/9f/1//X/l5P+v/5/O4vr/4/q/y/Spe7P9/r6u7f/7/P/6R7d1v+Puf/uMJOK5H8AAACogpj77wkzkf8BAACgNGLuvzfMRP4HAACA0oi5/zNhJhXJ/xet/9+iUKz/r/+f6f/r/+v/6/8vkv5/lfv/Pv9/sS51f34J1p/f5fr/+v90sW7r/8fcf1+YSUXyPwAAAFRBzP2fDTOR/wEAAKA0Yu7/5TAT+R8AAABKI+b++8NMKpL/ff6//r/+v/6//r/+/3LS/9f/b0f/X/+/l9ev/6//T2fd1v+Puf9Xwkwqkv8BAACgCmLufyDMRP4HAACA0oi5/8EwE/kfAAAASiPm/l8NM6lI/tf/1//X/9f/1//X/19O+v/6/+3o/+v/9/L69f/1/+ms2/r/Mff/WphJRfI/AAAAlMLcrx/UxNz/62Em8j8AAACURsz9nwszkf8BAACgNGLufyjMpCL5X/9f/1//X/9f/1//fznp/+v/t6P/r//fy+vX/9f/p7Nu6//H3P/5MJOK5H8AAACogpj7Hw4zkf8BAACgNGLu/0KYifwPAAAAPeDsvLaKuf+LYSYVyf/6//r/+v/6/0vY/1+R6f8n+v+ran/q/+v/t9NL/f9W5+j/6//r/+v/01639f9j7n8kzKQi+R8AAACqIOb+R8NM5H8AAAAojZj7fyPMRP4HAACA0oi5/zfDTCqS//X/9f/1//X/ff6//v9y0v/X/2+nl/r/rej/6//r/+v/01639f9j7v+tMJOK5H8AAACogpj7fzvMRP4HAACA0oi5/3fCTOR/AAAAKI2Y+x8LM6lI/i/6/48e1P8v6P/r/+v/6/9H+v9LQ/9f/78d/X/9/15ev/6//j+ddVv/P+b+L4WZVCT/AwAAQBXE3P+7YSbyPwAAAJRGzP37w0zkfwAAACiNmPsfDzOpSP73+f/6//r/+v8L6f+vanG6/n9B/781/X/9/3b0/8vc/1+xJGu8dOuf6wlrMP1N/1//n866rf8fc/+BMJOK5H8AAACogpj7fy/MRP4HAACA0oi5/2CYifwPAAAApRFz/6Ewk4rkf/1//X/9f/3/Hvn8/6FsOfr/M/r/y60k/f/39P8L+v+N9P99/r/+v/4/7XVb/z/m/skwk4rkfwAAAOh183nX0Zj7D4eZyP8AAABQGjH3Hwkzkf8BAACgNGLufyLMpCL5vxv7/zfo/+v/6/+n69H/9/n/+v/t+fx//f9M//+CXer+fK+vX/9f/5/Ouq3/H3P/VJhJRfI/AAAAVEHM/V8OM5H/AQAAoDRi7v9KmIn8DwAAAD1n5Rynx9x/NMykIvm/G/v/mf6//r/+f7oe/X/9f/3/9vT/9f8z/f8Ldqn7872+/iXt/6/Q/6ecuq3/H3P/sTCTiuR/AAAAqIKY+4+Hmcj/AAAAUBox958IM5H/AQAAoDRi7j8ZZtKT+b9vzt7uXPT/9f+7rf9f37wsdf9/pf6//r/+/1LQ/9f/z/T/L9il7s/3+vp9/r/+P511W/8/5v7fDzPpyfwPAAAAtBJz/6kwE/kfAAAASiPm/ukwE/kfAAAASiPm/v9j7z539LirOI4/thI7kSC8R9wLiPvgNTdAL4npLfQamqmh995b6BB6773XUEKRgrR7zok3Xs/sPvjxzvzP5/PmsGTXO5GN0U+rr+YBccv0/j+926e6cvT/+v+l9f9t3/9/lf4/6f/1/8eh/9f/b/T/Wzvpfn7tz6//1/8zb2n9f+7+B8Ytfv4PAAAAw8jd/6C4xf4HAACAYeTuf3DcYv8DAADAMHL3PyRuabL/r2z/f98DH+n/9f+brfr/s/W1Q/X/3v9/5++r/l//fwxd+//8m1D/v0//v52T7ufX/vz6f/0/85bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/f/6//X1/8P+v5//X/R/+v/j6Nr/5/0//v0/9s56X5+7c+v/9f/M29p/X/u/kfGLU32PwAAAHSQu//6uMX+BwAAgGHk7r8hbrH/AQAAYBi5+8/FLU32v/5f/6//1//r//X/u6T/1/9P0f8vt/+/Q/8/+/31//p/5i2t/z9342Zv9+9/m377HwAAADrI3f/ouMX+BwAAgGHk7n9M3GL/AwAAwDBy9z82bmmy//X/+n/9v/5f/6//3yX9v/5/iv5/uf2/9//r/+e+Xv/PUSyt/8/d/7i4pcn+BwAAgA5y9z8+brH/AQAAYBi5+58Qt9j/AAAAMIzc/U+MW5rsf/2//l//r//X/+v/d0n/r/+fspL+P36Ji3979P9D9//3v9fM11+y/z+10f/r/wlL6/9z9z8pbmmy/wEAAKCD3P1PjlvsfwAAABhG7v6nxC32PwAAAAwjd/+NcUuT/a//1//r//X/+n/9/y7p//X/U1bS/1+S/n/o/n/2+3v/v/6feUvr/3P3PzVuOTD8zh7z3xIAAABYktz9T4tbmvz8HwAAADrI3f/0uMX+BwAAgGHk7n9G3NJk/+v/5/v/6+8+/+vp/w9/fv2//l//r//X/6+g/7/5kE/U/x+J/r9R/3/txV+v/9f/M29p/X/u/mfGLU32PwAAAHSQu/9ZcYv9DwAAAMPI3f/suMX+BwAAgGHk7n9O3HKfzeaIGfuq6f+9/1//r//X/+v/d0n/v4L+/zD6/yPR/zfq/w+h/9f/M29p/X/u/ufGLX7+DwAAAMPI3f+8uMX+BwAAgGHk7n9+3GL/AwAAwDBy978gbmmy//X/6+n/r9L/j9D/3/OW8/fT/8c/1//r/y8H/b/+f6P/39pJ9/Nrf379v/6feUvr/3P33xS3NNn/AAAA0EHu/hfGLfY/AAAADCN3/4viFvsfAAAAhpG7/8VxS5P9r/9fT//v/f9D9P/e/7/g/v9R8ecx6f8vD/2//n/KZej/b7pO/7+1k+7nT+j5T1+u59f/6/+Zt7T+P3f/S+KWJvsfAAAAOsjd/9K4xf4HAACAYeTuPx+32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/e///Lun/9f9TvP9f/7/m59f/6/+Zt7T+P3f/y+OWJvsfAAAAOsjd/4q4xf4HAACAYeTuf2XcYv8DAADAql3YgeXuf1Xc0mT/6//1//r/S/X/5/X/d6H/1/9vQ/+v/5+i/9f/r/n59f/6f+Ytrf/P3f/quKXJ/gcAAIAOcvffHLfY/wAAADCM3P2viVvsfwAAABhG7v7Xxi1N9r/+X/+v//f+f/2//n+X9P/6/yn6f/3/mp9f/6//Z97S+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9b4pbmux/AAAA6CB3/5vjFvsfAAAAhpG7/y1xi/0PAAAAw8jd/9a4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P1vi1ua7H8AAADoIHf/2+MW+x8AAACGkbv/HXGL/Q8AAADDyN3/zrilyf7X/+v/9f/6f/2//n+X9P/6/ynr6/+vPvCR/l//r//X/zNtaf1/7v53xS1N9j8AAAB0kLv/3XGL/Q8AAADDyN3/nrjF/gcAAIBh5O5/b9zSZP/r/zv3/6fObTb6/43+X/+v/98p/b/+f8r6+v+D9P/6f/2//p9pS+v/c/e/L25psv8BAACgg9z9749b7H8AAAAYRu7+D8Qt9j8AAAAMI3f/B+OWJvtf/9+5//f+f/3/wefU/+v/d0H/r/+fov/X/6/5+Zfc/5/W/7MQJ97/5yfGx7n7PxS3NNn/AAAA0EHu/g/HLfY/AAAADCN3/0fiFvsfAAAAhpG7/6NxS5P9r//X/+v/9f8X9v9nDv8jvkf/r//fhv5f/z9F/6//X/PzL7n/9/5/luLE+/+7fJy7/2NxS5P9DwAAAB3k7v943GL/AwAAwDBy938ibrH/AQAAYBi5+2+JW5rsf/2//l//r//3/n/9/y7p//X/U/T/q+v/r7rwA/2//l//z5yl9f+5+z8ZtzTZ/wAAALBy1x7lk3L3fypusf8BAABgGLn7Px232P8AAAAwjNz9n4lbmuz/bfr/s/r/i+j/D39+/b/+X/+v/19Y/3/Ntt9H/79P/39Qw/7/AP2//l//z5yl9f+5+z8btzTZ/wAAANBB7v7PxS32PwAAAAwjd//n4xb7HwAAAIaRu/8LcUuT/e/9//p//f+x+v8b9P/6f/3/8Sys/9+a/n/f7vr/e2969P9Xx3/Q/4/w/Pp//T/zltb/5+7/YtzSZP8DAABAB7n7b41b7H8AAAAYRu7+L8Ut9j8AAAAMI3f/l+OWJvtf/6//1/97/7/+X/+/S/r/4/b/Z471XOP0/97/v9H/r+759f/6f+Ytrf/P3f+VuKXJ/gcAAIAOcvd/NW6x/wEAAGAYufu/FrfY/wAAADCM3P1fj1ua7H/9v/5f/6//1//r/3dJ/+/9/1P0//r/NT+//l//z7yl9f+5+78RtzTZ/wAAANBB7v5vxi32PwAAAAwjd/+34hb7HwAAAIaRu//bcUuT/a//1//r//X/+v+F9P+nzun/t6D/1/9v9P9bO+l+fu3Pr//X/zNvaf1/7v7vxC1N9j8AAAB0kLv/u3GL/Q8AAADDyN3/vbjF/gcAAIBh5O7/ftzSZP/P9P/VwOn/p+n/N3v/+9H/H/z19f/6f+//1//r/6fp//X/a35+/b/+n3lL6/9z9/8gbrlz+J05/r8lAAAAsCS5+38YtzT5+T8AAAB0kLv/R3GL/Q8AAADDyN3/47ilyf73/n/9v/f/6//1//r/XdL/6/+n6P/1/2t+fv2//p95S+v/c/f/JG5psv8BAACgg9z9P41b7H8AAAAYRu7+n8Ut9j8AAAAMI3f/z+OWJvtf/z9q/3/b3fb/qf5f/6//n3t+/f9u6f/1/1P0//r/NT+//l//z7yl9f+5+38RtzTZ/wAAALB+p2c/I3f/L+MW+x8AAACGkbv/V3GL/Q8AAADDyN3/67ilyf7X/4/a/3v/v/5f/6//Xwb9v/5/iv5f/7/m59f/6/+Zt7T+P3f/b+KWJvsfAAAAOsjd/9u4xf4HAACAYeTu/13cYv8DAADAMHL3/z5uabL/9f+76P9v1f/r//fo//X/+v/19/+n4i8c/f8+/f9B+n/9v/5f/8+0pfX/ufv/ELc02f8AAADQQe7+P8Yt9j8AAAAMI3f/n+IW+x8AAACGkbv/z3FLk/0/Tv8fT7qI/t/7//X/+/T/+n/9//r7/6T/36f/P0j/r//X/+v/mba0/j93/1/ilib7HwAAADrI3f/XuMX+BwAAgGHk7r8tbrH/AQAAYBi5+/8WtzTZ/+P0/0H/r//X/+v/47/X/y+D/l//P0X/r/9f8/Pr//X/zFta/5+7/+9xS5P9DwAAAB3k7v9H3GL/AwAAwDBy9/8zbrH/AQAAYBi5+2+PWy7a/2eu4FNdOfp//f/u+v877rHZ6P/1//p//b/+X/9/afp//f+an1//r/9n3tL6/9v3/r/2ms2/9r7az/8BAABgRLn7/x232P8AAAAwjNz9/4lb7H8AAAAYRu7+/8YtTfa//l//7/3//1f/f93Unwf9v/5f/6//1/9P0//r/9f8/Pp//T/zltb/5+7/XwAAAP//RByXNg==")
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
link(&(0x7f0000000140)='./file1\x00', &(0x7f00000001c0)='./bus\x00')

1.585022161s ago: executing program 2 (id=2094):
syz_usb_connect$uac1(0x7, 0x71, &(0x7f0000000040)=ANY=[@ANYBLOB="12011001000000406b1d010140000102030109025f0003010300f40904000000010100000a2401030003020102090401000001020000090401010101020000090501090000f7090607250183020c000904020000010200000904020000000000000010"], 0x0)
syz_usb_connect$printer(0x4, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x6, 0x0, 0x5}}]}}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120001a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)

1.457498797s ago: executing program 7 (id=2095):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_io_uring_setup(0x10ab, &(0x7f00000000c0)={0x0, 0x7496, 0x0, 0x1, 0x411001f7}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x0, 0x0})
io_uring_enter(r1, 0x351a, 0x0, 0x0, 0x0, 0x0)

1.346040763s ago: executing program 7 (id=2096):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x800080, &(0x7f00000000c0)={[{@nobarrier}, {@uid}, {@gid}, {@creator={'creator', 0x3d, "3a0a44f6"}}, {@nobarrier}, {@part={'part', 0x3d, 0x6}}, {}, {}, {@nls={'nls', 0x3d, 'cp850'}}, {@nodecompose}, {@force}, {@type={'type', 0x3d, "7b920129"}}]}, 0x20, 0x6f7, &(0x7f00000004c0)="$eJzs3U1sG2kZAOB3bMeJu1LWC+1uQUiNtqKCLbRJzNIiIVEQQjmsoBKXPSGFNt1GdbJVkkVphagXWDjCCfWwh0UoHPYC4oC0iANiOSMhcc+JSyUOvVUcMJrxTGI7iWO3+WnL80jj+cbz/bzz+puxPWnlAP5vzb0ZY61IYu78G+vp9uZGo7m50VgqyhExHhGliEpnFclyRPJxxJXoLPGp9Mm8u2SvcV5/8NH75+5/2OhsVfIlq18a1G5be9cRsl6ilS8xFRHlfD2iSle5p79ru/R3b6Suk62404SdLRIHx629Q2uU5kOct8DT7l5EeWyX5+sRJyJiIv8cEPnVoXTE4R24ka5yAAAA8HQq71fhxUfxKNZj8mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5KpL89/+/k1fLVKvHG+4+vrDP/vduHFEgAAAAAAAAAHDwxraLZx7Fo1iPyWK7nWR/83812ziZPb4Q78RqLMRKXIj1mI+1WIuVmIkYm+zqs7o+v7a2MrOz5a8ibdlut+/lLWcjor6j5ewhHzMAAAAAAAAAPN9+HHMxedxBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAtySi3Flly8miXI9SJSImIqKa1mtF/LkoP8v+ctwBAAAAwOGr5evJ5L+dQjvJvvO/nH3vn4h3YjnWYjHWohkLcT27F9D51l/6R6vR3NxoLKXLzo6//u+R4sh6jIhyvLvHyNNZjVNbLebiW/HdOB9TcTVWYjF+EPOxFgsxFbX0IGI+kqjXOncv6kWcvfGW866u9IRytT+2M33bp7NIanEjFrPYLsS1atFbKauRxOnNjcb32h1/rEb0ZejdNDvJ13JD5uh61+v1y/y+TK794pB9HI56duRjWxmZTnOfZ+Ol3XNfGHGe9I80E6Wte1Ant0dJN/tHKnL+/VFyfiJfp7n+WW/OD9qIt9L6MzEbpXz2Rbzcm/Pbn73/id7Gn//nX6/eLC3funlj9fwhHtKhGisK/ZlodGXilcGzL89EM81Ea/hMjPU/MfEEx3GAqnk2Ohe24a6W38xK8/Fq1xR8O67HQlyK6ZiJyzEdX4nZaPTMsFM9ea00lnpzkp1rpZ3Xt9qA4M9+rqvSz/epfLTSvLzUldfuK10925c/c+UXMV1k6Xf/ihg8+x7nXaDy6byQjvGTrXecp0FPJvJrcxFd8Qa1RyZ+3U4fV5vLt1Zuzt8ecrxz+To9bd/rvTb/5okP5omk8yW94layrSwntWK+pPs+uRVtb76q+V9cOu1KO/ad2tpXj8lYjG/veaZW889wO3vq7Htl132NbN/prn09n3Li7Whmn0L6TB1NVgEY2onXTlRrD2p/r31Q+2ntZu2NiW+MXx7/TDXG/lb5U/n3pd+Wvpq8Fh/Ej2LyuCMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnweqdu7fmm82FlQGFh/kP2g2qM6hQHWGs7kKU9q2z8cJwHUY9YvBYSV6oPsYBPmuFhxMDs1GLQxr9DxExoE71iYdIRp5jIxfSiXwgHRY/nJY90y6P0LxStNq9TiVWJ/Z6Bce3X/eo35pv/qf3pK5F1ykDPOcuri3dvrh65+4XF5fm31p4a2F59vKly5caX5750sUbi82F6c7jcUcJHIbVO3fLxx0DAAAAAAAAAAAAMJr8X/+vPfZ/ZqjsU6e6srr7yGeO+lABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ9TcmzHWiiRmpi9Mp9ubG41muhTl7ZqViChFRPLDiOTjiCvRWaLe1V2y1zivP/jo/XP3P2xs91Up6pcGtRtOK19iKiLK+Xp/47t0s7O/a139tR4rvGTrCNOEnS0SB8ftfwEAAP//qqT+ow==")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)

1.327839134s ago: executing program 5 (id=2097):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_uring_enter(0xffffffffffffffff, 0x6b88, 0x3695, 0x55, 0x0, 0x0)

989.413521ms ago: executing program 7 (id=2098):
r0 = inotify_init1(0x80000)
inotify_add_watch(r0, &(0x7f0000000780)='.\x00', 0x80000a57)
creat(&(0x7f0000000040)='./file0\x00', 0x11f)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file1\x00')

