last executing test programs:

3.543923852s ago: executing program 4 (id=395):
syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000080)='./file1\x00', 0x2000000, &(0x7f0000000f40)={[{@file_umask={'file_umask', 0x3d, 0x80004}}, {@type={'type', 0x3d, "7763e6ef"}}, {@codepage={'codepage', 0x3d, 'cp869'}}, {@dir_umask={'dir_umask', 0x3d, 0x5}}, {}]}, 0x1, 0x2fe, &(0x7f0000001100)="$eJzs3U1vE0ccx/HfrO3EaaJ0m6Sq1EurtJHaS9S0PVS9uKp87b2nqm3sSBFWEEmQgAsm4oh4Adx5C7wILiDeAHDhxAvIbdHMzq7X9nidCDubhO9HsjWenYf/sE8zK5EVgE/Wn+3XT395Zz9Gqqkm6XcpktSU6pK+1FfN2wfH+8e9bqesoZqrYT9GaU0zVmb3oBuqauu5Gl5sf9W1UszDfCRJ8sebqoNA5dzZHxBJi/48dNubFxzXrIwOri99U1EolSn+G5hTneqOVisMBwBwCfj7f+RvEysuyyiKpC1/27/S9/9Rp1UHMFu/9sayktIKhfu/m90lxu7fz92mwXrPLeHs9ihbJZ4lmMbI7wWlR9bQHMyEV5Vvk5SPJVra269re/eBOpFO1PIKFTbcdyc9dDNTot0MrE1LTG6tob8+S0djZ5RLo5uzkPb2e91FmwjEv36+Hj+eeW5emn9MrCfq5PO/emLsbnJ7Kh7ZU1HDxv/T5BaXXS1bSn7Z32q1oqEiX7hOvvY9eFNG2QyvSIptZg8I+nkEgThPsoTre03DjxXS0e2EOjCDxtdDteL813hd19fGUK2aPxK2d2/2Sh+lzEc2RPPY/G029V7P1C7M/yMb35YKZ2bZpd64kv7ISMezEC5ZdyXjsTtHP099m0fgLZ57bJDO+bTskf7Xb1o9unvvRq3X6x7axH+BxK2VQ+NzGg+lYJn5J2oqKaP+IMfdPO4nyVlbTuYZ/I8zbdBeP/Ice/qECtuzLM+JLno3Xb9EXaFN7RcqOyDnmsimLjNp0E60JmyayzUKl8yRyXa6zxibxOKas/Muk67/3Ezez+rcdcZ+xSXz9PJFpoZa3MlXcMNTwbXQ3GXK2mB58gqu0OPPE9aMbs313Q/S94VMo9IeYxfntWHaeqV/ef4PAAAAAAAAAAAAAAAAAABw1VzE/1ioeowAAAAAAAAAAAAAAAAAAAAAAFx1Z3//79LgTU2hvxHv3v8bT33/79ALgP2Lonj/L1CNDwEAAP//FJB9Ww==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)

3.124885926s ago: executing program 0 (id=397):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r0, &(0x7f00000003c0), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)

2.729022088s ago: executing program 4 (id=398):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = socket$unix(0x1, 0x3, 0x0)
bind$unix(r2, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x3, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x200200, 0x0)
sendmsg$unix(r3, &(0x7f0000000680)={&(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r4], 0x30}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2.199360861s ago: executing program 3 (id=399):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$romfs(&(0x7f0000000040), &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00f3000000be5500200800000000c19e57fc847c52a19b0b247df0690ca7d757194d0335d8e8a065e069e1294e9f28bcee7085d4988309e751e0eec20f77d6c68ae8"], 0x1, 0x140, &(0x7f0000000340)="$eJzs2r9Kw1AUBvAzCEpHR6dAJQqa/1pXHcXN3SHU3DR4Y0oiSPsC4iQoXAdfQvAJfALJ6KZLB18icturplEhk9fh+y394LTpyblwp2PlWeqxwiLaHF4fTpbzLDV6wU6feSykmX0iMmQoq+rWpm9ePutlRfYPX9Br9W322V2PxcElS3jk624JAAAAAAAAAAAAAAAAAAAAAABaMjsqdAYivWAJj7xatRiNT0LOo7wgWtLUoV6moXa4iAl+J+cTzNU35Fh2ZUrEXi7r7vzvb1RYGwj+2pyvc5YOnWI0tpI0jKM4OvX9oOduue6270yf5TSfaN6rnqisHtzaOpn9dCQ7M2v7Zs9t9s3U+S+sJOLqvPlvX+ePgICA8BFaXp//3/T+mxDRYtB9lPef3c/4sSr+xTj1vj4A/OY9AAD//3cgO3s=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

1.935481863s ago: executing program 0 (id=400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="b9800000c00f3235000800000f300fe095a6520000b8010000000f01d9c402d53b9e0700000026f047ff4d14f30fc775ddb9c5090000b86c000000ba000000000f300f08450f01cb4a0fc72b", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.923265543s ago: executing program 1 (id=401):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_DYNSET_FLAGS={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)

1.791470765s ago: executing program 2 (id=402):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xfffffffc}, @NFTA_EXTHDR_DREG={0x8}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

1.791034565s ago: executing program 4 (id=403):
unshare(0x2c020400)
r0 = socket(0x1d, 0x2, 0x6)
getsockopt$nfc_llcp(r0, 0x6a, 0x0, 0x0, 0x20000071)

1.716485081s ago: executing program 0 (id=404):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, <r2=>0x0})
close(r2)
r3 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})

1.716004791s ago: executing program 4 (id=405):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @local}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

1.655573966s ago: executing program 2 (id=406):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r0, 0xa, 0x11)
fcntl$setlease(r0, 0x400, 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
fcntl$setsig(r1, 0xa, 0x11)
fcntl$setlease(r1, 0x400, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
creat(&(0x7f0000000140)='./file0\x00', 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.578704712s ago: executing program 3 (id=407):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/xfrm_stat\x00')
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffffbfd]}, 0x0, 0x8)
ftruncate(r0, 0x7fffffffffffffff)

