last executing test programs:

6m31.723784304s ago: executing program 2 (id=41):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fanotify_init(0x0, 0x0)
pipe2(&(0x7f0000000580)={<r1=>0xffffffffffffffff}, 0x0)
fanotify_mark(r0, 0xa, 0x8, r1, 0x0)

6m31.004264056s ago: executing program 2 (id=44):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="97", 0x1}], 0x1, &(0x7f0000000780)=ANY=[@ANYBLOB="68000000000000003a0000000400000012331f3a8113e5e07fb96a48595b3351314fb24bdf97abcfe84a530ffb7d8215e5cbbf5a5154b278e958ff8532d2fc4fff64e77cb0c8bcd7663b222f3e5626bdab8b1e91264e309ecbc2bf397a79573fba00000000000000f8"], 0x160}}], 0x2, 0x20004840)

6m29.807639871s ago: executing program 2 (id=48):
syz_clone(0x48325c80, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)="2b6a7cd0e2073bcc4c313a3ae88e6e31d182a100896a8a94ccb822d9cac538dbf0b726ab0ff1266965a3655a48d7")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x141000, 0x0)
pidfd_send_signal(r0, 0x20003a, &(0x7f0000000180)={0x1b, 0x3, 0x65de}, 0x0)

6m29.008957785s ago: executing program 2 (id=52):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')

6m27.83901851s ago: executing program 2 (id=56):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x3b00, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

6m18.758148165s ago: executing program 2 (id=89):
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1214080, &(0x7f0000000040)={[{@uid={'uid', 0x3d, 0xee01}}, {@codepage={'codepage', 0x3d, 'iso8859-14'}}, {@gid}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@dir_umask={'dir_umask', 0x3d, 0x8}}, {@creator={'creator', 0x3d, "5863953a"}}]}, 0x11, 0x31c, &(0x7f0000000940)="$eJzs3U1P1EAcBvBn2u6yKwQrYEg8oiSeCOBB40ViiBe/gAdDRFgTQsVEMVES4+rZGG8mJh69eTb6FfRi/AJ64mA86YV4sGZmOn1Zpt2ywBayzy9h2bbz8p9OX2aWLAURDayri9/fXdiWP6IGwAVwGXAANAAPwGlMNh5ubK5tBq3VooJclUP+COicYlealY2WLavMp3JEfLnkYSS9jg5HGIbhj66pfvclFqqO0Of+Lg4wFJ2danuj75EdjrZu12BJ9bDYwQ4eYbTKcIiIqHrR/d+J7hIj0fjdcYDpaBx+3O//mfHNTnVxHAnx/d/Ry6GQ++ek2pTM99QUTva+Y2aJtrL0MTGSXRkmu7sOfWRlOkB0m1WqWJzmnbWgNdNWBTzHlUgq2YR6XYVpiJIXbV3/mrLMTQsUtb3YsGpDTbZhPif+8T3X+OknXturW/pSIibxWXwVS8LHG6zG4z8vFHLnqP3jd/SUjn82v0TVSl+nyrQymb+fUpWcMT3w8X3Symbefm3AlbHYyFJE5/jdN3G+qufnwhiyHyvo1s3lt07lGrfmmo+X/1pzTXTmanq1oDWzci8o/CjlwFhndOKluCGm8AsfsJga/zsy9TTyz8zMlV+olNGRUdgeT6XM6ccMdQLftZyZTonMA+2ataOLvcBtXMLog8db68tB0Lpf/RtzqhyRePSBGB2Oco38nUqDhnxTA3Bglf4Lw9C6yUM/mlxTTb34Nmny1vqyaOvF/VWBdlyg2bSQnxjAAoBojbki9FL70zjXUFJgqex/ZG+rNfYD0kTVhwPSVJXZ5GKo1JnS7KHS60/Wl4OerkR0zCSdjsmbVQdDVZDDK6Hnf6n5yqy66sgXv2A2EnYrPFXiXM4MaEy9nig3g4uLzZ3BDZs3XeZcZ88D5zpqdGBqfNZZrB/FiaP4V8m9/ylDLOIbbvHzfyIiIiIiIiIiIiIiIiIiIiIiIiKi42av30bo5esE2Rq3B/AfbxARERERERERERERERERERERERERERER7U/q+b+Aq54YU6/8+b9uief/mudSEFHP/gcAAP//NBBgTQ==")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
fsync(r0)

6m16.359895071s ago: executing program 32 (id=89):
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1214080, &(0x7f0000000040)={[{@uid={'uid', 0x3d, 0xee01}}, {@codepage={'codepage', 0x3d, 'iso8859-14'}}, {@gid}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@dir_umask={'dir_umask', 0x3d, 0x8}}, {@creator={'creator', 0x3d, "5863953a"}}]}, 0x11, 0x31c, &(0x7f0000000940)="$eJzs3U1P1EAcBvBn2u6yKwQrYEg8oiSeCOBB40ViiBe/gAdDRFgTQsVEMVES4+rZGG8mJh69eTb6FfRi/AJ64mA86YV4sGZmOn1Zpt2ywBayzy9h2bbz8p9OX2aWLAURDayri9/fXdiWP6IGwAVwGXAANAAPwGlMNh5ubK5tBq3VooJclUP+COicYlealY2WLavMp3JEfLnkYSS9jg5HGIbhj66pfvclFqqO0Of+Lg4wFJ2danuj75EdjrZu12BJ9bDYwQ4eYbTKcIiIqHrR/d+J7hIj0fjdcYDpaBx+3O//mfHNTnVxHAnx/d/Ry6GQ++ek2pTM99QUTva+Y2aJtrL0MTGSXRkmu7sOfWRlOkB0m1WqWJzmnbWgNdNWBTzHlUgq2YR6XYVpiJIXbV3/mrLMTQsUtb3YsGpDTbZhPif+8T3X+OknXturW/pSIibxWXwVS8LHG6zG4z8vFHLnqP3jd/SUjn82v0TVSl+nyrQymb+fUpWcMT3w8X3Symbefm3AlbHYyFJE5/jdN3G+qufnwhiyHyvo1s3lt07lGrfmmo+X/1pzTXTmanq1oDWzci8o/CjlwFhndOKluCGm8AsfsJga/zsy9TTyz8zMlV+olNGRUdgeT6XM6ccMdQLftZyZTonMA+2ataOLvcBtXMLog8db68tB0Lpf/RtzqhyRePSBGB2Oco38nUqDhnxTA3Bglf4Lw9C6yUM/mlxTTb34Nmny1vqyaOvF/VWBdlyg2bSQnxjAAoBojbki9FL70zjXUFJgqex/ZG+rNfYD0kTVhwPSVJXZ5GKo1JnS7KHS60/Wl4OerkR0zCSdjsmbVQdDVZDDK6Hnf6n5yqy66sgXv2A2EnYrPFXiXM4MaEy9nig3g4uLzZ3BDZs3XeZcZ88D5zpqdGBqfNZZrB/FiaP4V8m9/ylDLOIbbvHzfyIiIiIiIiIiIiIiIiIiIiIiIiKi42av30bo5esE2Rq3B/AfbxARERERERERERERERERERERERERERER7U/q+b+Aq54YU6/8+b9uief/mudSEFHP/gcAAP//NBBgTQ==")
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
fsync(r0)

2m36.219105882s ago: executing program 5 (id=927):
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={r1, 0x2e2, 0x20}, &(0x7f00000002c0)=0xc)

2m35.536686676s ago: executing program 5 (id=931):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x80)

2m34.778911684s ago: executing program 5 (id=935):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2m34.001658712s ago: executing program 5 (id=940):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0xc0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00089aafc727346c3e0d8728525a2641b3b31621730c58dcf8e0ca2e6767a45a978776e9d2c689feab83a160d00a77ae5112cd4e7141cad333d7cbb69dc6b314609d3827059c11066ba0b4b95c12d2d9ff9c8896d9e247bd55f9ff578a14e0e9d0ca07693396b00d2ef44adb4858475a07d5e8fa3ef5b306fe8a5d1cd2d8e06e7f88226ece092c6aabf8870e140124d5a48670513e0c419c99b7c5105959e7a535f12694634c114600000000"], 0x81, 0x4ac, &(0x7f00000011c0)="$eJzs20tsG1UXwPFzPLbruPk+3Adpi6piCSRCS9skLmmrIKE8iEBqG0gaEBUPhdgJJk4cxSkkVUu7BHYsumTJlgUrxBZVYolYoCDUXemGjVeUHeiO52XXSewm8TT1/1e1dx7H7r33zMy914kFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIDL022NOrYdcCAAC00qWJ8Z4M4z8AAG3lMut/AACAdqJiyR+icnKurBft/YrEhfzC1ZXJkdH6L+tQUYmIZcebv4nevsyZl/vPnnPLjV+/3Y7I2MTlwfRwcX5xKVcq5bLpyYX8dDGba/gdtvr6WsftDkjPz13NzsyU0n2nMlWnV1L39+ztSg30vz8cd2MnR0ZHJwIx0dgj/+8PWW+GHxdLXhSVT374Ti+JSES23hebXDs7rcNuxHG7EZMjo3ZDCvmphWVzUiNOVKS6T+JuH7UgF1sSETH10vj2rNliYsmPojJ0uqxjImK5/XDC/mC4ofqEIWqWriLSLbsgZ4+xPWLJh6Jy53RK3nT61c5/XOR62JXDjos6939Ry/qW/Tww95N5bF54O/3GwkwxEKsR545qZnyocw+GPj600mP+bEqIJWP2HV/W8bArg5brEEvmRSX+9af2vELseelTA2ePPXs+OMM4tMn7mNhTzs3VyJgcc6YOGjF/HqHa2BYJteRPUXnwe8Le73Zyw08E2oRaUhCVf26UVWvWpVZgfe/Z7WvDna1/R2K4uLi6lJ/9eLnu+WRi8KPS8tLUdP3TlbWrFTyy2Tq2VqS5JVlSKyu+Lz4re69z1gD/q+z5tfn2un8tdNeUruD108h2w8+ZJuZRpk6qltwTlZkPDlfGGUk23TftwOR/VFRK5V/UzbST/2hlL5D/V/z+S2h16bFz+//K51ruXOLIlYPrHd+J/Js6mfy/KypDfx92PtOo5N+qiTVxXaLy3u2jTlwkbuKibnMq7ziTL+R6TOy/orL/ZzdW7NikE3vAj+01sSVR+fJOdexeJ/agH9tnYtdE5e5v9WOf9mMzJnbV5Otu2o1NmthjTmyXH3tquljIbtatJv99ovLOzdfVbfO6+Q/c/7dqSs9DOd94e7vynwocu+Xk9YqT/+gm+f9KVFb/Ouq22+5797LaZ//r59/Mlb+/XR3rTkb3+7G9jTYrbCb/+0Tl/qtrXpudtjm7foaC+X8mWl16/RpS/vcFjqWcesWb7It2VFq9NjdVKOSW2GCDDTa8jbCfTGgFM/6Pm1G931J3HuOM/52VPX/G9OBzf/wfqCk9IY3/+wPHBpxZSywqklieX4wdEkmUVq+dzM9PzeZmcwuZM/09fefP9GTOxeLu5M7farjvngQm/ydE5cZPv3rrmOr5X/35f7Km9ISU/wPBNlXNaxruirZk8t8pKv331rz15kbzf3f93/1cdendfyHl/2DgWMqpV2eTfQEAAAAAAAAAAAAAAAAAu0lSLXleVFbGX1L3O0SN/P5ftqb0hPT7X12BY9nt/16D+9WoqlONVh0AAAAAAAAAAKCVImLJN6LygpT1pjnQKXIxWOKJ9l8AAAD//16uQhc=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4)
getdents64(r0, 0xfffffffffffffffe, 0xffffffffffffff15)

2m32.852613486s ago: executing program 5 (id=945):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x200)
connect$vsock_stream(r0, &(0x7f00000001c0), 0x10)
connect$vsock_stream(r0, 0x0, 0x0)

2m31.084981761s ago: executing program 5 (id=955):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
unshare(0x400)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x7)
ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0)

2m27.93986456s ago: executing program 33 (id=955):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
unshare(0x400)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x7)
ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0)

2m2.61556087s ago: executing program 4 (id=1040):
r0 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x8a54, 0x10100, 0x11fffffc}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r3}})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2m1.910196872s ago: executing program 4 (id=1043):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f0000000180)={0xa, 0x4e21, 0x4080000, @dev={0xfe, 0x80, '\x00', 0x1a}}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x93}}], 0x18}, 0x40c0)

2m1.126047541s ago: executing program 4 (id=1047):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r0}, 0x18)
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x20)

1m59.060572803s ago: executing program 4 (id=1049):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r0, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
io_uring_enter(r0, 0x6e2, 0x600, 0x1, 0x0, 0x100000)