610.312519ms ago: executing program 7 (id=2099):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x2c, r1, 0x29, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4)

404.21763ms ago: executing program 7 (id=2100):
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
r0 = semget$private(0x0, 0x7, 0x85)
semtimedop(r0, &(0x7f0000000000)=[{0x0, 0xffbf, 0x2000}], 0x1, 0x0)
semctl$IPC_RMID(r0, 0x0, 0x0)

333.512583ms ago: executing program 1 (id=2101):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r1, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x1c}}, 0x4)

73.724956ms ago: executing program 7 (id=2102):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x46, 0x4, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0)

41.909208ms ago: executing program 6 (id=2103):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x9)
ioctl$TIOCNXCL(r1, 0x540d)

22.193438ms ago: executing program 1 (id=2104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x1, 0x0, {0x2, 0x0, 0x0, 0xfc, 0xfd, 0x0, 0xfe, 0x3}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_NH_ID={0x8, 0x1e, 0x8}]}, 0x2c}, 0x1, 0xffffff7f}, 0x4084)

0s ago: executing program 5 (id=2105):
r0 = io_uring_setup(0xf69, &(0x7f0000000400)={0x0, 0x1889, 0x400, 0x5, 0x108})
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

z.3.1331'.
[  200.639138][ T7953] loop1: detected capacity change from 0 to 4096
[  200.784155][ T7963] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  200.976089][ T7969] loop0: detected capacity change from 0 to 128
[  201.015568][ T4272] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[  201.093915][ T4272] Remounting filesystem read-only
[  201.098996][ T4272] NILFS error (device loop1): nilfs_readdir: bad page in #2
[  201.133868][ T7969] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  201.162640][ T7948] loop2: detected capacity change from 0 to 32768
[  201.188238][ T4272] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=8192, inode=0, rec_len=0, name_len=0
[  201.211389][ T4272] NILFS error (device loop1): nilfs_readdir: bad page in #2
[  201.212029][ T7948] 
[  201.212029][ T7948]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  201.212029][ T7948] 
[  201.231438][ T7969] ext4 filesystem being mounted at /276/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  201.303547][ T7969] fscrypt (loop0, inode 12): Direct key flag not allowed with different contents and filenames modes
[  201.421553][ T1177] read_mapping_page failed!
[  201.429508][ T1177] ERROR: (device loop2): txCommit: 
[  201.429508][ T1177] 
[  201.505560][ T1177] jfs_write_inode: jfs_commit_inode failed!
[  201.511696][ T4268] 
[  201.511696][ T4268]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  201.511696][ T4268] 
[  201.534207][ T4268] 
[  201.534207][ T4268]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  201.534207][ T4268] 
[  201.582935][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  202.012445][ T7994] netlink: 'syz.3.1345': attribute type 15 has an invalid length.
[  202.217787][ T8001] loop4: detected capacity change from 0 to 2048
[  202.305393][ T8001] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  202.337746][   T27] audit: type=1800 audit(1773837174.257:85): pid=8001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1348" name="file1" dev="loop4" ino=15 res=0 errno=0
[  202.545807][ T4269] EXT4-fs (loop4): unmounting filesystem.
[  202.970452][ T7995] loop0: detected capacity change from 0 to 32768
[  203.036513][ T7995] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  203.199317][ T8016] loop1: detected capacity change from 0 to 32768
[  203.241912][ T4271] ocfs2: Unmounting device (7,0) on (node local)
[  203.324798][ T8016] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  203.422449][ T8040] device macvtap1 entered promiscuous mode
[  203.472795][ T8016] JBD2: Ignoring recovery information on journal
[  203.493792][ T8040] device dummy0 entered promiscuous mode
[  203.603174][ T8040] team0: Device macvtap1 failed to register rx_handler
[  203.612158][ T8016] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  203.629593][ T8040] device dummy0 left promiscuous mode
[  203.831442][   T27] audit: type=1800 audit(1773837175.747:86): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1354" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  203.831442][ T8054] (syz.1.1354,8054,1):ocfs2_verify_group_and_input:420 ERROR: add a group which is in the current volume.
[  203.951979][ T8054] (syz.1.1354,8054,0):ocfs2_group_add:503 ERROR: status = -22
[  204.128184][ T4272] ocfs2: Unmounting device (7,1) on (node local)
[  204.188537][ T8070] loop3: detected capacity change from 0 to 256
[  204.238602][ T8070] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  204.349978][   T27] audit: type=1800 audit(1773837176.267:87): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1371" name="file1" dev="loop3" ino=1048648 res=0 errno=0
[  204.432355][   T11] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  204.448815][   T27] audit: type=1800 audit(1773837176.267:88): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1371" name="file1" dev="loop3" ino=1048648 res=0 errno=0
[  204.495868][   T11] FAT-fs (loop3): Filesystem has been set read-only
[  204.522036][   T11] FAT-fs (loop3): error, corrupted file size (i_pos 196, 16779008)
[  204.559600][ T8080] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  204.816196][ T8090] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1377'.
[  205.113503][ T8097] tun0: tun_chr_ioctl cmd 1074025677
[  205.129179][ T8097] tun0: linktype set to 780
[  205.748243][ T8094] loop2: detected capacity change from 0 to 32768
[  205.767576][ T8115] Bluetooth: hci5: Frame reassembly failed (-84)
[  205.844723][ T8094] XFS (loop2): Mounting V5 Filesystem
[  206.002180][ T8094] XFS (loop2): Starting recovery (logdev: internal)
[  206.093765][ T8094] XFS (loop2): Ending recovery (logdev: internal)
[  206.161207][   T27] audit: type=1800 audit(1773837178.077:89): pid=8094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1379" name="file1" dev="loop2" ino=7430 res=0 errno=0
[  206.236978][ T4268] XFS (loop2): Unmounting Filesystem
[  206.768010][ T8150] loop2: detected capacity change from 0 to 4096
[  206.794599][ T8150] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  207.007118][ T8146] loop3: detected capacity change from 0 to 32768
[  207.016835][   T11] ntfs3: loop2: ntfs3_write_inode r=1e failed, -22.
[  207.046974][   T11] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  207.061623][ T8146] 
[  207.061623][ T8146]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  207.061623][ T8146] 
[  207.097096][ T4268] ntfs3: loop2: ntfs_evict_inode r=1e failed, -22.
[  207.134045][ T8146] ERROR: (device loop3): diWrite: ixpxd invalid
[  207.134045][ T8146] 
[  207.193573][ T8146] ERROR: (device loop3): remounting filesystem as read-only
[  207.233820][ T8146] ERROR: (device loop3): txCommit: 
[  207.233820][ T8146] 
[  207.291645][ T8157] ERROR: (device loop3): dtSearch: stack overrun!
[  207.291645][ T8157] 
[  207.342051][ T8162] loop0: detected capacity change from 0 to 512
[  207.361816][ T8157] btstack dump:
[  207.374540][ T8157] bn = 0, index = 0
[  207.386695][ T8157] bn = 0, index = 0
[  207.450130][ T8162] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1403: bg 0: block 393: padding at end of block bitmap is not set
[  207.450421][ T8157] bn = 0, index = 0
[  207.472905][ T8166] loop2: detected capacity change from 0 to 4096
[  207.483118][ T8157] bn = 0, index = 0
[  207.486986][ T8157] bn = 0, index = 0
[  207.490815][ T8157] bn = 0, index = 0
[  207.495485][ T8162] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6179: Corrupt filesystem
[  207.544735][ T8162] EXT4-fs (loop0): 2 truncates cleaned up
[  207.552018][ T8162] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  207.581765][ T8157] bn = 0, index = 0
[  207.594310][ T8157] bn = 0, index = 0
[  207.639055][ T8157] jfs_lookup: dtSearch returned -5
[  207.757664][ T4268] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  207.772390][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  207.783414][ T4285] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  207.793478][ T4268] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  208.112401][ T8175] cgroup: fork rejected by pids controller in /syz4
[  208.813448][ T8172] loop0: detected capacity change from 0 to 32768
[  208.854456][ T8172] 
[  208.854456][ T8172]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  208.854456][ T8172] 
[  209.507106][   T46] 
[  209.507106][   T46]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  209.507106][   T46] 
[  209.527797][   T46] 
[  209.527797][   T46]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  209.527797][   T46] 
[  209.533256][ T8198] block nbd2: server does not support multiple connections per device.
[  209.542267][ T4271] 
[  209.542267][ T4271]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  209.542267][ T4271] 
[  209.609452][  T107] 
[  209.609452][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  209.609452][  T107] 
[  209.618321][ T8198] block nbd2: shutting down sockets
[  209.667173][ T4271] 
[  209.667173][ T4271]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  209.667173][ T4271] 
[  209.705106][ T8200] netlink: 4576 bytes leftover after parsing attributes in process `syz.2.1421'.