1.434642773s ago: executing program 4 (id=408):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fcb602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9389ce300f92cc8091d7dfbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced6ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRES64], 0x1, 0x620f, &(0x7f000000cb40)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW73+DJdPT6/nzSu+vpUTZ/yv6svU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH/7gx2eqiLj0q3TDsYjPRT+iF7HS1GsRsbJ2LC8/iIgXYrs5no+I4VJElRufjXg9Ij4+GnH33q315qaz++zH9//yzz/85MiP/vGn4an//fVG/41py928+dv//u32o28vAAAAlKiu67pKH/OPp8/3va47BQDMRX79r5N8u3rh6s0F649arVarD2HdVk92u11ExGZ7neY9g8PxAHDIbMYnXXeBDsm/aIOIONJ1J4CFVnXdAQ7E3Xu31quUb9V+PVjbac/nguzJf7Pavb5j2nSW8XNM5vX42op+PDelPytz6sMiyfn3xvO/tNM+SssddP7zMi3/0c6lT8XJ+ffH8x/z9OTfm5h/qXL+g4fKvy9/AAAAAABYYPnv/8c6Pv679Pibsi8POv67Nqc+AAAAAAAAAMCT9rjj/+2qjP8HAAAAi6r5rN743dH7t037Lrbm9otVxDNjywOFSRfLrHbdDwAAAAAAAAAAAAAoyWDnHN6LVcQwIp5ZXa3ruvlpG68f1uOuf9iVvv1Qsq6f5AEAYMfHR8eu5a8iliPiYvquv+Hq6mpdL6+s1qv1ylJ+PztaWq5XWp9r87S5bWm0jzfEg1Hd/LLl1nptsz4vz2of/33NfY3q/j46Nh8dBg4AEbHzanTXK9JTpq6fja7f5XA4TNr/+908bHlC7P/sR9ePUwAAAODg1XVdV+nrvI+nY/69rjsFAMxFfv0fPy6gVqvVarX66avb6slut4uI2Gyv07xnMBw/ABwym/FJ112gQ/Iv2iAiXui6E8BCq7ruAAfi7r1b61XKt2q/HqTx3fO5IHvy36y218vrT5rOMn6OybweX1vRj+em9Of5OfVhkeT8e+P5X9ppH6XlDjr/eZmWf7OdxzroT9dy/v3x/Mc8Pfn3JuZfqpz/4KHy78sfAAAAAAAWWP77/7GFOv47etTNmelBx3/XDuxeAQAAAAAAAOBg3b13az1f95qP/39hwnKu/3w65fwr+Rcp598by/+rY8u1xwO+8/b9/P9z79b6H2/8+/N5ut/8l/JMlR5ZVXpEVOmeqkGaPs7WfdbWsD9q7mlY9fqDdM5PPXw3rsTV2IjTe5btpf+P++1n9rQ3PR1ut9f9nfaze9oHu+15/XN72ofpTKd6JbefjPX4eVyNd7bbm7alGdu/PKO9ntGe8+/b/4uU8x+0fpr8V1N7NTZt3Pmo95n9vj2ddD9vXfnib04f/ObMtBX93W1ra7bvpQ76s/1/cmQUv7y+ce3kzcs3blw7E2my59azkSZPWM5/mH52n/9f3mnPz/vt/fXOR6OHzn9RbMVgav4vt+ab7X1lzn3rQs5/lH5y/u+k9sn7/2HOf/r+/2oH/QEAAAAAAAAAAAAAAIAHqet6+xLRtyLifLr+p6trMwGA+cqv/3WSb59X3X/U9f+8dzu66r9aPee6WrD+zLX+tF6s/qjVh7Fuqyd7s11ExN/b6zTvGX496ZcBAIvs04j4V9edoDPyL1j+vr9meqLrzgBzdf2DD396+erVjWvXu+4JAAAAAAAAAPCo8vifa63xn0/UdX17bLk947++HWuPO/7nIM/sDjA6ZaDq/sNv04Ns9Ub9Xmu48Rdj2vjfw925B43/PZhxf8MZ7aMZ7Usz2pdntE+80KMl5/9ia7zzExFxfGz49RLGfx0f874EOf+XWo/nJv+vjC3Xzr/+/WHOv7cn/1M33v/FqesffPjalfcvv7fx3sbPzp05c/rc+fMXLlw49e6Vqxund/7tsMcHK+efx752HmhZcv45c/mXJef/pVTLvyw5/y+nWv5lyfnn93vyL0vOP3/2kX9Zcv6vpFr+Zcn5fy3V8i9Lzv/VVMu/LDn/r6da/mXJ+b+WavmXJed/MtXyL0vO/1Sq95n/ykH3i/nI+ecjXPb/suT885kN8i9Lzv9squVflpz/uVTLvyw5/9dTLf+y5Py/kWr5lyXnfz7V8i9Lzv+bqZZ/WXL+F1It/7Lk/L+VavmXJef/7VTLvyw5/zdSLf+y5Py/k2r5lyXn/91Uy78sOf/vpVr+Zcn5v5lq+Zfl/vf/mzFjxkye6fqZCQAAAAAAAAAAAAAYN4/TibveRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+D87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIddb3Az+zb147kBgI+Tv5m7B2jDHOJrt+iV9oXUx4bXgrCaHQF2zXuzYLfsNrl0Cj2lGgRMKoqKJtuGgLCLW5qbAqLmgFKBeoVaVKpL2gN4gKlYuoCiggVaIVZKuZ8zzPzszOzqy9482Zcz4fify8M2fmnDnzzOx+bb47AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GzLm2Y/U8uyrFar5RdszLKX1Of6iY2NS17/4h4fAAAAsHq/bPz3+VvSBYdXcKOmbf7pzu9+fWFhYSH7wPCfjn5hYSFdMZFlo+uyrHFddPWHH6w1bxM8no3Xhpq+Huqx++Ee14/0uH60x/VjPa5f1+P68R7XLzkBS6zPaunOtjX+uDE/pdmt2Wjjum0dbvV4bd1Q/dyl22a1xm0WRk9kc9mpbDabbtk+37bW2P6bW+r7ensW9zXUtK/N9RXy00ePx2OohXO8rWVfi/cZ/fiN2cTPfvro8b++8NztnWbP09Byf/lx7thaP85PhUvyY61l69I5icc51HScmzs8J8Mtx1lr3K7+5/bjfH6Fxzm8eJhrqv05H8+GGn9+pnGeRmpZh/O0OVz287uyLLu8eNjt2yzZVzaUbWi5ZGjx+RnPV2T9PupL6eXZyDWt0y0rWKf1ObOtdZ22vybi878l3G5kmWNofpp+/NhY0/P+i4XrWadR/VEv91ppX4P9fq0UZQ3GdfFM40E/0XENbguP/9Hty6/BjmunwxpMj7tpDW7ttQaHxoYbx5yehFrjNotrcFfL9sONPdUa89nt3dfg1IXT56bmP/HJe+ZOHzs5e3L2zJ5du6b37Nt34MCBqRNzp2an8/9e59kuvg3ZUHoNbA3nLr4GXtu2bfNSXfjy2JL33+t9HY53eR1ubNu236/DkfYHV1ubF+TSNZ2/Nt5XP+njV4ayZV5jjedn5+pfh+lxN70OR5pehx2/p3R4HY6s4HVY3+bczpX9zDLS9L9Ox7D894LVrcGNTWuw/eeR9jXY759HirIGx8O6+P7O5b8XbA7H+8Tktf48MrxkDaaHG9576pekn/fHDzRGp3V5R/2Km8ayi/Oz5+995NiFC+d3ZWGsiVc0rZX29bqh6TFlS9br0DWv18Nzdz5xR4fLN4ZzNX5P/T/jyz5X9W323tv9uWp8d+t8Plsu3Z2F0WdrfT47fTevn8+xLPvidx578FuPfvFNy57Pet781NTqfxZPubTp/Xd0mfffmPtfyPeX7urx4dGR/PU7nM7OaMv7cetTNdJ476o19v381Mrej0fD/9b6/fjWLu/Hm9q27ff78Wj7g4vvx7Vef9uxOu3P53hYJ6emu78f17fZtPta1+RI1/fju8KshfP/upAUUi5qWjvLrdu0r5GR0fC4RuIeWtfpnpbt43qr7+up3de3Tnfcld/XcHp0i9ZqnU60bdvvdZr+7mu5dVrr9bdv16f9+RwP6+LWPd3XaX2bp/eu/r1zffxj03vnWK81ODo8Vj/m0bQIG+/32cL6uAbvzY5nZ7NT2Uzj2rHGeqo19jV538rW4Fj431q/V27qsgZ3tG3b7zWYvo8tt/ZqI0sffB+0P5/jYV08eV/3NVjf5s37+/uz645wSdqm6WfX9r9fW+7vvO5oO003aq2MhOP8zv7ufzdb3+bUgWvNmd3P093hkps6nKf21+9yr6mZbG3O06ZwnM8dWP481Y+nvs0XDq5wPR3OsuzSx+5v/H1v+PeVv7v4va+3/LtLp3/TufSx+3/y0hP/eC3HD8DgeyEfG/LvdU3/MrWSf/8HAAAABkLM/UNhJvI/AAAAlEbM/fH/FZ7I/wAAAFAaMfePhJlUJP9vevNzcy9cylIzfyGI16fT8EC+Xey4ToevJxYW1S+//6uz//0Pl1a276Esy37xwB903H7TA/G4chPhOK++pfXyJb5+z4r2ffThS2m/zf31L4X7j49npcugUwV3Osuyb97yucZ+Jj54pTGffuBoYz54+YnH69s8fzD/Ot7+2Vfk2/9FKP8ePnGs5fbPhvPwozCn39H5fMTbfe3K6zbvf//i/uLtaltvbjzsJz+U32/8PTmffzzfPp7n5Y7/W5996mv17R95TefjvzTU+fifCvf71TD/51X59s3PQf3reLtPh+OP+4u3u/cr3+54/Fc/k29/7q35dkfDjPvfEb7e9tbn5prP1yO1Yy2PK3tbvl3c//T3/rhxfby/eP/txz9+5ErL+WhfH0//W34/U23bx8vjfqK/b9t//X6a12fc/1N/dLTlPPfa/9UHn31V/X7b939323bnPrazsf/F+2v9jU1/+enPddxfPJ7Df3uu5fEcfm94HYf9P/mhsB7D9f97Nb+/9t+ucPS9re8/cfsvbbzU8niit/8s3//VN5xszHXj6zfc9JKX3nz51fVzl2XPrMvvr9f+T/7V2Zbj//Jt+fmI18eOfvv+lxP3f/7jk2fOzl+cm0ln9dFbGr8755358cTjvSW8t7Z/feTshQ/Pnp+YnpjOsony/gq96/aVMH+Sj8vdt15Y8g668+HwfN7x59/csP1fPxsv//f35ZdfeUf+feu1YbvPh8s3hufv2va/1JNbbmu8vmtPhyNcWPr7gldj87b/OrCiDcPjb/+5IK73c6/8cOM81K9rfN+Ir+tVHv8PZvL7+UY4rwvhNzNvvW1xf83bx9+NcOWh/PW+6vMX3ubi8/o34fl+14/y+4/HFR/vD8LPMd/e1Pp+F9fHNy4Ntd9/47d4XA7vJ9nl/Pq4VTzfV56/rePhxd9Dkl2+vfH1n6T7uf2aHuZy5j8xP3Vq7szFR6YuzM5fmJr/xCePnD578cyFI43f5XnkI71uv/j+tKHx/jQzu29v1ni3OpuPG+zFPv5zDx+f2T+9fWb2xLGLJy48fG72/Mnj8/PHZ2fmtx87cWL2471uPzdzaNfug3v27548OTdz6MDBg3sOTs6dOVs/jPygetg3/dHJM+ePNG4yf2jvwV333bd3evL02ZnZQ/unpycv9rp943vTZP3Wvz95fvbUsQtzp2cn5+c+OXto18F9+3b3/G2Ap8+dmJ+YOn/xzNTF+dnzU/ljmbjQuLj+va/X7Smn+f/If55tV8t/EV/2nrv3pd/PWvfVx5a9q3yTtl8g+lz4XTT//LJzB1bydcz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//1DR+v/5+4X+f3+stn+v/x/o/+v/6//r/+v/0wdF6//H3L8+yyqZ/wEAAKAKYu7fEGYi/wMAAEBpxNx/U5iJ/A8AAAClEXP/S8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+/1RWrf7/5X4ev/6//j9LFa3/H3P/S8NMKpL/AQAAoApi7r85zET+BwAAgNKIuf+WMBP5HwAAAEoj5v6NYSYVyf/6//r/+v/6//r/nfev/z+Y9P+70//vQf/f5//r/+v/01dF6//H3P+yMJOK5H8AAACogpj7Xx5mIv8DAABA8Yxc381i7n9FmMmS/H+dOwAAAABedDH335q1FcEr8u//+v/6/8Xv/69L1+n/6/9nhez/D2f6/8Wh/9+d/n8P+v/6//r/+v/0VdH6/43cn41nrwwzqUj+BwAAgCqIuf+2MBP5HwAAAEoj5v7/F2Yi/wMAAEBpxNy/KcykIvlf/1//v/j9f5//r/9f9P6/z/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf/2MJOK5H8AAACogpj77wgzkf8BAACgNGLu//9hJvI/AAAAlEbM/ZvDTCqS//X/C97/j81R/X/9f/1//X/9/xXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu6fCDOpSP7X/y94/z/vwY/5/H/9f/1//X/9/5XR/+9O/78H/X/9/770/xcu6f/r/5MrWv8/5v4tYSYVyf8AAABQBTH3bw0zkf8BAACgNGLuvyvMRP4HAACA0oi5f1uYSUXyv/7/QPT/M/1//X/9f/1//f+V0f/vTv+/B/1//X+f/6//T18Vrf8fc/9rwkwqkv8BAACgCmLu3x5mIv8DAABAacTc/9owE/kfAAAASiPm/h1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+14WZVCT/AwAAQBXE3L8zzET+BwAAgNKIuf/uMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP/fr/78sP6//r/+P1kB+/8x998TZlKR/A8AAABVEHP/vWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6/6vu/zc9eP3/CvT/X714v/r/Of3/YtH/707/v4f+9f9Hsmr3/33+/3X3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f99/r/+v8//77x//f/BpP/fXf/7//Eh6v/7/H/9f5//r//PUkXr/8fcf1+YSUXyPwAAAFRBzP37wkzkfwAAACiNmPv3h5nI/wAAAFAaMfcfCDOpSP7X/9f/1//X/9f/77x//f/BpP/fXdU//39jrwPQ/9f/1//X/2eVHvrD5q+K1v+Puf9gmElF8j8AAABUQcz9rw8zkf8BAACgNGLu/5UwE/kfAAAASiPm/l8NMylL/u/RPNT/1//X/9f/1//vvH/9/8Gk/99d1fv/Pen/6//r/+v/01dF6//H3H8ozKQs+R8AAABIuf/XwkzkfwAAACiNmPvfEGYi/wMAAEBpxNx/OMykIvlf/1//X/9f/1//v/P+17r/PxbvV/9/VfT/u9P/70H/X/9f/1//n74qWv8/5v43hplUJP8DAABAFcTcf3+YifwPAAAApRFz/5vCTOR/AAAAKI2Y+98cZlKR/K//r/+v/6//r//fef8+/38w6f93txb9/2H9f/1//X/9f/1/gqL1/2Puf0uYSUXyPwAAAFRBzP1vDTOR/wEAAKA0Yu5/W5iJ/A8AAAClEXP/28NMKpL/9f/1//X/9f/1/zvvX/9/MOn/d+fz/3vQ/9f/1//X/6evitb/j7n/18NMKpL/AQAAoApi7n8gzET+BwAAgNKIuf8dYSbyPwAAAJRGzP3vDDOpSP7X/9f/1//X/9f/77x//f/BpP/f3YD1/395c7hc/z+n/1/s47/W/v9I29c3pP//w+X6/wvr2m+v/8+NULT+f8z97wozqUj+BwAAgCqIuf/dYSbyPwAAAJRGzP3vCTOR/wEAAKA0Yu7/jTCTiuR//f/6cSy2l/X/y9r/H9L/1//X/68I/f/uBqz/7/P/2+j/F/v4ff6//j9LFa3/H3P/e8NMKpL/AQAAoApi7n8wzET+BwAAgNKIuf+hMBP5HwAAAEoj5v73hZlUJP/r//v8/2r0/33+f6b/r/9fEfr/3en/96D/r/9ftP7/f+r/M9iK1v+Puf/hMJOK5H8AAACogpj73x9mIv8DAABAacTc/5thJvI/AAAAlEbM/R8IM6lI/tf/H5T+/8SA9v8f0/+/gf3/O2/Ot9P/1/9nkf5/d/r/Pej/6/8Xrf/v8/8ZcEXr/8fc/8Ewk5Xn//EVbwkAAAC8KGLu/60wk4r8+z8AAABUQcz9vx1mIv8DAABAacTc/zthJhXJ//r/N6T/3/jS5//7/P/29eHz//X/9f9vvLXr/8d3Hv1//X/9/0j/v0D9/4v6/xRD0fr/Mff/bphJRfI/AAAAVEHM/R8KM5H/AQAAYCB0+ky2djH3Hwkzkf8BAACgNGLuPxpmUpH8r/8/KJ//r/+fVa3//2db/+X733330V36//r/+v/XZE0//7/+4vf5//r/+v+J/n+B+v8+/5+CKFr/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vX+yJ6/9fa/9/rOOl+v/6/4N8/Pr/+v8sVbT+f8z9s2EmFcn/AAAAUAUh9w+dyOfiFfI/AAAAlEbM/SfDTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuLz/4sq9e9/3nih6P+3KU7/vzP9f/3/QT5+/X/9f5YqWv8/5v65MJOK5H8AAACogpj7PxJmIv8DAABAacTc/9EwE/kfAAAASiPm/lNhJhXJ//r/+v/6//r/+v+d91/Yz//X/+9qtf17/f9A/1//X/9f/1//nz4oWv8/5v7TYSYVyf8AAABQBTH3nwkzkf8B/o+9O2myqz7vOH47SKVWwSK7LLJJVZZ5CSySdfICssgmi6QqlUVIQhIyIzKPJNjGs43B84AHMBhjGzwP4Akbz2Abz/OAJ4xNyUX38zxS3z59bnfrdvc5///ns+CJOjT3Qqkk/dT6+gAAQDNy918Vt9j/AAAA0Izc/X8at3Sy//X/+v9m+//f1P/v9fr6f/1/y/T/4/T/K+j/9f/6f/0/azW1/j93/5/FLZ3sfwAAAOhB7v4/j1vsfwAAAGhG7v6r4xb7HwAAAJqRu/8v4pZO9v9S/7+xmFj/n33tEff/+TL6/5b6f8//3/P19f/6/5Ydb/9/3ZM/8un/9f/6/6D/31f/f2avz9f/06Kp9f+5+/8ybulk/wMAAEAPcvf/Vdxi/wMAAEAzcvdfE7fY/wAAANCM3P1/Hbd0sv/X9/z/s1sf9/z/C/T/+v/l7x/6f/2//v/oef7/uJ76/6sfvPxPHr3zV+86yOvr//X/nv+v/2e9ptb/5+7/m7ilk/0PAAAAPcjd/7dxi/0PAAAAzcjd/3dxi/0PAAAAzcjd//dxSyf7f339/9E8/z/p//X/C/2//n/p30f/r/8fov8fN/X+/7Tn/+v/Z/z+9f/6f3abWv+fu/8f4pZO9j8AAAD0IHf/P8Yt9j8AAAA0I3f/tXGL/Q8AAADNyN1/Lm7pZP/r/4++/39C/6//j6v/1//r/4+e/n/c1Pv/dT7//zCvr//X/+v/9f+s19T6/9z918Utnex/AAAA6EHu/n+KW+x/AAAAaEbu/n+OW+x/AAAAaEbu/n+JWzrZ//p/z//X/+v/9f/Dr6//nyf9/zj9/wr6/0vt50/r//X/+n8udsD+//GRH7bX0v/n7v/XuKWT/Q8AAAA9yN3/b3GL/Q8AAADNyN3/73GL/Q8AAADNyN3/H3FLJ/tf/6//1//r/w/d/+/+rrdF/z9M/3889P/jJtP/b5wa/HC3/f9j22+0gf7f8//1//p/dpja8/9z9/9n3NLJ/gcAAIAe5O7/r7hlZP8f+DfzAQAAgBOVu/+/4xZf/wcAAIDZy+osd///xC2d7H/9v/5f/6//9/z/4dcf6//vuuj96f+nRf8/bjL9/x667f8XF96v/n++71//r/9nt6n1/7n7/zdu6WT/AwAAQA9y918ft9j/AAAA0Izc/f8Xt9j/AAAA0Izc/f8ft3Sy/4f7/wv/f/3//uj/d75//f/w94919f/5T9T/j/b/v+X5/33S/487/v7/jP5/5z9f/3+ETvr9N97/n131+fp/hkyt/8/df0Pc0sn+BwAAgB7k7n9K3GL/AwAAQDNy9z81brH/AQAAoBm5+58Wt3Sy/z3/X/+v/59f/7/8/P+k/992HM//Xxx7/39K/79P+v9xnv+/gv5f/6//9/x/1mpq/X/u/hvjlk72PwAAAPTgxscWW7v/6YuF/Q8AAABzdPGfHVj+A6Uhd/8z4hb7HwAAAJqRu/+ZcUsn+1//r//X/8+///f8/x76f8//3y/9/zj9/wr6/6Po50811v/ftNfnT6H/v1b/z8Ts6P/vufDxk+r/c/c/K27pZP8DAABAD3L3Pztusf8BAACgGbn7nxO32P8AAADQjNz9z41bOtn/R97/n937tfX/+n/9v/5f/6//Xzf9/zj9/wr6f8//9/x//T9rtaP/v8hJ9f+5+58Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P03xS32PwAAADQjd/8L4pZO9r/n/+v/9f/6f/3/8Ovr/+dJ/z9O/7+C/l//r//X/7NWU+v/c/ffHLd0sv8BAACgB7n7b4lb7H8AAABoRu7+F8Yt9j8AAAA0I3f/i+KWTva//v9o+//8uP5f/7/Q/+v/9f/Hotv+f2PoZ6Ld9uj/7/+jc7+z8yP6f/2//l//r/9nDSbR/5+/8KvL3P0vjls62f8AAADQg9z9L4lb7H8AAABoRu7+l8Yt9j8AAAA0I3f/y+KWA+7/X17ruzo++n/P/9f/6//1/8Ovr/+fp9n1/6d3ftPz//X/+v/5vn/9v/6f3SbR/1/07dz9L49bfP0fAAAAmpG7/xVxi/0PAAAAzcjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrH7b/31wM0/8fj9n1/0v0//p//f9837/+X//PblPr/3P33xq3dLL/AQAAoAe5+18dt9j/AAAA0Izc/a+JW+x/AAAAaEbu/tfGLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//Nn9P/6f/2//p9Dmlr/n7v/dXFLJ/sfAAAAepC7/7a4xf4HAACAZuTuvz1usf8BAACgGbn7Xx+3dLL/9f/6f/2//l//P/z6+v950v+P0/+v4Pn/+n/9v/6ftZpa/5+7/464pZP9DwAAAD3I3X9n3GL/AwAAQDNy978hbrH/AQAAoBm5+++KWzrZ//p//b/+X/9/JP3/Of3/Mv3/8Ti6/n+h/9f/6/9X0P/r//X/LDuu/v/x+PF+Vf+fu/+NcUsn+x8AAAB6kLv/7rjF/gcAAIBm5O5/U9xi/wMAAEAzcve/OW7pZP/r//X/+n/9v+f/D7++/n+ePP9/nP5/Bf2//l//r/9nrY6r/9+r91/+du7+t8Qtnex/AAAA6EHu/nviFvsfAAAAmpG7/964xf4HAACAZuTuf2vc0sn+1//r/3f2/4uF/l//r//fdgz9/+ZC/792+v9x+v8V9P9t9v+/tGio/z+75+fr/5miqfX/ufvfFrd0sv8BAACgB7n73x632P8AAADQjNz974hb7H8AAABoRu7+d8YtLe3/J/ZO3+bf/59Z+kT9/2KxeOgaz//X/4+8vv5/Mv1//VfV/6+P/n+c/n8F/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7/+XP1H/v7ik5//r/7c+oP/X/+v/Z+tS+/ubN+PnNP2//l//P9jPb+zx656F/l//r/9nwNT6/9z974tbOtn/AAAA0IPc/ffFLfY/AAAANCN3//1xi/0PAAAAzcjd//64pZP9r//X/+v/59n/b+r/9f/6/0F79vdX7O/z1/X8/yuv/O0H9P/6/xb7/zH6f/2//p9lU+v/c/d/IG7pZP8DAABAD3L3fzBusf8BAACgGbn7PxS32P8AAADQjNz9H45bOtn/u/v/04vtQnXbUP8fjZr+/yL6/53vX/8//P3D8//1//r/o3epz99fV//v+f+He//6f/3/nN//gfr/X9v9+fp/WjS1/j93/wNxy8jw2/stAQAAAFOUu/8jcUsnX/8HAACAHuTu/2jcYv8DAABAM3L3Pxi3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/FfT/+n/P/7/qDy7T/7M+U+v/c/d/LG7ZGn6/fsUh/zUBAACACcnd//G4pZOv/wMAAEAPcvd/Im6x/wEAAKAZufs/Gbd0sv/1//p//b/+X/8//Pr6/3nS/4/T/6/QT/+/OfTBk+7nL9VJv/9m+n/P/2eNptb/5+7/VNzSyf4HAACAHuTu/3TcYv8DAABAM3L3fyZusf8BAACgGbn7H4pbOtn/+n/9f/v9/+/r/5deX/+v/2+Z/j9/Rh+m/1+hn/5/0En383N///r/sf7/4D8e0oap9f+5+x+OWzrZ/wAAANCD3P2fjVvsfwAAAGhG7v7PxS32PwAAADQjd//n45ZO9r/+v6/+f2PRY//v+f/6f/1/T+bT/99yauijnv+v/9f/z/f96/89/5/dptb/5+5/ZONUl/sfAAAA5up3f+OPH97v3/vI1l83F1+IW+x/AAAAaEbu/i/GLfY/AAAANCN3/5filk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/71//p/dpta/5+7/8txy0XDb/B/oAcAAACYjdz9X4lbOvn6PwAAAPQgd/9X45Zd+//8Pv9UOwAAADA1ufu/Frd08vV//f/E+//FEfX/8ffp/7fp//X/Q6+v/58n/f+4S+z/z2/o//X/I/T/+n/9P8um1v/n7r/7jkWX+x8AAAAateN3FL6+9dfNxTfiFvsfAAAAmpG7/5txi/0PAAAAzcjd/624pZP9r/+feP9/qOf/n63/y/P/O+//r98cfH39v/6/Zfr/cZ7/v4L+X/+v/9f/s1YH6P+3BulR9/+5+78dt3Sy/wEAAKAHufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/9/wn0/zecWSyOtP/fx/P/9f999P97vH47/f+vXH7uvt/7w9tv1f9zwXH2//l9Qf+v/9f/b9P/6//1/yyb2vP/c/d/P27pZP8DAABAD3L3Pxq32P8AAADQjNz9P4hbntz/957UuwIAAADWKXf/D+OWTr7+r/9v8fn/8+z/87/1CfT/5+bX/2dT3Hv/7/n/+v/dPP9/nP5/Bf2//l//r/9nrabW/+fu/1Hc0sn+BwAAgB7k7v9x3JL7f+PAv3UPAAAATEzu/p/ELb7+DwAAAM3I3f9Y3NLJ/tf/6/8P2/+f9fx/z//X/2/R/0+L/n+c/n8F/b/+X/+v/2etptb/5+7/adzSyf4HAACAHuTufzxusf8BAACgGbn7fxa32P8AAADQjNz9P49bOtn/+n/9/1Se/5/0/xc+T/+/Tf+v/z8I/f+4g/T/lw38ukD/r/8fo//X/+v/WTa1/j93/y8CAAD//zJLcR4=")
chdir(&(0x7f0000000240)='./file0\x00')
mknod(0x0, 0x0, 0x0)
truncate(&(0x7f00000000c0)='./file1\x00', 0x6)