1m58.041069648s ago: executing program 4 (id=1053):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000000)='./file1\x00', 0x2800000, &(0x7f0000000180)=ANY=[@ANYRES16, @ANYRESHEX, @ANYBLOB="40d4823deffdbbeb65eeddb31203a829679a7a18f01faefa691c80df4e49f2c92d0c9708f605177b1f5699eeabb703cc126adf2f9c5167d17178b4e0c590345bad5de906894ef754ec7a8c3b32c7b9d0f74abf43c4dee78decff644fd28d7d874518bd960a098875b53d2005df3fb15a953031adb9887615b59f3caef2de95c9495a7154700055ef1a72", @ANYRESOCT, @ANYRES32=0x0, @ANYRES16], 0xec, 0x5ac4, &(0x7f0000008380)="$eJzs3WuQXNV9IPBzu3s0Lz1GAgcZzGjAaENwbI14lR+pWM4mdgocl1xOOYiVDQMaEdmSUOkRkEyCyILXKrDLTjmV4OQDcWHv2pZdVNkbo7AmYFZi/VKx8VJbNrV2FvuDtwiLyoCWcnk9qe6+p6f7dt+5PT09QoLfr2Bu39On//fcc0/fvv/TVzMBAACAV4Vjd+05+Z5zf+/bfz794u2//w877gij5Vr5UKwwli5vfblayKk0WFldW2bHxa9/5Is/nbjxd771wMjnXjq65YKtP/zds2586ENXHbn3bx59YdnXfvV0Udw4ni6ZXU+eTUIY+saJv/zo0e+cUy1Llld/lg6GsDJZ9ejKJIQ7m0NM/iKEsCVdWZ2J/9UXL9saQihnt7sis268v7pVj3MSQjhw8pY3hB+9Y9Od31vzlS8PHH7m4GyVZGh2PIUQll/f/PqBEMJw+n/VYLqM4zFJlxtDCCNNr3tzQbte30W7q9ZlyuP6eelySbocLYgXn78ws17K1MuuRwOZ5UjB9hYqrx291iuyNLOe9ClulNfOWL4yXX49XV4yz/jldB/KSSglodJo/vZkdoyEpuOWhKR2LIca66XGsQ3p/mfWk8x6KbNeHsjsV2276UArJ0lreayXKY+n40pafkHzubqD9zU9bq732liWvlFfytbJBB1te9DYr5rYrhNztOVUKDWdgzqVNw58ejBG07LRpH1Ez3QQnzu66Z615c3fPDaW047kgSSNn6TxV80r/oHvrlz6wS8d2pf9XG/Ev76Uxi/1FP/HVx9/7tpDn/1MbvxPxvjlnuJf+vDIs1c/dteFuf1zIvZPpaf4U08//vE1Z99wOLf998X4Qz3F33Dk+OCykw8/ktv+ydg/wz3Ff+pt7/zJF5588Jnc+CHGH+kp/uYjuz4xOH7y4tz4j8T+Ge1t/Dx/+MofjI//bCIv/hMx/rKe4n/+4OBb719x91W5x3dj7J+xnuK/+6KH7lx68sHz886dyX39+uQEeHU6K73G+li63mueuVBN+cJfT1Tq13xL0/+X9XNDmYvPbJ4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3wmjf8t3f97/ePPVtJ1wfTB0+V6stYviSEZDiEsGfv1O6923beNPGhm/ft3jm1fWJq78T0zr27909c/psTu6d3bZ/aX3128o2X1V+3KiT1ZXJ+27YHZ2ZmSmOtZXF7//aiwz9a++b/8y8hTL7m++OV3Pavu3fH/Wd3+JmRbJh5+4597/n+FX+X7tdY2q6xDu2amZmZCTnt+r/X/PL+vzjx04tDmPy1udr1+FO//Y/NDSqHasFsnFRpMNQbNJiMdGxHo9Vpe2J/VbZu2z49OXf/Vl9fztmPf/eRZ36x9dZP/bLev0O5+9Fl/w5vmNle+qtN7/7/f3VbvaCoXS/Xca/2dzknZrVdcS9i+2L/DaX9vTzdr+U5+1XJ2a+7vvfIk98499ALB8Nk5fk17ce6aL8G0gEwkLy2q+3GLYwkK1vKh9L68YjH163bu2PXuj37D7xx246pm6Zvmt75lvWXr79y8oorr1hX2/N1fd7/uP1/0+X+n5rxtOJPDn49/uxuPLW2a8m8+6ParuL+aG5R3vtv5H0f/fRb7n3sPfWCpvPKund06K9Yu3E+SZcj1eO8PjSNt/a+6rRfRccnhDDRqR+ee+GqcM7/3HZn0Xmo+cg0/8xINsx858Kf/92b/3b1b9ULTsl5vrlBj/d2nm+0erY9tf4aSo/HzGnav4Pp2XQwGe3YrvXfeWzgnmP/8qeN9i1ZEm6d2rt39/r6z6VpS5cm53VsV7Y07tea2s9ySLslNIZph/FaNRDq7cueP2P1Rq8OtT43mqzquF9Z8bmjm+5ZW978zWN5PZ08UN/icFhWXyavy6m5PfPCcqNRnbZ/ur7/isbH+Lv+9mvv/9rfX942Pi6t/yzaryRnv77y5Oc//blP/Ye/799+veu3j4/9/H/98dp6wSk4r4QFnVfK9YY0Wp22J2k+r1waQtH7b03ovB+5779S5/0pev9ltzNbv3O8icz6aCj39H699OGRZ69+7K4Lc9+vJ+Z6vzbv7G0trysXvF9Pl8+l7PsrqbS2Y/HeXy0DJdkw862PnXXw0ds3nlsvKPq8bNTuNK4v6yL/yNmvf7z2B+M3T/z7/9G/88YXf/Or1/1wasOf1Qt6P+6xLf057kNp/w7l9G+j1THvbO7fN9148/Yt9fKifn75rn/TZUH+E08le/Yf+PDU9u3Tu/d0t1/dfp7G7WR7udfP03h2W1WwX6W2/Vq8B930V7fvt9j+LT33V+v7bTQkPX0uHPjuyqUf/NKhfWNtr0o3dH0pjV/qKf6Prz7+3LWHPvuZ3PifjPErPcWfevrxj685+4bDufHvS9L4Q8Xxl4e2+BuOHB9cdvLhR3LjT8b2D/fU/qfe9s6ffOHJB5/JjR9i/NHe+v/5w1f+YHz8Z7nxn0jS7VSvkUL46ouXba2vJ2GgKU2otmOgpV0hu55k1kuZ9XLzeinOIqQbKCdJa3msl5Zf0JqytPmjnPJ4FTa0ur58Ka6H7IO5y083paZzf6fyoutUAIBXuvj9f7wGjd//T6cXSvkzDTBroXnY6py4MQ+bnc9p/Y51dRo/vj7OA46/KUxWl3dM1C/05/s9Qnw/ZOc543Yufn1rjI7zE0eaN1Lbfts8Z9H8+4WZ9diu+nx5pSkPTbXnNZXQxfx7+3bmnn/P7H7x91kTH2tr1kTTvFX2+A2kM2ad7nfItLdSjZA3PrLzYvF+jvHlYWNte12Oj+x9NPE4ZO+jids5N3Pi7PU+mrzxMdbeDy3tiuMj1ptjfNSaXPx9ZPvxC3P07+zx6xwte/wG0hZ2cbyHqvVHF/n72T7MG3Y8pZ26ecPF/T7stJiX7BD/FM9LLm2Ln77BTvd5w1ge+6nS5Xzi+3PK+zWfGE8XsV0n5mjLqWA+EXilivl//Iyo5v/VC/D/l6lXlKdkrxpjvNz7hHJuwi7KO7JX56NhpKfP8c1Hdn1icPzkxbnXOY90e5/erpa1kYL7for6cW1mvbAfcyZoivK97HaK+j17X8ZoWNZTv3/+4L1vvX/F3Vfl9vvG+gdpcb9/umVtWUG/nwH5Quf48oVXUr7QHn+h9zH8l5mu5s/y85Fyox2Lko+kNz4tVj7yhznl881HRtoeNPar5vTNR2Y/SFvykYFT2y4A4MwR8//G92dp/v/P8cIivY4oylsvyazHeLl5a871SV7e+gfp8tZM/dH0X1TM97r53Rc9dOfSkw+en5u33NdtHvqfWtbGCvPQheXNuXnExv7cL56bRzTyrIXlibntb+SJC8vTc76mbcrTF5ZH5/ZPI49unQf49PHZTGOu+HEeIDd+Yx6gj3nur2Yrnbo8t2C+LrOxuNrtfN1i34eSzaOrJQPLW/ezNS8e6U8enf7z2cXKo9+XUz7fPHq07UFjv2pO3zy6tVweDQC8UsX8P17G1fL/wRAeixWG44OFfc+emxf06bo9+/tAGvGfWJS8cjZ+n77/Lc77FjtvXey8frHnJc70738Xe15orPYLPBdrnuxlu991UfLif2486jovTjcqLwYA4HQW8/+Y5sfv/x/L1FtoftKWvw3ULyFn85MzLz9vrncG5+fXhFOVnw+eyfn5mT7/tbj3ybyy8v9ZPX4v/tLMGZn/f/lI3jPN+X+tzfJ/AIAzUsz/4z97jL//77+m69nfW99lnn5f9nZe36P7Hj3I07vI0/s8zxbjN98HcAbPA5QXPg8wfMrvjx+erX9mzAPM9z4AkwEAAKe7gbNW1HL77L+z/0C6zP47+7x/l39tTv1uVdLL4xv27p6evm7fri1Te6ev23nzluk9192ye9vevdONa+eF5Y25eUuaNw6EStofnetl87YV6e9DWFH/fQhtr8rWjxXOqz1o/30I2QDDBb9HYKCW6Xbf3rzjV5qjfqfxkXe88+L/UU79qHH8b/zjS6/buue6bTu37d02tX3bgenWemO1f0nd/d/NjN9TzuvvpWZ+tCnN/+93xsOzsHaU2toxkPZH3t9nTzLtWJm2ZGXe3z/Iafe3//tf/MlFM7/8QgiTrym/bkH9l2yY+c/XTP/B3mPf31Vtf2nO9jdqpu0q+nul2fpxfyrbb96z9w1bb963M/sXJXsT5zNKjfVFuq8hffuXu5yf2JxTXjA/cXs2aLntwemp6/kJAABaxO//4/Vs/P7wU+kFVCwvzNN31ust9Pvj3Dx9srs8Pft3yTJ5emH9uL/d5ulDC8zTs9svytM71e+Up+fl3Xnx/zCn/nx1P056uM+jkvbDlw7tyx0n13c3TrJ/z6BonGTrz3ecJAscJ9ntF42TTvU7jZO8454X/7059fMUjYdKYzws7L6c3PHwye7Gw29k1ovGQ7b+fMdDaYHjIbv9ovHQqX6n8ZB3fNvjt04Q9Gf+tzowauNi+rpbbt794aZ6i/33L0L7LRndtG/J7GsX9+9/9Kr7/l3c+74W3v4QNtRK8tofvx9YMq/2d3tf2cLbX9T/87ivbHlou68st/1PLGwmrPv2z+u+xDvic93+fZeMvOrtrz9V87XpsCu6/6xoHndTTvl8fw/rkrYHpyfzuPDyifl/vJqL+f/d6bLfXwOd+X8nrYf77+M52N8xy+//Lq9jXnWf59mv3H2eAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwiDFZW15bH7tpz8j3n/t63/3z6xdt//x923PHrH/niTydu/J1vPTDyuZeObrlg6w9/96wbH/rQVUfu/ZtHX1j2tV89XRh4rPazckm6OhRC8mwSwtA3TvzlR49+55xqWRJCKCdjB0NYmax6dGWSiTD5ixDClkY7W5/86ouXba0u77h7sKV8RSZIdr/CaDm2p7mdIdxauEecgYbScXbg5C1vCD96x6Y7v7fmK18eOPzMwdkqyVDTeAph+fXNrx8IIQyn/1fF0bY6vjhdbgwhjDS97s0F7Xp9l+1fl7N+Xrpcki5HC+LE5y/MrJcy9bLr0UBm2bSvwwWb7kleO3qtV2RpZj17MlqovHbG8pXp8uvp8pK5gnXo8XL8PwmlJFQazd+ezI6R0HTckpDUjuVQY73UOLYh3f/MepJZL2XWywOZ/aptNx1o5SRpLY/1MuXxdFxJyy9oPld38L6c8temy6H0jfpSXA/ZB3WjbQ8a+1UT23Vijrak/mPn4krxK7tQajoHdSpvHPj0YIymZaPJqrbXzHQQnzu66Z615c3fPDaW047kgSSNn/QU/8B3Vy794JcO7VudF//6Uhq/1FP8H199/LlrD332M7nxPxnjl3uKf+nDI89e/dhdF+b2z4nYP5We4k89/fjH15x9w+Hc9t8X4w/1FH/DkeODy04+/Ehu+ydj/wz3FP+pt73zJ1948sFncuOHGH+kp/ibj+z6xOD4yYtz4z8S+2e0t/Hz/OErfzA+/rOJvPhPxPjLeor/+YP3vvX+FXdflXt8N8b+Gesp/rsveujOpScfPD/v3Jnc169PToBXp7PSa6yPpeu95pkL1ZQv/PVEpX7NtzT9f1k/N5RR3c7yRYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAr0z/ddvkHrnn7ezdVkhCSWslMkq0z00F8rrxkw4aJHrY79fTjH19z9g2Hm8tW97YLAAAAQIGYh5caJUNhdbglGQ7ndawfJwfOi2tJa3l28iDGyc4R9Bqn1CFOqYc45T61p9KnOAN9irOkT3EG+xRnqCBO9fk3dhFneI44leoI6LI9I3O2p/s4o32Ks7RPcZZlQvQaZ3mf2rOiT3HG5ozT/Thc2ac4q/oU56w+xTl74XFqb/XX9Kk9v9anOOf0KU52Tnm+43BZWvPcvDi1B+XCOJWk3Hii03z6Oel2zl/gdkYLtrOs6PO4y+0Md7md12deV5rndoa63M7lC9xO0uV2fmOB2ykVbCeO21uz7YvbiWtdjv/9fYpzoE9xPtKnOLf1Kc6f9inOn/Upzu2h9eJ0vnEAuhXz/9l8bywMVn4rjKRnnOwsQMx319R+tn/e5Z2QYrzXZcqXFMXLJuqZeGvm277sBEJrvLZnB1riVRr5yBzxhprbtzbz5Fz7+7YNndvWHO+STPngHPFadgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAToF/uu3yD1zz9vduCkmo/tfRTAfxufKSDRsmWqsPdbPdo5vuWVve/M1jzWWDlZ52AQAAACgQ8/CBRslQGKysD4PJkpZ6Q+k8QEzuy2P15fjysLG6TCZKtfWRZOWcr6ukr1u3d8eudXv2H3jjth1TN03fNL3zLesvX3/l5BVXXrFu67bt05P1nyEMdoxXbi6qTT/s2X/gw1Pbt0/v3lMvzLZ/ddqO1el6kr5u/E1hsrq8I23/qoL2l9q2t384PjjQ5wdFxw4AAAAAAAAAAIB/Zdd+QySt6wCAf5+Z2Zlx9XLDf+PhncN5ipWVXmtoiftAkOGfw0WIWWuTI0+SVu/QOzGb9CA1pQiUg+PCF12YpElv/JMS+YcDwyyhvY5QKV/Ui0LLUPFFKBO7O8/82xlnm+z2tM/nxTzPfH/f3+/7+z0cB99nFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQ22+Pjlbm5qeGU8ikgE5jT6ysXwxTasj1P3y49u/X1r/1umdsVJhhIUAAACAobI+fKwVKUepkI98nLj4bUN0DES77wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7/zNcnZ2tT0zNHJhHJgJxGH9lYvpim1RHqvvzGg59+Yf36v3bGKiOsAwAAAAyX9eG5VqQclTglxpITFzr/VjR7N7C2Z/5SXlu2zroV5vW+OxiUd8oK805bYd5HhuRtbl5vDAAAAHj/y/r/QisyEaXCmmX9cNb/D+vrs7yTe/LyzWu1M+ldFVeSBAAAAKxA1v+XWpFKlAqVVr++0n5/Qzu0+NN5Nn/Y7/bZ/FN78rL5w37Pv6R59Ts9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx/zNcnZ2tT0zP5JCIZkNPoIxvLF9O0OkLdTU+M//2i/bdt6IyVCiMsBAAAAAyV9eHt1rscpcJ4jMWRi33/+gvuefiLDz86GRFLbX6xGDdu2bHjuk0Ln7Epyzvruf1j33vm1W8tyztr6XPVDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALxn5uuTs7Wp6ZkjkohkQE6jj2wsX0zT6gh1X/rs5/98/8HHXumMVUZYBwAAABgu68PbvX85KlGMYhy/+K2z11+Q65k/6J0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MFx/Tdu+vqWubmt17lZnZtGPuIw2MZ/eZP9c1rFbRSbWzgMnsZ7cVNe7W2s3v9JAADA/8bJkUTjP3TCpau9awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HAwX5+crU1Nz5STiGRATiNTageysXwxTasj1E0ff7605q0nnuqMVUZYBwAAABgu68PbvX85KjEWY3Hc4rd+7wQaC/3/xCHcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBYma9PztampmfWJBHJgJxGH9lYvpim1RHq3rdr72fuPfq7F3bGSoURFgIAAACGyvrwYitSjlLho1GKk5rf57onJPnmtf97gfa87V3Txlc8r941L/9u85JCRGveHT0nKzRPszSvnK03sXRt1au25+Wa86od8yrRKl9tzVt8WLu7qq0Zcr7lTx4AAAAOnaz/L7UiE1EqlDr6/580r0c0r4P63Nyh3TgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcNiZr0/O1qamZ5IkIhmQ0+gjG8sX07Q6Qt2bfvPho77y0zt3dsYqI6wDAAAADJf14e3evxyVWBcfinWLfX9MdOdnef+ovX3v3f/8y+kRZx5/YP0Xepf9YXbzq5fOf7L3IyLXnZ2LOLpZLxlQ79e/u/uGjY23748487j8SYWB5+lfr3vJtPFIbeslO545sH3IwwEAAIAPiKz/H2tFJqJUuHZg/5913t39/5B+/Ogbdv382OZnsyPvmZGbaNbLDaj3uY0P/unUc/726kL/v7zex1t3n9x7zb3HdhVcivRI0sbUNTs3Hzh7Xy479VL9fE/97Ll86Zuv/OuqG+96e6l+OcrN+NqerSxV6/y8uc9TSSJtzOX2zFz8zp56d/3CgPPf9tunDv5y7Z1vLtR/4+TxVv3Tol/9pZMXOnbR44i0MX7Z7bvP3bt/c3f9iKj2q//amxfGCX+4+tbe84/Hwa6FO59852fvA0gbz214fd8591TO666f9NTPnv/PDt63+8d3fefRrH72tyKnnxIrrJ/rqf/sHcfsevqWS9d2188NOP+Tl7+wflv127/vPf+VXasWBu5i+fkfOOOhK17ckvb75wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPABMl+fnK1NTc/kkohkQE6jj2wsX0zT6gh1X77o+dcuv/NHP+iMVUZYBwAAABgu68PbvX85KlGMYowv9v2P1LZesuOZA9tjYmk0aV4Lc9uu3/Gxq7btvPbKVdo5AAAAsFIvX5Qs9v+FVmQiSoWNMdbs/6eu2bn5wNn7cln/n1u4JhFx1dVzW8+MVt6zdxyz6+lbLl3bek8QsfhnAeWFvE+18y44//mJ1//4tVP75m1q5z234fV959xTOS/Li868s6L1fuKBMx664sUt6c2t/XXmfeKr2+aaryeydccvu333uXv3b85l7zGa1/HmulneXG7PzMXv7KnnJqK0MJ5v5pWb5wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlpuvT87WpqZnIh+RDMhpdGoGsrF8MU2rI9S9eOMvbj3qrcfWdcZKhREWAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s0OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9usnNI4qjgP4e7uJ2WSTNmkFo2KaVkWphxYFEb2oqEgrUvBUKVJt7UEUBBGlHkylFUtVvAhWL0VUUKMUKthYLK2Siv+KFw8qKFQPQikGNEvxoJLNm81mspPEjT1YPh9Y3r43M9/5zczbt7sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC/0tUxWG9P7Hmsdvclt3/xzIOTT9/50SO7rnrqnV+Gt936+cGeN8+Ob1+94/vbVm478tCGsf2vHf+j74O/Ti0Y/OR0szZ1KyHEMzGEyscTLz87/uVFU2MxhFCO/SMhDMQVxwdiLmH9nyGE7Y06Z288NHndjql2176uWePLcyH56wrVclbPtP7Z9XJ+qaR5trP2xDXhx1s27/561fvvdY6eHpnZJU7tU07zKYRlW5uP7wwhdKfXlGy2DWYHp3ZTCKGn6bgbFqjr8kXWvy6EWq5fd2lqL0htdYGcbPuaXL+U2y/fz3Tm2p75T7NkRXUsuF93e+frzfXzi9FSNepc13p8ILUfpnbtv8wvZ68YSjF0NMp/OM7MkdD03GKI9WdZafRLjWcb0vXn+jHXL+X65c7cddXPm2ZEOcbZ49l+ufFsOe5I46ub1+oW7ikYvzi1lfRBPZv1Q/7NtOqcN43rqsvqmsidp2Oe2s6FUtMa1Gq88eDTw6imsWpcMeeYv1vIto1vfv7K8pZPTvQX1BEPxpQf28rf+dVA733v7n18sCh/aynll9rK/2njyd/u3fv6q4X5L2X55bbyrz3ac2bjp3vWFN6fiZkVZDH5MfWzbfef+uyFVRc+MNrqWdczD2T3v9JW/TePnezqqx09Vlj/+uz+dLeV/8NNd/z89reHTxfmhyy/p638LWOPvtg1VLu6MP/Y9EehWp+hbcyf30ev/25o6Nfhovxvsvvf1yI/zpdf/2nw1sj+G99Yvm9D4fzclN2f/pQ/94ttvvrvuuLI7t7a4cuK1s54YLHfsAC0sjL9xnou9Rf6n3lostTyf+ZSNf1feGW4Y/obqDe9+v7LE+VMnWfZOcwHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiHHTggAQAAABD0/3U7AgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqQAAAP//e/AHqQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