[  209.848257][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  209.914141][ T8204] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  210.409020][ T8213] loop3: detected capacity change from 0 to 512
[  210.409490][ T8202] loop1: detected capacity change from 0 to 32768
[  210.513929][ T8213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  210.534317][ T8202] XFS (loop1): Mounting V5 Filesystem
[  210.558117][ T8213] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.597079][ T8213] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  210.679521][ T8202] XFS (loop1): Ending clean mount
[  210.703219][ T4270] EXT4-fs (loop3): unmounting filesystem.
[  210.946181][ T4272] XFS (loop1): Unmounting Filesystem
[  211.231815][ T4279] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  211.245424][ T4279] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  211.255283][ T4279] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  211.264596][ T4279] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  211.272431][ T4279] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  211.281707][ T4279] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  211.381970][ T8247] loop3: detected capacity change from 0 to 16
[  211.495166][ T8247] erofs: (device loop3): mounted with root inode @ nid 36.
[  211.544369][ T8247] erofs: (device loop3): erofs_fill_dentries: bogus dirent @ nid 36
[  211.582192][ T8242] chnl_net:caif_netlink_parms(): no params data found
[  211.847921][ T8242] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.859490][ T8242] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.916095][ T8242] device bridge_slave_0 entered promiscuous mode
[  211.934978][ T8242] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.951570][ T8242] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.982617][ T8242] device bridge_slave_1 entered promiscuous mode
[  212.053303][ T8242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.085290][ T8242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.134504][ T8278] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1446'.
[  212.213776][ T8242] team0: Port device team_slave_0 added
[  212.239665][ T8242] team0: Port device team_slave_1 added
[  212.299254][ T8242] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.317791][ T8242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.317815][ T8242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.321885][ T8242] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.321900][ T8242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.325238][ T8242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.462092][ T8242] device hsr_slave_0 entered promiscuous mode
[  212.462974][ T8242] device hsr_slave_1 entered promiscuous mode
[  212.465564][ T8242] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.465653][ T8242] Cannot create hsr debugfs directory
[  212.476420][ T8274] loop3: detected capacity change from 0 to 32768
[  212.547224][    C0] vkms_vblank_simulate: vblank timer overrun
[  212.862351][ T8242] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.879836][ T8242] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.935019][ T8289] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1452'.
[  213.075836][ T8242] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.120165][ T8242] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.181766][ T8298] loop2: detected capacity change from 0 to 64
[  213.268891][ T8242] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.300885][ T8242] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.383281][ T4279] Bluetooth: hci2: command 0x0409 tx timeout
[  213.480254][ T8309] loop3: detected capacity change from 0 to 256
[  213.524147][ T8309] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  213.555302][ T8242] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.592605][ T8242] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.911312][ T8242] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  213.985065][ T8242] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  214.003514][ T4453] hid-generic 0003:0004:FFFF0001.000D: unknown main item tag 0x0
[  214.041787][ T8242] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  214.060144][ T8242] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  214.075366][ T4453] hid-generic 0003:0004:FFFF0001.000D: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  214.240981][ T8329] loop3: detected capacity change from 0 to 512
[  214.314528][ T8329] FAT-fs (loop3): unable to read block(512) for building NFS inode
[  214.394160][ T8325] fido_id[8325]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  214.412433][ T8242] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.435980][ T8333] Dead loop on virtual device ip6_vti0, fix it urgently!
[  214.480698][ T6039] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  214.495213][ T8334] device ipvlan2 entered promiscuous mode
[  214.509629][ T8334] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  214.518244][ T6039] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  214.534641][ T8334] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  214.691223][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  214.715501][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  214.746885][ T8242] 8021q: adding VLAN 0 to HW filter on device team0
[  214.769255][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  214.819050][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  214.845108][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.852298][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.895721][ T8339] fido_id[8339]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  214.909881][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  214.950544][ T8345] loop3: detected capacity change from 0 to 512
[  214.954694][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  214.984116][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  215.004613][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.011761][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.075522][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  215.076957][ T8345] syz.3.1475: attempt to access beyond end of device
[  215.076957][ T8345] loop3: rw=524288, sector=17179852706, nr_sectors = 16 limit=512
[  215.102500][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  215.140841][ T8345] syz.3.1475: attempt to access beyond end of device
[  215.140841][ T8345] loop3: rw=0, sector=17179852706, nr_sectors = 8 limit=512
[  215.183259][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  215.212560][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  215.243507][   T27] audit: type=1800 audit(1773837187.167:90): pid=8345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1475" name="file2" dev="loop3" ino=1048650 res=0 errno=0
[  215.300631][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  215.330723][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  215.360439][ T8345] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  215.377724][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  215.413210][ T8345] FAT-fs (loop3): Filesystem has been set read-only
[  215.415772][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  215.427593][ T8345] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  215.461754][ T8352] loop2: detected capacity change from 0 to 8192
[  215.469196][ T4279] Bluetooth: hci2: command 0x041b tx timeout
[  215.490869][ T8352] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  215.527450][ T8242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  215.538497][ T8352] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  215.563002][ T8352] REISERFS (device loop2): using ordered data mode
[  215.570678][ T8352] reiserfs: using flush barriers
[  215.576129][ T8242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  215.619483][ T8352] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  215.645326][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  215.668780][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  215.690457][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  215.700086][ T8352] REISERFS (device loop2): checking transaction log (loop2)
[  215.954081][ T8364] loop0: detected capacity change from 0 to 4096
[  215.974846][ T8352] REISERFS (device loop2): Using r5 hash to sort names
[  216.007266][ T4331] tipc: Disabling bearer <eth:team0>
[  216.011448][ T8364] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  216.027604][ T8352] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  216.038515][ T4331] tipc: Left network mode
[  216.468667][   T46] ntfs3: loop0: ntfs3_write_inode r=1e failed, -22.
[  216.484095][   T46] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  216.512428][ T4271] ntfs3: loop0: ntfs_evict_inode r=1e failed, -22.
[  216.660307][ T8375] loop3: detected capacity change from 0 to 512
[  216.767065][ T8375] FAT-fs (loop3): Directory bread(block 199916) failed
[  216.816853][ T8375] FAT-fs (loop3): Directory bread(block 199917) failed
[  216.863759][ T8375] FAT-fs (loop3): Directory bread(block 199918) failed
[  216.870722][ T8375] FAT-fs (loop3): Directory bread(block 199919) failed
[  216.899536][ T8375] FAT-fs (loop3): Directory bread(block 199920) failed
[  216.916396][ T8375] FAT-fs (loop3): Directory bread(block 199921) failed
[  216.923736][ T8375] FAT-fs (loop3): Directory bread(block 199922) failed
[  216.931410][ T8375] FAT-fs (loop3): Directory bread(block 199923) failed
[  217.063935][ T8242] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.094984][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  217.104084][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  217.118068][ T8375] FAT-fs (loop3): FAT read failed (blocknr 128)
[  217.543907][ T4279] Bluetooth: hci2: command 0x040f tx timeout
[  217.979263][ T8410] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  218.478970][ T8425] loop0: detected capacity change from 0 to 2048
[  218.499808][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  218.512725][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  218.559429][ T8427] loop1: detected capacity change from 0 to 512
[  218.567289][ T4331] device hsr_slave_0 left promiscuous mode
[  218.575093][ T8425] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  218.602014][ T8425] NILFS (loop0): mounting unchecked fs
[  218.627912][ T4331] device hsr_slave_1 left promiscuous mode
[  218.647264][ T4409] udevd[4409]: incorrect nilfs2 checksum on /dev/loop0
[  218.677409][ T4331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.702507][ T8425] NILFS (loop0): recovery complete
[  218.715613][ T8427] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  218.725318][ T8427] ext4 filesystem being mounted at /292/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.733712][ T4331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.751012][ T8435] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.762492][ T8427] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  218.804909][ T4331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.834476][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  218.849783][ T4331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.889976][ T4331] device bridge_slave_1 left promiscuous mode
[  218.905895][ T4331] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.972627][ T4331] device bridge_slave_0 left promiscuous mode
[  218.999723][ T4331] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.147367][ T4331] device veth1_macvtap left promiscuous mode
[  219.173288][ T4331] device veth0_macvtap left promiscuous mode
[  219.179510][ T4331] device veth1_vlan left promiscuous mode
[  219.202178][ T8442] loop0: detected capacity change from 0 to 4096
[  219.213476][ T4331] device veth0_vlan left promiscuous mode
[  219.262138][ T8442] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  219.375847][ T4313] kernel write not supported for file /input/event2 (pid: 4313 comm: kworker/0:4)
[  219.510171][ T4271] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  219.623258][ T4279] Bluetooth: hci2: command 0x0419 tx timeout
[  219.720981][ T8456] loop6: detected capacity change from 0 to 7
[  219.766223][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.775729][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  219.797930][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.807190][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  219.821317][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.830617][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  219.901290][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.910654][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  219.937261][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.946523][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  219.968546][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  219.977897][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  220.008019][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.017687][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  220.020819][ T8449] loop1: detected capacity change from 0 to 32768
[  220.026007][ T4885] ldm_validate_partition_table(): Disk read failed.
[  220.076535][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.086006][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  220.119453][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.128748][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  220.139175][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  220.144704][ T8449] JBD2: Ignoring recovery information on journal
[  220.148382][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  220.153234][ T4885] Dev loop6: unable to read RDB block 0
[  220.210478][ T8449] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  220.215313][ T4885]  loop6: unable to read partition table
[  220.292766][ T4885] loop6: partition table beyond EOD, truncated
[  220.347482][ T8456] ldm_validate_partition_table(): Disk read failed.
[  220.370920][ T8456] Dev loop6: unable to read RDB block 0
[  220.386326][ T8456]  loop6: unable to read partition table
[  220.425403][ T8456] loop6: partition table beyond EOD, truncated
[  220.433544][ T8456] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õÖ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  220.461721][ T4272] ocfs2: Unmounting device (7,1) on (node local)
[  220.714609][ T8461] loop0: detected capacity change from 0 to 32768
[  221.760763][ T4331] team0 (unregistering): Port device team_slave_1 removed
[  221.778427][ T8479] loop2: detected capacity change from 0 to 40427
[  221.813597][ T8479] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  221.819986][ T8479] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  221.848429][ T8479] F2FS-fs (loop2): invalid crc value
[  221.915774][ T8479] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  221.930561][ T4331] team0 (unregistering): Port device team_slave_0 removed
[  222.095234][ T4331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  222.110753][ T8479] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  222.118724][ T8479] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  222.224165][ T4331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  222.383540][ T4268] syz-executor: attempt to access beyond end of device
[  222.383540][ T4268] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  222.871959][ T4331] bond0 (unregistering): Released all slaves
[  223.057760][ T8463] syzkaller0: tun_chr_ioctl cmd 2147767519
[  223.099091][ T8242] device veth0_vlan entered promiscuous mode
[  223.150377][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  223.167394][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  223.205699][ T8505] loop2: detected capacity change from 0 to 4096
[  223.232015][ T8242] device veth1_vlan entered promiscuous mode
[  223.274522][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  223.290210][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  223.313927][ T8505] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  223.333912][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  223.412967][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  223.422438][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  223.457993][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  223.479506][ T8242] device veth0_macvtap entered promiscuous mode
[  223.500838][ T8242] device veth1_macvtap entered promiscuous mode
[  223.534170][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.564013][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.583427][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.603540][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.617000][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.628073][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.660400][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.670934][ T8515] usb usb1: usbfs: process 8515 (syz.0.1541) did not claim interface 8 before use
[  223.702951][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.746394][ T8242] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.760182][ T4268] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  223.765275][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  223.799643][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  223.837190][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  223.849659][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  223.880756][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.896125][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.930113][ T8519] loop0: detected capacity change from 0 to 64
[  223.939250][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.950342][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.995690][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.043428][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.073211][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.090495][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.107318][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  224.123233][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.133159][ T8242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  224.145317][ T8242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.156922][ T8242] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.195166][ T8518] bridge0: port 3(syz_tun) entered disabled state
[  224.202546][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.211945][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.315467][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  224.349774][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  224.362575][ T8525] [U] ^G„
[  224.382814][ T8524] [U] ^G
[  224.393761][ T8523] batman_adv: batadv0: Adding interface: gretap1
[  224.412465][ T8523] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.457991][ T8523] batman_adv: batadv0: Interface activated: gretap1
[  224.490943][ T8242] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.513672][ T8242] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.535043][ T8242] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.553254][ T8242] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  224.799054][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.832864][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.891448][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  224.980807][ T1177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.004442][ T1177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.053524][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  225.081877][ T8543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1555'.
[  225.137647][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1555'.
[  225.356780][ T4360] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  225.386113][ T4360] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  225.671535][ T4735] kernel write not supported for file /input/event2 (pid: 4735 comm: kworker/0:15)
[  226.060223][ T8549] loop4: detected capacity change from 0 to 32768
[  226.158340][   T27] audit: type=1800 audit(1773837198.077:91): pid=8549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1425" name="file1" dev="loop4" ino=4 res=0 errno=0
[  226.195953][ T8549] ERROR: (device loop4): xtTruncate: XT_GETPAGE: xtree page corrupt
[  226.195953][ T8549] 
[  226.250378][ T8549] ERROR: (device loop4): remounting filesystem as read-only
[  226.292646][ T8567] loop3: detected capacity change from 0 to 8192
[  226.364501][ T8567] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  226.533248][ T8567] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  226.542528][ T8567] REISERFS (device loop3): using ordered data mode
[  226.579680][ T8567] reiserfs: using flush barriers
[  226.595928][ T8580] netlink: 624 bytes leftover after parsing attributes in process `syz.4.1568'.