1.396789777s ago: executing program 2 (id=409):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004b74ffec850000006d000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x2, 0x4, 0x3fd, 0x1, 0x1080}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000006e7a00000000000000000018200000", @ANYRES32=r2, @ANYBLOB="0000000000000000c3000c004000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r0, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x80086601, 0x20001412)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0], <r5=>0x0, 0xad, &(0x7f0000000480)=[{}], 0x8, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x18, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1b, 0x14, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@cb_func={0x18, 0x4, 0x4, 0x0, 0x4}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x81}, @generic={0x3, 0x7, 0x3, 0x7, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x50, '\x00', r3, 0x4, r4, 0x8, &(0x7f0000000380)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, r5, r1, 0x1, &(0x7f0000000700)=[r0, r0, r0, r0], &(0x7f0000000740)=[{0x2, 0x2, 0x0, 0x6}], 0x10, 0xaa55}, 0x90)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x1e000)

1.382095338s ago: executing program 3 (id=410):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x1000000000000})

1.304936094s ago: executing program 3 (id=411):
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockname(r0, &(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @link_local}}, &(0x7f00000000c0)=0x80)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000100)=0x4, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, r3, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0xa}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x500000005}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x20044040}, 0x4048000)

1.260310538s ago: executing program 2 (id=412):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000019000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)={0x2, [0x1, 0x0]}, 0x8)

1.180015494s ago: executing program 3 (id=413):
syz_emit_ethernet(0xa6, &(0x7f0000000640)={@link_local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x5, 0xa, "a78c000005dc8080a2030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34060600000000000000dac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005060000000000000000"}]}}}}}}, 0x0)

1.145460027s ago: executing program 2 (id=414):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x1}]}, 0x2f)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x14, &(0x7f0000000000)=r3, 0x8)

1.144882237s ago: executing program 1 (id=415):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80, &(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX], 0x1, 0x124b, &(0x7f0000001880)="$eJzs3DFvW1UUAOBjN03clMQBSqEd4AoWJqvJwMQSoVRCsQQqNVKLhOQqDlgxdpRnRTJChE6sjPwGxMgGQvyBrPwCtiwVUwbEQ/FzSJwq0ELqIPp9yzvJvefec9+TLD3rXu+9+dUnG+tZbb3Zj3KpFOXNiLSfIkU5Dr28Wlzv3F1drtdXbqV0c/n24hsppflXfvzgs29f/al/+f3v5r+fid2FD/ceLP2ye3X32t7vtz9uZ6mdpW6vn5rpXq/Xb97rtNJaO9uopfRup9XMWqndzVpbY+3rnd7m5iA1u2tzs5tbrSxLze4gbbQGqd9L/a1Ban7UbHdTrVZLc7PBqS7+fZfGN/t5/kNEnl+M6cjzPL8Us1GKZ2Iu5uOLiHg2novn40q8EFfjxXgprg17TaJ8AAAAAAAAAAAAAAAAAAAAeHrsD0/zj5//vzw6/1+NBef/AQAAAAAAAAAAAAAAAAAAYALeu3N3dbleX7mVUiWi8+V2Y7tRXIv25fVoRydacSOq8VsMT/8Xivjm2/WVG2noQkTsjPJ3thsHfz44GKLIXxz+nMAof2o49mH+YpGf4n7nWP5MzBbzVyKiFUtRjSvH5q8c5S89nD+93ajE668dq78W1XwnohedWBvOfZT/+WJKb71TPzH/9WE/AAAA+D+opT8tjL//Xijaa6e1F/mP8f3Aiffrqbg+db5rJyIbfLrR7HRaW+NB5aH/PKkgShF/2WdmImU8fjA9uoMnlnMQlP/NyDNxalN5rOnrnyPO+yb8J4LK6EmcxYClJ1rqYaVnPfL9M1n7eHBOH0hM1NFDP63HpckWBAAAAAAAAAAAwCN5lP2Av8Y/3kU4FSd3luXVc1srAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+wA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+CgAA//+48LyQ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x275a, 0x0)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000001840)={0x0, 0x1000})