1m55.634397502s ago: executing program 4 (id=1057):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r0}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1m39.973924351s ago: executing program 34 (id=1057):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r0}, 0x10)
io_setup(0x3, &(0x7f0000000340))

1m30.701945164s ago: executing program 1 (id=1096):
r0 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x5, 0x0)
mq_timedreceive(r0, &(0x7f00000003c0)=""/169, 0xa9, 0x200000000a9b, 0x0)

1m27.832149311s ago: executing program 1 (id=1099):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv6_newnexthop={0x24, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x2}, @NHA_BLACKHOLE={0x4}]}, 0x24}}, 0x0)

1m26.068527213s ago: executing program 1 (id=1102):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in6=@loopback, 0x4e23, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2f, 0x0, 0xee01}, {0xfffffffffffffeff, 0x0, 0xfffffffffffffffc, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x4d2, 0x32}, 0x2, @in6=@local, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x1, 0x0)
close(r0)

1m24.870986693s ago: executing program 1 (id=1105):
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$addseals(r0, 0x409, 0x2)
r1 = openat$udambuf(0xffffff9c, &(0x7f0000000080), 0x2)
ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000040)={r0, 0x1, 0x0, 0x100000})

1m22.7271378s ago: executing program 1 (id=1108):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x242, 0x18e)
lsetxattr$security_capability(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080), &(0x7f0000000000)=@v3={0x3000000, [{0x7fffffff, 0xabda}, {0x3, 0x2}], 0xee00}, 0x18, 0x1)
ftruncate(r0, 0x2)

1m21.206501647s ago: executing program 1 (id=1114):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f0000000080)={[{@uid={'uid', 0x3d, 0xee01}}, {@barrier}, {@nls={'nls', 0x3d, 'iso8859-15'}}, {@uid}, {@part={'part', 0x3d, 0x7}}, {@part={'part', 0x3d, 0x2}}]}, 0x20, 0x6fe, &(0x7f0000000c00)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=")
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000100)='./file1\x00', 0x94000084)
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB='osx.:'], 0x0, 0x0, 0x0)

1m5.15263329s ago: executing program 35 (id=1114):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f0000000080)={[{@uid={'uid', 0x3d, 0xee01}}, {@barrier}, {@nls={'nls', 0x3d, 'iso8859-15'}}, {@uid}, {@part={'part', 0x3d, 0x7}}, {@part={'part', 0x3d, 0x2}}]}, 0x20, 0x6fe, &(0x7f0000000c00)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=")
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000100)='./file1\x00', 0x94000084)
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB='osx.:'], 0x0, 0x0, 0x0)

11.077306097s ago: executing program 0 (id=1225):
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00c6fc5538750e0614d9"], 0x1, 0x8a, &(0x7f0000000180)="$eJzszqENAkEUBNDhDKhrAEEH1wOlECQ4FISEimiFEugAgcUcYsGsxCy5vJf8n0zGzO11XaZPxksyVg7H026zLz9MUpdknmSRZNWX/FiXbvbp78/z9nut9wIAAL/rMtR5aDYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4A+9AwAA///rYCNS")
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
fsync(r0)

10.068087081s ago: executing program 0 (id=1227):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x7)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0xfffffffc, 0x0, 'syz0\x00'}, 0x6, 0x20000000, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
readv(r0, &(0x7f0000000680)=[{&(0x7f0000001140)=""/4096, 0x1000}, {0x0}], 0x2)

9.096220006s ago: executing program 0 (id=1228):
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x5, 0x9fd, 0x85, 0x41}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)="18c44975a308f7bc8870750e", &(0x7f0000000180), 0x3dbc4689, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r0}, 0x38)

7.689404744s ago: executing program 6 (id=1230):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000104000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
close(0x3)

6.921213771s ago: executing program 6 (id=1232):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x5875, @mcast1, 0x3}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f00000005c0)='net/udplite6\x00')
preadv(r1, &(0x7f0000000540)=[{&(0x7f0000000200)=""/161, 0xa1}], 0x1, 0xa3, 0x7)

5.9612411s ago: executing program 6 (id=1234):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, &(0x7f0000000000)={0x80, 0x0, 0x4})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x20)

5.468195265s ago: executing program 3 (id=1235):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000700)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x4374, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x9a6d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffff]}, 0x45c)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0x5501, 0x0)
writev(r0, &(0x7f0000000e00)=[{&(0x7f0000000100)="f723b2adb713f7328abf32cdbd250819ed16572fba8f84f2", 0x18}, {0x0, 0x18}], 0x2)

4.905248935s ago: executing program 6 (id=1236):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000002f3144e8edffffff03000600ff18"], 0x80}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001280)={0x24, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])

4.333307778s ago: executing program 3 (id=1237):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
brk(0x200000001000)

3.560922748s ago: executing program 3 (id=1238):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4b564d00, 0x0, 0x1}]})

3.391380805s ago: executing program 0 (id=1239):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="00dab9ef0f812cef41d3cf9c8b7ff5124d6df16a47a96a22c0e21bd704acf07fbfc5993ca7175a983af6232955a984a377cade2dfd19d9d669cc165c39c07b811c740102acfa1ae7df9fcb074ab864eb1a6c917b5676e2b47fa6c79dd882264b691c890b0b4efd9a7639a6435baba8324b21b0f06e6ba64955f2a1084e52acc0f27c5ab037853682085f84dfa17afcfec6336d70bd652932611d6c3188424256089124f95dce7e2a71e63197c4bef6f5d4b807239fcfc183d00ae4c92ae0cfc3b8336397cb019a5f11", @ANYRES16, @ANYRES16, @ANYRES8, @ANYRES64], 0x5, 0x483, &(0x7f0000000580)="$eJzs201vG0Ucx/HfbGJ34xZwn9yCKmEJiaIiSuy0pE8ghZa0SH2gbYJAKEEhcYLVxInitGoqaCtx6BEoEgiJAxx6QagKElzgwAFuvAMu3HrggjlxAqHdzHrXjtuk+CFx8v1IiSe7/92dnZmdnc2OBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApJdf6evOmNXOBQAAaKWzFy90Z7n/AwCwoQzw/A8AALCRGDn6REY/floyZ/y/F7mn84XLVwdP9NferMv4W3b48d6Pm8n2HDj4Qu+h4PPB2zfa4zp3caAvfXx6amY2VyzmxtKDhfzo9FhuxXuod/tq+/wCSE9dujw2Pl5MZ/f3VKy+mry3aXMqebQ3dezpIHbwRH//xUhMZ+x/H32J+43w43J0S0alj++as5Ic1V8Wy7SdZuvyT2KffxKDJ/r9E5nMjxTmvJUmKAinskziQRm1oC7qskPy8mXijXlmi8lRUUY7UyVzTlJHUA7P+v8YXn4HTkOy8dC8fA5JSqsN6mwN2yRHB2V0+3BSr3llFtR/p/T+amcOTdcpR3dltPelkjnv9wfe9eR1m6dfT79aGJ+OxBpjr6h2vz+00hrvm1w5Outf8SVzYbUzg5bzBktDMjowcMUfV8gflz52tPfkqYHoCGPXMvvxYvfb9EruybHI0MGs0hgCAAAAAAAAWO9c42hYRp9/6/p/p+07IGwQxtHzMvrrVMl/NR6dl9ARmd9R1u7vfpqb/y73+PTM/Gx+4t25musTbt87xbnZkdHaq9XlXXwV/w5fbh5DnWLG0SEZ3fh3ITxu0nhp2w2EB7pzLMyba6rW+u3m0cX5LME7hCP9u6Lpmll+iPdjSXtc+iegMYxx1Cej8R9227kfCS3pg2zcdzL688s9Ns6Je0HBZZr0f7vj+clctxf7s4y++ieI9aeZabON3R7GZrxYR0YfnamM3WJjd4SxWS/2pIx+Ga4duzOM7fFiP5DRzB/pIDbhxT5pY1Nh7P7R6cmxphXwGuf1/9dltO3FtAnq0paX7WY7yrF33gv7+5vVO7pPn19v/5+MLLtp2+E9r70O7/bbnt9endrt9ZaMvvl+j41bbCtxu36r/ztsr2/IaOLXytiEjd0WxmZWXLBtwqv/t2WULSyUy8bWv62ByP0/Uv9PVLeOJtX/1siypD3upsacOiQV569dGpmczM2SIEGCRDmx2j0TWsG7/38mozfP/1Ye79j7vx1Wh+O/v6+H9/8j1Ttq0v1/W2TZETsaiXVK7tzUTCwlucX5a8/lp0YmchO5Qk82c7j78IHeTCwejO3CVN1FtS7F7LPalQ+/Lj+fVY7/ao//E9U7alL9b48sS1SMV+o+ddj6/11Gb/20UH6OftD4P3jOeuapxc/y9dmk+t8RWZa0x32kMacOAAAAAAAAAAAAAAAAAG0tZhzdlpE71GmC70atZP7fki9MNWn+VyqybKxF31eou1ABoA04cvSFjPaqZG54C7ZIZ6KfWNf+CwAA//8n8SDK")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r0, 0xd, 0x1)
getdents64(r0, 0x0, 0x4f)

2.242289568s ago: executing program 3 (id=1240):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x2c, r0, 0x121, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40)

2.001780861s ago: executing program 0 (id=1241):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x7}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

1.434108914s ago: executing program 3 (id=1242):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0x4)

1.217179573s ago: executing program 0 (id=1243):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x400000000000000, 0x0, 0x0)

1.015467407s ago: executing program 6 (id=1244):
r0 = openat$vmci(0xffffff9c, &(0x7f0000001180), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f00000010c0)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0xffffffff, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x1, 0x400})

452.54478ms ago: executing program 3 (id=1245):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000100)="04")

0s ago: executing program 6 (id=1246):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'rti800\x00', [0x4f27, 0x5, 0x3, 0x1, 0x6, 0x40, 0xf, 0x77e, 0xa, 0xe8aa, 0x68000000, 0x77b, 0x5, 0x1, 0x6, 0x101, 0x0, 0x1a44b, 0x0, 0x400c0003, 0x99, 0x7, 0x80000001, 0x6, 0x7, 0xe6d, 0x103e, 0x8, 0x9a1a, 0x0, 0xfffffff8]})
r1 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_INSN(r1, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92, 0x0, 0x0, 0x80000000})

kernel console output (not intermixed with test programs):