[  226.605537][ T8567] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  226.664072][ T8567] REISERFS (device loop3): checking transaction log (loop3)
[  226.721402][ T8567] REISERFS (device loop3): Using r5 hash to sort names
[  226.746078][ T8567] REISERFS (device loop3): using 3.5.x disk format
[  226.795514][ T8567] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  227.140422][ T8600] loop2: detected capacity change from 0 to 16
[  227.176082][ T8600] erofs: (device loop2): mounted with root inode @ nid 36.
[  227.763356][ T4732] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  227.953181][ T4732] usb 5-1: Using ep0 maxpacket: 16
[  227.959982][ T4732] usb 5-1: config 0 has no interfaces?
[  227.968446][ T4732] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  227.977697][ T4732] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.985939][ T4732] usb 5-1: Product: syz
[  227.990135][ T4732] usb 5-1: Manufacturer: syz
[  227.994769][ T4732] usb 5-1: SerialNumber: syz
[  228.001421][ T4732] usb 5-1: config 0 descriptor??
[  228.230061][ T8611] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1584'.
[  228.240516][ T4603] usb 5-1: USB disconnect, device number 16
[  228.924646][ T8630] loop0: detected capacity change from 0 to 1024
[  229.016868][ T8630] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  229.058885][ T8630] EXT4-fs (loop0): orphan cleanup on readonly fs
[  229.097668][ T8630] Quota error (device loop0): v2_read_file_info: Can't read info structure
[  229.144063][ T8630] EXT4-fs warning (device loop0): ext4_enable_quotas:7087: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  229.179507][ T8630] EXT4-fs (loop0): Cannot turn on quotas: error -5
[  229.207979][ T8630] EXT4-fs (loop0): 1 truncate cleaned up
[  229.226529][ T8630] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  229.410853][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  229.585029][ T4640] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  229.649428][ T8654] loop3: detected capacity change from 0 to 512
[  229.750841][ T8654] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  229.796868][   T27] audit: type=1800 audit(1773837201.717:92): pid=8654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1600" name="file1" dev="loop3" ino=15 res=0 errno=0
[  229.830150][ T4640] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  229.844675][ T4640] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.865106][ T4640] usb 3-1: config 0 descriptor??
[  229.881107][ T4640] cp210x 3-1:0.0: cp210x converter detected
[  230.054898][ T4270] EXT4-fs (loop3): unmounting filesystem.
[  230.107476][ T4732] kernel write not supported for file /20/clear_refs (pid: 4732 comm: kworker/0:14)
[  230.288288][ T4640] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  230.316768][ T4640] usb 3-1: cp210x converter now attached to ttyUSB0
[  230.522121][ T4603] usb 3-1: USB disconnect, device number 9
[  230.537644][ T4603] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  230.601765][ T4603] cp210x 3-1:0.0: device disconnected
[  230.803432][ T8676] loop0: detected capacity change from 0 to 4096
[  230.852093][ T8676] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  231.084132][ T4271] ntfs3: loop0: ntfs_sync_fs r=1a failed, -22.
[  231.090820][ T4271] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  231.168686][ T4271] ntfs3: loop0: ntfs_evict_inode r=1a failed, -22.
[  231.208952][ T8692] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1618'.
[  231.339384][ T8701] loop0: detected capacity change from 0 to 164
[  231.461541][ T8705] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1621'.
[  231.629364][ T8714] loop0: detected capacity change from 0 to 256
[  231.687796][ T8714] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xa7bc3a1f, utbl_chksum : 0xe619d30d)
[  231.723426][ T4732] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  231.744083][ T8714] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 2199023255554)
[  231.918866][ T4732] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  231.942608][ T4732] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.959161][ T4732] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  231.968657][ T4732] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.990148][ T4732] usb 2-1: config 0 descriptor??
[  232.153762][ T8728] loop4: detected capacity change from 0 to 8192
[  232.212672][ T8728] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  232.253351][ T8728] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  232.271044][ T8728] REISERFS (device loop4): using ordered data mode
[  232.307991][ T8728] reiserfs: using flush barriers
[  232.314750][ T8728] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  232.334815][ T8728] REISERFS (device loop4): checking transaction log (loop4)
[  232.347343][ T8728] REISERFS (device loop4): Using r5 hash to sort names
[  232.355931][ T8728] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  232.415493][ T4732] isku 0003:1E7D:319C.0010: unknown main item tag 0x0
[  232.443854][ T4732] isku 0003:1E7D:319C.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[  232.622121][ T4732] isku 0003:1E7D:319C.0010: couldn't init struct isku_device
[  232.639727][ T4732] isku 0003:1E7D:319C.0010: couldn't install keyboard
[  232.682103][ T4732] isku: probe of 0003:1E7D:319C.0010 failed with error -71
[  232.725575][ T4732] usb 2-1: USB disconnect, device number 12
[  232.892700][ T8750] fido_id[8750]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  232.907679][ T4640] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  233.105616][ T4640] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  233.116370][ T4640] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  233.127132][ T4640] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  233.137164][ T4640] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  233.145583][ T4640] usb 3-1: SerialNumber: syz
[  233.366233][ T4640] usb 3-1: 0:2 : does not exist
[  233.401448][ T4640] usb 3-1: USB disconnect, device number 10
[  233.675653][ T4409] udevd[4409]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  233.759763][ T8754] loop4: detected capacity change from 0 to 40427
[  233.770930][ T8754] F2FS-fs (loop4): invalid crc value
[  233.781067][ T8754] F2FS-fs (loop4): Found nat_bits in checkpoint
[  233.822792][ T8754] F2FS-fs (loop4): Start checkpoint disabled!
[  233.832172][ T8754] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  233.980049][    T9] kworker/u4:0: attempt to access beyond end of device
[  233.980049][    T9] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  234.100142][ T8767] loop2: detected capacity change from 0 to 1024
[  234.111320][ T8765] device erspan0 entered promiscuous mode
[  234.156751][ T8767] EXT4-fs: Ignoring removed orlov option
[  234.244258][ T8767] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  234.332298][ T8772] device macvlan0 entered promiscuous mode
[  234.351432][ T8772] netlink: 'syz.3.1647': attribute type 2 has an invalid length.
[  234.392971][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  234.604378][ T8781] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  234.620891][ T8781] overlayfs: NFS export requires an index dir, falling back to nfs_export=off.
[  234.910023][ T8796] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1661'.
[  234.945354][ T8796] netlink: 35 bytes leftover after parsing attributes in process `syz.4.1661'.
[  234.969002][ T8796] netlink: 'syz.4.1661': attribute type 5 has an invalid length.
[  234.978608][ T8796] netlink: 'syz.4.1661': attribute type 6 has an invalid length.
[  234.987177][ T8796] netlink: 35 bytes leftover after parsing attributes in process `syz.4.1661'.
[  235.008654][ T8799] loop2: detected capacity change from 0 to 256
[  236.171774][ T8840] loop0: detected capacity change from 0 to 64
[  236.267592][ T8840] hfs: request for non-existent node 1280 in B*Tree
[  236.292432][ T8840] hfs: request for non-existent node 1280 in B*Tree
[  236.433475][ T1177] hfs: request for non-existent node 1280 in B*Tree
[  236.440226][ T1177] hfs: request for non-existent node 1280 in B*Tree
[  236.449468][ T8843] loop2: detected capacity change from 0 to 4096
[  236.464385][ T8831] loop3: detected capacity change from 0 to 32768
[  236.553750][ T8843] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  236.603383][ T8831] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  236.677655][   T27] audit: type=1800 audit(1773837208.597:93): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1679" name="bus" dev="loop2" ino=18 res=0 errno=0
[  236.689230][ T8843] Invalid ELF header magic: != ELF
[  236.875418][ T4270] ocfs2: Unmounting device (7,3) on (node local)
[  236.916777][ T8863] loop0: detected capacity change from 0 to 256
[  236.951108][ T8862] device macvtap1 entered promiscuous mode
[  237.014928][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  237.056686][ T8863] FAT-fs (loop0): Directory bread(block 64) failed
[  237.060086][ T8862] device dummy0 entered promiscuous mode
[  237.100107][ T8863] FAT-fs (loop0): Directory bread(block 65) failed
[  237.144571][ T8863] FAT-fs (loop0): Directory bread(block 66) failed
[  237.182479][ T8863] FAT-fs (loop0): Directory bread(block 67) failed
[  237.214343][ T8863] FAT-fs (loop0): Directory bread(block 68) failed
[  237.238889][ T8862] team0: Device macvtap1 failed to register rx_handler
[  237.244040][ T8863] FAT-fs (loop0): Directory bread(block 69) failed
[  237.266439][ T8863] FAT-fs (loop0): Directory bread(block 70) failed
[  237.298654][ T8863] FAT-fs (loop0): Directory bread(block 71) failed
[  237.313208][ T6037] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  237.334196][ T8862] device dummy0 left promiscuous mode
[  237.351628][ T8863] FAT-fs (loop0): Directory bread(block 72) failed
[  237.388875][ T8863] FAT-fs (loop0): Directory bread(block 73) failed
[  237.523329][ T6037] usb 4-1: Using ep0 maxpacket: 16
[  237.531384][ T6037] usb 4-1: config 0 has an invalid interface number: 4 but max is 0
[  237.550067][ T6037] usb 4-1: config 0 has no interface number 0
[  237.560211][ T6037] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.576994][ T6037] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.587513][ T6037] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  237.596951][ T6037] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.639064][ T6037] usb 4-1: config 0 descriptor??
[  238.066553][ T8883] loop4: detected capacity change from 0 to 256
[  238.096885][ T8865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.127584][ T8865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.203904][ T6037] hid (null): unknown global tag 0xc
[  238.209476][ T6037] hid (null): unknown global tag 0xc
[  238.245560][ T6037] hid (null): unknown global tag 0xd
[  238.385018][ T8878] loop2: detected capacity change from 0 to 131072
[  238.434971][ T8878] F2FS-fs (loop2): Found nat_bits in checkpoint
[  238.472336][ T4313] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  238.472809][ T4603] usb 4-1: USB disconnect, device number 13
[  238.496434][ T8878] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  238.551502][ T8878] F2FS-fs (loop2): list inode (7) has corrupted xattr
[  238.674138][ T4313] usb 2-1: Using ep0 maxpacket: 16
[  238.681503][ T4313] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  238.721543][ T4313] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  238.752283][ T4313] usb 2-1: New USB device found, idVendor=0e8d, idProduct=00a7, bcdDevice=b5.31
[  238.777972][ T4313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.800618][ T4313] usb 2-1: Product: syz
[  238.814909][ T4313] usb 2-1: Manufacturer: syz
[  238.826466][ T4313] usb 2-1: SerialNumber: syz
[  238.844780][ T4313] usb 2-1: config 0 descriptor??
[  239.080048][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.103600][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.164088][ T4640] usb 2-1: USB disconnect, device number 13
[  239.222798][ T8910] program syz.4.1700 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.763653][ T4640] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  239.851667][ T8931] tun1: tun_chr_ioctl cmd 1074025677
[  239.874369][ T8931] tun1: linktype set to 780
[  239.960771][ T4640] usb 2-1: config 0 has an invalid interface number: 229 but max is 0
[  239.978974][ T4640] usb 2-1: config 0 has no interface number 0
[  240.027179][ T4640] usb 2-1: config 0 interface 229 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  240.081116][ T4640] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38
[  240.110656][ T4640] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.146591][ T4640] usb 2-1: Product: syz
[  240.150818][ T4640] usb 2-1: Manufacturer: syz
[  240.169407][ T4640] usb 2-1: SerialNumber: syz
[  240.211683][ T4640] usb 2-1: config 0 descriptor??
[  240.307910][ T8944] loop4: detected capacity change from 0 to 512
[  240.359084][ T8944] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  240.457406][ T8944] EXT4-fs error (device loop4): ext4_iget_extra_inode:4756: inode #15: comm syz.4.1712: corrupted in-inode xattr
[  240.483507][ T4640] usb 2-1: USB disconnect, device number 14
[  240.497186][ T8944] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1712: couldn't read orphan inode 15 (err -117)
[  240.525694][ T8944] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  240.543306][ T4313] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  240.637603][ T8242] EXT4-fs (loop4): unmounting filesystem.
[  240.677118][ T8950] loop1: detected capacity change from 0 to 1024
[  240.730821][ T8952] loop0: detected capacity change from 0 to 1024
[  240.747402][ T4313] usb 3-1: Using ep0 maxpacket: 8
[  240.762988][ T4313] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  240.811379][ T4313] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.862633][ T4313] usb 3-1: Product: syz
[  240.872323][ T4313] usb 3-1: Manufacturer: syz
[  240.885336][ T4313] usb 3-1: SerialNumber: syz
[  240.909372][   T11] hfsplus: bad catalog file entry
[  240.936066][ T4313] usb 3-1: config 0 descriptor??
[  240.950352][   T11] hfsplus: b-tree write err: -5, ino 3
[  241.049431][   T11] hfsplus: b-tree write err: -5, ino 3
[  241.150895][ T4313] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  241.179480][ T8961] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  241.197389][ T4313] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71
[  241.218920][ T8961] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  241.242228][ T4313] usb 3-1: USB disconnect, device number 11
[  241.356230][ T8967] loop4: detected capacity change from 0 to 512
[  241.460255][ T8967] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1722: bg 0: block 393: padding at end of block bitmap is not set
[  241.485730][ T8967] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6179: Corrupt filesystem
[  241.496315][ T8967] EXT4-fs (loop4): 2 truncates cleaned up
[  241.502281][ T8967] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  241.600916][ T8242] EXT4-fs (loop4): unmounting filesystem.