1.085005192s ago: executing program 3 (id=416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-ce\x00'}, 0x58)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x0)
getpid()
syz_pidfd_open(0x0, 0x0)
ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000240))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt(r2, 0x0, 0x8001, &(0x7f0000000040)="98531ecf3a980c79868b8300cbdc2830b5c4bf2e5e8bd93e744c0e245d825515cf08b8248aaac81089503224884046d9efc12e48b297b2ca0f681737fc3b5ba256fa2a46d557fe2874b33563e748f9f4459fa8e2bb34acd4e33c2d1383e973288549c256c75f7de9d41c7fe340c725fa5f2d23ce9c4fc5de4c1d065190d8b86930b91b0ae07dd6e06a55ce701da34c698f8373d3d6e24c9ea03f245b29eaaf260bc8f5fbe55af32205930f0182b3edd50a1c7add576386cbcc1e0867d1fac7bfddb35bd93618d21b3c8418112af851507df53e5e7f054468265a99027ea19022dce716192fbfe70c36d885f7c5d07d5f716d0a82a7a57c435522", 0xfa)
syz_pidfd_open(0x0, 0x0)
ioctl$HCIINQUIRY(r2, 0x400448cb, 0x0)
prctl$PR_SET_IO_FLUSHER(0x34, 0x2)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000280)=0x7fff)
syz_open_dev$sndpcmp(&(0x7f0000000300), 0xfffffffffffffe01, 0x305800)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600), 0x3b, 0x0, &(0x7f0000001800)})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000540)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000380)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000180)={r5})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000004c0)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r6, 0x3, r4, 0x5})
r7 = socket$inet6(0xa, 0x3, 0x0)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e24, 0x56, @rand_addr=' \x01\x00', 0x1}, 0x1c)

803.193305ms ago: executing program 0 (id=417):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=r0, 0x4)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100)=r0, 0x4)

745.481119ms ago: executing program 1 (id=418):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080), 0x6)
getsockname(r0, 0x0, &(0x7f00000000c0))

744.67526ms ago: executing program 0 (id=419):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000006, 0x11, 0xffffffffffffffff, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r1, 0x28, 0x0, 0x0, &(0x7f0000000000))
r2 = io_uring_setup(0x7fdb, &(0x7f00000003c0))
r3 = socket(0x1e, 0x5, 0x0)
listen(r3, 0x0)
accept4$inet6(r3, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
sendto$inet(r0, &(0x7f0000000240)="4f1adb64a8b6b99ae9363f56e22eb6f402e6d44d08fce1f3008fcf0befb0f5a8f0c18cb413aab4c7d94a5badb53d135c48d20e0159a6607b63aa0f", 0x3b, 0xed64180853bd8d93, &(0x7f0000000280)={0x2, 0x4e20, @multicast1}, 0x10)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000000040), 0x0)
prctl$PR_CAPBSET_READ(0x17, 0xcf)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x18008, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
setrlimit(0x1, &(0x7f0000000100)={0x0, 0xffffffffffffffff})
r5 = open(&(0x7f00000000c0)='./bus\x00', 0x1431c2, 0x0)
pwrite64(r5, &(0x7f0000000580)='\x00', 0x1, 0x600000000)
r6 = open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0)
ftruncate(r6, 0x8002007ffb)
read$FUSE(r5, &(0x7f00000021c0)={0x2020}, 0x2020)
listen(r4, 0xfff)
syz_emit_ethernet(0x56, &(0x7f00000003c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0xa8}]}}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000840)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}]}}}}}}}}, 0x0)

568.642134ms ago: executing program 1 (id=420):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x2}, {@in=@remote, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2}}]}, 0x154}}, 0x0)

501.439419ms ago: executing program 1 (id=421):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x802, &(0x7f0000000200)={[{@codepage={'codepage', 0x3d, 'koi8-u'}}, {@part={'part', 0x3d, 0x1}}, {@umask={'umask', 0x3d, 0x6}}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@gid}]}, 0x1, 0x2db, &(0x7f0000000800)="$eJzs3c9u00oUx/HfOEmb/lGvb9urK7EBFSrBpqLAArEJQtmyZ4WAJpUqoiLaIgGbFsQS8QDseQUegg2IF4AVKx6gO6MZT1w7dZwWNXHTfj9SImc84znW2Jk5ltoIwLl1r/nj081f9mWkiiqS7kiBpLpUlfSf/q+/2NzZ2Om0W0UHqrgW9mUUtzSH6qxttvOa2nauhRfaT1XNpsswHFEU3f1ZdhAonbv7cwTSpL8P3f76iOMalj3pYtkxjFp6gM2+9vVScyWGAwA4Bfz8H/hpYtYVGQWBtOyn/TM1/++XHcDJutU5VBQVNkjN/251Fxk7vv+4XQf5nkvh7P6gmyUeJZhaz+cJxVdWZoFpBmWVLpZgan2jqpW1N2oFequGl6q26N5b8aXbNSDapZzctED/o9V0fzo+G7ei7OVD2l3f6LQn7VZO/AuFPU4eJ86jMV/MN/PQhPqoVrL+q0bGDpMbqbBnpIKajf96/yPOuFa2lnza32g0gkyVf10nF3wP3oBRqudnJOljdh8Q7CURFMXp+p5X9rFCfHarA1ot5LUKk099Wi1mWtmzsX2trD3rFD5KGY7uKZoP5oFZ0m99VjO1/g9sfMtK3ZlFX/XG1fRXRnw+E/k1q65meGjmOLhdLiUReEO46M+D4z0te68nuq257Vevn1Y6nfaW3Xic2TCyG89nt4wvqb2TeuqMaqOigjraOyiJrN0oOuqRo2EGf+1ED2i/P5ISe/vkVbZ3WVISjHqYzstG86uKLsjx2Ygiqc+uoX1P4RTZNnasU1PHVJnRoAR23WXi/M+t5P2qzqVI9i0sWKcXJ5nKHHE1yeCyS8F59z59rAxupn8Gl+rxRp+c0eVcl69KV1KFRoU9hj7OM8I09V2PeP4PAAAAAAAAAAAAAAAAAAAwbkbxlwZlnyMAAAAAAAAAAAAAAAAAAAAAAOPur37/N+9/xLvf/w35/V9gjPwJAAD//2tCdrA=")
truncate(&(0x7f0000000080)='./file1\x00', 0x8800000)
truncate(&(0x7f0000000180)='./file1\x00', 0xfb1)

354.496521ms ago: executing program 0 (id=422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000001040500000000000000000000000000060006"], 0x24}}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))

265.642448ms ago: executing program 4 (id=423):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002300)={0x50, 0x0, r4, {0x7, 0x9}}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
capset(0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={0x0, 0x34}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002740), 0x4)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

197.497624ms ago: executing program 2 (id=424):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000140)={0x18}, 0x18)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@txtime={{0x18}}], 0x18}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 1 (id=425):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'erspan0\x00', &(0x7f00000023c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xa, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @remote, {[@lsrr={0x83, 0x13, 0x0, [@empty, @broadcast, @loopback, @private=0xa010102]}]}}}}})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000004500)={0x0, 0x0, 0x0, 0x0, 0x0, "1241b72d7fffff5b000f000000462200"})
write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1ff, 0x0, "f937267f0f7ba57603a6a12e3f0a7f64c64c56"})
r2 = dup(r1)
read$FUSE(r2, &(0x7f0000000380)={0x2020}, 0x2020)
read$FUSE(r2, &(0x7f0000004540)={0x2020}, 0x2020)

kernel console output (not intermixed with test programs):