 dev="loop5" ino=1048612 res=0 errno=0
[  328.040678][ T7065] loop1: detected capacity change from 0 to 32768
[  328.300332][ T7065] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  328.300505][ T7065]   allowing incompatible features above 0.0: (unknown version)
[  328.300599][ T7065]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  328.353745][ T7065] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  328.362244][ T7065] bcachefs (loop1): initializing new filesystem
[  328.383449][ T7065] bcachefs (loop1): going read-write
[  328.442632][ T7086] netlink: 'syz.0.374': attribute type 7 has an invalid length.
[  328.473543][ T7065] bcachefs (loop1): marking superblocks
[  328.527453][ T7065] bcachefs (loop1): initializing freespace
[  328.562293][ T7065] bcachefs (loop1): done initializing freespace
[  328.583655][ T7065] bcachefs (loop1): reading snapshots table
[  328.589981][ T7065] bcachefs (loop1): reading snapshots done
[  328.745046][ T7065] bcachefs (loop1): done starting filesystem
[  329.070399][ T7065] syz.1.369 (7065) used greatest stack depth: 1200 bytes left
[  329.159815][ T5815] bcachefs (loop1): shutting down
[  329.166670][ T5815] bcachefs (loop1): going read-only
[  329.173051][ T5815] bcachefs (loop1): finished waiting for writes to stop
[  329.263393][ T5815] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  329.546967][ T7099] loop5: detected capacity change from 0 to 512
[  329.732064][ T5815] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  329.783163][ T7099] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  329.826986][ T5815] bcachefs (loop1): clean shutdown complete, journal seq 4
[  329.914217][ T5815] bcachefs (loop1): marking filesystem clean
[  330.027320][ T7099] EXT4-fs (loop5): 1 truncate cleaned up
[  330.035990][ T7099] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.398887][ T7100] loop4: detected capacity change from 0 to 32768
[  330.418743][ T5815] bcachefs (loop1): shutdown complete
[  330.430152][ T7100] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.379 (7100)
[  330.459471][ T7100] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  330.470246][ T7100] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  330.483445][ T7100] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  331.261534][ T7100] BTRFS info (device loop4): rebuilding free space tree
[  331.318742][ T7104] loop3: detected capacity change from 0 to 32768
[  331.321915][ T7100] BTRFS info (device loop4): disabling free space tree
[  331.332974][ T7100] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  331.342987][ T7100] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  331.375546][ T7104] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.380 (7104)
[  331.415542][ T7104] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  331.427678][ T7104] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  331.440155][ T7100] BTRFS info (device loop4): allowing degraded mounts
[  331.447463][ T7100] BTRFS info (device loop4): enabling ssd optimizations
[  331.454745][ T7100] BTRFS info (device loop4): enabling disk space caching
[  331.462085][ T7100] BTRFS info (device loop4): force clearing of disk cache
[  331.469432][ T7100] BTRFS info (device loop4): max_inline set to 0
[  331.554773][ T7104] BTRFS info (device loop3): rebuilding free space tree
[  331.599024][ T7104] BTRFS info (device loop3): setting nodatasum
[  331.611150][ T7104] BTRFS info (device loop3): enabling ssd optimizations
[  331.618332][ T7104] BTRFS info (device loop3): enabling free space tree
[  331.625597][ T7104] BTRFS info (device loop3): force clearing of disk cache
[  331.633060][ T7104] BTRFS info (device loop3): enabling auto defrag
[  331.639797][ T7104] BTRFS info (device loop3): max_inline set to 0
[  331.653626][ T7104] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  332.053083][ T5816] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  332.933459][ T6243] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.331623][ T5864] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  334.158671][ T7147] loop5: detected capacity change from 0 to 32768
[  334.197142][ T7147] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.384 (7147)
[  334.276959][ T7147] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  334.287805][ T7147] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  334.337547][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.349025][ T5864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.359283][ T5864] usb 4-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  334.368733][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.631908][ T5864] usb 4-1: config 0 descriptor??
[  334.649781][ T7147] BTRFS info (device loop5): enabling ssd optimizations
[  334.657272][ T7147] BTRFS info (device loop5): enabling free space tree
[  334.818683][ T7147] BTRFS info (device loop5): setting incompat feature flag for DEFAULT_SUBVOL (0x2)
[  335.197192][ T6243] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  335.267112][ T5864] playstation 0003:054C:0BA0.0003: unknown main item tag 0x0
[  335.333453][ T5864] playstation 0003:054C:0BA0.0003: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.3-1/input0
[  335.469757][ T5864] playstation 0003:054C:0BA0.0003: Invalid reportID received, expected 18 got 251
[  335.480702][ T5864] playstation 0003:054C:0BA0.0003: Failed to retrieve DualShock4 pairing info: -22
[  335.490690][ T5864] playstation 0003:054C:0BA0.0003: Failed to get MAC address from DualShock4
[  335.507230][ T5864] playstation 0003:054C:0BA0.0003: Failed to create dualshock4.
[  335.612094][ T5864] playstation 0003:054C:0BA0.0003: probe with driver playstation failed with error -22
[  335.742177][ T5864] usb 4-1: USB disconnect, device number 7
[  336.478269][ T7171] fido_id[7171]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  337.293934][ T7179] Zero length message leads to an empty skb
[  337.668476][ T7177] loop4: detected capacity change from 0 to 32768
[  337.678561][ T7177] BTRFS warning: excessive commit interval 2147483647, use with care
[  337.700340][ T7177] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.391 (7177)
[  337.735213][ T7177] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  337.745888][ T7177] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  337.760623][ T7177] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  338.708702][ T7177] BTRFS info (device loop4): rebuilding free space tree
[  338.739689][ T7177] BTRFS info (device loop4): disabling free space tree
[  338.747236][ T7177] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  338.757737][ T7177] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  338.824458][ T7177] BTRFS info (device loop4): enabling ssd optimizations
[  338.831953][ T7177] BTRFS info (device loop4): turning off barriers
[  338.838586][ T7177] BTRFS info (device loop4): turning on flush-on-commit
[  338.846276][ T7177] BTRFS info (device loop4): enabling disk space caching
[  338.853660][ T7177] BTRFS info (device loop4): force clearing of disk cache
[  338.861091][ T7177] BTRFS info (device loop4): doing ref verification
[  338.867893][ T7177] BTRFS info (device loop4): force zlib compression, level 3
[  338.875777][ T7177] BTRFS info (device loop4): max_inline set to 0
[  338.899734][ T7177] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  339.837112][ T7205] sctp: failed to load transform for md5: -2
[  342.401181][ T7250] binder: 7249:7250 ioctl c018620c 200000000000 returned -22
[  342.679150][ T5864] IPVS: starting estimator thread 0...
[  342.735042][ T7254] IPVS: rr: SCTP 172.20.20.187:0 - no destination available
[  342.781978][ T7256] IPVS: using max 240 ests per chain, 12000 per kthread
[  344.692606][ T7273] loop3: detected capacity change from 0 to 32768
[  345.003516][ T7273] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc
[  345.003660][ T7273]   allowing incompatible features above 0.0: (unknown version)
[  345.003754][ T7273]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  345.049822][ T7273] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  345.059078][ T7273] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  345.068041][ T7273] bcachefs (loop3): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete
[  345.068041][ T7273] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive
[  345.068041][ T7273]   running recovery passes: check_extents_to_backpointers,check_inodes
[  345.099248][ T7273] bcachefs (loop3): dropping and reconstructing all alloc info
[  345.099315][ T7276] loop0: detected capacity change from 0 to 32768
[  345.163932][ T7273] bcachefs (loop3): invalid bkey in btree_node btree=inodes level=0: u64s 18 type inode_v3 0:4098:U32_MAX len 0 ver 0: 
[  345.164052][ T7273]     mode=0
[  345.164114][ T7273]     flags=(15300000)
[  345.164180][ T7273]     journal_seq=4
[  345.164245][ T7273]     hash_seed=ece93825deac2443
[  345.164314][ T7273]     hash_type=siphash
[  345.164379][ T7273]     bi_size=0
[  345.164442][ T7273]     bi_sectors=0
[  345.164506][ T7273]     bi_version=0
[  345.164570][ T7273]     bi_atime=2770562249
[  345.164638][ T7273]     bi_ctime=2780562352
[  345.164705][ T7273]     bi_mtime=2780562352
[  345.164771][ T7273]     bi_otime=2770562249
[  345.164835][ T7273]     bi_uid=0
[  345.164897][ T7273]     bi_gid=0
[  345.164958][ T7273]     bi_nlink=0
[  345.165032][ T7273]     bi_generation=0
[  345.165098][ T7273]     bi_dev=0
[  345.165159][ T7273]     bi_data_checksum=0
[  345.165225][ T7273]     bi_compression=0
[  345.165290][ T7273]     bi_project=0
[  345.165355][ T7273]     bi_background_compression=0
[  345.165425][ T7273]     bi_data_replicas=0
[  345.165490][ T7273]     bi_promote_target=0
[  345.165555][ T7273]     bi_foreground_target=0
[  345.165624][ T7273]     bi_background_target=0
[  345.165692][ T7273]     bi_erasure_code=0
[  345.165761][ T7273]     bi_fields_set=0
[  345.165826][ T7273]     bi_dir=4096
[  345.165890][ T7273]     bi_dir_offset=189491840996961599
[  345.165959][ T7273]     bi_subvol=0
[  345.166029][ T7273]     bi_parent_subvol=0
[  345.166095][ T7273]     bi_nocow=0
[  345.166159][ T7273]     bi_depth=0
[  345.166224][ T7273]     bi_inodes_32bit=0
[  345.166288][ T7273]     bi_casefold=0
[  345.166357][ T7273]   invalid fields_start (got 18, min 6 max 13), deleting
[  345.402901][ T7273] bcachefs (loop3): accounting_read... done
[  345.411745][ T7273] bcachefs (loop3): alloc_read... done
[  345.419649][ T7273] bcachefs (loop3): snapshots_read... done
[  345.428722][ T7273] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[  345.444490][ T7273] bcachefs (loop3): done starting filesystem
[  345.507471][ T7276] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  345.616749][ T7273] bcachefs (loop3): dirent to missing inode:
[  345.616828][ T7273]   u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir
[  345.725439][ T5813] bcachefs (loop3): shutting down
[  345.857954][ T7289] loop5: detected capacity change from 0 to 512
[  345.864522][ T5810] ocfs2: Unmounting device (7,0) on (node local)
[  345.901794][ T5813] bcachefs (loop3): shutdown complete
[  346.080351][ T7289] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.093713][ T7289] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.545383][ T7298] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  346.617306][ T7300] loop1: detected capacity change from 0 to 128
[  346.768175][ T7300] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  346.831912][ T7300] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  346.884256][ T7298] overlayfs: failed index dir cleanup (-512)
[  346.890527][ T7298] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  347.323349][ T6243] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.406002][ T5815] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  347.590452][ T7305] loop0: detected capacity change from 0 to 64
[  348.534302][ T7311] loop0: detected capacity change from 0 to 512
[  348.580583][ T7311] EXT4-fs: Ignoring removed nobh option
[  348.693864][ T7308] loop5: detected capacity change from 0 to 4096
[  348.853306][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.433: corrupted inode contents
[  348.957991][ T7311] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #3: comm syz.0.433: mark_inode_dirty error
[  349.076924][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.433: corrupted inode contents
[  349.159654][ T7311] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.433: mark_inode_dirty error
[  349.263047][ T7308] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  349.282552][ T7311] Quota error (device loop0): write_blk: dquota write failed
[  349.290638][ T7311] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  349.301597][ T7311] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.433: Failed to acquire dquot type 0
[  350.222784][ T7315] loop4: detected capacity change from 0 to 32768
[  350.318300][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.433: corrupted inode contents
[  350.385006][ T7315] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  350.400005][ T7317] loop3: detected capacity change from 0 to 32768
[  350.411817][ T7317] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.428 (7317)
[  350.433609][ T7317] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  350.444214][ T7317] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  350.459642][ T7317] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  350.461712][ T7311] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.433: mark_inode_dirty error
[  350.514029][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.433: corrupted inode contents
[  350.662539][ T7311] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.433: mark_inode_dirty error
[  350.677886][ T7308] ntfs3(loop5): Failed to load $Extend (-22).
[  350.685886][ T7308] ntfs3(loop5): Failed to initialize $Extend.
[  350.734324][ T7317] BTRFS info (device loop3): rebuilding free space tree
[  350.779312][ T7317] BTRFS info (device loop3): disabling free space tree
[  350.786812][ T7317] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  350.797665][ T7317] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  350.806967][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.433: corrupted inode contents
[  350.867893][ T7317] BTRFS info (device loop3): enabling ssd optimizations
[  350.875474][ T7317] BTRFS info (device loop3): enabling disk space caching
[  350.882969][ T7317] BTRFS info (device loop3): force clearing of disk cache
[  350.890286][ T7317] BTRFS info (device loop3): enabling auto defrag
[  350.896953][ T7317] BTRFS info (device loop3): max_inline set to 0
[  351.022158][ T7311] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  351.072833][ T5813] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  351.092652][ T7311] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.433: corrupted inode contents
[  351.195754][ T7311] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.433: mark_inode_dirty error
[  351.251298][ T7311] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  351.341834][ T7311] EXT4-fs (loop0): 1 truncate cleaned up
[  351.349765][ T7311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.364151][ T7311] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.460169][ T7311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.594631][ T7315] XFS (loop4): Ending clean mount
[  351.606541][ T7315] XFS (loop4): Quotacheck needed: Please wait.
[  351.721360][ T7315] XFS (loop4): Quotacheck: Done.
[  351.847348][ T7344] loop1: detected capacity change from 0 to 512
[  351.983235][ T5816] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  352.077576][ T7344] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  352.565709][ T7344] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  352.573949][ T7344] FAT-fs (loop1): Filesystem has been set read-only
[  352.588341][ T7348] loop0: detected capacity change from 0 to 128
[  352.722628][ T7349] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  352.834347][ T7348] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  352.923940][ T7348] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  353.142978][ T7348] fscrypt (loop0, inode 12): Mutually exclusive encryption flags (0x17)
[  353.800575][ T5810] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  354.631789][   T42] kernel write not supported for file /sequencer (pid: 42 comm: kworker/1:1)
[  355.764743][ T7365] loop5: detected capacity change from 0 to 40427
[  355.847633][ T7365] F2FS-fs (loop5): Image doesn't support compression
[  355.858513][ T7365] F2FS-fs (loop5): invalid crc value
[  356.117079][ T7376] loop3: detected capacity change from 0 to 512
[  356.166350][ T7365] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  356.202043][ T7365] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  356.231801][ T7376] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  356.439876][ T7376] EXT4-fs (loop3): 1 truncate cleaned up
[  356.563109][ T7376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.908062][ T7376] fscrypt (loop3, inode 18): Direct key flag not allowed with different contents and filenames modes
[  357.810671][ T7391] mkiss: ax0: crc mode is auto.
[  357.863063][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  357.869718][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  358.023243][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.567142][ T7388] loop4: detected capacity change from 0 to 65536
[  358.816857][ T7388] XFS (loop4): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  359.246819][ T7388] XFS (loop4): Ending clean mount
[  359.286560][ T7388] XFS (loop4): Quotacheck needed: Please wait.
[  359.371216][ T5864] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  359.421447][ T7388] XFS (loop4): Quotacheck: Done.
[  359.574131][ T5816] XFS (loop4): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  359.659762][ T5864] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  359.675188][ T5864] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  359.735611][ T5864] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  359.745258][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  359.753671][ T5864] usb 4-1: SerialNumber: syz
[  359.864238][ T7410] netlink: 'syz.1.461': attribute type 15 has an invalid length.
[  359.887900][ T5819] Bluetooth: hci4: command 0x0406 tx timeout
[  360.123769][ T5864] usb 4-1: 0:2 : does not exist
[  360.128996][ T5864] usb 4-1: unit 255 not found!
[  360.331760][ T5864] usb 4-1: USB disconnect, device number 8
[  360.511638][ T7416] netlink: 12 bytes leftover after parsing attributes in process `syz.4.462'.
[  360.719096][ T6219] udevd[6219]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  361.265202][ T7423] netlink: 4 bytes leftover after parsing attributes in process `syz.4.468'.
[  362.229293][ T7438] loop4: detected capacity change from 0 to 128
[  362.263721][ T7438] ufs: Unknown parameter '0xffffffffffffffff'
[  362.375571][ T7438] openvswitch: netlink: Message has 843 unknown bytes.
[  362.383365][ T7438] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  364.097496][ T7447] loop0: detected capacity change from 0 to 4096
[  364.190360][ T7451] loop4: detected capacity change from 0 to 32768
[  364.207325][ T7447] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  364.211544][ T7451] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  364.211544][ T7451] clean (size 2912):
[  364.211544][ T7451] flags:          0
[  364.211544][ T7451] journal_seq:    10
[  364.211544][ T7451] usage: type=inodes v=8
[  364.211544][ T7451] usage: type=key_version v=0
[  364.211544][ T7451] usage: type=reserved v=0
[  364.211544][ T7451] usage: type=reserved v=0
[  364.211544][ T7451] usage: type=reserved v=0
[  364.211544][ T7451] usage: type=reserved v=0
[  364.211544][ T7451] data_usage: btree: 1/1 [0]=2816
[  364.211544][ T7451] data_usage: journal: 1/1 [0]=0
[  364.211544][ T7451] data_usage: user: 1/1 [0]=16
[  364.211544][ T7451] dev_usage: dev=0  
[  364.211544][ T7451]   free: buckets=83 sectors=0 fragmented=0
[  364.211544][ T7451]   sb: buckets=25 sectors=6152 fragmented=248
[  364.211544][ T7451]   journal: buckets=8 sectors=2048 fragmented=0
[  364.211544][ T7451]   btree: buckets=11 sectors=2816 fragmented=0
[  364.211544][ T7451]   user: buckets=1 sectors=16 fragmented=240
[  364.211544][ T7451]   cached: buckets=0 sectors=0 fragmented=0
[  364.211544][ T7451]   parity: buckets=0 sectors=0 fragmented=0
[  364.211544][ T7451]   stripe: buckets=0 sectors=0 fragmented=0
[  364.211544][ T7451]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  364.211544][ T7451]   need_discard: buckets=0 sectors=0 fragmented=0
[  364.211544][ T7451] clock: read=0
[  364.211544][ T7451] clock: write=1280
[  364.211544][ T7451] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6
[  364.217000][ T7451] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  364.850305][ T7457] loop1: detected capacity change from 0 to 512
[  364.881250][ T7457] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  365.011188][ T7457] EXT4-fs error (device loop1): xattr_find_entry:333: inode #15: comm syz.1.482: corrupted xattr entries
[  365.102076][ T7457] EXT4-fs (loop1): Remounting filesystem read-only
[  365.108958][ T7457] EXT4-fs (loop1): 1 truncate cleaned up
[  365.166885][ T7457] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  365.206611][   T30] audit: type=1800 audit(1755697051.035:7): pid=7447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.478" name="bus" dev="loop0" ino=33 res=0 errno=0
[  365.583959][ T7464] loop3: detected capacity change from 0 to 256
[  365.825390][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.266124][ T7470] loop1: detected capacity change from 0 to 512
[  366.481583][ T7470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.495230][ T7470] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.173253][ T7475] loop5: detected capacity change from 0 to 4096
[  367.389880][ T7486] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  367.436451][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.528714][ T7510] loop0: detected capacity change from 0 to 128
[  370.048599][ T7514] netlink: 8 bytes leftover after parsing attributes in process `syz.5.507'.
[  370.057903][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.507'.
[  370.137511][ T7516] loop3: detected capacity change from 0 to 256
[  370.224097][ T7516] exfat: Deprecated parameter 'namecase'