[  241.650434][ T8977] loop1: detected capacity change from 0 to 1024
[  241.769168][ T8977] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  241.852818][ T8983] vivid-004: =================  START STATUS  =================
[  241.861761][ T8983] vivid-004: Radio HW Seek Mode: Bounded
[  241.873573][ T8983] vivid-004: Radio Programmable HW Seek: false
[  241.889259][ T8983] vivid-004: RDS Rx I/O Mode: Block I/O
[  241.939556][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  241.939963][ T8983] vivid-004: Generate RBDS Instead of RDS: false
[  241.958189][ T8986] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1727'.
[  241.963546][ T8983] vivid-004: RDS Reception: true
[  241.987998][ T8983] vivid-004: RDS Program Type: 0 inactive
[  241.999671][ T8983] vivid-004: RDS PS Name:  inactive
[  242.011197][ T8983] vivid-004: RDS Radio Text:  inactive
[  242.017229][ T8983] vivid-004: RDS Traffic Announcement: false inactive
[  242.031094][ T8983] vivid-004: RDS Traffic Program: false inactive
[  242.078656][ T8983] vivid-004: RDS Music: false inactive
[  242.118109][ T8983] vivid-004: ==================  END STATUS  ==================
[  242.257049][ T8966] loop3: detected capacity change from 0 to 32768
[  242.308496][ T8966] 
[  242.308496][ T8966]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.308496][ T8966] 
[  242.447468][   T11] 
[  242.447468][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.447468][   T11] 
[  242.488682][   T11] 
[  242.488682][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.488682][   T11] 
[  242.507880][ T8998] loop0: detected capacity change from 0 to 4096
[  242.527612][  T107] 
[  242.527612][  T107]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.527612][  T107] 
[  242.561918][ T8998] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  242.572814][ T4270] 
[  242.572814][ T4270]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.572814][ T4270] 
[  242.605863][ T4270] 
[  242.605863][ T4270]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.605863][ T4270] 
[  242.792738][ T4271] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  242.930349][ T9007] tun1: tun_chr_ioctl cmd 1074025677
[  242.956504][ T9007] tun1: linktype set to 6
[  243.391430][ T9020] program syz.0.1742 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.576940][ T9031] loop3: detected capacity change from 0 to 256
[  243.629729][ T9031] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xa05bf55d, utbl_chksum : 0xe619d30d)
[  244.604600][ T9041] loop1: detected capacity change from 0 to 32768
[  244.750035][ T9041] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  244.851480][ T9076] loop2: detected capacity change from 0 to 512
[  244.878250][ T9076] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  244.948688][ T9076] EXT4-fs error (device loop2): ext4_quota_enable:7043: comm syz.2.1767: inode #50331648: comm syz.2.1767: iget: illegal inode #
[  245.008819][ T9076] EXT4-fs error (device loop2): ext4_quota_enable:7046: comm syz.2.1767: Bad quota inode: 50331648, type: 2
[  245.051486][ T9076] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-117, ino=50331648). Please run e2fsck to fix.
[  245.111084][ T4272] ocfs2: Unmounting device (7,1) on (node local)
[  245.209395][ T9076] EXT4-fs (loop2): mount failed
[  245.391544][ T9076] afs: Unknown parameter './file0'
[  245.837837][ T9073] loop4: detected capacity change from 0 to 32768
[  245.841235][ T9101] ptrace attach of "./syz-executor exec"[4270] was attempted by ""[9101]
[  245.872542][ T9103] loop2: detected capacity change from 0 to 512
[  245.919406][ T9103] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  246.008281][ T9103] ext4 filesystem being mounted at /400/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  246.118812][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  246.178601][ T9110] loop3: detected capacity change from 0 to 128
[  246.240295][ T9110] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  246.363726][ T9110] ext4 filesystem being mounted at /351/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  246.368210][ T9100] loop1: detected capacity change from 0 to 32768
[  246.395408][    C0] vkms_vblank_simulate: vblank timer overrun
[  246.497684][ T9110] fscrypt (loop3, inode 12): Unsupported encryption flags (0x2a)
[  246.562356][ T9100] XFS (loop1): Mounting V5 Filesystem
[  246.644668][ T9100] XFS (loop1): Ending clean mount
[  246.735751][ T4270] EXT4-fs (loop3): unmounting filesystem.
[  246.945984][ T4272] XFS (loop1): Unmounting Filesystem
[  246.949879][ T9133] device macvlan0 entered promiscuous mode
[  246.970307][ T9133] device dummy0 entered promiscuous mode
[  247.025474][ T9133] device hsr1 entered promiscuous mode
[  247.045124][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  247.385711][ T9147] program syz.0.1793 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.523155][ T4603] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  247.703336][ T9139] loop2: detected capacity change from 0 to 32768
[  247.723445][ T4603] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  247.748644][ T4603] usb 5-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  247.757587][ T9139] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1789 (9139)
[  247.768558][ T4603] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.819825][ T4603] usb 5-1: config 0 descriptor??
[  247.831328][ T9139] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  247.837542][ T4603] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  247.875771][ T9139] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  247.896289][ T9139] BTRFS info (device loop2): setting nodatasum
[  247.910775][ T9139] BTRFS info (device loop2): force zlib compression, level 3
[  247.943815][ T9139] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  247.973561][ T9139] BTRFS info (device loop2): use lzo compression, level 0
[  247.989684][ T9158] loop1: detected capacity change from 0 to 8
[  248.003133][ T9139] BTRFS info (device loop2): turning on flush-on-commit
[  248.010142][ T9139] BTRFS info (device loop2): enabling auto defrag
[  248.046094][ T9143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.069654][ T9143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.076958][ T9139] BTRFS info (device loop2): max_inline at 4096
[  248.105474][ T4452] usb 5-1: USB disconnect, device number 17
[  248.112581][ T9139] BTRFS info (device loop2): using free space tree
[  248.331133][ T9139] BTRFS info (device loop2): enabling ssd optimizations
[  248.369928][ T9173] loop3: detected capacity change from 0 to 8192
[  248.392510][   T27] audit: type=1800 audit(1773837220.307:94): pid=9139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1789" name="file1" dev="loop2" ino=260 res=0 errno=0
[  248.651535][ T9193] loop0: detected capacity change from 0 to 1024
[  248.745209][ T4452] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  248.817711][ T9193] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  248.953123][ T4452] usb 5-1: Using ep0 maxpacket: 8
[  248.961100][ T4268] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  248.961372][ T4452] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  249.025542][ T4452] usb 5-1: config 0 has no interface number 0
[  249.031869][ T4452] usb 5-1: config 0 interface 1 altsetting 1 endpoint 0xA has invalid maxpacket 256, setting to 64
[  249.044344][ T4452] usb 5-1: config 0 interface 1 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.057368][ T4452] usb 5-1: config 0 interface 1 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.090132][ T4452] usb 5-1: config 0 interface 1 has no altsetting 0
[  249.096485][ T4360] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  249.097452][ T4452] usb 5-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  249.132992][ T4452] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.170908][ T4452] usb 5-1: config 0 descriptor??
[  249.208411][ T4452] hso 5-1:0.1: Failed to find BULK IN ep
[  249.303388][ T4360] usb 2-1: Using ep0 maxpacket: 16
[  249.313915][ T4360] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  249.358422][ T4360] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  249.387531][ T4360] usb 2-1: Product: syz
[  249.391761][ T4360] usb 2-1: Manufacturer: syz
[  249.407826][ T4360] usb 2-1: SerialNumber: syz
[  249.421905][ T4360] usb 2-1: config 0 descriptor??
[  249.427860][ T9206] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1810'.
[  249.457530][ T4448] usb 5-1: USB disconnect, device number 18
[  249.470027][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  249.745443][ T4360] usb 2-1: USB disconnect, device number 15
[  249.822351][   T27] audit: type=1326 audit(1773837221.737:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9214 comm="syz.0.1813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0b099c799 code=0x0
[  249.848592][ T9213] loop3: detected capacity change from 0 to 4096
[  249.892147][ T9218] loop0: detected capacity change from 0 to 2048
[  249.918358][ T9213] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  249.947785][ T9218] UDF-fs: warning (device loop0): udf_verify_domain_identifier: Possibly not OSTA UDF compliant logical volume descriptor.
[  249.981399][ T9218] UDF-fs: error (device loop0): udf_load_logicalvol: error loading logical volume descriptor: Too many partition maps (148 > 10)
[  250.037762][ T4270] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  250.073017][ T9218] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  250.141615][ T9218] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  250.171542][ T9218] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  250.192738][ T9218] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[  251.572201][ T9269] loop4: detected capacity change from 0 to 512
[  251.579679][ T9269] EXT4-fs: Ignoring removed nobh option
[  251.608049][ T9269] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  251.637632][ T9269] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  251.894111][ T9277] loop0: detected capacity change from 0 to 512
[  251.895610][ T8242] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /53/bus: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  251.930941][ T9274] loop2: detected capacity change from 0 to 32768
[  251.962477][ T8242] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  251.972956][ T9277] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.1836: dx entry: limit 1024 != root limit 124
[  251.991312][ T8242] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  252.003442][ T9277] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1836: Corrupt directory, running e2fsck is recommended
[  252.045822][ T9274] XFS (loop2): Mounting V5 Filesystem
[  252.059813][ T9277] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  252.144708][ T9277] EXT4-fs error (device loop0): ext4_iget_extra_inode:4756: inode #15: comm syz.0.1836: corrupted in-inode xattr
[  252.184458][ T9274] XFS (loop2): Starting recovery (logdev: internal)
[  252.200392][ T9277] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1836: couldn't read orphan inode 15 (err -117)
[  252.225524][ T9277] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  252.242840][ T9274] XFS (loop2): Ending recovery (logdev: internal)
[  252.336027][ T9277] EXT4-fs error (device loop0): ext4_xattr_set_entry:1617: inode #2: comm syz.0.1836: corrupted xattr entries
[  252.461884][ T8242] EXT4-fs (loop4): unmounting filesystem.
[  252.579791][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  252.654611][ T4268] XFS (loop2): Unmounting Filesystem
[  252.692216][ T4331] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.951064][ T4331] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.118987][ T4331] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.151406][ T9303] loop0: detected capacity change from 0 to 4096
[  253.168110][ T9303] EXT4-fs: Ignoring removed bh option
[  253.251761][ T9303] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  253.262856][ T4331] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.339416][ T9303] EXT4-fs error (device loop0): ext4_get_first_dir_block:3603: inode #12: block 80: comm syz.0.1847: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  253.463980][ T9303] EXT4-fs (loop0): Remounting filesystem read-only
[  253.470564][ T9303] EXT4-fs error (device loop0): ext4_get_first_dir_block:3605: inode #12: comm syz.0.1847: directory missing '..'
[  253.568741][ T9303] EXT4-fs (loop0): Remounting filesystem read-only
[  253.720226][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  254.006063][ T4285] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  254.019049][ T4285] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  254.028772][ T4285] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  254.049154][ T4285] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  254.064977][ T4285] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  254.073523][ T4285] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  254.766744][ T9340] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1857'.
[  254.798412][ T9340] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1857'.
[  254.833511][ T9340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1857'.
[  254.855651][ T9343] loop2: detected capacity change from 0 to 256
[  254.873589][ T9340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1857'.
[  254.916071][ T9343] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  254.982633][   T27] audit: type=1800 audit(1773837226.897:96): pid=9343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1856" name="file1" dev="loop2" ino=1048659 res=0 errno=0
[  255.035842][   T56] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[  255.083227][   T56] FAT-fs (loop2): Filesystem has been set read-only
[  255.090052][   T56] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008)
[  255.098563][   T27] audit: type=1800 audit(1773837226.927:97): pid=9343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1856" name="file1" dev="loop2" ino=1048659 res=0 errno=0
[  255.127649][ T9321] chnl_net:caif_netlink_parms(): no params data found
[  255.174129][ T9345] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  255.185515][ T9324] loop0: detected capacity change from 0 to 32768
[  255.405136][ T9324] XFS (loop0): Mounting V5 Filesystem
[  255.553539][ T9324] XFS (loop0): Ending clean mount
[  255.572104][ T9363] Bluetooth: hci5: Frame reassembly failed (-84)
[  255.633972][ T9321] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.641624][ T9321] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.644175][   T56] Bluetooth: hci5: Frame reassembly failed (-84)
[  255.651514][ T9321] device bridge_slave_0 entered promiscuous mode
[  255.683764][ T4271] XFS (loop0): Unmounting Filesystem
[  255.688926][ T9321] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.746052][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.764675][ T9321] device bridge_slave_1 entered promiscuous mode
[  255.804906][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.811252][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  255.939784][ T9321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.108937][ T4285] Bluetooth: hci2: command 0x0409 tx timeout
[  256.330664][ T9321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.421597][ T9366] loop3: detected capacity change from 0 to 32768
[  256.624342][ T9321] team0: Port device team_slave_0 added
[  256.701538][ T9321] team0: Port device team_slave_1 added
[  256.798186][ T4331] device macvlan0 left promiscuous mode
[  256.813752][ T4331] device dummy0 left promiscuous mode
[  256.838692][ T4331] device hsr_slave_0 left promiscuous mode
[  256.900018][ T4331] device hsr_slave_1 left promiscuous mode
[  256.950019][ T4331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  256.977792][ T4331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.014096][ T4331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.039020][ T4331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.069193][ T4331] device bridge_slave_1 left promiscuous mode
[  257.083954][ T4331] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.097774][ T4331] device bridge_slave_0 left promiscuous mode
[  257.134470][ T4331] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.185435][ T9395] sctp: Trying to GSO but underlying device doesn't support it.