5] raw_sendmsg: syz.4.88 forgot to set AF_INET. Fix it!
[   74.455891][ T3929] F2FS-fs (loop2): invalid crc value
[   74.554723][ T3929] F2FS-fs (loop2): Found nat_bits in checkpoint
[   74.701328][ T3936] chnl_net:caif_netlink_parms(): no params data found
[   74.738399][ T3795] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   74.784637][ T3929] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   74.844538][ T3929] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   75.168097][ T3839] Bluetooth: hci2: command 0x0409 tx timeout
[   75.182471][ T3795] usb 5-1: Using ep0 maxpacket: 8
[   75.190995][ T3954] loop0: detected capacity change from 0 to 32768
[   75.204999][ T3936] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.217321][ T3936] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.685382][ T3975] attempt to access beyond end of device
[   75.685382][ T3975] loop2: rw=2049, want=53376, limit=40427
[   75.773072][   T26] audit: type=1804 audit(1722961449.780:5): pid=3975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.77" name="/newroot/20/bus/cgroup.controllers" dev="loop2" ino=10 res=1 errno=0
[   75.849123][ T3936] device bridge_slave_0 entered promiscuous mode
[   75.972736][ T3936] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.001586][ T3565] attempt to access beyond end of device
[   76.001586][ T3565] loop2: rw=2049, want=45104, limit=40427
[   76.018873][ T3795] usb 5-1: New USB device found, idVendor=0471, idProduct=0311, bcdDevice=81.d5
[   76.042641][ T3936] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.065278][ T3936] device bridge_slave_1 entered promiscuous mode
[   76.071234][ T3795] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.153503][ T3957] loop3: detected capacity change from 0 to 32768
[   76.200879][ T3795] usb 5-1: Product: syz
[   76.208720][ T3957] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.86 (3957)
[   76.236455][ T3795] usb 5-1: Manufacturer: syz
[   76.247565][ T3795] usb 5-1: SerialNumber: syz
[   76.259616][ T3795] usb 5-1: config 0 descriptor??
[   76.310893][ T3954] XFS (loop0): Mounting V5 Filesystem
[   76.324307][ T3957] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[   76.349580][ T3795] pwc: Philips PCVC740K (ToUCam Pro)/PCVC840 (ToUCam II) USB webcam detected.
[   76.357382][ T3957] BTRFS info (device loop3): using free space tree
[   76.370839][ T3957] BTRFS info (device loop3): has skinny extents
[   76.427442][   T21] cfg80211: failed to load regulatory.db
[   76.641603][ T3954] XFS (loop0): Ending clean mount
[   76.669013][ T3954] XFS (loop0): Quotacheck needed: Please wait.
[   76.684481][ T3936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.725096][ T3957] BTRFS info (device loop3): enabling ssd optimizations
[   76.783531][ T4001] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.88'.
[   76.882160][ T3954] XFS (loop0): Quotacheck: Done.
[   76.949442][ T3957] BTRFS info (device loop3): balance: start 
[   76.999171][ T3936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.008959][ T3957] BTRFS info (device loop3): balance: ended with status: 0
[   77.089111][ T3955] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.88'.
[   77.126510][   T26] audit: type=1800 audit(1722961451.270:6): pid=3954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.87" name="file1" dev="loop0" ino=9293 res=0 errno=0
[   77.203242][ T3795] pwc: Failed to set LED on/off time (-71)
[   77.237585][ T3618] Bluetooth: hci2: command 0x041b tx timeout
[   77.242916][ T3795] pwc: send_video_command error -71
[   77.305176][ T3795] pwc: Failed to set video mode VGA@30 fps; return code = -71
[   77.340710][ T3795] Philips webcam: probe of 5-1:0.0 failed with error -71
[   77.378151][ T3795] usb 5-1: USB disconnect, device number 3
[   77.686062][ T3566] XFS (loop0): Unmounting Filesystem
[   77.724369][ T3936] team0: Port device team_slave_0 added
[   77.741745][ T3936] team0: Port device team_slave_1 added
[   77.898215][ T3936] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.917478][ T3936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.061043][ T3936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.166046][ T3936] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.207266][ T3936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.258994][ T4038] loop4: detected capacity change from 0 to 8
[   78.291559][ T4020] loop2: detected capacity change from 0 to 40427
[   78.335241][ T3936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.499672][ T4020] F2FS-fs (loop2): invalid crc value
[   78.523581][ T4020] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[   78.866829][ T3936] device hsr_slave_0 entered promiscuous mode
[   78.948356][ T3936] device hsr_slave_1 entered promiscuous mode
[   79.018146][ T3936] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.077038][ T3936] Cannot create hsr debugfs directory
[   79.134703][ T4038] SQUASHFS error: xz decompression failed, data probably corrupt
[   79.162543][ T4038] SQUASHFS error: Failed to read block 0x108: -5
[   79.193454][ T4020] F2FS-fs (loop2): Found nat_bits in checkpoint
[   79.212485][ T4038] SQUASHFS error: Unable to read metadata cache entry [106]
[   79.269550][ T4038] SQUASHFS error: Unable to read inode 0x11f
[   79.302608][ T3835] Bluetooth: hci2: command 0x040f tx timeout
[   79.425525][ T4020] F2FS-fs (loop2): recover fsync data on readonly fs
[   79.469955][ T4020] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   79.482092][ T4020] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[   79.564174][ T4020] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   79.869408][  T454] device hsr_slave_0 left promiscuous mode
[   80.090487][  T454] device hsr_slave_1 left promiscuous mode
[   80.101728][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.112687][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.225317][ T4072] loop4: detected capacity change from 0 to 24
[   80.372093][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.386761][ T4072] MTD: Attempt to mount non-MTD device "/dev/loop4"
[   80.428016][ T4072] romfs: Mounting image 'rom 637cf1fa' through the block layer
[   80.685419][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.857407][  T454] device bridge_slave_1 left promiscuous mode
[   80.872445][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.910629][  T454] device bridge_slave_0 left promiscuous mode
[   80.918342][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.043707][ T4060] loop0: detected capacity change from 0 to 32768
[   81.091445][ T4057] loop3: detected capacity change from 0 to 40427
[   81.103318][  T454] device veth1_macvtap left promiscuous mode
[   81.110805][  T454] device veth0_macvtap left promiscuous mode
[   81.161980][ T4057] F2FS-fs (loop3): invalid crc value
[   81.164763][  T454] device veth1_vlan left promiscuous mode
[   81.200202][ T4057] F2FS-fs (loop3): Found nat_bits in checkpoint
[   81.205187][  T454] device veth0_vlan left promiscuous mode
[   81.258101][ T4060] XFS (loop0): Mounting V5 Filesystem
[   81.381540][ T4060] XFS (loop0): Ending clean mount
[   81.388711][ T3613] Bluetooth: hci2: command 0x0419 tx timeout
[   81.433248][ T4057] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   81.450399][ T4060] XFS (loop0): Quotacheck needed: Please wait.
[   81.558723][ T4060] XFS (loop0): Quotacheck: Done.
[   81.689014][ T4057] F2FS-fs (loop3): Unexpected flush for atomic writes: ino=10, npages=1
[   81.771939][ T3568] attempt to access beyond end of device
[   81.771939][ T3568] loop3: rw=2049, want=45104, limit=40427
[   81.819516][ T3566] XFS (loop0): Unmounting Filesystem
[   82.062064][  T454] team0 (unregistering): Port device team_slave_1 removed
[   82.100927][  T454] team0 (unregistering): Port device team_slave_0 removed
[   82.160438][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   82.233049][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   82.374860][ T4105] loop4: detected capacity change from 0 to 8
[   82.449941][ T4107] loop0: detected capacity change from 0 to 256
[   82.480268][  T454] bond0 (unregistering): Released all slaves
[   82.497153][ T4105] SQUASHFS error: lzo decompression failed, data probably corrupt
[   82.497213][ T4105] SQUASHFS error: Failed to read block 0x91: -5
[   82.497238][ T4105] SQUASHFS error: Unable to read metadata cache entry [8f]
[   82.497249][ T4105] SQUASHFS error: Unable to read inode 0x11f
[   82.500001][ T4107] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[   83.543707][ T4120] loop0: detected capacity change from 0 to 1024
[   83.882551][ T4025] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   84.024044][ T3565] syz-executor (3565) used greatest stack depth: 20312 bytes left
[   84.091178][ T3566] hfsplus: bad catalog entry type
[   84.282715][ T4025] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[   84.307406][ T4025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.346692][ T4025] usb 4-1: config 0 descriptor??
[   84.404402][ T4025] gspca_main: cpia1-2.14.0 probing 0813:0001
[   84.533696][ T4125] loop4: detected capacity change from 0 to 32768
[   84.609556][ T4125] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.112 (4125)
[   84.707647][ T4125] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[   84.712126][ T3936] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   84.765430][ T4125] BTRFS info (device loop4): force zlib compression, level 3
[   84.771878][ T3566] syz-executor (3566) used greatest stack depth: 19832 bytes left
[   84.796898][ T4125] BTRFS info (device loop4): force clearing of disk cache
[   84.809611][ T3936] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   84.842742][ T4025] cpia1 4-1:0.0: unexpected state after lo power cmd: 84
[   84.842869][ T4125] BTRFS info (device loop4): setting nodatasum
[   84.902694][ T4125] BTRFS info (device loop4): allowing degraded mounts
[   84.910750][ T4125] BTRFS info (device loop4): enabling disk space caching
[   84.932750][ T4125] BTRFS info (device loop4): disk space caching is enabled
[   84.949573][ T4125] BTRFS info (device loop4): has skinny extents
[   84.952446][ T3936] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   85.049236][ T3936] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   85.190819][ T4132] chnl_net:caif_netlink_parms(): no params data found
[   85.201480][ T4125] BTRFS info (device loop4): clearing free space tree
[   85.213174][ T4125] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   85.301164][ T4125] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   85.478344][ T3936] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.593196][ T4125] BTRFS info (device loop4): balance: start -f
[   85.602023][ T4125] BTRFS info (device loop4): balance: ended with status: 0
[   85.652150][ T3936] 8021q: adding VLAN 0 to HW filter on device team0
[   85.726699][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.743373][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.789595][ T4025] gspca_cpia1: usb_control_msg 03, error -71
[   85.805619][ T4025] cpia1 4-1:0.0: unexpected systemstate: 84
[   85.837667][ T4025] usb 4-1: USB disconnect, device number 4
[   86.132332][ T4132] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.193166][ T4132] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.216874][ T4132] device bridge_slave_0 entered promiscuous mode
[   86.255497][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.273102][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.305015][ T4188] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.316354][ T4188] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.335833][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.377637][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   86.419504][ T4188] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.428288][ T4188] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.457510][ T4132] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.477604][ T4132] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.502169][ T4132] device bridge_slave_1 entered promiscuous mode
[   86.511620][ T3613] Bluetooth: hci0: command 0x0409 tx timeout
[   86.591536][ T4152] chnl_net:caif_netlink_parms(): no params data found
[   86.669072][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   86.706364][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   86.709024][ T4215] loop3: detected capacity change from 0 to 256
[   86.830685][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   86.846524][ T4152] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.875167][   T26] audit: type=1326 audit(1722961461.010:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4214 comm="syz.3.120" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e4e42d9f9 code=0x0
[   86.905552][ T4152] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.915780][ T4152] device bridge_slave_0 entered promiscuous mode
[   86.934734][ T4132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.970233][ T4132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.994385][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   87.021685][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   87.073744][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   87.088158][ T4222] ipt_CLUSTERIP: Please specify destination IP
[   87.102328][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   87.126607][ T4152] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.139509][ T3613] Bluetooth: hci1: command 0x0409 tx timeout
[   87.150456][ T4152] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.164040][ T4152] device bridge_slave_1 entered promiscuous mode
[   87.214054][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   87.225551][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.240289][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.315563][ T4132] team0: Port device team_slave_0 added
[   87.354294][ T4132] team0: Port device team_slave_1 added
[   87.376263][ T3936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   87.415960][ T3936] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   87.429657][ T4152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.451079][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.461613][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.493006][ T4152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.575428][ T3568] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   87.625590][ T4132] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.642699][ T3568] FAT-fs (loop3): Filesystem has been set read-only
[   87.661642][ T3568] FAT-fs (loop3): error, corrupted directory (invalid entries)
[   87.672500][ T4132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.724903][ T4132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.783367][ T4152] team0: Port device team_slave_0 added
[   87.827299][ T4132] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.852529][ T4132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.893485][ T4132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.938659][ T4152] team0: Port device team_slave_1 added
[   87.973286][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   87.983584][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   88.028625][ T3936] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.109487][  T454] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.126693][ T4152] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.138520][ T4152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.176818][ T4152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.204493][ T4026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   88.223868][ T4026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   88.252563][ T4132] device hsr_slave_0 entered promiscuous mode
[   88.261465][ T4132] device hsr_slave_1 entered promiscuous mode
[   88.262729][ T4189] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   88.289234][ T4132] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.300665][ T4132] Cannot create hsr debugfs directory
[   88.318746][ T4152] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.339040][ T4152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.384568][ T4152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.432188][  T454] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.449943][ T3568] syz-executor (3568) used greatest stack depth: 19640 bytes left
[   88.488117][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   88.509763][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   88.522514][ T4189] usb 5-1: Using ep0 maxpacket: 16
[   88.541156][ T3936] device veth0_vlan entered promiscuous mode
[   88.593884][ T4026] Bluetooth: hci0: command 0x041b tx timeout
[   88.633243][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   88.648620][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   88.658637][ T4189] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   88.703540][ T4152] device hsr_slave_0 entered promiscuous mode
[   88.713804][ T4152] device hsr_slave_1 entered promiscuous mode
[   88.723365][ T4152] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.752858][ T4152] Cannot create hsr debugfs directory
[   88.772166][  T454] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.790411][ T3936] device veth1_vlan entered promiscuous mode
[   88.819115][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   88.843201][ T4189] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[   88.855308][ T4189] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.869806][ T4189] usb 5-1: Product: syz
[   88.875408][ T4189] usb 5-1: Manufacturer: syz
[   88.881072][ T4189] usb 5-1: SerialNumber: syz
[   88.900953][ T4189] usb 5-1: config 0 descriptor??
[   88.925666][  T454] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.981099][ T4189] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5
[   89.081341][ T3936] device veth0_macvtap entered promiscuous mode
[   89.101432][ T3936] device veth1_macvtap entered promiscuous mode
[   89.126689][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   89.143798][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   89.158162][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   89.201331][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   89.222925][ T4025] Bluetooth: hci1: command 0x041b tx timeout
[   89.241102][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.270322][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.285374][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.300231][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.317399][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.340851][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.355781][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.371103][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.388137][ T3936] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.420114][ T4026] usb 5-1: USB disconnect, device number 4
[   89.428198][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   89.444241][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   89.465403][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.487018][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.503774][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.518378][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.532242][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.551570][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.567617][ T3936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.590022][ T3936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.607819][ T3936] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.659682][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   89.676023][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   89.691012][ T3936] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.706489][ T3936] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.717313][ T3936] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.728928][ T3936] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.806323][  T454] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.877287][  T454] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.019791][  T454] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.038635][ T4286] loop4: detected capacity change from 0 to 256