[  370.390338][ T7516] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  370.938843][ T7526] netdevsim netdevsim5: Direct firmware load for ..€ failed with error -2
[  370.948092][ T7526] netdevsim netdevsim5: Falling back to sysfs fallback for: ..€
[  371.519365][ T7532] loop3: detected capacity change from 0 to 512
[  371.692133][ T7532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.705428][ T7532] ext4 filesystem being mounted at /97/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.761311][ T7525] loop4: detected capacity change from 0 to 8192
[  372.143393][ T7539] loop0: detected capacity change from 0 to 4096
[  372.462878][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.500516][ T7544] tap0: tun_chr_ioctl cmd 2147767521
[  372.943231][ T7547] loop5: detected capacity change from 0 to 8
[  373.089715][ T7550] capability: warning: `syz.4.523' uses deprecated v2 capabilities in a way that may be insecure
[  373.164112][ T7551] erspan0: entered promiscuous mode
[  373.322518][ T7551] erspan0: left promiscuous mode
[  374.784876][ T7564] vlan2: entered allmulticast mode
[  374.790235][ T7564] batadv0: entered allmulticast mode
[  375.978504][ T7561] loop1: detected capacity change from 0 to 65536
[  376.097460][ T7561] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  376.462781][ T7561] XFS (loop1): Ending clean mount
[  376.669797][ T5815] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  376.753614][ T7590] netlink: 8 bytes leftover after parsing attributes in process `syz.4.537'.
[  377.329199][ T7592] loop0: detected capacity change from 0 to 512
[  377.444767][ T7594] loop3: detected capacity change from 0 to 2048
[  377.522661][ T7589] loop5: detected capacity change from 0 to 32768
[  377.547737][ T7589] (syz.5.536,7589,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  377.562516][ T7589] (syz.5.536,7589,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  377.577685][ T7589] (syz.5.536,7589,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x656d756e, computed 0x83128178. Applying ECC.
[  377.605218][ T7595] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  377.691660][ T7592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.706576][ T7592] ext4 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  377.758668][ T7589] JBD2: Ignoring recovery information on journal
[  377.770668][ T7594] NILFS (loop3): failed to count free inodes: err=-34
[  377.882859][ T7592] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 18: comm syz.0.539: lblock 23 mapped to illegal pblock 18 (length 1)
[  377.974825][ T7589] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  378.067449][ T7592] EXT4-fs (loop0): Remounting filesystem read-only
[  378.117711][ T5813] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 8796093022222
[  378.127084][ T5813] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=16)
[  378.133296][ T7589] ocfs2: Unmounting device (7,5) on (node local)
[  378.162118][ T7603] sctp: Trying to GSO but underlying device doesn't support it.
[  378.228563][ T5813] Remounting filesystem read-only
[  378.243904][ T5813] NILFS (loop3): error -5 truncating bmap (ino=16)
[  378.421270][ T5813] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  378.672984][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.693562][ T7614] loop4: detected capacity change from 0 to 512
[  379.830242][ T7614] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.546: casefold flag without casefold feature
[  379.953351][ T7614] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.546: couldn't read orphan inode 15 (err -117)
[  380.053604][ T7614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.331322][ T7619] EXT4-fs warning (device loop4): ext4_empty_dir:3089: inode #2: comm syz.4.546: directory missing '.'
[  380.848907][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.279095][ T7625] loop0: detected capacity change from 0 to 2048
[  381.439411][ T7625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.674206][   T42] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  381.908816][ T7628] loop3: detected capacity change from 0 to 4096
[  381.940294][   T42] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  381.949941][   T42] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.041444][   T42] usb 6-1: config 0 descriptor??
[  382.077909][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.096175][   T42] cp210x 6-1:0.0: cp210x converter detected
[  382.527915][   T42] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32
[  382.643112][   T42] usb 6-1: cp210x converter now attached to ttyUSB0
[  382.712296][ T7628] ntfs3(loop3): ino=1a, mi_enum_attr
[  382.717869][ T7628] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  383.279728][ T4309] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  383.401495][ T4309] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  383.415402][ T7644] overlayfs: upper fs does not support tmpfile.
[  383.476015][ T7641] loop0: detected capacity change from 0 to 32768
[  383.490955][   T42] usb 6-1: USB disconnect, device number 2
[  383.509257][   T42] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  383.514010][ T4309] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  383.548857][ T7644] overlayfs: workdir/#6 already exists
[  383.564969][ T4309] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  383.617322][   T42] cp210x 6-1:0.0: device disconnected
[  383.900713][ T7641] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  383.900944][ T7641]   allowing incompatible features above 0.0: (unknown version)
[  383.901044][ T7641]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  383.950480][ T7641] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  383.961155][ T7641] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  383.970937][ T7641] bcachefs (loop0): Version upgrade required:
[  383.970937][ T7641] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  383.970937][ T7641] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  383.970937][ T7641]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  384.077513][ T7641] bcachefs (loop0): dropping and reconstructing all alloc info
[  384.119384][ T7655] mmap: syz.5.560 (7655) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  384.211611][ T7647] loop1: detected capacity change from 0 to 2048
[  384.285844][ T7641] bcachefs (loop0): accounting_read... done
[  384.317335][ T7641] bcachefs (loop0): alloc_read... done
[  384.350978][ T7641] bcachefs (loop0): snapshots_read... done
[  384.365384][ T7641] bcachefs (loop0): check_allocations...
[  384.414414][ T7657] [U] 2„
[  384.443776][ T7647] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.460303][ T7647] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  384.484918][ T7641]  done
[  384.537457][ T7641] bcachefs (loop0): going read-write
[  384.543240][ T7641] bcachefs (loop0): insufficient writeable journal devices available: have 0, need 1
[  384.543240][ T7641] rw journal devs:
[  384.577811][ T7656] [U] 2
[  384.687763][ T7641] bcachefs (loop0): done starting filesystem
[  385.172292][ T5810] bcachefs (loop0): shutting down
[  385.177525][ T5810] bcachefs (loop0): going read-only
[  385.184391][ T5810] bcachefs (loop0): finished waiting for writes to stop
[  385.493353][ T7664] loop3: detected capacity change from 0 to 32768
[  385.508221][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.528260][ T5810] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[  385.563850][ T7664] JBD2: Ignoring recovery information on journal
[  385.609184][ T5810] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[  385.652522][ T5810] bcachefs (loop0): unclean shutdown complete, journal seq 10
[  385.679209][ T7664] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  385.727937][ T5810] bcachefs (loop0): done going read-only, filesystem not clean
[  386.154072][ T5810] bcachefs (loop0): shutdown complete
[  386.238029][ T5813] ocfs2: Unmounting device (7,3) on (node local)
[  389.320327][ T7687] loop3: detected capacity change from 0 to 32768
[  389.449119][ T7683] loop1: detected capacity change from 0 to 65536
[  389.525723][ T7687] ERROR: (device loop3): diAllocAG: nfreeinos = 0, but iag on freelist
[  389.525723][ T7687] 
[  389.538085][ T7683] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  389.555709][ T7687] ERROR: (device loop3): remounting filesystem as read-only
[  389.563943][ T7687] ialloc: diAlloc returned -5!
[  389.624950][ T7694] netlink: 20 bytes leftover after parsing attributes in process `syz.4.572'.
[  389.857125][ T7683] XFS (loop1): Ending clean mount
[  389.981878][ T5815] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  390.448839][ T7701] netlink: 8 bytes leftover after parsing attributes in process `syz.4.576'.
[  390.458131][ T7701] netlink: 16 bytes leftover after parsing attributes in process `syz.4.576'.
[  392.667266][ T7711] loop5: detected capacity change from 0 to 4096
[  392.733367][ T7711] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  393.625714][ T7717] loop4: detected capacity change from 0 to 32768
[  393.694484][ T7717] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  393.934327][ T7717] XFS (loop4): Ending clean mount
[  394.088979][ T5816] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  394.218690][ T7711] ntfs3(loop5): ino=1d, mi_enum_attr
[  394.225707][ T7711] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  394.278588][ T7711] ntfs3(loop5): ino=1d, mi_enum_attr
[  394.287727][ T7711] ntfs3(loop5): ino=1d, "file1" mi_enum_attr
[  394.341976][   T30] audit: type=1800 audit(1755697080.145:8): pid=7730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.586" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  395.885971][ T7736] loop4: detected capacity change from 0 to 40427
[  395.949441][ T7736] F2FS-fs (loop4): build fault injection rate: 14
[  395.960377][ T7736] F2FS-fs (loop4): invalid crc value
[  396.287474][ T7736] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  396.308970][ T7736] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  396.489010][ T5816] syz-executor: attempt to access beyond end of device
[  396.489010][ T5816] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  396.504148][ T5816] CPU: 1 UID: 0 PID: 5816 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(none) 
[  396.504305][ T5816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  396.504405][ T5816] Call Trace:
[  396.504469][ T5816]  <TASK>
[  396.504523][ T5816]  __dump_stack+0x26/0x30
[  396.504711][ T5816]  dump_stack_lvl+0x1df/0x270
[  396.504904][ T5816]  dump_stack+0x1e/0x25
[  396.505078][ T5816]  f2fs_handle_critical_error+0xa6f/0xc20
[  396.505334][ T5816]  f2fs_stop_checkpoint+0x65/0x80
[  396.505546][ T5816]  f2fs_write_end_io+0x101c/0x1bc0
[  396.505800][ T5816]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  396.506025][ T5816]  bio_endio+0xe24/0xf80
[  396.506182][ T5816]  submit_bio_noacct+0x214/0x2710
[  396.506393][ T5816]  submit_bio+0x57c/0x630
[  396.506555][ T5816]  f2fs_submit_write_bio+0x92/0x250
[  396.506753][ T5816]  __submit_merged_bio+0x16f/0x6a0
[  396.506941][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  396.507138][ T5816]  __submit_merged_write_cond+0x458/0x9a0
[  396.507369][ T5816]  f2fs_write_data_pages+0x4bb2/0x5480
[  396.507726][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  396.507915][ T5816]  ? folios_put_refs+0x61/0xb10
[  396.508108][ T5816]  ? filter_irq_stacks+0x49/0x190
[  396.508326][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  396.508525][ T5816]  ? stack_depot_save_flags+0x35/0x7b0
[  396.508734][ T5816]  ? kmsan_get_metadata+0xfb/0x160
[  396.508918][ T5816]  ? kmsan_get_metadata+0xfb/0x160
[  396.509091][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  396.509280][ T5816]  ? kmsan_get_metadata+0xfb/0x160
[  396.509457][ T5816]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  396.509634][ T5816]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  396.509850][ T5816]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  396.510058][ T5816]  do_writepages+0x3f2/0x860
[  396.510242][ T5816]  ? _raw_spin_unlock+0x30/0x50
[  396.510399][ T5816]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  396.510647][ T5816]  filemap_fdatawrite+0x207/0x260
[  396.510905][ T5816]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  396.511096][ T5816]  f2fs_write_checkpoint+0xfe2/0x2b00
[  396.511387][ T5816]  kill_f2fs_super+0x2ff/0x970
[  396.511566][ T5816]  ? __pfx_kill_f2fs_super+0x10/0x10
[  396.511717][ T5816]  deactivate_locked_super+0xcb/0x3c0
[  396.511902][ T5816]  deactivate_super+0x12f/0x140
[  396.512069][ T5816]  cleanup_mnt+0x6fb/0x780
[  396.512274][ T5816]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  396.512457][ T5816]  ? __pfx___cleanup_mnt+0x10/0x10
[  396.512663][ T5816]  __cleanup_mnt+0x22/0x30
[  396.512855][ T5816]  task_work_run+0x206/0x2b0
[  396.513051][ T5816]  exit_to_user_mode_loop+0x2a6/0x330
[  396.513241][ T5816]  do_syscall_64+0x1e3/0x210
[  396.513429][ T5816]  ? irqentry_exit+0x16/0x60
[  396.513596][ T5816]  ? clear_bhb_loop+0x40/0x90
[  396.513764][ T5816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.513938][ T5816] RIP: 0033:0x7f618e78ff17
[  396.514060][ T5816] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  396.514184][ T5816] RSP: 002b:00007ffe72015b78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  396.514327][ T5816] RAX: 0000000000000000 RBX: 00007f618e811c05 RCX: 00007f618e78ff17
[  396.514423][ T5816] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe72015c30
[  396.514516][ T5816] RBP: 00007ffe72015c30 R08: 0000000000000000 R09: 0000000000000000
[  396.514605][ T5816] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe72016cc0
[  396.514699][ T5816] R13: 00007f618e811c05 R14: 0000000000060c55 R15: 00007ffe72016d00
[  396.514833][ T5816]  </TASK>
[  396.867339][ T5816] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  397.897462][ T7752] loop1: detected capacity change from 0 to 32768
[  398.183841][ T7754] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.134987][ T7760] loop0: detected capacity change from 0 to 32768
[  399.240671][ T7760] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  399.616259][ T7760] XFS (loop0): Ending clean mount
[  399.696648][ T7760] XFS (loop0): Quotacheck needed: Please wait.
[  399.854355][ T7760] XFS (loop0): Quotacheck: Done.
[  400.183498][ T5810] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  400.249673][ T7779] netlink: 20 bytes leftover after parsing attributes in process `syz.5.601'.
[  401.846911][ T7794] netlink: 'syz.3.608': attribute type 10 has an invalid length.
[  401.872536][ T7794] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  402.460537][ T7803] input: syz0 as /devices/virtual/input/input10
[  402.742561][ T7806] loop0: detected capacity change from 0 to 128
[  403.003473][ T7806] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  403.096172][ T7806] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  403.655918][ T5810] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  404.396761][ T7826] loop1: detected capacity change from 0 to 1024
[  404.632242][ T7818] loop4: detected capacity change from 0 to 32768
[  405.066567][ T7832] loop3: detected capacity change from 0 to 512
[  405.147926][ T7832] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  405.239022][ T7832] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  405.307891][ T7832] EXT4-fs (loop3): orphan cleanup on readonly fs
[  405.315352][ T7832] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.623: bad orphan inode 267
[  405.625099][ T7832] EXT4-fs (loop3): Remounting filesystem read-only
[  405.634260][ T7832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  405.828178][ T7832] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.623: dx entry: limit 0 != root limit 125
[  405.840450][ T7832] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.623: Corrupt directory, running e2fsck is recommended
[  405.945220][ T7842] netlink: 'syz.5.626': attribute type 1 has an invalid length.
[  405.957332][ T7842] netlink: 'syz.5.626': attribute type 2 has an invalid length.
[  406.098281][ T7842] netlink: 'syz.5.626': attribute type 1 has an invalid length.
[  406.106552][ T7842] netlink: 'syz.5.626': attribute type 2 has an invalid length.
[  406.425332][ T7844] input: syz1 as /devices/virtual/input/input11
[  406.549594][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  406.882488][ T7846] loop1: detected capacity change from 0 to 2048
[  407.123662][ T7854] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  407.193773][ T7846] NILFS error (device loop1): nilfs_lookup: deleted inode referenced: 12
[  407.214527][ T7846] Remounting filesystem read-only
[  407.321218][ T7853] loop3: detected capacity change from 0 to 2048
[  407.348887][ T7856] loop0: detected capacity change from 0 to 8
[  407.523951][ T7853] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  407.651380][ T7853] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.847556][ T7853] EXT4-fs error (device loop3): ext4_lookup:1787: inode #13: comm syz.3.630: unexpected EA_INODE flag
[  408.070116][ T7865] loop1: detected capacity change from 0 to 512
[  408.259303][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.310535][ T7865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.324216][ T7865] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.970611][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.451919][ T5872] kernel write not supported for file /input/mouse0 (pid: 5872 comm: kworker/0:4)
[  410.505339][ T7895] input: syz1 as /devices/virtual/input/input12
[  410.927662][ T7898] loop1: detected capacity change from 0 to 2048
[  411.081753][ T7905] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  411.211195][   T30] audit: type=1800 audit(1755697097.015:9): pid=7898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.648" name="file2" dev="loop1" ino=16 res=0 errno=0
[  411.373130][ T7898] NILFS (loop1): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  411.389242][ T7898] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16)
[  411.536217][ T7898] Remounting filesystem read-only
[  411.611503][ T7908] loop4: detected capacity change from 0 to 512
[  411.628290][ T7908] EXT4-fs: Ignoring removed nobh option
[  412.058524][ T5815] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  412.540451][ T7911] loop0: detected capacity change from 0 to 32768
[  412.553686][ T7908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.568172][ T7908] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  412.692416][ T7911] ERROR: (device loop0): diAllocAG: numfree > numinos
[  412.692416][ T7911] 
[  412.702720][ T7911] ialloc: diAlloc returned -5!
[  412.931465][ T7908] EXT4-fs error (device loop4): ext4_find_dest_de:2052: inode #2: block 3: comm syz.4.653: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  413.578032][ T7921] loop1: detected capacity change from 0 to 32768
[  413.594543][ T7921] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.657 (7921)
[  413.615176][ T7921] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  413.625872][ T7921] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  413.784234][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.958668][ T7921] BTRFS info (device loop1): enabling ssd optimizations
[  413.966005][ T7921] BTRFS info (device loop1): enabling free space tree
[  414.373356][ T5815] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  414.582422][ T7945] netlink: 12 bytes leftover after parsing attributes in process `syz.4.662'.
[  416.002718][ T7960] loop3: detected capacity change from 0 to 2048
[  416.246718][ T7960] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  417.006257][ T7970] Bluetooth: MGMT ver 1.23
[  417.743517][ T7976] loop0: detected capacity change from 0 to 512
[  417.806402][ T7976] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  417.961348][ T7976] EXT4-fs (loop0): 1 truncate cleaned up
[  418.041516][ T7976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.323266][   T30] audit: type=1800 audit(1755697104.145:10): pid=7988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.676" name="file2" dev="loop0" ino=16 res=0 errno=0
[  418.368248][ T7988] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  418.721804][ T5440] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  418.933586][ T5440] usb 5-1: Using ep0 maxpacket: 16
[  419.017638][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.032360][ T5440] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  419.042770][ T5440] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[  419.054380][ T5440] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  419.191747][ T5440] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  419.201933][ T5440] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  419.210170][ T5440] usb 5-1: SerialNumber: syz
[  419.211454][ T5872] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  419.256043][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  419.265587][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  419.384136][ T5440] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  419.518311][ T5872] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  419.526991][ T5872] usb 2-1: config 0 has no interface number 0
[  419.533645][ T5872] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.545004][ T5872] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.555490][ T5872] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  419.565001][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.655782][ T5864] usb 5-1: USB disconnect, device number 2
[  419.808999][ T5872] usb 2-1: config 0 descriptor??
[  420.600505][ T5872] input: HID 04d9:a055 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:04D9:A055.0004/input/input13
[  420.807285][ T8010] netlink: 4 bytes leftover after parsing attributes in process `syz.5.687'.
[  420.926830][ T8001] loop3: detected capacity change from 0 to 2048
[  420.982144][ T8001] udf: Unknown parameter '0000000000000000000000000000000000000000'
[  421.185210][ T5872] holtek_kbd 0003:04D9:A055.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.1-1/input1
[  421.293789][ T5872] usb 2-1: USB disconnect, device number 3
[  422.492118][ T8029] loop1: detected capacity change from 0 to 128
[  422.553239][ T8029] EXT4-fs: Ignoring removed nobh option