[  257.218482][ T4331] device veth1_macvtap left promiscuous mode
[  257.241984][ T4331] device veth0_macvtap left promiscuous mode
[  257.266840][ T4331] device veth1_vlan left promiscuous mode
[  257.279458][ T4331] device veth0_vlan left promiscuous mode
[  257.623207][ T4279] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  257.819929][ T9405] loop2: detected capacity change from 0 to 1024
[  257.847466][ T9407] loop1: detected capacity change from 0 to 256
[  257.915069][ T9407] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  257.938478][ T9405] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  257.956068][   T27] audit: type=1800 audit(1773837229.877:98): pid=9407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1873" name="file1" dev="loop1" ino=1048660 res=0 errno=0
[  257.988507][ T9400] loop3: detected capacity change from 0 to 32768
[  258.016106][   T46] FAT-fs (loop1): error, corrupted file size (i_pos 196, 16779008)
[  258.042909][   T46] FAT-fs (loop1): Filesystem has been set read-only
[  258.049860][   T27] audit: type=1800 audit(1773837229.877:99): pid=9407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1873" name="file1" dev="loop1" ino=1048660 res=0 errno=0
[  258.077087][ T9400] 
[  258.077087][ T9400]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  258.077087][ T9400] 
[  258.144544][ T9400] ERROR: (device loop3): diWrite: ixpxd invalid
[  258.144544][ T9400] 
[  258.171381][ T9400] ERROR: (device loop3): remounting filesystem as read-only
[  258.173545][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  258.178996][   T46] FAT-fs (loop1): error, corrupted file size (i_pos 196, 16779008)
[  258.192723][ T4285] Bluetooth: hci2: command 0x041b tx timeout
[  258.199357][ T9400] ERROR: (device loop3): txCommit: 
[  258.199357][ T9400] 
[  258.248812][ T9411] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  259.220620][ T4331] team0 (unregistering): Port device team_slave_1 removed
[  259.281636][ T4331] team0 (unregistering): Port device team_slave_0 removed
[  259.337431][ T4331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.399142][ T4331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.873570][ T4331] bond0 (unregistering): Released all slaves
[  259.996247][ T9321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.005644][ T9321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.031759][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880247bb400: rx timeout, send abort
[  260.051660][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880247bb400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  260.107416][ T9321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.108202][ T4274] kernel write not supported for file /844/clear_refs (pid: 4274 comm: kworker/0:3)
[  260.141536][ T9429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1883'.
[  260.192266][ T9321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.209153][ T9321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.263516][ T4285] Bluetooth: hci2: command 0x040f tx timeout
[  260.288647][ T9321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.412650][ T9321] device hsr_slave_0 entered promiscuous mode
[  260.435627][ T9321] device hsr_slave_1 entered promiscuous mode
[  260.468331][ T9321] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  260.481107][ T9321] Cannot create hsr debugfs directory
[  260.715654][ T9445] loop2: detected capacity change from 0 to 256
[  260.817871][ T9445] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  260.897772][ T9321] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  261.020390][ T9321] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  261.051187][ T9321] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  261.097333][ T9321] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  261.469205][ T9321] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.476653][ T9464] Falling back ldisc for ptm0.
[  261.509992][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  261.580434][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  261.637620][ T9321] 8021q: adding VLAN 0 to HW filter on device team0
[  261.764254][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  261.789187][ T9470] loop1: detected capacity change from 0 to 65
[  261.801680][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  261.832434][ T9471] loop0: detected capacity change from 0 to 512
[  261.841739][ T4522] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.848904][ T4522] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.903301][ T9471] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  261.934765][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  261.963806][ T9470] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
[  261.988440][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  262.008597][ T4522] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.010405][ T9471] EXT4-fs (loop0): 1 truncate cleaned up
[  262.015935][ T4522] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.018601][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  262.038318][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  262.048263][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  262.073149][ T9471] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  262.073431][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  262.150497][ T9473] loop3: detected capacity change from 0 to 8192
[  262.220928][ T9473] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  262.229305][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  262.243154][ T9473] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  262.294239][ T9473] REISERFS (device loop3): using ordered data mode
[  262.300889][ T9473] reiserfs: using flush barriers
[  262.343157][ T4279] Bluetooth: hci2: command 0x0419 tx timeout
[  262.354238][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  262.407538][ T9473] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  262.451881][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  262.464693][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  262.482557][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  262.510039][ T4271] EXT4-fs (loop0): unmounting filesystem.
[  262.512859][ T9473] REISERFS (device loop3): checking transaction log (loop3)
[  262.540953][ T9321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  262.602269][ T9321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  262.611547][ T9473] REISERFS (device loop3): Using r5 hash to sort names
[  262.635133][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  262.649236][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  262.665319][ T9473] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  262.728425][ T9485] loop0: detected capacity change from 0 to 512
[  262.735877][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  262.768298][ T9485] EXT4-fs: Ignoring removed nobh option
[  262.862523][ T9485] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  262.883416][ T9485] ext4 filesystem being mounted at /391/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  262.983582][ T4448] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  263.189421][ T4448] usb 3-1: Using ep0 maxpacket: 16
[  263.196838][ T4448] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.235727][ T4271] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /391/bus: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  263.267510][ T4448] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.289991][ T4448] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  263.336823][ T4448] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  263.351752][ T4271] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  263.372995][ T4448] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.392692][ T4448] usb 3-1: config 0 descriptor??
[  263.408844][ T4271] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  263.725166][ T7387] EXT4-fs (loop0): unmounting filesystem.
[  263.834029][ T4448] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0
[  263.853353][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  263.863121][ T4448] microsoft 0003:045E:07DA.0012: ignoring exceeding usage max
[  263.881145][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  263.908360][ T9321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.943810][ T4448] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0012/input/input15
[  264.110017][ T9512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1906'.
[  264.122106][ T4448] microsoft 0003:045E:07DA.0012: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  264.158211][ T9512] device bridge_slave_1 left promiscuous mode
[  264.184524][ T4448] usb 3-1: USB disconnect, device number 12
[  264.199518][ T9512] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.306840][ T9512] device bridge_slave_0 left promiscuous mode
[  264.330166][ T9512] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.482205][ T9516] fido_id[9516]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  264.809442][ T1177] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  264.863799][ T1177] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.875686][ T9527] serio: Serial port ttyS3
[  265.057415][ T1177] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.099389][ T1177] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.233662][ T1177] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.273980][ T1177] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.425605][ T1177] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.439030][ T4279] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  265.451020][ T1177] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.451763][ T4279] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  265.472889][ T4279] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  265.481302][ T4279] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  265.491041][ T4279] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  265.499052][ T4279] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  265.547806][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  265.559412][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  265.599188][ T9321] device veth0_vlan entered promiscuous mode
[  265.608031][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  265.625979][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  265.688738][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  265.710421][ T4859] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  265.727607][ T9321] device veth1_vlan entered promiscuous mode
[  265.807394][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  265.833796][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  265.852663][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  265.890401][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  265.967803][ T9321] device veth0_macvtap entered promiscuous mode
[  266.007401][ T9321] device veth1_macvtap entered promiscuous mode
[  266.145971][ T9559] loop1: detected capacity change from 0 to 4096
[  266.190415][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.253574][ T9563] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  266.300539][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.330108][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.369374][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.399794][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.441473][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.493206][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  266.523085][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.560741][ T9321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.593529][ T1177] tipc: Disabling bearer <eth:team0>
[  266.599858][ T1177] tipc: Left network mode
[  266.675610][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  266.688966][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  266.711060][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.757680][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.788140][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.819442][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.850164][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.874976][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.893260][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.914327][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.933357][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  266.953174][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.978369][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  267.013173][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.034598][ T9321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.261763][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  267.274486][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  267.291092][ T9581] loop2: detected capacity change from 0 to 512
[  267.300065][ T9583] loop3: detected capacity change from 0 to 512
[  267.315110][ T9583] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  267.327746][ T9581] EXT4-fs: Ignoring removed nobh option
[  267.348323][ T9321] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.371477][ T9576] loop1: detected capacity change from 0 to 32768
[  267.378115][ T9321] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.388107][ T9321] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.403939][ T9581] EXT4-fs error (device loop2): __ext4_iget:5095: inode #11: block 1: comm syz.2.1922: invalid block
[  267.414971][ T9321] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.468514][ T9583] EXT4-fs (loop3): 1 truncate cleaned up
[  267.480652][ T9543] chnl_net:caif_netlink_parms(): no params data found
[  267.484076][ T9583] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  267.488194][ T9581] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1922: couldn't read orphan inode 11 (err -117)
[  267.542119][ T9581] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  267.551260][ T4285] Bluetooth: hci3: command 0x0409 tx timeout
[  267.623520][ T9576] XFS (loop1): Mounting V5 Filesystem
[  267.643396][ T4270] EXT4-fs (loop3): unmounting filesystem.
[  267.777459][ T9576] XFS (loop1): Starting recovery (logdev: internal)
[  267.879501][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  267.892550][ T9576] XFS (loop1): Ending recovery (logdev: internal)
[  268.011399][   T27] audit: type=1800 audit(1773837239.927:100): pid=9576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1921" name="file1" dev="loop1" ino=7430 res=0 errno=0
[  268.107196][ T4272] XFS (loop1): Unmounting Filesystem
[  268.168378][ T9543] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.203014][ T9543] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.262211][ T9543] device bridge_slave_0 entered promiscuous mode
[  268.296527][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.311929][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.312292][ T9607] loop3: detected capacity change from 0 to 1024
[  268.460391][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  268.482658][ T9543] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.500411][ T9543] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.512171][   T27] audit: type=1326 audit(1773837240.427:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9608 comm="syz.2.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8045d9c799 code=0x7ffc0000
[  268.524317][ T9543] device bridge_slave_1 entered promiscuous mode
[  268.567900][   T27] audit: type=1326 audit(1773837240.457:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9608 comm="syz.2.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f8045d9c799 code=0x7ffc0000
[  268.646780][   T27] audit: type=1326 audit(1773837240.457:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9608 comm="syz.2.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8045d9c799 code=0x7ffc0000
[  268.706337][   T27] audit: type=1326 audit(1773837240.457:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9608 comm="syz.2.1930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8045d9c799 code=0x7ffc0000
[  268.821018][ T9543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.822080][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.855600][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.871412][ T9543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.904428][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  268.976960][ T9543] team0: Port device team_slave_0 added
[  268.999245][ T9543] team0: Port device team_slave_1 added
[  269.102368][ T9543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.144287][ T9543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.230645][ T9543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.512703][ T9543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.523150][ T9543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.623217][ T4285] Bluetooth: hci3: command 0x041b tx timeout
[  269.629789][ T9543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.856157][ T9543] device hsr_slave_0 entered promiscuous mode
[  269.913759][ T9543] device hsr_slave_1 entered promiscuous mode
[  269.929479][ T9543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.941204][ T9645] loop2: detected capacity change from 0 to 512
[  269.964276][ T9543] Cannot create hsr debugfs directory
[  270.017691][ T1177] device hsr_slave_0 left promiscuous mode
[  270.043536][ T1177] device hsr_slave_1 left promiscuous mode
[  270.055358][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.073203][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.084622][ T9645] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  270.087119][ T1177] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.162028][ T1177] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.180535][ T1177] device bridge_slave_1 left promiscuous mode
[  270.187298][   T27] audit: type=1800 audit(1773837242.107:105): pid=9645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1935" name="file1" dev="loop2" ino=15 res=0 errno=0
[  270.220779][ T1177] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.249169][ T1177] device bridge_slave_0 left promiscuous mode
[  270.269545][ T1177] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.440075][ T4268] EXT4-fs (loop2): unmounting filesystem.
[  270.980629][ T1177] device veth1_macvtap left promiscuous mode
[  270.995333][ T1177] device veth0_macvtap left promiscuous mode
[  271.018660][ T1177] device veth1_vlan left promiscuous mode
[  271.026025][ T1177] device veth0_vlan left promiscuous mode
[  271.548658][ T9663] loop1: detected capacity change from 0 to 32768
[  271.703365][ T4285] Bluetooth: hci3: command 0x040f tx timeout
[  272.208238][ T1177] team0 (unregistering): Port device team_slave_1 removed
[  272.327270][ T1177] team0 (unregistering): Port device team_slave_0 removed
[  272.414007][ T1177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.508325][ T1177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.062453][ T9687] program syz.1.1954 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  273.154398][ T1177] bond0 (unregistering): Released all slaves
[  273.783364][ T4285] Bluetooth: hci3: command 0x0419 tx timeout
[  274.377628][ T9543] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  274.411153][ T9543] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  274.583314][ T9543] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  274.643593][ T9543] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  274.996023][ T9543] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.001490][ T9732] loop3: detected capacity change from 0 to 4096
[  275.040221][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  275.115905][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  275.131773][ T9741] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  275.139426][ T9543] 8021q: adding VLAN 0 to HW filter on device team0
[  275.176524][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  275.197723][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  275.242364][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.249584][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.340723][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  275.359268][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  275.380110][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  275.414395][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.421545][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.453840][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  275.484460][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  275.544719][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  275.581966][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  275.611697][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  275.676345][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  275.717516][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  275.847712][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  275.869537][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  275.899076][ T9543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  275.917625][ T9543] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  275.927443][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  275.940351][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.432688][   T33] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.575307][   T33] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.639281][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  276.664685][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  276.700471][ T9543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  276.862914][   T33] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.124786][   T33] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.663576][   T33] tipc: Disabling bearer <eth:team0>
[  277.669574][   T33] tipc: Left network mode
[  277.858771][ T4285] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  277.871130][ T4285] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  277.880560][ T4285] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  277.891520][ T4285] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  277.901640][ T4285] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  277.909085][ T4285] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  278.309992][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  278.398989][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.399120][ T9802] loop2: detected capacity change from 0 to 2048
[  278.561322][ T9802] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  278.681944][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  278.719978][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  278.790235][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  278.832604][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  278.862678][ T9543] device veth0_vlan entered promiscuous mode
[  278.966230][ T9543] device veth1_vlan entered promiscuous mode
[  279.252234][ T9786] chnl_net:caif_netlink_parms(): no params data found
[  279.392136][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  279.413842][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  279.432958][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  279.498288][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  279.529381][ T9543] device veth0_macvtap entered promiscuous mode
[  279.621403][ T9543] device veth1_macvtap entered promiscuous mode
[  279.663332][ T6037] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  279.822678][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.850998][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.874006][ T6037] usb 2-1: Using ep0 maxpacket: 16
[  279.882363][ T6037] usb 2-1: config 0 has an invalid interface number: 4 but max is 0
[  279.907342][ T6037] usb 2-1: config 0 has no interface number 0
[  279.911232][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.939180][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.949257][ T4285] Bluetooth: hci1: command 0x0409 tx timeout
[  279.963102][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.972565][ T6037] usb 2-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.984883][ T6037] usb 2-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.003210][ T6037] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  280.014463][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.022554][ T6037] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.051756][ T6037] usb 2-1: config 0 descriptor??