[   90.061505][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.073553][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.096315][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   90.114345][ T4286] FAT-fs (loop4): Unrecognized mount option "uni_1" or missing value
[   90.137799][  T454] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.174472][ T4275] chnl_net:caif_netlink_parms(): no params data found
[   90.242866][ T3995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.282493][ T3995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.317403][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   90.667949][ T4286] loop4: detected capacity change from 0 to 32768
[   90.675551][ T4026] Bluetooth: hci0: command 0x040f tx timeout
[   90.802807][ T4275] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.810526][ T4275] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.846368][ T3840] Bluetooth: hci3: command 0x0409 tx timeout
[   90.878690][ T4286] gfs2: fsid=[(: Trying to join cluster "lock_nolock", "[("
[   90.890640][ T4286] gfs2: fsid=[(: Now mounting FS (format 0)...
[   90.893847][ T4275] device bridge_slave_0 entered promiscuous mode
[   91.173957][ T4286] gfs2: fsid=[(.0: journal 0 mapped with 20 extents in 17ms
[   91.273052][ T3613] gfs2: fsid=[(.0: jid=0, already locked for use
[   91.310568][ T3613] gfs2: fsid=[(.0: jid=0: Looking at journal...
[   91.501240][ T4191] Bluetooth: hci1: command 0x040f tx timeout
[   91.618239][ T3613] gfs2: fsid=[(.0: jid=0: Journal head lookup took 307ms
[   91.636686][ T3613] gfs2: fsid=[(.0: jid=0: Done
[   91.652485][ T4275] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.687114][ T4286] gfs2: fsid=[(.0: first mount done, others may mount
[   91.692640][ T4275] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.787702][ T4275] device bridge_slave_1 entered promiscuous mode
[   91.987590][ T4320] netlink: 'syz.1.130': attribute type 4 has an invalid length.
[   92.115083][ T4275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.172849][ T4275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.361632][ T4275] team0: Port device team_slave_0 added
[   92.377364][ T4275] team0: Port device team_slave_1 added
[   92.560373][ T4344] loop4: detected capacity change from 0 to 512
[   92.567880][ T4275] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.577367][ T4275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.587897][ T4344] EXT4-fs (loop4): Ignoring removed nobh option
[   92.632189][ T4275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.648305][ T4344] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   92.657577][ T4275] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.671420][ T4275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.712454][ T4275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.737916][ T4344] EXT4-fs (loop4): 1 truncate cleaned up
[   92.753361][ T3835] Bluetooth: hci0: command 0x0419 tx timeout
[   92.762587][ T4344] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[   92.907192][ T3835] Bluetooth: hci3: command 0x041b tx timeout
[   93.071980][ T4362] Invalid ELF header len 5
[   93.197587][ T4367] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   93.320818][ T4275] device hsr_slave_0 entered promiscuous mode
[   93.334707][ T4275] device hsr_slave_1 entered promiscuous mode
[   93.450204][ T4373] netlink: 12 bytes leftover after parsing attributes in process `syz.4.140'.
[   93.984682][ T3613] Bluetooth: hci1: command 0x0419 tx timeout
[   94.041357][ T4275] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.063577][ T4275] Cannot create hsr debugfs directory
[   94.261299][ T4383] loop1: detected capacity change from 0 to 1024
[   94.639447][ T4132] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   94.993299][ T3835] Bluetooth: hci3: command 0x040f tx timeout
[   95.035331][ T4132] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   95.263788][ T4132] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   95.314698][ T3610] hfsplus: b-tree write err: -5, ino 4
[   95.378618][ T4132] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   95.409370][ T4382] loop4: detected capacity change from 0 to 32768
[   95.501333][ T4152] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.565534][ T4382] XFS (loop4): Mounting V5 Filesystem
[   95.589718][ T4275] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.613941][ T4399] loop1: detected capacity change from 0 to 512
[   95.634985][ T4152] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.656768][ T4152] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.704176][ T4382] XFS (loop4): Ending clean mount
[   95.732837][ T4152] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.755833][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #3: comm syz.1.149: corrupted inode contents
[   95.756495][ T4382] XFS (loop4): Quotacheck needed: Please wait.
[   95.795253][ T4275] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.829108][ T4399] EXT4-fs error (device loop1): ext4_dirty_inode:5993: inode #3: comm syz.1.149: mark_inode_dirty error
[   95.867765][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #3: comm syz.1.149: corrupted inode contents
[   95.875005][ T4382] XFS (loop4): Quotacheck: Done.
[   95.929723][ T4399] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.149: mark_inode_dirty error
[   95.949999][ T4275] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.990684][ T4399] Quota error (device loop1): write_blk: dquota write failed
[   96.014110][ T4399] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   96.042165][ T4399] EXT4-fs error (device loop1): ext4_acquire_dquot:6196: comm syz.1.149: Failed to acquire dquot type 0
[   96.066253][ T3574] XFS (loop4): Unmounting Filesystem
[   96.071788][ T4132] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.098651][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #16: comm syz.1.149: corrupted inode contents
[   96.126180][ T4399] EXT4-fs error (device loop1): ext4_dirty_inode:5993: inode #16: comm syz.1.149: mark_inode_dirty error
[   96.143419][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #16: comm syz.1.149: corrupted inode contents
[   96.159203][ T4275] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.159544][ T4399] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #16: comm syz.1.149: mark_inode_dirty error
[   96.211371][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #16: comm syz.1.149: corrupted inode contents
[   96.238912][ T4399] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   96.239867][ T4132] 8021q: adding VLAN 0 to HW filter on device team0
[   96.253738][ T4399] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #16: comm syz.1.149: corrupted inode contents
[   96.287103][ T4399] EXT4-fs error (device loop1): ext4_truncate:4261: inode #16: comm syz.1.149: mark_inode_dirty error
[   96.303540][ T4399] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   96.353810][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   96.355245][ T4399] EXT4-fs (loop1): 1 truncate cleaned up
[   96.386321][ T4399] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   96.403674][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   96.406922][ T4399] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038 (0x7fffffff)
[   96.423397][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   96.462944][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   96.471665][ T3793] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.479466][ T3793] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.503081][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   96.521571][ T4399] EXT4-fs error (device loop1): ext4_empty_dir:3131: inode #12: block 13: comm syz.1.149: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0
[   96.523328][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   96.571649][ T4399] syz.1.149 (4399) used greatest stack depth: 19328 bytes left
[   96.586677][ T3793] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.595166][ T3793] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.675672][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.708294][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   96.735828][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.790905][   T26] audit: type=1804 audit(1722961470.930:8): pid=4425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.151" name="/newroot/14/bus/bus" dev="overlay" ino=98 res=1 errno=0
[   96.862951][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   96.871854][ T4425] Invalid ELF header len 18
[   96.911928][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   96.951745][ T4432] loop4: detected capacity change from 0 to 512
[   97.130367][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   97.171875][ T4432] EXT4-fs (loop4): Ignoring removed orlov option
[   97.180707][ T4432] EXT4-fs (loop4): Unrecognized mount option "fowner=00000000000000000000" or missing value
[   97.423646][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   97.593841][ T3613] Bluetooth: hci3: command 0x0419 tx timeout
[   97.674365][ T4431] loop4: detected capacity change from 0 to 16
[   97.687944][  T454] device hsr_slave_0 left promiscuous mode
[   97.712999][ T4431] erofs: Unknown parameter '�'
[   97.721205][  T454] device hsr_slave_1 left promiscuous mode
[   97.729748][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.739585][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.772948][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.791696][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.815908][  T454] device bridge_slave_1 left promiscuous mode
[   97.852212][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.922317][  T454] device bridge_slave_0 left promiscuous mode
[   97.947007][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.041527][  T454] device hsr_slave_0 left promiscuous mode
[   98.061747][  T454] device hsr_slave_1 left promiscuous mode
[   98.074044][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.093794][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.115083][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.131500][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.142995][  T454] device bridge_slave_1 left promiscuous mode
[   98.151119][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.164911][  T454] device bridge_slave_0 left promiscuous mode
[   98.173972][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.196361][  T454] device veth1_macvtap left promiscuous mode
[   98.205521][  T454] device veth0_macvtap left promiscuous mode
[   98.214605][  T454] device veth1_vlan left promiscuous mode
[   98.221739][  T454] device veth0_vlan left promiscuous mode
[   98.233367][  T454] device veth1_macvtap left promiscuous mode
[   98.243587][  T454] device veth0_macvtap left promiscuous mode
[   98.252729][  T454] device veth1_vlan left promiscuous mode
[   98.260245][  T454] device veth0_vlan left promiscuous mode
[   98.310744][ T4451] rdma_op ffff88801d3e89f0 conn xmit_rdma 0000000000000000
[   98.330451][ T4451] netlink: 6 bytes leftover after parsing attributes in process `syz.4.157'.
[   98.894784][  T454] team0 (unregistering): Port device team_slave_1 removed
[   98.919319][  T454] team0 (unregistering): Port device team_slave_0 removed
[   98.940970][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.964852][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.050371][  T454] bond0 (unregistering): Released all slaves
[   99.190653][  T454] team0 (unregistering): Port device team_slave_1 removed
[   99.207873][  T454] team0 (unregistering): Port device team_slave_0 removed
[   99.225918][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.242186][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.310007][  T454] bond0 (unregistering): Released all slaves
[   99.395663][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   99.408821][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   99.419531][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   99.445259][ T4132] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   99.487099][ T4132] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   99.511687][ T4152] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.532486][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   99.556669][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   99.657069][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   99.679650][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   99.714705][ T4275] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   99.789043][ T4152] 8021q: adding VLAN 0 to HW filter on device team0
[   99.823699][ T4275] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   99.834462][ T4471] loop1: detected capacity change from 0 to 4096
[   99.842227][ T4275] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   99.917540][ T4275] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   99.954319][ T4471] ntfs: (device loop1): map_mft_record_page(): Mft record 0xa is corrupt.  Run chkdsk.
[   99.983178][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  100.021003][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.036522][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.036860][ T4471] ntfs: (device loop1): map_mft_record(): Failed with error code 5.
[  100.045681][ T4191] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.047176][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  100.078212][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.095742][   T26] audit: type=1326 audit(1722961474.240:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.164" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067308d9f9 code=0x0
[  100.100257][ T4471] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  100.145096][ T4471] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  100.150549][ T4191] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.159555][ T4471] ntfs: (device loop1): map_mft_record_page(): Mft record 0x4 is corrupt.  Run chkdsk.
[  100.171523][ T4191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.194772][ T4471] ntfs: (device loop1): map_mft_record(): Failed with error code 5.
[  100.196338][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  100.276059][ T4187] kernel write not supported for file /virtual_nci (pid: 4187 comm: kworker/1:18)
[  100.334058][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  100.371632][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  100.406847][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  100.455318][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.472315][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  100.481953][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  100.492688][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  100.506705][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.519431][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  100.539262][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.560183][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  100.581118][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.595649][ T4132] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.630654][ T4152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  100.646499][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  100.737854][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  100.758981][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.870849][ T4132] device veth0_vlan entered promiscuous mode
[  100.904537][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  100.916625][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.969959][ T4275] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.990589][ T4519] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=167772160 (335544320 ns) > initial count (40 ns). Using initial count to start timer.
[  101.017115][ T4519] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  101.039732][ T4519] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  101.059799][ T4275] 8021q: adding VLAN 0 to HW filter on device team0
[  101.080525][ T4132] device veth1_vlan entered promiscuous mode
[  101.108842][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.122633][ T1077] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  101.134895][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.147738][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  101.156821][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  101.174561][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.189875][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.199669][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.257663][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  101.284511][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  101.310112][ T4524] loop4: detected capacity change from 0 to 16
[  101.323678][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.337815][ T4189] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.350282][ T4189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.360931][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.374095][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.388115][ T4189] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.396581][ T4189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.411555][ T4152] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.418644][ T4524] erofs: (device loop4): mounted with root inode @ nid 36.
[  101.441843][ T4132] device veth0_macvtap entered promiscuous mode
[  101.492726][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.513047][ T1077] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.544191][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.558966][ T1077] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.574519][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  101.583898][ T1077] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  101.595845][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  101.607657][ T1077] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.619420][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.634173][ T1077] usb 2-1: config 0 descriptor??
[  101.644380][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  101.710696][ T4132] device veth1_macvtap entered promiscuous mode
[  101.732231][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.754124][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.770419][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.793982][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.804237][ T4527] ptrace attach of "./syz-executor exec"[4528] was attempted by "                                                                D"[4527]