[  422.753279][ T8029] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  422.855312][ T8024] fido_id[8024]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  422.881488][ T8029] ext4 filesystem being mounted at /136/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  423.093560][ T8036] loop0: detected capacity change from 0 to 512
[  423.212498][ T8029] fscrypt (loop1, inode 12): Direct key flag not allowed with different contents and filenames modes
[  423.238333][ T8036] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.698: casefold flag without casefold feature
[  423.239059][ T8036] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.698: couldn't read orphan inode 15 (err -117)
[  423.242607][ T8036] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.521606][ T8036] fscrypt (loop0, inode 18): Unsupported encryption flags (0x10)
[  423.684917][ T5815] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  423.891614][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.224367][ T8056] loop0: detected capacity change from 0 to 1024
[  425.275568][ T8058] process 'syz.3.709' launched './file0' with NULL argv: empty string added
[  425.443034][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.712'.
[  425.763899][ T3552] hfsplus: b-tree write err: -5, ino 8
[  427.021322][ T8071] loop4: detected capacity change from 0 to 32768
[  427.184123][ T8071] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  427.978332][ T8093] loop0: detected capacity change from 0 to 512
[  428.063097][ T8071] XFS (loop4): Ending clean mount
[  428.083515][ T8093] EXT4-fs: Ignoring removed nomblk_io_submit option
[  428.115142][ T8071] XFS (loop4): Quotacheck needed: Please wait.
[  428.166001][ T8071] XFS (loop4): Quotacheck: Done.
[  428.304896][ T8093] EXT4-fs: Mount option(s) incompatible with ext2
[  428.411574][ T5816] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  428.526349][ T8099] netlink: 'syz.3.725': attribute type 10 has an invalid length.
[  428.535429][ T8099] ipvlan1: entered allmulticast mode
[  428.541098][ T8099] veth0_vlan: entered allmulticast mode
[  428.555959][ T8099] team0: Device ipvlan1 failed to register rx_handler
[  430.855211][ T8126] loop1: detected capacity change from 0 to 64
[  431.114227][ T8132] netlink: 'syz.3.741': attribute type 10 has an invalid length.
[  431.206721][ T8132] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[  431.451180][ T8132] netlink: 'syz.3.741': attribute type 10 has an invalid length.
[  434.162115][ T8160] loop3: detected capacity change from 0 to 32768
[  434.177228][ T8160] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.754 (8160)
[  434.199969][ T8160] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  434.211771][ T8160] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  434.503027][ T8160] BTRFS info (device loop3): enabling ssd optimizations
[  434.510250][ T8160] BTRFS info (device loop3): enabling free space tree
[  434.573497][ T8160] BTRFS info (device loop3): balance: start -susage=8,drange=7..559100,limit=42949673007,stripes=4294967295..4
[  434.586260][ T8160] BTRFS info (device loop3): balance: ended with status: 0
[  434.803162][ T5813] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  435.210657][ T8191] loop5: detected capacity change from 0 to 512
[  435.382676][ T8191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.397605][ T8191] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  436.042491][ T6243] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.825279][ T8215] loop5: detected capacity change from 0 to 1024
[  436.892290][ T8217] loop4: detected capacity change from 0 to 64
[  437.115176][ T8215] hfsplus: bad catalog folder thread
[  438.151776][ T8226] loop4: detected capacity change from 0 to 2364
[  438.242415][   T30] audit: type=1326 audit(1755697124.065:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.0.778" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f03cfb8ebe9 code=0x0
[  440.310122][ T8247] loop5: detected capacity change from 0 to 2048
[  440.505792][ T8247] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  444.407907][ T8305] loop1: detected capacity change from 0 to 1024
[  444.445557][ T8305] EXT4-fs: Ignoring removed bh option
[  444.512733][ T8305] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  444.743702][ T8305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  445.520035][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.064100][ T8317] loop4: detected capacity change from 0 to 32768
[  446.185516][ T8317] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  446.363151][ T8317] XFS (loop4): Ending clean mount
[  446.534180][ T5816] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  447.226558][ T8344] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  447.235455][ T8344] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  447.244489][ T8344] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  447.512105][ T8347] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  449.602216][ T8371] netlink: 'syz.1.834': attribute type 21 has an invalid length.
[  449.610189][ T8371] IPv6: NLM_F_CREATE should be specified when creating new route
[  452.127173][ T8399] loop5: detected capacity change from 0 to 164
[  452.314813][ T8394] loop4: detected capacity change from 0 to 32768
[  452.327028][ T8394] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.846 (8394)
[  452.361526][ T8394] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  452.373219][ T8394] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  452.704175][ T8394] BTRFS info (device loop4): enabling ssd optimizations
[  452.711694][ T8394] BTRFS info (device loop4): enabling free space tree
[  452.771887][ T8419] netlink: 8 bytes leftover after parsing attributes in process `syz.0.850'.
[  452.887687][ T5816] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  453.172411][ T8421] blkio.reset_stats is deprecated
[  454.007264][ T8428] tun0: tun_chr_ioctl cmd 2147767511
[  455.525813][ T5873] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  455.749153][ T5873] usb 2-1: Using ep0 maxpacket: 32
[  455.783218][ T5873] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  455.795527][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  455.806851][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  455.816932][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  455.833680][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  456.112448][ T5873] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  456.122142][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.134472][ T5873] usb 2-1: Product: syz
[  456.138848][ T5873] usb 2-1: Manufacturer: syz
[  456.145071][ T5873] usb 2-1: SerialNumber: syz
[  456.296290][ T5873] usb 2-1: config 0 descriptor??
[  456.819080][ T8456] sctp: failed to load transform for md5: -2
[  456.821817][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -32
[  456.831723][ T5873] input input14: Device does not respond to id packet M
[  456.874325][ T5873] input input14: Device does not respond to id packet P
[  457.065015][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.072238][ T5873] input input14: Device does not respond to id packet B
[  457.159597][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.168311][ T5873] input input14: Device does not respond to id packet N
[  457.256355][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.334305][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.406469][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.474282][ T5873] iforce 2-1:0.0: usb_submit_urb failed: -71
[  457.485886][ T5873] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input14
[  457.993052][ T5873] usb 2-1: USB disconnect, device number 4
[  458.031118][ T8466] loop3: detected capacity change from 0 to 32768
[  458.118712][ T8466] 
[  458.118712][ T8466]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.118712][ T8466] 
[  458.149537][ T8466] 
[  458.149537][ T8466]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.149537][ T8466] 
[  458.160482][ T8466] 
[  458.160482][ T8466]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.160482][ T8466] 
[  458.220007][  T110] 
[  458.220007][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.220007][  T110] 
[  458.318227][ T5813] 
[  458.318227][ T5813]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.318227][ T5813] 
[  458.418705][ T5813] 
[  458.418705][ T5813]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  458.418705][ T5813] 
[  459.654865][ T8487] netlink: 'syz.0.878': attribute type 3 has an invalid length.
[  459.793073][ T8480] loop3: detected capacity change from 0 to 4096
[  459.938319][ T8490] loop4: detected capacity change from 0 to 256
[  460.027487][ T8490] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  460.032842][ T8491] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  460.038775][ T8490] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  460.302117][ T8490] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  460.878151][ T8488] loop5: detected capacity change from 0 to 8192
[  461.909616][ T5872] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  462.126345][ T5872] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  462.135896][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.189090][ T8512] loop3: detected capacity change from 0 to 256
[  462.195108][ T5872] usb 2-1: config 0 descriptor??
[  462.306261][ T5872] cp210x 2-1:0.0: cp210x converter detected
[  462.361062][ T8512] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  462.376232][ T8512] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  462.508051][ T5873] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  462.526223][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.892'.
[  462.718147][ T8512] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  462.743611][ T5872] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  462.811155][ T5873] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  462.822701][ T5873] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  462.834072][ T5873] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  462.843567][ T5873] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.963302][ T5872] cp210x 2-1:0.0: failed to get vendor val 0x370c size 15: -71
[  462.971641][ T5872] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  463.073817][ T5872] usb 2-1: cp210x converter now attached to ttyUSB0
[  463.110149][ T5873] usb 6-1: config 0 descriptor??
[  463.184977][ T5872] usb 2-1: USB disconnect, device number 5
[  463.228842][ T5872] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  463.314077][ T5872] cp210x 2-1:0.0: device disconnected
[  463.634697][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x0
[  463.642781][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x0
[  463.650454][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x1
[  463.658400][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x0
[  463.666273][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x0
[  463.674216][ T5873] steelseries 0003:1038:12B6.0005: unknown main item tag 0x0
[  463.682575][ T5873] steelseries 0003:1038:12B6.0005: item fetching failed at offset 6/7
[  463.977652][ T5873] steelseries 0003:1038:12B6.0005: probe with driver steelseries failed with error -22
[  464.096312][ T5873] usb 6-1: USB disconnect, device number 3
[  464.861960][ T8536] netlink: 12 bytes leftover after parsing attributes in process `syz.5.901'.
[  464.963269][ T8539] loop0: detected capacity change from 0 to 128
[  465.088434][ T8539] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  465.132126][ T8539] ext4 filesystem being mounted at /197/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  465.609939][ T5810] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  466.108178][ T8560] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  466.724096][ T8566] loop5: detected capacity change from 0 to 512
[  466.752345][ T8568] bridge0: port 4(syz_tun) entered blocking state
[  466.759344][ T8568] bridge0: port 4(syz_tun) entered disabled state
[  466.767064][ T8568] syz_tun: entered allmulticast mode
[  466.781676][ T8568] syz_tun: entered promiscuous mode
[  466.789270][ T8568] bridge0: port 4(syz_tun) entered blocking state
[  466.796326][ T8568] bridge0: port 4(syz_tun) entered forwarding state
[  466.837322][ T8566] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  467.067777][ T8566] UDF-fs: error (device loop5): udf_read_inode: (ino 19) failed ident=264
[  467.248399][ T8573] loop1: detected capacity change from 0 to 1024
[  467.366371][ T8573] EXT4-fs: Ignoring removed bh option
[  467.462154][ T8573] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  467.644663][ T8573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  468.376073][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.442078][    C0] syz_tun: tun_net_xmit 70
[  470.879738][ T8627] loop3: detected capacity change from 0 to 16
[  470.982504][ T8627] erofs (device loop3): mounted with root inode @ nid 36.
[  471.062872][ T8627] syz.3.938: attempt to access beyond end of device
[  471.062872][ T8627] loop3: rw=0, sector=48, nr_sectors = 16 limit=16
[  471.081168][ T8627] erofs (device loop3): read error -5 @ 43 of nid 36
[  471.208002][ T8630] loop5: detected capacity change from 0 to 128
[  471.265743][ T8630] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  471.371273][ T8630] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  471.623077][ T8631] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  472.092940][ T6243] UDF-fs: error (device loop5): udf_read_inode: (ino 114) failed !bh
[  472.150233][ T6243] UDF-fs: error (device loop5): udf_read_inode: (ino 114) failed !bh
[  472.158682][ T8632] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  472.778250][ T8647] loop4: detected capacity change from 0 to 128
[  472.888711][ T8649] loop0: detected capacity change from 0 to 128
[  473.422414][ T1128] kworker/u8:6: attempt to access beyond end of device
[  473.422414][ T1128] loop0: rw=1, sector=145, nr_sectors = 65 limit=128
[  473.633098][   T58] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.671711][ T8654] program syz.3.952 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  473.856764][   T58] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.879833][ T8658] loop4: detected capacity change from 0 to 512
[  473.966359][ T8658] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.954: bad orphan inode 13
[  473.978625][ T8658] ext4_test_bit(bit=12, block=4) = 1
[  473.984504][ T8658] is_bad_inode(inode)=0
[  473.988923][ T8658] NEXT_ORPHAN(inode)=0
[  473.993481][ T8658] max_ino=32
[  473.996821][ T8658] i_nlink=1
[  474.002283][ T8658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  474.023007][ T8658] EXT4-fs warning (device loop4): dx_probe:801: inode #2: comm syz.4.954: Unrecognised inode hash code 20
[  474.034771][ T8658] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.954: Corrupt directory, running e2fsck is recommended
[  474.052930][ T8658] EXT4-fs warning (device loop4): dx_probe:801: inode #2: comm syz.4.954: Unrecognised inode hash code 20
[  474.065837][ T8658] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.954: Corrupt directory, running e2fsck is recommended
[  474.210259][ T8657] loop0: detected capacity change from 0 to 1764
[  474.266587][   T58] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.382290][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.486098][   T58] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.285039][   T58] bridge_slave_1: left allmulticast mode
[  475.295314][   T58] bridge_slave_1: left promiscuous mode
[  475.302350][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  475.399103][   T58] bridge_slave_0: left allmulticast mode
[  475.405226][   T58] bridge_slave_0: left promiscuous mode
[  475.413778][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.152627][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  476.190047][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  476.223393][   T58] bond0 (unregistering): Released all slaves
[  476.894468][   T58] hsr_slave_0: left promiscuous mode
[  476.925359][   T58] hsr_slave_1: left promiscuous mode
[  476.933991][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  476.941778][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.019897][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  477.027834][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.209012][   T58] veth1_macvtap: left promiscuous mode
[  477.215561][   T58] veth0_macvtap: left promiscuous mode
[  477.225942][   T58] veth1_vlan: left promiscuous mode
[  477.231810][   T58] veth0_vlan: left promiscuous mode
[  478.385905][   T58] team0 (unregistering): Port device team_slave_1 removed
[  478.461369][ T5819] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  478.463189][   T58] team0 (unregistering): Port device team_slave_0 removed
[  478.484750][ T5819] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  478.512700][ T5819] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  478.529553][ T5819] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  478.561887][ T5819] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  479.511877][ T8700] team0: Caught tx_queue_len zero misconfig
[  480.042225][ T5873] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  480.188260][ T8712] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  480.200258][ T8712] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  480.351629][ T5873] usb 2-1: Using ep0 maxpacket: 8
[  480.443724][ T5873] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  480.453298][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.561235][ T5873] pvrusb2: Hardware description: Terratec Grabster AV400
[  480.568524][ T5873] pvrusb2: **********
[  480.573337][ T5873] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  480.583711][ T5873] pvrusb2: Important functionality might not be entirely working.
[  480.591835][ T5873] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  480.607066][ T5873] pvrusb2: **********
[  480.681958][    C1] syz_tun: tun_net_xmit 70
[  480.702732][    C0] syz_tun: tun_net_xmit 70
[  480.786281][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  480.793569][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  480.831220][ T5821] Bluetooth: hci3: command tx timeout
[  481.305805][ T5873] usb 2-1: USB disconnect, device number 6
[  481.313563][ T5873] pvrusb2: Device being rendered inoperable
[  481.343317][ T8716] loop3: detected capacity change from 0 to 32768
[  481.569020][ T8716] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  481.569177][ T8716]   allowing incompatible features above 0.0: (unknown version)
[  481.569268][ T8716]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  481.612730][ T8716] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  481.627191][ T8716] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  481.636966][ T8716] bcachefs (loop3): Version upgrade required:
[  481.636966][ T8716] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  481.636966][ T8716] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  481.636966][ T8716]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  481.806213][ T8716] bcachefs (loop3): dropping and reconstructing all alloc info
[  481.822577][ T8689] chnl_net:caif_netlink_parms(): no params data found
[  482.081671][ T8716] bcachefs (loop3): accounting_read... done
[  482.200246][ T8716] bcachefs (loop3): alloc_read... done
[  482.212068][ T8716] bcachefs (loop3): snapshots_read... done
[  482.224712][ T8716] bcachefs (loop3): check_allocations... done
[  482.481639][ T8716] bcachefs (loop3): going read-write
[  482.487286][ T8716] bcachefs (loop3): insufficient writeable journal devices available: have 0, need 1
[  482.487286][ T8716] rw journal devs:
[  482.628618][ T8716] bcachefs (loop3): done starting filesystem
[  482.911035][ T5821] Bluetooth: hci3: command tx timeout
[  482.959554][ T5813] bcachefs (loop3): shutting down
[  482.965933][ T5813] bcachefs (loop3): going read-only
[  482.972612][ T5813] bcachefs (loop3): finished waiting for writes to stop
[  483.051540][ T5813] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10
[  483.111776][ T5873] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  483.167284][ T5813] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10
[  483.234365][ T5813] bcachefs (loop3): unclean shutdown complete, journal seq 10
[  483.330514][ T5813] bcachefs (loop3): done going read-only, filesystem not clean
[  483.341296][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.353081][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.365840][ T5873] usb 5-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  483.376005][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.504153][ T5813] bcachefs (loop3): shutdown complete
[  483.565112][ T5873] usb 5-1: config 0 descriptor??
[  483.862156][ T5872] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  484.008708][ T8750] loop0: detected capacity change from 0 to 1024
[  484.087713][ T5873] razer 0003:1532:010E.0006: unknown main item tag 0x0
[  484.094029][ T8750] EXT4-fs: Ignoring removed orlov option
[  484.095522][ T5873] razer 0003:1532:010E.0006: unknown main item tag 0x0
[  484.101016][ T8750] EXT4-fs: Ignoring removed nomblk_io_submit option
[  484.107875][ T5873] razer 0003:1532:010E.0006: unknown main item tag 0x0
[  484.122353][ T5873] razer 0003:1532:010E.0006: unknown main item tag 0x0
[  484.129496][ T5873] razer 0003:1532:010E.0006: unknown main item tag 0x0
[  484.148208][ T5872] usb 2-1: config 0 has an invalid interface number: 98 but max is 0
[  484.158124][ T5872] usb 2-1: config 0 has no interface number 0
[  484.166145][ T5872] usb 2-1: config 0 interface 98 has no altsetting 0
[  484.218292][ T8689] bridge0: port 1(bridge_slave_0) entered blocking state
[  484.229325][ T8689] bridge0: port 1(bridge_slave_0) entered disabled state
[  484.237238][ T8689] bridge_slave_0: entered allmulticast mode
[  484.247218][ T8689] bridge_slave_0: entered promiscuous mode
[  484.323647][ T5872] usb 2-1: New USB device found, idVendor=1110, idProduct=9024, bcdDevice=db.24
[  484.333533][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.342011][ T5872] usb 2-1: Product: syz
[  484.346369][ T5872] usb 2-1: Manufacturer: syz
[  484.351330][ T5872] usb 2-1: SerialNumber: syz
[  484.371483][ T5873] razer 0003:1532:010E.0006: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.4-1/input0