[  280.060699][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.073693][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.086128][ T9543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.120405][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  280.129703][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  280.139670][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  280.151599][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.199386][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.270282][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.342263][ T9836] loop5: detected capacity change from 0 to 32768
[  280.363179][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.379984][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.412726][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.424388][ T9836] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1996 (9836)
[  280.454413][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  280.471350][ T6037] hid (null): unknown global tag 0x33
[  280.472219][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.478528][ T6037] hid (null): report_id 0 is invalid
[  280.495156][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  280.512863][ T6037] hid (null): invalid report_count 1779749003
[  280.520875][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.539674][ T9543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.541376][ T6037] hid (null): invalid report_count -1669791869
[  280.550338][ T9543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.568407][ T6037] hid (null): invalid report_size -1396333806
[  280.575026][ T6037] hid (null): unknown global tag 0xab
[  280.580470][ T6037] hid (null): bogus close delimiter
[  280.587042][ T6037] hid (null): unknown global tag 0xa0
[  280.592232][ T9543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.623308][ T9836] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.643743][ T9836] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  280.658959][ T9836] BTRFS info (device loop5): using free space tree
[  280.778740][ T6037] usb 2-1: USB disconnect, device number 16
[  280.861582][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  280.878656][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  280.945583][ T9836] BTRFS info (device loop5): enabling ssd optimizations
[  280.960071][ T9543] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.990722][ T9543] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.002418][ T9543] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.017468][ T9543] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  281.048191][ T9786] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.082921][ T9786] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.105818][ T9321] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  281.125846][ T9786] device bridge_slave_0 entered promiscuous mode
[  281.144905][ T9786] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.152327][ T9786] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.200953][ T9786] device bridge_slave_1 entered promiscuous mode
[  281.291773][ T4409] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop5 scanned by udevd (4409)
[  281.746270][ T9786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.801826][ T9786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.885749][   T33] device hsr_slave_0 left promiscuous mode
[  281.903835][   T33] device hsr_slave_1 left promiscuous mode
[  281.929149][   T33] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.941686][   T33] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.957574][   T33] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.968371][   T33] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.980554][   T33] batman_adv: batadv0: Interface deactivated: ipvlan2
[  281.989807][   T33] batman_adv: batadv0: Removing interface: ipvlan2
[  282.002031][   T33] device bridge_slave_1 left promiscuous mode
[  282.010601][   T33] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.026061][ T4285] Bluetooth: hci1: command 0x041b tx timeout
[  282.037883][   T33] device bridge_slave_0 left promiscuous mode
[  282.048628][   T33] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.442132][   T33] device veth1_macvtap left promiscuous mode
[  282.454959][   T33] device veth0_macvtap left promiscuous mode
[  282.461326][   T33] device veth1_vlan left promiscuous mode
[  282.471799][   T33] device veth0_vlan left promiscuous mode
[  283.239169][   T33] team0 (unregistering): Port device team_slave_1 removed
[  283.306230][   T33] team0 (unregistering): Port device team_slave_0 removed
[  283.364633][   T33] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.428090][   T33] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.869512][   T33] bond0 (unregistering): Released all slaves
[  284.099409][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.107724][ T4285] Bluetooth: hci1: command 0x040f tx timeout
[  284.122046][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.150343][ T9786] team0: Port device team_slave_0 added
[  284.174416][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  284.205548][ T9786] team0: Port device team_slave_1 added
[  284.221445][ T4331] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.230511][ T4331] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.231773][ T9786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.246335][ T9786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.273125][ T9786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.301912][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  284.324542][ T9786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.331547][ T9786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.360123][ T9786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.460035][ T9786] device hsr_slave_0 entered promiscuous mode
[  284.533199][ T9786] device hsr_slave_1 entered promiscuous mode
[  284.556154][ T9786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.568331][ T9905] loop5: detected capacity change from 0 to 2048
[  284.574399][ T9786] Cannot create hsr debugfs directory
[  284.673497][ T9909] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.810927][ T9905] NILFS (loop5): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  284.870883][ T9905] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=16)
[  284.942985][ T9905] Remounting filesystem read-only
[  284.948387][ T9905] NILFS (loop5): error -5 truncating bmap (ino=16)
[  285.104971][ T9321] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[  285.312225][ T9786] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  285.333992][ T9786] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  285.361853][ T9786] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  285.407145][ T9786] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  285.635842][ T9786] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.687672][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  285.701204][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  285.731216][ T9786] 8021q: adding VLAN 0 to HW filter on device team0
[  285.791228][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  285.832778][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  285.862250][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.869479][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.919153][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  285.957832][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  285.984141][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  285.991126][ T9928] loop2: detected capacity change from 0 to 32768
[  286.011571][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.018843][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.048634][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  286.126416][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  286.148440][ T9928] XFS (loop2): Mounting V5 Filesystem
[  286.183234][ T4285] Bluetooth: hci1: command 0x0419 tx timeout
[  286.230452][ T9943] loop6: detected capacity change from 0 to 4096
[  286.285122][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  286.347959][ T9928] XFS (loop2): Ending clean mount
[  286.363352][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  286.364203][ T9928] XFS (loop2): Quotacheck needed: Please wait.
[  286.388668][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  286.401838][ T9943] ntfs3: loop6: ntfs_set_state r=3 failed, -22.
[  286.423793][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  286.502935][   T27] audit: type=1800 audit(1773837258.417:106): pid=9943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2014" name="file1" dev="loop6" ino=30 res=0 errno=0
[  286.536690][ T9928] XFS (loop2): Quotacheck: Done.
[  286.550615][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  286.552578][ T9943] ntfs3: loop6: ino=1e, "file1" attr_set_size
[  286.574784][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  286.606306][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.642585][ T9960] netlink: 27 bytes leftover after parsing attributes in process `syz.5.2020'.
[  286.661245][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  286.685017][ T4522] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  286.715648][ T9786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  286.734913][   T11] ntfs3: loop6: ntfs3_write_inode r=3 failed, -22.
[  286.763915][ T9543] ntfs3: loop6: ntfs_set_state r=3 failed, -22.
[  286.780868][ T4268] XFS (loop2): Unmounting Filesystem
[  286.784017][ T9543] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[  286.793982][ T9543] ntfs3: loop6: ntfs_set_state r=3 failed, -22.
[  286.805630][ T4522] ntfs3: loop6: ntfs3_write_inode r=3 failed, -22.
[  286.844496][ T9543] ntfs3: loop6: ntfs_evict_inode r=3 failed, -22.
[  287.569498][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.579359][ T1177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.606924][ T9786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.753164][ T4449] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  287.952798][ T9999] loop2: detected capacity change from 0 to 4096
[  287.963331][ T4449] usb 2-1: Using ep0 maxpacket: 8
[  287.982685][ T4449] usb 2-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2
[  288.012881][ T4449] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.048318][ T4449] usb 2-1: Product: syz
[  288.052543][ T4449] usb 2-1: Manufacturer: syz
[  288.091807][ T4449] usb 2-1: SerialNumber: syz
[  288.114227][ T4449] usb 2-1: config 0 descriptor??
[  288.346581][ T4449] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  288.520548][T10016] loop6: detected capacity change from 0 to 128
[  288.556477][T10016] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  288.592578][T10016] hpfs: filesystem error: improperly stopped
[  288.629222][T10016] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  288.660335][T10016] hpfs: You really don't want any checks? You are crazy...
[  288.689574][T10016] hpfs: hpfs_map_sector(): read error
[  288.707550][T10016] hpfs: code page support is disabled
[  288.711925][ T9207] kernel write not supported for file /snd/midiC2D0 (pid: 9207 comm: kworker/0:19)
[  288.730290][T10016] hpfs: hpfs_map_4sectors(): unaligned read
[  288.740351][T10016] hpfs: hpfs_map_4sectors(): unaligned read
[  288.763639][T10016] hpfs: filesystem error: unable to find root dir
[  288.852487][T10016] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at trim
[  288.929680][T10025] loop2: detected capacity change from 0 to 8
[  288.956179][ T4449] gspca_sunplus: reg_w_riv err -71
[  288.961412][ T4449] sunplus: probe of 2-1:0.0 failed with error -71
[  288.992737][T10025] syz.2.2038: attempt to access beyond end of device
[  288.992737][T10025] loop2: rw=2048, sector=36028797018963960, nr_sectors = 16 limit=8
[  289.003257][ T4449] usb 2-1: USB disconnect, device number 17
[  289.009141][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  289.050175][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  289.095396][T10025] SQUASHFS error: Failed to read block 0xfffffffffffffffc: -5
[  289.109689][T10025] unable to read xattr id index table
[  289.168079][ T9786] device veth0_vlan entered promiscuous mode
[  289.230896][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  289.244694][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  289.270543][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  289.294305][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  289.347965][ T9786] device veth1_vlan entered promiscuous mode
[  289.444965][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  289.473747][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  289.515572][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  289.557346][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  289.589937][ T9786] device veth0_macvtap entered promiscuous mode
[  289.629699][T10044] loop1: detected capacity change from 0 to 512
[  289.630478][ T9786] device veth1_macvtap entered promiscuous mode
[  289.681739][T10044] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  289.735533][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.768779][T10044] EXT4-fs (loop1): 1 orphan inode deleted
[  289.797292][T10044] EXT4-fs (loop1): 1 truncate cleaned up
[  289.797368][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.820120][T10044] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  289.844123][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.890544][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.907293][T10044] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  289.914717][T10050] loop5: detected capacity change from 0 to 4096
[  289.955518][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.983749][T10050] ntfs: (device loop5): ntfs_read_locked_inode(): $DATA attribute is missing.
[  289.986070][T10044] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  290.013331][T10050] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  290.031959][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.053320][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.068213][T10050] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  290.121107][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.124051][T10050] ntfs: volume version 3.1.
[  290.143826][ T9786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.152690][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  290.169880][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  290.173487][T10057] loop2: detected capacity change from 0 to 2048
[  290.193932][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  290.212456][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  290.235767][T10057] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  290.275972][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  290.349238][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.380357][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.441357][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.452175][T10061] UDF-fs: error (device loop2): udf_rename: directory (ino 1345) has parent entry pointing to another inode (1376 != 1367)
[  290.472639][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.524681][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  290.547295][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.560198][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.577532][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.588345][ T9786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.599269][ T9786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.613829][ T9786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.623629][ T9321] ntfs: (device loop5): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  290.640097][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  290.665679][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  290.729611][ T9786] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.783087][ T9786] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.813144][ T9786] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.832631][ T9786] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  291.050036][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.070136][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.111989][ T4331] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  291.177154][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.202210][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.250477][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  291.525550][T10091] netlink: 'syz.5.2060': attribute type 2 has an invalid length.
[  291.763340][ T4732] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  291.964793][ T4732] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.005296][ T4732] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.021467][T10107] delete_channel: no stack
[  292.057925][ T4732] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  292.097089][ T4732] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.137847][ T4732] usb 3-1: config 0 descriptor??
[  292.524222][T10131] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2075'.
[  292.545641][T10131] IPVS: Error joining to the multicast group
[  292.565708][ T4732] lenovo 0003:17EF:6047.0014: unknown main item tag 0x0
[  292.578331][ T4732] lenovo 0003:17EF:6047.0014: unknown main item tag 0x0
[  292.593220][ T4732] lenovo 0003:17EF:6047.0014: item fetching failed at offset 2/5
[  292.610491][ T4732] lenovo 0003:17EF:6047.0014: hid_parse failed
[  292.635524][ T4732] lenovo: probe of 0003:17EF:6047.0014 failed with error -22
[  292.813238][ T4732] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  292.857603][ T9207] usb 3-1: USB disconnect, device number 13
[  292.993408][ T4732] usb 6-1: Using ep0 maxpacket: 16
[  293.003867][ T4732] usb 6-1: config 0 has an invalid interface number: 4 but max is 0
[  293.042428][ T4732] usb 6-1: config 0 has no interface number 0
[  293.052574][ T4732] usb 6-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.091422][ T4732] usb 6-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.114206][ T4732] usb 6-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  293.127975][ T4732] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.160633][ T4732] usb 6-1: config 0 descriptor??