[  101.824275][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  101.837256][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.856766][ T3796] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.880001][ T4275] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.934357][ T4275] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.984671][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  102.008778][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.040832][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.071899][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.113187][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  102.150644][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.177448][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  102.202431][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.230297][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  102.248527][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.266456][ T4132] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.279593][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.306066][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  102.332214][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  102.344268][ T1077] usb 2-1: string descriptor 0 read error: -22
[  102.369276][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  102.412425][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.435393][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  102.454597][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.482304][ T4132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  102.503771][ T4132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  102.523351][ T4132] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.537876][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.553397][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.573217][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  102.586094][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.601994][ T1077] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0001/input/input7
[  102.603347][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.653484][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.694756][ T4152] device veth0_vlan entered promiscuous mode
[  102.711455][ T4132] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.738478][ T1077] uclogic 0003:256C:006D.0001: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  102.742606][ T4132] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.788388][ T4132] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.803421][ T4132] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.851010][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  102.883530][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.894509][ T4275] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.918515][ T4152] device veth1_vlan entered promiscuous mode
[  102.966922][ T1077] usb 2-1: USB disconnect, device number 2
[  103.006000][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  103.034265][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  103.134907][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  103.158271][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  103.180867][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  103.223620][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  103.259079][ T4275] device veth0_vlan entered promiscuous mode
[  103.309833][ T4152] device veth0_macvtap entered promiscuous mode
[  103.357901][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  103.381748][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.416408][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  103.450949][ T4152] device veth1_macvtap entered promiscuous mode
[  103.514479][ T4275] device veth1_vlan entered promiscuous mode
[  103.551302][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.590130][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.597013][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.682510][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.726484][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.791500][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.832556][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.880400][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.912782][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.952444][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.984094][ T4152] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.026592][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  104.075199][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  104.097372][ T3840] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  104.103360][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  104.142277][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  104.163364][ T1077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  104.205550][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.221327][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.242876][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.258207][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.275963][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.288475][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.301825][ T4152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.330174][ T4152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.365811][ T4555] netlink: 20 bytes leftover after parsing attributes in process `syz.1.179'.
[  104.382932][ T4152] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.409771][ T3835] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  104.424807][ T3835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  104.459724][ T4275] device veth0_macvtap entered promiscuous mode
[  104.468646][ T4309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.484743][ T4152] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.501373][ T4152] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.511743][ T4309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.520934][ T4152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.551241][ T3840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.569016][ T3840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.584007][ T4152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.597983][ T3840] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  104.623788][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  104.638851][ T3840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.659632][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  104.679059][ T3840] usb 5-1: config 0 descriptor??
[  104.696779][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  104.732192][ T4275] device veth1_macvtap entered promiscuous mode
[  104.791635][ T4026] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  104.803820][ T4026] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  104.885041][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.954924][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.997017][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.033339][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.065306][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.101164][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.127013][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.153568][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.194401][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.224698][ T3840] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  105.234643][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.256479][ T3840] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  105.283025][ T3840] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0002/input/input8
[  105.298877][ T4275] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.341108][ T4565] nbd2: detected capacity change from 0 to 6
[  105.373975][ T3840] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  105.434787][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.464109][ T4566] block nbd2: shutting down sockets
[  105.475213][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.510047][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.534780][    C0] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.550132][    C0] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.575653][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.594915][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.608587][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.634073][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.644000][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.663714][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.672962][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.691078][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.702200][ T3611] ldm_validate_partition_table(): Disk read failed.
[  105.710728][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.728923][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.802845][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.817236][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.840004][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.880233][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.883283][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.911036][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.921089][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.927675][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.944746][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  105.955053][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.972453][ T3611] Dev nbd2: unable to read RDB block 0
[  105.981241][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.056536][ T4572] hugetlbfs: syz.1.184 (4572): Using mlock ulimits for SHM_HUGETLB is deprecated
[  106.099324][ T1249] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  106.121980][ T1249] Buffer I/O error on dev nbd2, logical block 0, async page read
[  106.161154][ T3611]  nbd2: unable to read partition table
[  106.291125][ T3611] nbd2: partition table beyond EOD, truncated
[  106.387062][ T4275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.575986][ T4275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.624885][ T3611] ldm_validate_partition_table(): Disk read failed.
[  106.643448][ T3611] Dev nbd2: unable to read RDB block 0
[  106.656725][ T4275] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.672947][ T4025] usb 5-1: reset high-speed USB device number 5 using dummy_hcd
[  106.675116][ T3611]  nbd2: unable to read partition table
[  106.697387][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.700736][ T3611] nbd2: partition table beyond EOD, 
[  106.711407][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.713109][ T3611] truncated
[  106.742156][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.793382][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.906238][ T4275] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.932517][ T4275] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.962506][ T4275] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.970834][ T4576] loop2: detected capacity change from 0 to 2048
[  106.991441][ T4275] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.164747][ T4576] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  107.276706][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.298180][ T4589] loop1: detected capacity change from 0 to 256
[  107.364123][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.456663][ T3658] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.485418][ T4576] netlink: 688 bytes leftover after parsing attributes in process `syz.2.186'.
[  107.489416][ T3658] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.513937][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  107.541377][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  107.577847][ T3678] usb 5-1: USB disconnect, device number 5
[  107.631959][ T4589] netem: change failed
[  107.673789][ T4593] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  107.699390][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.699452][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.713248][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  107.825807][ T3610] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.825870][ T3610] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.830295][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  109.901736][ T4602] sched: RT throttling activated
[  110.492823][ T4187] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  110.542782][ T3613] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  110.742708][ T4187] usb 1-1: Using ep0 maxpacket: 16
[  110.821556][ T3613] usb 2-1: Using ep0 maxpacket: 8
[  110.872921][ T4187] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.885526][ T4191] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  110.906967][ T4187] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.938652][ T4187] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[  110.960476][ T4187] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.988182][ T3613] usb 2-1: config 0 has no interfaces?
[  111.008257][ T4187] usb 1-1: config 0 descriptor??
[  111.098802][ T3613] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  111.111208][ T3613] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  111.130041][ T3613] usb 2-1: SerialNumber: syz
[  111.152678][ T4191] usb 3-1: Using ep0 maxpacket: 16
[  111.163434][ T3613] usb 2-1: config 0 descriptor??
[  111.272926][ T4191] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  111.290320][  T454] device hsr_slave_0 left promiscuous mode
[  111.294409][ T4191] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  111.308781][ T4191] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.319510][  T454] device hsr_slave_1 left promiscuous mode
[  111.325709][ T4191] usb 3-1: config 0 descriptor??
[  111.335760][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.346283][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.355081][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.365798][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.375246][  T454] device bridge_slave_1 left promiscuous mode
[  111.381660][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.394319][  T454] device bridge_slave_0 left promiscuous mode
[  111.407136][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.422011][  T454] device veth1_macvtap left promiscuous mode
[  111.434651][  T454] device veth0_macvtap left promiscuous mode
[  111.440785][  T454] device veth1_vlan left promiscuous mode
[  111.454224][  T454] device veth0_vlan left promiscuous mode
[  111.517192][ T4187] corsair 0003:1B1C:1B09.0003: item fetching failed at offset 2/5
[  111.536057][ T4187] corsair 0003:1B1C:1B09.0003: parse failed
[  111.542017][ T4187] corsair: probe of 0003:1B1C:1B09.0003 failed with error -22
[  111.568696][ T4629] PKCS7: Unknown OID: [4] (bad)
[  111.591437][ T4629] PKCS7: Only support pkcs7_signedData type
[  111.614439][ T3582] Bluetooth: Wrong link type (-71)
[  111.616498][ T4629] netlink: 12 bytes leftover after parsing attributes in process `syz.2.200'.
[  111.694376][ T4645] udc-core: couldn't find an available UDC or it's busy
[  111.701968][ T4645] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  111.756504][ T4187] usb 1-1: USB disconnect, device number 3
[  112.004701][  T454] team0 (unregistering): Port device team_slave_1 removed
[  112.034762][  T454] team0 (unregistering): Port device team_slave_0 removed
[  112.060838][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.081421][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.095492][ T4650] netlink: 224 bytes leftover after parsing attributes in process `syz.3.207'.
[  112.164391][ T4648] process '/newroot/5/file0' started with executable stack
[  112.319872][ T4647] loop4: detected capacity change from 0 to 40427
[  112.342257][  T454] bond0 (unregistering): Released all slaves
[  112.393158][ T4647] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  112.403517][ T4647] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  112.415621][ T4647] F2FS-fs (loop4): Unrecognized mount option "�" or missing value
[  112.649652][    T7] Bluetooth: hci3: command 0x0411 tx timeout
[  112.659570][ T3613] usb 2-1: USB disconnect, device number 3
[  112.682986][ T4191] usbhid 3-1:0.0: can't add hid device: -71
[  112.690452][ T4191] usbhid: probe of 3-1:0.0 failed with error -71
[  113.232457][ T4191] usb 3-1: USB disconnect, device number 2
[  113.662677][ T4191] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  113.862416][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  113.884155][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  113.899822][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  113.913796][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  113.931575][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  113.949676][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  114.042924][ T4191] usb 3-1: Using ep0 maxpacket: 16
[  114.232784][ T4191] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  114.283055][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10!!!
[  114.296872][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #12!!!
[  114.310052][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #12!!!
[  114.323527][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #92!!!
[  114.395494][ T4191] usb 3-1: config 0 has no interface number 0
[  114.438491][ T4191] usb 3-1: config 0 interface 8 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  114.652653][ T4191] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  114.673130][ T4191] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  114.692532][ T4191] usb 3-1: Product: syz
[  114.702736][ T4191] usb 3-1: SerialNumber: syz
[  114.730875][ T4191] usb 3-1: config 0 descriptor??
[  114.798109][ T4191] usbhid 3-1:0.8: couldn't find an input interrupt endpoint
[  114.812997][ T3582] Bluetooth: Wrong link type (-22)
[  114.821610][ T3582] Bluetooth: Wrong link type (-22)
[  115.574529][ T4191] usb 3-1: USB disconnect, device number 3
[  115.750505][ T4682] loop0: detected capacity change from 0 to 32768
[  115.757060][ T4670] loop1: detected capacity change from 0 to 40427
[  115.847528][ T4670] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  115.876178][ T4670] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  115.944789][ T4670] F2FS-fs (loop1): invalid crc value
[  116.010034][ T4670] F2FS-fs (loop1): Found nat_bits in checkpoint
[  116.022228][ T4682] XFS (loop0): Mounting V5 Filesystem
[  116.145808][ T4682] XFS (loop0): Ending clean mount
[  116.156113][ T4682] XFS (loop0): Quotacheck needed: Please wait.
[  116.193630][ T4670] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  116.207667][ T4670] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  116.287429][ T4682] XFS (loop0): Quotacheck: Done.
[  116.379156][ T3936] attempt to access beyond end of device
[  116.379156][ T3936] loop1: rw=2049, want=45104, limit=40427
[  116.567796][ T4152] XFS (loop0): Unmounting Filesystem
[  117.715388][ T4730] tmpfs: Bad value for 'mpol'
[  119.182108][ T4752] loop1: detected capacity change from 0 to 4096
[  119.317584][ T3613] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  119.505230][ T4765] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  119.725342][ T4770] loop4: detected capacity change from 0 to 128
[  119.809173][ T4747] loop0: detected capacity change from 0 to 32768
[  119.853344][ T3613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7
[  119.931720][ T3613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  119.971550][ T4770] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  120.008217][ T4747] XFS: attr2 mount option is deprecated.