[  484.414185][ T5872] usb 2-1: config 0 descriptor??
[  484.432673][ T8689] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.440355][ T8689] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.448415][ T8689] bridge_slave_1: entered allmulticast mode
[  484.458367][ T8689] bridge_slave_1: entered promiscuous mode
[  484.503618][ T8750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  484.582756][ T5873] usb 5-1: USB disconnect, device number 3
[  484.739136][ T5872] usb 2-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9024) Rev (0XDB24): Eagle II
[  484.992773][ T5821] Bluetooth: hci3: command tx timeout
[  485.070374][ T8689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  485.147077][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.156846][ T8755] fido_id[8755]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  485.216273][ T8689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.236249][ T5872] usb 2-1: reset high-speed USB device number 7 using dummy_hcd
[  485.404933][ T8689] team0: Port device team_slave_0 added
[  485.459908][ T8689] team0: Port device team_slave_1 added
[  485.670048][ T5872] usb 2-1: [ueagle-atm] pre-firmware device, uploading firmware
[  485.678328][ T5872] usb 2-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw
[  485.693589][   T11] usb 2-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2
[  485.702917][   T11] usb 2-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw
[  485.916118][ T5872] usb 2-1: USB disconnect, device number 7
[  485.981687][ T8689] batman_adv: batadv0: Adding interface: batadv_slave_0
[  485.989065][ T8689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.015779][ T8689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  486.285308][ T8689] batman_adv: batadv0: Adding interface: batadv_slave_1
[  486.292778][ T8689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.320157][ T8689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  486.870217][ T8771] loop4: detected capacity change from 0 to 1024
[  487.075923][ T5821] Bluetooth: hci3: command tx timeout
[  487.097057][ T8689] hsr_slave_0: entered promiscuous mode
[  487.106031][ T8771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.251535][ T8689] hsr_slave_1: entered promiscuous mode
[  487.266074][ T8689] debugfs: 'hsr0' already exists in 'hsr'
[  487.272362][ T8689] Cannot create hsr debugfs directory
[  487.653521][ T8781] netlink: 36 bytes leftover after parsing attributes in process `syz.0.989'.
[  488.153020][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.476107][ T8789] Bluetooth: hci0: load_link_keys: too big key_count value 2816
[  488.718309][ T8792] loop1: detected capacity change from 0 to 256
[  489.155055][ T8792] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d)
[  489.246334][ T8689] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  489.342129][ T8689] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  489.354536][   T30] audit: type=1800 audit(1755697175.165:12): pid=8792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.993" name="file2" dev="loop1" ino=1048641 res=0 errno=0
[  489.442567][ T8689] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  489.482689][ T8689] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  490.016607][ T8797] loop4: detected capacity change from 0 to 4096
[  490.061569][ T8799] loop3: detected capacity change from 0 to 2048
[  490.073713][ T8799] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=18576, location=18576
[  490.174101][ T8797] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  490.272127][ T8799] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  490.441836][ T8803] loop0: detected capacity change from 0 to 128
[  491.497389][ T8689] 8021q: adding VLAN 0 to HW filter on device bond0
[  491.532142][ T8811] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  491.581061][ T8813] loop0: detected capacity change from 0 to 256
[  491.664330][ T8813] exfat: Deprecated parameter 'utf8'
[  491.670157][ T8813] exfat: Deprecated parameter 'utf8'
[  491.676220][ T8813] exfat: Deprecated parameter 'utf8'
[  491.681883][ T8813] exfat: Deprecated parameter 'utf8'
[  491.806152][ T8689] 8021q: adding VLAN 0 to HW filter on device team0
[  491.926262][ T8813] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[  491.958231][ T3590] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.965897][ T3590] bridge0: port 1(bridge_slave_0) entered forwarding state
[  492.184450][ T3590] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.192128][ T3590] bridge0: port 2(bridge_slave_1) entered forwarding state
[  492.608233][ T8818] loop3: detected capacity change from 0 to 128
[  492.699971][ T8818] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  492.828572][ T8818] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  494.381157][ T5873] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  494.612059][ T5873] usb 1-1: Using ep0 maxpacket: 32
[  494.710417][ T5873] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  494.719979][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.729537][ T5873] usb 1-1: Product: syz
[  494.736257][ T5873] usb 1-1: Manufacturer: syz
[  494.741740][ T5873] usb 1-1: SerialNumber: syz
[  494.870120][ T5873] usb 1-1: config 0 descriptor??
[  495.094864][ T8689] 8021q: adding VLAN 0 to HW filter on device batadv0
[  495.111062][ T8838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.121416][ T8838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.220511][ T5873] peak_usb 1-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[  495.230283][ T5873] peak_usb 1-1:0.0: unable to read PCAN-USB Pro firmware info (err -71)
[  495.394097][ T5873] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71
[  495.518195][ T5873] usb 1-1: USB disconnect, device number 3
[  496.128685][ T8862] ip6gretap1: entered allmulticast mode
[  497.235599][ T8873] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1019'.
[  497.353841][ T5873] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  497.571092][ T5873] usb 5-1: Using ep0 maxpacket: 16
[  497.653018][ T5873] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  497.663508][ T5873] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  497.675703][ T5873] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  497.843157][ T5873] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  497.853151][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  497.861726][ T5873] usb 5-1: SerialNumber: syz
[  498.085805][ T5873] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  498.273211][ T5873] usb 5-1: USB disconnect, device number 4
[  498.956991][ T8689] veth0_vlan: entered promiscuous mode
[  499.106602][ T8689] veth1_vlan: entered promiscuous mode
[  499.562652][ T8689] veth0_macvtap: entered promiscuous mode
[  499.688070][ T8689] veth1_macvtap: entered promiscuous mode
[  499.720566][ T8904] loop1: detected capacity change from 0 to 256
[  499.917521][ T8689] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.075883][ T8689] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.085778][ T8904] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  500.236640][ T3590] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.285871][ T4164] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.381438][ T4164] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.443362][ T4164] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  500.728746][ T8916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1032'.
[  501.987335][ T8932] loop1: detected capacity change from 0 to 512
[  502.351711][ T8932] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1038: corrupted in-inode xattr: invalid ea_ino
[  502.526378][ T8932] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1038: couldn't read orphan inode 15 (err -117)
[  502.617005][ T8932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  503.407925][ T8951] loop3: detected capacity change from 0 to 16
[  503.433048][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.463370][ T8951] erofs (device loop3): mounted with root inode @ nid 36.
[  505.173564][ T8956] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1045'.
[  505.375263][ T8956] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1045'.
[  505.935131][ T8951] erofs (device loop3): read error -117 @ 8200 of nid 36
[  506.753877][ T8974] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1051'.
[  507.855497][ T8979] loop0: detected capacity change from 0 to 32768
[  507.922347][ T8980] loop4: detected capacity change from 0 to 32768
[  508.106884][ T8979] JBD2: Ignoring recovery information on journal
[  508.229149][ T8980] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  508.229316][ T8980]   allowing incompatible features above 0.0: (unknown version)
[  508.229398][ T8980]   features: 
[  508.266976][ T8980] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  508.275589][ T8980] bcachefs (loop4): initializing new filesystem
[  508.295123][ T8980] bcachefs (loop4): going read-write
[  508.328462][ T8980] bcachefs (loop4): marking superblocks
[  508.386377][ T8980] bcachefs (loop4): initializing freespace
[  508.414859][ T8980] bcachefs (loop4): done initializing freespace
[  508.436003][ T8980] bcachefs (loop4): reading snapshots table
[  508.442413][ T8980] bcachefs (loop4): reading snapshots done
[  508.534850][ T8979] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  508.541527][ T8980] bcachefs (loop4): done starting filesystem
[  508.748459][ T5810] ocfs2: Unmounting device (7,0) on (node local)
[  509.056260][ T5816] bcachefs (loop4): shutting down
[  509.062592][ T5816] bcachefs (loop4): going read-only
[  509.071837][ T5816] bcachefs (loop4): finished waiting for writes to stop
[  509.201539][ T5816] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  509.700655][ T5816] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  509.866508][ T5816] bcachefs (loop4): clean shutdown complete, journal seq 4
[  509.917516][ T5816] bcachefs (loop4): marking filesystem clean
[  510.084127][ T5816] bcachefs (loop4): shutdown complete
[  510.236971][ T9008] loop0: detected capacity change from 0 to 136
[  510.470314][ T9008] rock: directory entry would overflow storage
[  510.477891][ T9008] rock: sig=0x4f50, size=4, remaining=3
[  510.484818][ T9008] iso9660: Corrupted directory entry in block 2 of inode 1472
[  510.841641][ T9012] loop1: detected capacity change from 0 to 64
[  514.354455][ T3552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  514.362775][ T3552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  514.408574][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  514.416731][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.478984][ T9033] loop0: detected capacity change from 0 to 128
[  515.769341][ T9033] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  518.119317][ T9044] loop0: detected capacity change from 0 to 512
[  518.204393][ T9044] EXT4-fs: Ignoring removed i_version option
[  518.217281][ T9019] Set syz1 is full, maxelem 65536 reached
[  518.324303][ T9044] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  518.621728][ T9044] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1067: iget: bad extra_isize 15 (inode size 256)
[  518.672570][ T9044] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1067: couldn't read orphan inode 15 (err -117)
[  518.857885][ T9044] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.746455][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.781562][ T9059] loop6: detected capacity change from 0 to 1024
[  519.853067][ T9059] hfsplus: Unknown parameter '/dev/vbi#'
[  523.143040][ T9076] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.159039][ T9076] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.795812][ T9096] loop1: detected capacity change from 0 to 512
[  526.544424][ T9096] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1083: corrupted in-inode xattr: invalid ea_ino
[  526.723949][ T9096] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1083: couldn't read orphan inode 15 (err -117)
[  526.828250][ T9096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  526.961453][    T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  527.285951][    T9] usb 7-1: Using ep0 maxpacket: 16
[  527.451691][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  527.463179][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  527.474149][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  527.487451][    T9] usb 7-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  527.496956][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.774373][ T9106] loop3: detected capacity change from 0 to 64
[  528.325195][    T9] usb 7-1: config 0 descriptor??
[  528.681482][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.798689][ T9104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.809962][ T9104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  529.462500][ T5819] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  529.522536][ T5819] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  529.564960][ T5819] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  529.579802][ T5819] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  529.593522][ T5819] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  529.627888][    T9] hid-multitouch 0003:045E:9994.0007: unknown main item tag 0x2
[  529.638598][    T9] hid-multitouch 0003:045E:9994.0007: unknown main item tag 0x5
[  529.649454][    T9] hid-multitouch 0003:045E:9994.0007: unknown main item tag 0x0
[  529.664913][    T9] hid-multitouch 0003:045E:9994.0007: unknown main item tag 0x0
[  529.675204][    T9] hid-multitouch 0003:045E:9994.0007: unbalanced collection at end of report description
[  530.455830][    T9] hid-multitouch 0003:045E:9994.0007: probe with driver hid-multitouch failed with error -22
[  530.602607][ T5813] hfs: node 4:3 still has 1 user(s)!
[  530.761514][    T9] usb 7-1: USB disconnect, device number 2
[  530.948623][ T9118] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1091'.
[  532.573187][ T9124] loop6: detected capacity change from 0 to 32768
[  532.674498][ T5821] Bluetooth: hci5: command tx timeout
[  532.728892][ T9124] find_entry called with index >= next_index
[  534.873298][ T5821] Bluetooth: hci5: command tx timeout
[  536.933827][ T5821] Bluetooth: hci5: command tx timeout
[  537.974394][ T9150] netlink: 'syz.0.1100': attribute type 1 has an invalid length.
[  537.982729][ T9150] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1100'.
[  538.422364][ T9110] chnl_net:caif_netlink_parms(): no params data found
[  539.021016][ T5821] Bluetooth: hci5: command tx timeout
[  540.336333][ T9163] loop3: detected capacity change from 0 to 1024
[  540.657548][   T14] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  540.668370][   T14] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.793132][ T9163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  540.805941][ T9163] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  541.547346][   T14] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  541.558518][   T14] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.151923][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  542.158596][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  542.817329][ T9180] loop1: detected capacity change from 0 to 1024
[  542.888928][ T9180] EXT4-fs: Ignoring removed nomblk_io_submit option
[  543.104017][ T9180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  544.046470][ T9194] loop0: detected capacity change from 0 to 8
[  544.441732][ T9168] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  547.210298][   T24] kernel write not supported for file /dsp1 (pid: 24 comm: kworker/1:0)
[  551.531959][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  551.590660][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.009808][ T9221] loop0: detected capacity change from 0 to 32768
[  553.137615][ T9221] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  553.228057][   T11] usb 2-1: [UEAGLE-ATM] firmware is not available
[  553.293711][   T14] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  553.309408][   T14] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.522686][ T9221] XFS (loop0): Ending clean mount
[  553.850800][    C0] sched: DL replenish lagged too much
[  554.107276][ T5810] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  554.397293][   T14] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  554.408228][   T14] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  555.835159][ T9233] loop3: detected capacity change from 0 to 40427
[  556.099197][ T9233] F2FS-fs (loop3): invalid crc value
[  556.113078][ T9232] loop1: detected capacity change from 0 to 1024
[  556.539469][ T9233] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  556.552551][ T9233] F2FS-fs (loop3): Start checkpoint disabled!
[  556.641564][ T9233] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  556.947942][ T9110] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.955645][ T9110] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.963832][ T9110] bridge_slave_0: entered allmulticast mode
[  556.973911][ T9110] bridge_slave_0: entered promiscuous mode
[  557.641594][ T9110] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.651858][ T9110] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.659634][ T9110] bridge_slave_1: entered allmulticast mode
[  557.669607][ T9110] bridge_slave_1: entered promiscuous mode
[  559.331498][ T3552] hfsplus: b-tree write err: -5, ino 4
[  559.367416][   T14] bridge_slave_1: left allmulticast mode
[  559.373384][   T14] bridge_slave_1: left promiscuous mode
[  559.379973][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.732783][   T14] bridge_slave_0: left allmulticast mode
[  559.738676][   T14] bridge_slave_0: left promiscuous mode
[  559.745495][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.398502][ T9245] loop0: detected capacity change from 0 to 4096
[  562.543093][ T9245] ntfs3(loop0): Failed to read $AttrDef (-4).
[  564.134034][ T5819] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  564.201533][ T5819] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  564.237346][ T5819] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  564.276730][ T5819] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  564.288571][ T5819] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  565.085697][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  565.277907][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  565.422222][   T14] bond0 (unregistering): Released all slaves
[  566.322765][ T9110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  566.549204][ T5819] Bluetooth: hci2: command tx timeout
[  566.858045][ T9110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  568.661304][ T5819] Bluetooth: hci2: command tx timeout
[  569.248216][ T9110] team0: Port device team_slave_0 added
[  569.882909][ T9110] team0: Port device team_slave_1 added
[  570.761155][ T5819] Bluetooth: hci2: command tx timeout
[  571.001700][   T14] hsr_slave_0: left promiscuous mode
[  571.071562][   T14] hsr_slave_1: left promiscuous mode
[  571.079952][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  571.087760][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.374341][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  571.382238][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.768244][   T14] veth1_macvtap: left promiscuous mode
[  571.774251][   T14] veth0_macvtap: left promiscuous mode
[  571.780309][   T14] veth1_vlan: left promiscuous mode
[  571.786047][   T14] veth0_vlan: left promiscuous mode
[  572.968812][ T5819] Bluetooth: hci2: command tx timeout
[  573.891055][ T9298] loop6: detected capacity change from 0 to 32768
[  574.293373][ T9298] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  574.755671][ T9298] XFS (loop6): Ending clean mount
[  574.956331][ T9298] XFS (loop6): Quotacheck needed: Please wait.
[  575.308233][ T9298] XFS (loop6): Quotacheck: Done.
[  575.679839][ T8689] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  576.143803][   T14] team0 (unregistering): Port device team_slave_1 removed
[  576.233081][ T9268] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  576.273165][   T14] team0 (unregistering): Port device team_slave_0 removed
[  576.721496][ T9268] usb 4-1: Using ep0 maxpacket: 16
[  576.964293][ T9268] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.975832][ T9268] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.986118][ T9268] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  576.999609][ T9268] usb 4-1: config 0 interface 0 has no altsetting 0
[  577.006735][ T9268] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  577.016148][ T9268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.315373][ T9268] usb 4-1: config 0 descriptor??
[  577.989360][ T9268] hid (null): unknown global tag 0xd
[  577.996458][ T9268] hid (null): unknown global tag 0xc
[  578.002260][ T9268] hid (null): unknown global tag 0xc
[  578.668785][ T9110] batman_adv: batadv0: Adding interface: batadv_slave_0
[  578.676452][ T9110] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  578.706771][ T9110] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  579.252785][ T9268] usb 4-1: USB disconnect, device number 9
[  579.960346][   T14] IPVS: stop unused estimator thread 0...
[  580.293557][ T9110] batman_adv: batadv0: Adding interface: batadv_slave_1
[  580.300851][ T9110] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  580.327223][ T9110] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  581.420186][ T9324] loop3: detected capacity change from 0 to 32768
[  582.716563][ T4164] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.841314][ T9110] hsr_slave_0: entered promiscuous mode
[  582.851953][ T9110] hsr_slave_1: entered promiscuous mode
[  582.860955][ T9110] debugfs: 'hsr0' already exists in 'hsr'
[  582.866891][ T9110] Cannot create hsr debugfs directory
[  583.179949][ T4164] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.428568][ T4164] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.821674][ T9256] chnl_net:caif_netlink_parms(): no params data found
[  583.932434][ T4164] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  584.277578][ T9347] Attempt to restore checkpoint with obsolete wellknown handles
[  584.383102][ T9350] loop6: detected capacity change from 0 to 512
[  584.475638][ T9350] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  584.701664][ T9350] EXT4-fs (loop6): 1 truncate cleaned up