[  293.294935][T10154] program syz.6.2082 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  293.431483][T10158] loop1: detected capacity change from 0 to 128
[  293.506235][T10163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2085'.
[  293.596612][T10158] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  293.612394][ T4732] hid (null): invalid report_count 31666
[  293.653337][T10158] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  293.663777][ T4732] hid (null): unknown global tag 0xe
[  293.669117][ T4732] hid (null): nested delimiters
[  293.693362][ T4732] hid (null): unknown global tag 0xe
[  293.858633][ T4732] usb 6-1: USB disconnect, device number 2
[  294.142847][T10181] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2092'.
[  294.172767][T10181] netlink: 152 bytes leftover after parsing attributes in process `syz.7.2092'.
[  294.518582][ T4605] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  294.564160][T10195] loop7: detected capacity change from 0 to 1024
[  294.584693][ T9207] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  294.723338][ T4605] usb 2-1: Using ep0 maxpacket: 32
[  294.767867][ T4605] usb 2-1: unable to get BOS descriptor or descriptor too short
[  294.783852][ T4605] usb 2-1: no configurations
[  294.788502][ T4605] usb 2-1: can't read configurations, error -22
[  294.790424][ T9207] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  294.803830][ T1177] hfsplus: b-tree write err: -5, ino 25
[  294.809586][ T1177] hfsplus: b-tree write err: -5, ino 4
[  294.842579][ T1177] hfsplus: b-tree write err: -5, ino 2
[  294.853418][ T9207] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  294.862347][ T9207] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  294.940755][ T9207] usb 3-1: config 220 has no interface number 2
[  294.967382][ T9207] usb 3-1: config 220 interface 1 altsetting 5 endpoint 0x1 has invalid wMaxPacketSize 0
[  294.991976][ T9207] usb 3-1: config 220 interface 1 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 0
[  295.020238][ T9207] usb 3-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  295.058187][ T9207] usb 3-1: config 220 interface 0 has no altsetting 0
[  295.070879][ T9207] usb 3-1: config 220 interface 76 has no altsetting 0
[  295.098030][ T9207] usb 3-1: config 220 interface 1 has no altsetting 0
[  295.115012][T10190] loop6: detected capacity change from 0 to 32768
[  295.121118][ T9207] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  295.159560][ T9207] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.193269][ T9207] usb 3-1: Product: syz
[  295.197494][ T9207] usb 3-1: Manufacturer: syz
[  295.233728][ T9207] usb 3-1: SerialNumber: syz
[  295.242973][T10190] blk_print_req_error: 25 callbacks suppressed
[  295.276738][T10190] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  295.353462][T10190] lbmIODone: I/O error in JFS log
[  295.420121][T10190] *** Log Format Error ! ***
[  295.446283][T10190] lmLogInit: exit(-22)
[  295.451164][T10190] lmLogOpen: exit(-22)
[  295.471420][ T9207] uvcvideo 3-1:220.1: Unknown video format 00000000-0000-0000-0000-000000000000
[  295.510438][ T9207] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  295.542668][ T9207] usb 3-1: No valid video chain found.
[  295.572089][T10190] ERROR: (device loop6): jfs_link: read-only filesystem
[  295.572089][T10190] 
[  295.572939][ T9207] usb 3-1: selecting invalid altsetting 0
[  295.597857][T10190] ERROR: (device loop6): remounting filesystem as read-only
[  295.670158][ T9207] usb 3-1: selecting invalid altsetting 0
[  295.683401][ T9207] usbtest: probe of 3-1:220.1 failed with error -22
[  295.720341][ T9207] usb 3-1: USB disconnect, device number 14
[  295.943314][   T11] wlan1: Trigger new scan to find an IBSS to join
[  296.013241][ T4522] ------------[ cut here ]------------
[  296.019597][ T4522] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xffffffff with flags 0x20
[  296.031110][ T4522] WARNING: CPU: 1 PID: 4522 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  296.041210][ T4522] Modules linked in:
[  296.045184][ T4522] CPU: 1 PID: 4522 Comm: kworker/u4:7 Not tainted syzkaller #0
[  296.052747][ T4522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  296.062873][ T4522] Workqueue: events_unbound cfg80211_wiphy_work
[  296.069339][ T4522] RIP: 0010:__rate_control_send_low+0x635/0x880
[  296.075657][ T4522] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 a3 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 fb 9d a5 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  296.095464][ T4522] RSP: 0018:ffffc90004237400 EFLAGS: 00010246
[  296.101643][ T4522] RAX: 9b25820d735d7300 RBX: 000000000000000c RCX: ffff8880271ad940
[  296.109718][ T4522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  296.117803][ T4522] RBP: 0000000000000084 R08: ffffc90004237087 R09: 1ffff92000846e10
[  296.125893][ T4522] R10: dffffc0000000000 R11: fffff52000846e11 R12: 0000000000000020
[  296.134096][ T4522] R13: dffffc0000000000 R14: ffff8880558ab378 R15: ffff88807f5ecca8
[  296.142095][ T4522] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  296.151127][ T4522] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  296.157782][ T4522] CR2: 00007f54b8fe7158 CR3: 000000005bd5e000 CR4: 00000000003506e0
[  296.165846][ T4522] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  296.173881][ T4522] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  296.181967][ T4522] Call Trace:
[  296.185340][ T4522]  <TASK>
[  296.188389][ T4522]  rate_control_send_low+0x194/0x790
[  296.193753][ T4522]  rate_control_get_rate+0x207/0x5c0
[  296.199071][ T4522]  ieee80211_tx_h_rate_ctrl+0xb1a/0x1750
[  296.204788][ T4522]  ? ieee80211_tx_h_select_key+0x17b0/0x17b0
[  296.210807][ T4522]  ? ieee80211_queue_skb+0xc2/0x21c0
[  296.216169][ T4522]  invoke_tx_handlers_late+0xb6/0x1810
[  296.221646][ T4522]  ? ieee80211_tx_h_select_key+0x126d/0x17b0
[  296.227702][ T4522]  ? sta_info_get+0x289/0x2a0
[  296.232409][ T4522]  ? invoke_tx_handlers_early+0xa11/0x1d40
[  296.238309][ T4522]  ieee80211_tx+0x2d4/0x460
[  296.242834][ T4522]  ? ieee80211_skb_resize+0x630/0x630
[  296.248287][ T4522]  ? ieee80211_set_qos_hdr+0x1c6/0x510
[  296.253830][ T4522]  ? __bpf_trace_tasklet+0x10/0x10
[  296.258961][ T4522]  ? ieee80211_xmit+0x30c/0x3f0
[  296.263880][ T4522]  ? __ieee80211_tx_skb_tid_band+0x48c/0x610
[  296.269973][ T4522]  __ieee80211_tx_skb_tid_band+0x4d1/0x610
[  296.275867][ T4522]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  296.282230][ T4522]  ieee80211_scan_state_send_probe+0x560/0x930
[  296.288503][ T4522]  ieee80211_scan_work+0x4d3/0x1bc0
[  296.293874][ T4522]  ? _raw_spin_lock_irq+0xb7/0xf0
[  296.298923][ T4522]  ? _raw_spin_lock_irqsave+0x100/0x100
[  296.304565][ T4522]  cfg80211_wiphy_work+0x221/0x260
[  296.309710][ T4522]  ? process_one_work+0x7b0/0x1160
[  296.314909][ T4522]  process_one_work+0x8a2/0x1160
[  296.319981][ T4522]  ? worker_detach_from_pool+0x240/0x240
[  296.325710][ T4522]  ? _raw_spin_lock_irq+0xb7/0xf0
[  296.330764][ T4522]  ? _raw_spin_lock_irqsave+0x100/0x100
[  296.336415][ T4522]  ? kthread_data+0x4b/0xc0
[  296.341050][ T4522]  worker_thread+0xaa2/0x1270
[  296.345837][ T4522]  ? __kthread_parkme+0x162/0x1c0
[  296.350908][ T4522]  kthread+0x29d/0x330
[  296.355053][ T4522]  ? worker_clr_flags+0x1a0/0x1a0
[  296.360131][ T4522]  ? kthread_blkcg+0xd0/0xd0
[  296.364813][ T4522]  ret_from_fork+0x1f/0x30
[  296.369286][ T4522]  </TASK>
[  296.372339][ T4522] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  296.379747][ T4522] CPU: 1 PID: 4522 Comm: kworker/u4:7 Not tainted syzkaller #0
[  296.387477][ T4522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  296.397726][ T4522] Workqueue: events_unbound cfg80211_wiphy_work
[  296.403968][ T4522] Call Trace:
[  296.407256][ T4522]  <TASK>
[  296.410264][ T4522]  dump_stack_lvl+0x188/0x24e
[  296.415042][ T4522]  ? memcpy+0x3c/0x60
[  296.419012][ T4522]  ? show_regs_print_info+0x12/0x12
[  296.424396][ T4522]  ? load_image+0x400/0x400
[  296.428931][ T4522]  panic+0x2e5/0x730
[  296.432851][ T4522]  ? bpf_jit_dump+0xd0/0xd0
[  296.437355][ T4522]  ? ret_from_fork+0x1f/0x30
[  296.441975][ T4522]  __warn+0x2f8/0x4f0
[  296.445986][ T4522]  ? __rate_control_send_low+0x635/0x880
[  296.451652][ T4522]  ? __rate_control_send_low+0x635/0x880
[  296.457294][ T4522]  report_bug+0x2ba/0x4f0
[  296.461622][ T4522]  ? __rate_control_send_low+0x635/0x880
[  296.467408][ T4522]  handle_bug+0x3a/0x70
[  296.471595][ T4522]  exc_invalid_op+0x16/0x40
[  296.476217][ T4522]  asm_exc_invalid_op+0x16/0x20
[  296.481158][ T4522] RIP: 0010:__rate_control_send_low+0x635/0x880
[  296.487392][ T4522] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 a3 a6 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 fb 9d a5 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  296.507224][ T4522] RSP: 0018:ffffc90004237400 EFLAGS: 00010246
[  296.513290][ T4522] RAX: 9b25820d735d7300 RBX: 000000000000000c RCX: ffff8880271ad940
[  296.521450][ T4522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  296.529450][ T4522] RBP: 0000000000000084 R08: ffffc90004237087 R09: 1ffff92000846e10
[  296.537411][ T4522] R10: dffffc0000000000 R11: fffff52000846e11 R12: 0000000000000020
[  296.545456][ T4522] R13: dffffc0000000000 R14: ffff8880558ab378 R15: ffff88807f5ecca8
[  296.553443][ T4522]  rate_control_send_low+0x194/0x790
[  296.558743][ T4522]  rate_control_get_rate+0x207/0x5c0
[  296.564045][ T4522]  ieee80211_tx_h_rate_ctrl+0xb1a/0x1750
[  296.570207][ T4522]  ? ieee80211_tx_h_select_key+0x17b0/0x17b0
[  296.576186][ T4522]  ? ieee80211_queue_skb+0xc2/0x21c0
[  296.581557][ T4522]  invoke_tx_handlers_late+0xb6/0x1810
[  296.587005][ T4522]  ? ieee80211_tx_h_select_key+0x126d/0x17b0
[  296.592971][ T4522]  ? sta_info_get+0x289/0x2a0
[  296.597745][ T4522]  ? invoke_tx_handlers_early+0xa11/0x1d40
[  296.603552][ T4522]  ieee80211_tx+0x2d4/0x460
[  296.608067][ T4522]  ? ieee80211_skb_resize+0x630/0x630
[  296.613466][ T4522]  ? ieee80211_set_qos_hdr+0x1c6/0x510
[  296.618920][ T4522]  ? __bpf_trace_tasklet+0x10/0x10
[  296.624027][ T4522]  ? ieee80211_xmit+0x30c/0x3f0
[  296.628867][ T4522]  ? __ieee80211_tx_skb_tid_band+0x48c/0x610
[  296.634839][ T4522]  __ieee80211_tx_skb_tid_band+0x4d1/0x610
[  296.640640][ T4522]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  296.646960][ T4522]  ieee80211_scan_state_send_probe+0x560/0x930
[  296.653120][ T4522]  ieee80211_scan_work+0x4d3/0x1bc0
[  296.658324][ T4522]  ? _raw_spin_lock_irq+0xb7/0xf0
[  296.663356][ T4522]  ? _raw_spin_lock_irqsave+0x100/0x100
[  296.668896][ T4522]  cfg80211_wiphy_work+0x221/0x260
[  296.674008][ T4522]  ? process_one_work+0x7b0/0x1160
[  296.679107][ T4522]  process_one_work+0x8a2/0x1160
[  296.684048][ T4522]  ? worker_detach_from_pool+0x240/0x240
[  296.689677][ T4522]  ? _raw_spin_lock_irq+0xb7/0xf0
[  296.694691][ T4522]  ? _raw_spin_lock_irqsave+0x100/0x100
[  296.700225][ T4522]  ? kthread_data+0x4b/0xc0
[  296.704729][ T4522]  worker_thread+0xaa2/0x1270
[  296.709462][ T4522]  ? __kthread_parkme+0x162/0x1c0
[  296.714490][ T4522]  kthread+0x29d/0x330
[  296.718552][ T4522]  ? worker_clr_flags+0x1a0/0x1a0
[  296.723567][ T4522]  ? kthread_blkcg+0xd0/0xd0
[  296.728183][ T4522]  ret_from_fork+0x1f/0x30
[  296.733310][ T4522]  </TASK>
[  296.736740][ T4522] Kernel Offset: disabled
[  296.741262][ T4522] Rebooting in 86400 seconds..