[  584.709908][ T9350] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  585.643351][ T4164] bridge_slave_1: left allmulticast mode
[  585.649369][ T4164] bridge_slave_1: left promiscuous mode
[  585.656556][ T4164] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.901744][ T4164] bridge_slave_0: left allmulticast mode
[  585.907629][ T4164] bridge_slave_0: left promiscuous mode
[  585.914791][ T4164] bridge0: port 1(bridge_slave_0) entered disabled state
[  585.942451][ T8689] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  587.283538][ T4164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  587.321084][ T9367] loop6: detected capacity change from 0 to 1024
[  587.330572][ T4164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  587.386570][ T4164] bond0 (unregistering): Released all slaves
[  587.481929][ T5819] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  587.515756][ T5819] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  587.527277][ T9367] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  587.540205][ T9367] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  587.589673][ T5819] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  587.689343][ T5819] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  587.715795][ T5819] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  588.179281][ T9379] loop0: detected capacity change from 0 to 1024
[  588.623266][ T8689] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  588.663655][ T4164] hsr_slave_0: left promiscuous mode
[  588.742320][ T4164] hsr_slave_1: left promiscuous mode
[  588.749455][   T30] audit: type=1800 audit(1755697274.555:13): pid=9379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1162" name="file1" dev="loop0" ino=20 res=0 errno=0
[  588.751017][ T4164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  588.778140][ T4164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  588.918587][ T4164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  588.926521][ T4164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  588.953658][ T4164] veth1_macvtap: left promiscuous mode
[  588.959405][ T4164] veth0_macvtap: left promiscuous mode
[  588.966466][ T4164] veth1_vlan: left promiscuous mode
[  588.972281][ T4164] veth0_vlan: left promiscuous mode
[  589.634877][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  589.803153][ T5819] Bluetooth: hci4: command tx timeout
[  589.831050][    T9] usb 7-1: Using ep0 maxpacket: 32
[  589.869824][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  589.882518][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  589.894127][    T9] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  590.122102][ T4164] team0 (unregistering): Port device team_slave_1 removed
[  590.147471][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  590.151660][ T4164] team0 (unregistering): Port device team_slave_0 removed
[  590.161183][    T9] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  590.173772][    T9] usb 7-1: Product: syz
[  590.178152][    T9] usb 7-1: Manufacturer: syz
[  590.183449][    T9] usb 7-1: SerialNumber: syz
[  590.407555][    T9] input: appletouch as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input15
[  590.652058][ T5440] usb 7-1: USB disconnect, device number 3
[  590.721918][ T5440] appletouch 7-1:1.0: input: appletouch disconnected
[  590.913231][ T9394] loop0: detected capacity change from 0 to 2048
[  591.043353][ T9396] loop3: detected capacity change from 0 to 128
[  591.150223][ T9394] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  591.307711][ T9399] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  591.314978][ T9394] EXT4-fs (loop0): shut down requested (1)
[  591.384461][ T9256] bridge0: port 1(bridge_slave_0) entered blocking state
[  591.392224][ T9256] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.402103][ T9256] bridge_slave_0: entered allmulticast mode
[  591.411777][ T9256] bridge_slave_0: entered promiscuous mode
[  591.468004][ T9256] bridge0: port 2(bridge_slave_1) entered blocking state
[  591.475853][ T9256] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.484224][ T9256] bridge_slave_1: entered allmulticast mode
[  591.493995][ T9256] bridge_slave_1: entered promiscuous mode
[  591.874135][ T5819] Bluetooth: hci4: command tx timeout
[  591.928466][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.005174][ T9256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  592.164453][ T9256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  592.662767][ T9256] team0: Port device team_slave_0 added
[  592.722762][ T9256] team0: Port device team_slave_1 added
[  593.564002][ T9410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1171'.
[  593.686103][ T9256] batman_adv: batadv0: Adding interface: batadv_slave_0
[  593.693525][ T9256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.719980][ T9256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  593.913661][ T4164] bridge_slave_1: left allmulticast mode
[  593.919666][ T4164] bridge_slave_1: left promiscuous mode
[  593.926613][ T4164] bridge0: port 2(bridge_slave_1) entered disabled state
[  593.958285][ T5819] Bluetooth: hci4: command tx timeout
[  593.999129][ T4164] bridge_slave_0: left allmulticast mode
[  594.005301][ T4164] bridge_slave_0: left promiscuous mode
[  594.012357][ T4164] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.502875][ T4164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  594.602872][ T4164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  594.655680][ T4164] bond0 (unregistering): Released all slaves
[  594.780108][ T9256] batman_adv: batadv0: Adding interface: batadv_slave_1
[  594.788074][ T9256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  594.814619][ T9256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  594.976918][ T9371] chnl_net:caif_netlink_parms(): no params data found
[  595.392159][ T4164] hsr_slave_0: left promiscuous mode
[  595.419121][ T4164] hsr_slave_1: left promiscuous mode
[  595.428385][ T4164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  595.495218][ T4164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  595.887606][ T9439] loop6: detected capacity change from 0 to 64
[  596.031481][ T5819] Bluetooth: hci4: command tx timeout
[  596.267916][ T4164] team0 (unregistering): Port device team_slave_1 removed
[  596.385188][ T4164] team0 (unregistering): Port device team_slave_0 removed
[  596.736685][ T9443] netlink: 'syz.3.1183': attribute type 53 has an invalid length.
[  596.745524][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1183'.
[  597.309276][ T9256] hsr_slave_0: entered promiscuous mode
[  597.319657][ T9256] hsr_slave_1: entered promiscuous mode
[  597.328609][ T9256] debugfs: 'hsr0' already exists in 'hsr'
[  597.338057][ T9256] Cannot create hsr debugfs directory
[  597.879197][    C1] Illegal XDP return value 16128 on prog  (id 94) dev bond_slave_0, expect packet loss!
[  599.333073][ T9371] bridge0: port 1(bridge_slave_0) entered blocking state
[  599.340620][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.349118][ T9371] bridge_slave_0: entered allmulticast mode
[  599.359245][ T9371] bridge_slave_0: entered promiscuous mode
[  599.479716][ T9473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1193'.
[  599.492379][ T9473] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1193'.
[  599.507787][ T9474] loop3: detected capacity change from 0 to 256
[  599.532217][ T9371] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.539856][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.547940][ T9371] bridge_slave_1: entered allmulticast mode
[  599.558707][ T9371] bridge_slave_1: entered promiscuous mode
[  599.578935][ T9256] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  599.859972][ T9256] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  599.921614][ T9371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  599.960501][ T9256] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  599.981728][ T9474] FAT-fs (loop3): Directory bread(block 64) failed
[  599.988516][ T9474] FAT-fs (loop3): Directory bread(block 65) failed
[  599.996052][ T9474] FAT-fs (loop3): Directory bread(block 66) failed
[  600.005605][ T9474] FAT-fs (loop3): Directory bread(block 67) failed
[  600.012938][ T9474] FAT-fs (loop3): Directory bread(block 68) failed
[  600.019664][ T9474] FAT-fs (loop3): Directory bread(block 69) failed
[  600.026706][ T9474] FAT-fs (loop3): Directory bread(block 70) failed
[  600.033608][ T9474] FAT-fs (loop3): Directory bread(block 71) failed
[  600.040500][ T9474] FAT-fs (loop3): Directory bread(block 72) failed
[  600.047540][ T9474] FAT-fs (loop3): Directory bread(block 73) failed
[  600.115362][ T9371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  600.136234][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888024826c00: rx timeout, send abort
[  600.137430][ T9256] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  600.644926][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888024826c00: abort rx timeout. Force session deactivation
[  600.685857][ T9371] team0: Port device team_slave_0 added
[  600.760436][ T9371] team0: Port device team_slave_1 added
[  601.197415][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_0
[  601.205004][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  601.234801][ T9371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  601.495798][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_1
[  601.503343][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  601.530073][ T9371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  602.284073][ T9256] 8021q: adding VLAN 0 to HW filter on device bond0
[  602.484459][ T9493] loop0: detected capacity change from 0 to 32768
[  602.586708][ T9256] 8021q: adding VLAN 0 to HW filter on device team0
[  602.622201][ T4309] bridge0: port 1(bridge_slave_0) entered blocking state
[  602.629765][ T4309] bridge0: port 1(bridge_slave_0) entered forwarding state
[  603.012812][ T4309] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.020383][ T4309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  603.369347][ T9371] hsr_slave_0: entered promiscuous mode
[  603.382787][ T9371] hsr_slave_1: entered promiscuous mode
[  603.391753][ T9371] debugfs: 'hsr0' already exists in 'hsr'
[  603.397679][ T9371] Cannot create hsr debugfs directory
[  603.606221][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  603.613457][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  604.000599][ T9510] loop6: detected capacity change from 0 to 64
[  605.376722][ T9524] loop6: detected capacity change from 0 to 8
[  605.631184][ T5821] Bluetooth: hci3: command 0x0406 tx timeout
[  605.668881][ T9371] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  605.824753][ T9371] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  606.015451][ T9371] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  606.125467][ T9371] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  606.327314][ T9256] 8021q: adding VLAN 0 to HW filter on device batadv0
[  606.937182][ T9533] loop6: detected capacity change from 0 to 1024
[  607.284603][ T9533] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.604896][ T9535] loop3: detected capacity change from 0 to 32768
[  607.619828][ T9535] bcachefs (/dev/loop3): error validating superblock: Filesystem has incompatible feature bit 33, highest supported small_image (22)
[  607.634571][ T9535] bcachefs: bch2_fs_get_tree() error: invalid_sb_features
[  608.709149][ T8689] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.768087][ T9371] 8021q: adding VLAN 0 to HW filter on device bond0
[  608.986598][ T9371] 8021q: adding VLAN 0 to HW filter on device team0
[  609.149596][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.157241][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[  609.265383][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.273061][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  609.689438][ T9371] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  609.700321][ T9371] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  609.964368][ T9557] sctp: [Deprecated]: syz.0.1216 (pid 9557) Use of int in maxseg socket option.
[  609.964368][ T9557] Use struct sctp_assoc_value instead
[  610.997600][ T9256] veth0_vlan: entered promiscuous mode
[  611.169180][ T9256] veth1_vlan: entered promiscuous mode
[  611.277947][ T9564] loop0: detected capacity change from 0 to 4096
[  611.779916][ T9256] veth0_macvtap: entered promiscuous mode
[  611.929523][ T9256] veth1_macvtap: entered promiscuous mode
[  612.310484][ T9256] batman_adv: batadv0: Interface activated: batadv_slave_0
[  612.478996][ T9256] batman_adv: batadv0: Interface activated: batadv_slave_1
[  612.744227][   T14] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  612.895571][ T1128] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  612.925480][ T9371] 8021q: adding VLAN 0 to HW filter on device batadv0
[  613.011070][ T1128] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  613.020126][ T1128] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  614.095195][ T9592] loop0: detected capacity change from 0 to 64
[  615.716089][ T9598] loop3: detected capacity change from 0 to 4096
[  615.857380][ T9598] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  616.514605][ T9598] ntfs3(loop3): ino=1a, mi_enum_attr
[  616.520180][ T9598] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  617.038781][ T9598] ntfs3(loop3): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  617.224475][ T9371] veth0_vlan: entered promiscuous mode
[  617.322706][ T9371] veth1_vlan: entered promiscuous mode
[  617.793801][ T9371] veth0_macvtap: entered promiscuous mode
[  617.925068][ T9371] veth1_macvtap: entered promiscuous mode
[  618.146264][ T9371] batman_adv: batadv0: Interface activated: batadv_slave_0
[  618.286578][ T9371] batman_adv: batadv0: Interface activated: batadv_slave_1
[  618.418874][  T194] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  618.522662][ T4309] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  618.612630][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  618.682639][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  619.733558][ T9642] input: syz1 as /devices/virtual/input/input16
[  620.462185][    T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  620.722119][    T9] usb 7-1: Using ep0 maxpacket: 16
[  620.794100][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  620.805620][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  620.817207][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  620.827314][    T9] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  620.838980][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  621.085403][    T9] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  621.096468][    T9] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  621.105364][    T9] usb 7-1: Manufacturer: syz
[  621.209390][    T9] usb 7-1: config 0 descriptor??
[  621.833545][ T9660] loop0: detected capacity change from 0 to 128
[  621.920118][ T9660] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  622.026052][ T9660] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  622.081444][    T9] rc_core: IR keymap rc-hauppauge not found
[  622.087656][    T9] Registered IR keymap rc-empty
[  622.093447][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.212380][ T5821] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  622.225557][ T5821] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  622.242464][ T5821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  622.244640][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.258977][ T5821] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  622.275490][ T5821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  622.430179][    T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[  622.448234][    T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input17
[  622.637355][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.794431][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.821929][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.859460][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.881722][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.931948][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.962309][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  622.982129][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  623.001306][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  623.078084][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[  623.131549][    T9] mceusb 7-1:0.0: Registered  with mce emulator interface version 1
[  623.142219][    T9] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  623.245098][    T9] usb 7-1: USB disconnect, device number 4
[  623.465818][ T9675] loop3: detected capacity change from 0 to 512
[  623.467168][ T9673] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  623.640084][ T9675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.654921][ T9675] ext4 filesystem being mounted at /262/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  624.339569][ T5813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.362047][ T5821] Bluetooth: hci5: command tx timeout
[  624.587262][ T9662] chnl_net:caif_netlink_parms(): no params data found
[  625.152810][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  625.262014][ T9694] =====================================================
[  625.269248][ T9694] BUG: KMSAN: kernel-infoleak-after-free in _copy_to_user+0xcc/0x120
[  625.277915][ T9694]  _copy_to_user+0xcc/0x120
[  625.282700][ T9694]  do_insn_ioctl+0x59c/0x6d0
[  625.287464][ T9694]  comedi_unlocked_ioctl+0xa5e/0x1f60
[  625.294824][ T9694]  __se_sys_ioctl+0x23c/0x400
[  625.299709][ T9694]  __x64_sys_ioctl+0x97/0xe0
[  625.304997][ T9694]  x64_sys_call+0x1cbc/0x3e20
[  625.309907][ T9694]  do_syscall_64+0xd9/0x210
[  625.314821][ T9694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.321058][ T9694] 
[  625.323470][ T9694] Uninit was created at:
[  625.327948][ T9694]  kfree+0x252/0xec0
[  625.332710][ T9694]  ieee80211_ibss_rx_queued_mgmt+0x2f83/0x3f60
[  625.339078][ T9694]  ieee80211_iface_work+0x11c7/0x1e70
[  625.344831][ T9694]  cfg80211_wiphy_work+0x344/0x850
[  625.350181][ T9694]  process_scheduled_works+0xb8e/0x1d80
[  625.356174][ T9694]  worker_thread+0xedf/0x1590
[  625.361354][ T9694]  kthread+0xd59/0xf00
[  625.365615][ T9694]  ret_from_fork+0x1e3/0x310
[  625.370378][ T9694]  ret_from_fork_asm+0x1a/0x30
[  625.375544][ T9694] 
[  625.377953][ T9694] Bytes 4-583 of 584 are uninitialized
[  625.383649][ T9694] Memory access of size 584 starts at ffff88804df12400
[  625.391025][ T9694] 
[  625.394897][ T9694] CPU: 0 UID: 0 PID: 9694 Comm: syz.6.1246 Not tainted syzkaller #0 PREEMPT(none) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  625.405040][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  625.415444][ T9694] =====================================================
[  625.422977][ T9694] Disabling lock debugging due to kernel taint
[  625.429243][ T9694] Kernel panic - not syncing: kmsan.panic set ...
[  625.435803][ T9694] CPU: 0 UID: 0 PID: 9694 Comm: syz.6.1246 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  625.446860][ T9694] Tainted: [B]=BAD_PAGE
[  625.451107][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  625.461382][ T9694] Call Trace:
[  625.464780][ T9694]  <TASK>
[  625.467819][ T9694]  __dump_stack+0x26/0x30
[  625.472414][ T9694]  dump_stack_lvl+0x53/0x270
[  625.477234][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  625.483281][ T9694]  dump_stack+0x1e/0x25
[  625.487647][ T9694]  vpanic+0x361/0xc50
[  625.491862][ T9694]  panic+0x15d/0x160
[  625.496020][ T9694]  kmsan_report+0x31c/0x320
[  625.500730][ T9694]  ? kmsan_internal_check_memory+0x1e1/0x230
[  625.506903][ T9694]  ? kmsan_copy_to_user+0xf1/0x190
[  625.512213][ T9694]  ? _copy_to_user+0xcc/0x120
[  625.517086][ T9694]  ? do_insn_ioctl+0x59c/0x6d0
[  625.522040][ T9694]  ? comedi_unlocked_ioctl+0xa5e/0x1f60
[  625.527781][ T9694]  ? __se_sys_ioctl+0x23c/0x400
[  625.532828][ T9694]  ? __x64_sys_ioctl+0x97/0xe0
[  625.537793][ T9694]  ? x64_sys_call+0x1cbc/0x3e20
[  625.542889][ T9694]  ? do_syscall_64+0xd9/0x210
[  625.547786][ T9694]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.554054][ T9694]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  625.560392][ T9694]  ? kmsan_get_metadata+0xfb/0x160
[  625.565715][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  625.571772][ T9694]  ? kmsan_get_metadata+0xfb/0x160
[  625.577083][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  625.583105][ T9694]  ? kmsan_get_metadata+0xfb/0x160
[  625.588426][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  625.594452][ T9694]  ? kmsan_get_metadata+0xfb/0x160
[  625.599774][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  625.605814][ T9694]  kmsan_internal_check_memory+0x1e1/0x230
[  625.611840][ T9694]  kmsan_copy_to_user+0xf1/0x190
[  625.616980][ T9694]  _copy_to_user+0xcc/0x120
[  625.621674][ T9694]  do_insn_ioctl+0x59c/0x6d0
[  625.626504][ T9694]  comedi_unlocked_ioctl+0xa5e/0x1f60
[  625.632123][ T9694]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  625.638129][ T9694]  __se_sys_ioctl+0x23c/0x400
[  625.643033][ T9694]  __x64_sys_ioctl+0x97/0xe0
[  625.647867][ T9694]  x64_sys_call+0x1cbc/0x3e20
[  625.652763][ T9694]  do_syscall_64+0xd9/0x210
[  625.657466][ T9694]  ? irqentry_exit+0x16/0x60
[  625.662231][ T9694]  ? clear_bhb_loop+0x40/0x90
[  625.667077][ T9694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.673152][ T9694] RIP: 0033:0x7fb22978ebe9
[  625.677688][ T9694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.697468][ T9694] RSP: 002b:00007fb22a628038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  625.706068][ T9694] RAX: ffffffffffffffda RBX: 00007fb2299b5fa0 RCX: 00007fb22978ebe9
[  625.714186][ T9694] RDX: 0000200000000000 RSI: 000000008028640c RDI: 0000000000000004
[  625.722290][ T9694] RBP: 00007fb229811e19 R08: 0000000000000000 R09: 0000000000000000
[  625.730359][ T9694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  625.738502][ T9694] R13: 00007fb2299b6038 R14: 00007fb2299b5fa0 R15: 00007fff451fb658
[  625.746645][ T9694]  </TASK>
[  625.750152][ T9694] Kernel Offset: disabled
[  625.754549][ T9694] Rebooting in 86400 seconds..