[  120.317412][ T4770] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  120.332691][ T3613] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  120.391016][ T3613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 236, changing to 11
[  120.458029][ T3613] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 18251, setting to 1024
[  120.562722][ T3613] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  120.619981][ T3613] usb 4-1: config 0 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  120.699665][ T4747] XFS (loop0): Mounting V5 Filesystem
[  120.717713][ T4773] loop2: detected capacity change from 0 to 32768
[  120.785766][ T4784] netlink: 12 bytes leftover after parsing attributes in process `syz.4.246'.
[  120.868773][ T4784] device bond1 entered promiscuous mode
[  120.892866][ T3613] usb 4-1: New USB device found, idVendor=1266, idProduct=1002, bcdDevice=ef.1e
[  120.904001][ T3613] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.917555][ T3613] usb 4-1: Product: syz
[  120.922184][ T3613] usb 4-1: Manufacturer: syz
[  120.928668][ T3613] usb 4-1: SerialNumber: syz
[  120.961398][ T3613] usb 4-1: config 0 descriptor??
[  120.989945][ T4786] device ip6gretap1 entered promiscuous mode
[  121.015481][ T4747] XFS (loop0): Ending clean mount
[  121.027002][ T4747] XFS (loop0): Quotacheck needed: Please wait.
[  121.037400][ T4750] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  121.043169][ T4191] Bluetooth: hci3: command 0x0406 tx timeout
[  121.057365][ T4786] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  121.073798][ T4790] netlink: 4 bytes leftover after parsing attributes in process `syz.4.246'.
[  121.279754][ T4747] XFS (loop0): Quotacheck: Done.
[  121.292993][ T4790] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  121.383899][ T3613] option 4-1:0.0: GSM modem (1-port) converter detected
[  121.442197][ T3613] usb 4-1: USB disconnect, device number 5
[  121.479516][ T3613] option 4-1:0.0: device disconnected
[  121.523700][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  121.523714][   T26] audit: type=1804 audit(1722961495.670:10): pid=4747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.227" name="/newroot/7/bus/bus" dev="loop0" ino=9290 res=1 errno=0
[  121.565779][ T4790] device ip6gretap1 left promiscuous mode
[  121.585112][ T4152] XFS (loop0): Unmounting Filesystem
[  121.596255][ T4790] bond1 (unregistering): Released all slaves
[  121.719147][ T4788] netlink: 'syz.1.245': attribute type 1 has an invalid length.
[  121.731231][ T4791] team0: No ports can be present during mode change
[  121.980702][ T4797] loop4: detected capacity change from 0 to 128
[  122.091884][ T4799] loop3: detected capacity change from 0 to 8192
[  122.171039][ T4797] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  122.196542][ T4805] loop1: detected capacity change from 0 to 1024
[  122.218144][ T4799] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  122.447596][ T4799] REISERFS (device loop3): using ordered data mode
[  122.473538][ T4799] reiserfs: using flush barriers
[  122.681516][ T4812] loop2: detected capacity change from 0 to 2048
[  123.239239][ T4799] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  123.325405][ T4799] REISERFS (device loop3): checking transaction log (loop3)
[  123.326610][ T4812] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  123.428258][ T4812] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  123.439376][ T4812] System zones: 0-19
[  123.464004][ T4812] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  123.509700][ T4799] REISERFS (device loop3): Using r5 hash to sort names
[  123.532915][ T4799] REISERFS (device loop3): using 3.5.x disk format
[  123.579801][ T4799] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  123.903885][ T3658] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  123.906074][ T4821] loop2: detected capacity change from 0 to 512
[  123.940875][ T4821] EXT4-fs (loop2): Ignoring removed bh option
[  123.952008][ T4821] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  123.952008][ T4821] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  123.952008][ T4821] 
[  123.993071][ T4821] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  124.103288][ T4821] EXT4-fs (loop2): 1 truncate cleaned up
[  124.115356][ T4821] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,bh,usrquota,norecovery,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.386441][ T4830] netlink: 'syz.3.260': attribute type 4 has an invalid length.
[  124.433263][ T4830] netlink: 152 bytes leftover after parsing attributes in process `syz.3.260'.
[  124.477270][ T4830] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  124.569510][ T4837] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  125.159735][ T4836] netlink: 'syz.3.260': attribute type 33 has an invalid length.
[  126.725339][ T4833] loop4: detected capacity change from 0 to 32768
[  126.927133][ T4833] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.261 (4833)
[  127.156419][ T4847] chnl_net:caif_netlink_parms(): no params data found
[  127.167546][ T4833] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  127.229038][ T4833] BTRFS info (device loop4): force zlib compression, level 3
[  127.330208][ T4833] BTRFS info (device loop4): force clearing of disk cache
[  127.384352][ T4833] BTRFS info (device loop4): setting nodatasum
[  127.447533][ T4833] BTRFS info (device loop4): allowing degraded mounts
[  127.514645][ T4833] BTRFS info (device loop4): enabling disk space caching
[  127.572655][ T4833] BTRFS info (device loop4): disk space caching is enabled
[  127.671458][ T4833] BTRFS info (device loop4): has skinny extents
[  127.974850][ T4855] syz.2.268 (4855): drop_caches: 2
[  128.010134][ T4847] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.030351][ T4847] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.041531][ T4833] BTRFS error (device loop4): open_ctree failed
[  128.075781][ T4847] device bridge_slave_0 entered promiscuous mode
[  128.115933][ T4847] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.134124][ T4847] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.156074][ T4847] device bridge_slave_1 entered promiscuous mode
[  128.277925][ T4888] loop2: detected capacity change from 0 to 512
[  128.310454][ T4847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.343939][ T4884] kvm [4881]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x4500004b00
[  128.374001][ T4888] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  128.375866][ T4847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.509068][ T1077] Bluetooth: hci2: command 0x0409 tx timeout
[  128.532695][ T4888] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  128.577244][ T4847] team0: Port device team_slave_0 added
[  128.600539][ T4847] team0: Port device team_slave_1 added
[  128.631948][ T4888] EXT4-fs (loop2): 1 truncate cleaned up
[  128.658076][ T4888] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.762899][ T4187] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  128.773580][ T4847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.805691][ T4847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.891814][ T4847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.003199][ T4888] loop_set_status: loop2 () has still dirty pages (nrpages=4)
[  129.017637][ T4847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.082608][ T4847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.160183][ T4847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.963985][ T4187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  129.970344][ T4847] device hsr_slave_0 entered promiscuous mode
[  129.979236][ T4187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  130.001337][ T4187] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  130.010087][ T4910] loop0: detected capacity change from 0 to 512
[  130.027042][ T4908] loop3: detected capacity change from 0 to 512
[  130.053518][ T4132] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  130.068937][ T4187] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  130.080889][ T4847] device hsr_slave_1 entered promiscuous mode
[  130.111722][ T4187] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.112071][ T4132] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  130.152673][ T4187] usb 5-1: config 0 descriptor??
[  130.260488][ T4892] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  130.531841][ T4910] EXT4-fs (loop0): Test dummy encryption mode enabled
[  130.583303][ T4189] Bluetooth: hci2: command 0x041b tx timeout
[  130.941301][ T4910] EXT4-fs error (device loop0): __ext4_iget:4861: inode #11: block 1: comm syz.0.280: invalid block
[  130.974330][ T4187] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd
[  130.974605][ T4910] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.280: couldn't read orphan inode 11 (err -117)
[  131.007280][ T4187] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  131.025271][ T4187] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  131.087645][ T4910] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  131.329431][ T4847] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.977333][ T1077] usb 5-1: USB disconnect, device number 6
[  131.988619][  T454] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.230660][ T4847] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.277991][  T454] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.359044][ T4847] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.401410][  T454] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.462676][ T4023] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  132.464058][ T4847] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.501882][ T4924] chnl_net:caif_netlink_parms(): no params data found
[  132.518814][  T454] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.644438][ T4924] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.654054][ T4924] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.663529][ T4924] device bridge_slave_0 entered promiscuous mode
[  132.700490][ T4924] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.743979][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  132.752619][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  132.783968][ T4924] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.822494][ T4187] Bluetooth: hci2: command 0x040f tx timeout
[  132.847321][ T4924] device bridge_slave_1 entered promiscuous mode
[  132.893017][ T4023] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.922345][ T4023] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.949524][ T4023] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.965688][ T4023] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.007004][ T4924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.020489][ T4023] usb 4-1: config 0 descriptor??
[  133.131049][ T4924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.215186][ T4924] team0: Port device team_slave_0 added
[  133.294529][ T4924] team0: Port device team_slave_1 added
[  133.312022][ T4847] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  133.370455][ T1077] libceph: connect (1)[c::]:6789 error -101
[  133.393538][ T1077] libceph: mon0 (1)[c::]:6789 connect error
[  133.424991][ T4847] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  133.436173][ T1077] libceph: connect (1)[c::]:6789 error -101
[  133.448798][ T1077] libceph: mon0 (1)[c::]:6789 connect error
[  133.584089][ T4847] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  133.604229][ T4847] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  133.698700][ T4924] batman_adv: batadv0: Adding interface: batadv_slave_0
[  133.707544][ T4924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.714299][ T1077] libceph: connect (1)[c::]:6789 error -101
[  133.745551][ T4924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  133.754288][ T1077] libceph: mon0 (1)[c::]:6789 connect error
[  134.155755][ T4924] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.181069][ T4968] ceph: No mds server is up or the cluster is laggy
[  134.200467][ T4924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.249721][ T4924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.272744][ T3616] Bluetooth: hci0: command 0x0409 tx timeout
[  134.282022][ T4023] usbhid 4-1:0.0: can't add hid device: -71
[  134.307624][ T4023] usbhid: probe of 4-1:0.0 failed with error -71
[  134.318862][ T4023] usb 4-1: USB disconnect, device number 6
[  134.374273][ T4187] libceph: connect (1)[c::]:6789 error -101
[  134.392939][ T4187] libceph: mon0 (1)[c::]:6789 connect error
[  134.476071][ T4985] loop4: detected capacity change from 0 to 256
[  134.561495][ T4924] device hsr_slave_0 entered promiscuous mode
[  134.572099][ T4985] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x1119ac00, checksum : 0x4919ac00)
[  134.588480][ T4924] device hsr_slave_1 entered promiscuous mode
[  134.597370][ T4924] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.607961][ T4985] exFAT-fs (loop4): invalid boot region
[  134.617361][ T4924] Cannot create hsr debugfs directory
[  134.632496][ T4985] exFAT-fs (loop4): failed to recognize exfat type
[  134.876738][ T4847] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.902561][ T1077] Bluetooth: hci2: command 0x0419 tx timeout
[  135.052516][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.075793][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.118251][ T4847] 8021q: adding VLAN 0 to HW filter on device team0
[  135.241944][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.298934][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.348679][   T21] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.358500][   T21] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.375991][ T4987] loop0: detected capacity change from 0 to 32768
[  135.409561][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.476968][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.528470][   T21] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.536086][   T21] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.655314][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  135.709628][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.934302][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.947777][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  135.965079][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  136.724766][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  136.812716][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  136.827768][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  136.840437][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  136.857040][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  136.876813][ T4188] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  136.911081][ T3793] Bluetooth: hci0: command 0x041b tx timeout
[  137.043904][ T4847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  137.081422][ T5018] loop4: detected capacity change from 0 to 4096
[  137.099263][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  137.205011][ T5018] ntfs3: loop4: ino=0, Correct links count -> 1.
[  137.274852][ T5018] ntfs3: loop4: MFT: r=0, expect seq=1 instead of 0!
[  137.302959][ T5018] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  137.430720][  T454] device hsr_slave_0 left promiscuous mode
[  137.470017][ T5018] ntfs3: loop4: Failed to load $MFT.
[  137.492157][  T454] device hsr_slave_1 left promiscuous mode
[  137.502688][ T1077] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  137.519197][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.540626][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.581838][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.596836][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[  137.617027][  T454] device bridge_slave_1 left promiscuous mode
[  137.638551][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.667540][  T454] device bridge_slave_0 left promiscuous mode
[  137.699435][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.773515][  T454] device hsr_slave_0 left promiscuous mode
[  137.810575][  T454] device hsr_slave_1 left promiscuous mode
[  137.842735][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.882558][ T1077] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.900943][  T454] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.902613][ T5018] loop4: detected capacity change from 0 to 512
[  137.921666][ T1077] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  137.950445][ T1077] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  137.978986][ T1077] usb 4-1: config 1 interface 1 has no altsetting 0
[  137.997797][  T454] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.067060][  T454] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.079587][  T454] device bridge_slave_1 left promiscuous mode
[  138.111553][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.127209][ T5018] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.303: Parent and EA inode have the same ino 15
[  138.150706][  T454] device bridge_slave_0 left promiscuous mode
[  138.202970][ T1077] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  138.215589][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.233342][ T5018] EXT4-fs (loop4): 1 orphan inode deleted
[  138.239630][ T5018] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  138.262613][ T1077] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.292687][ T1077] usb 4-1: Product: syz
[  138.298802][ T1077] usb 4-1: Manufacturer: syz
[  138.325626][ T1077] usb 4-1: SerialNumber: syz
[  138.383715][ T1077] cdc_ncm 4-1:1.0: NCM or ECM functional descriptors missing
[  138.401044][ T1077] cdc_ncm 4-1:1.0: bind() failure
[  138.473946][  T454] device veth1_macvtap left promiscuous mode
[  138.481850][  T454] device veth0_macvtap left promiscuous mode
[  138.549312][  T454] device veth1_vlan left promiscuous mode
[  138.603000][ T1077] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  138.613114][  T454] device veth0_vlan left promiscuous mode
[  138.642706][ T1077] usb 4-1: USB disconnect, device number 7
[  138.650929][ T5062] PM: Enabling pm_trace changes system date and time during resume.
[  138.650929][ T5062] PM: Correct system time has to be restored manually after resume.
[  138.670688][   T26] audit: type=1326 audit(1722961512.810:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5049 comm="syz.0.307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e0ee2b9f9 code=0x0
[  138.729655][  T454] device veth1_macvtap left promiscuous mode
[  138.752261][  T454] device veth0_macvtap left promiscuous mode
[  138.772761][  T454] device veth1_vlan left promiscuous mode
[  138.787232][  T454] device veth0_vlan left promiscuous mode
[  138.982719][ T1077] Bluetooth: hci0: command 0x040f tx timeout
[  139.580267][ T5081] loop3: detected capacity change from 0 to 256
[  139.625506][ T1077] Bluetooth: hci3: command 0x0406 tx timeout
[  140.507159][ T5075] loop4: detected capacity change from 0 to 40427
[  140.586732][ T5075] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  140.602464][ T5075] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  140.695631][ T5075] F2FS-fs (loop4): Found nat_bits in checkpoint
[  140.704809][  T454] team0 (unregistering): Port device team_slave_1 removed
[  140.735760][  T454] team0 (unregistering): Port device team_slave_0 removed
[  140.751039][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.779775][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.795446][ T5075] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  140.812621][ T5075] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  140.817482][ T5087] loop3: detected capacity change from 0 to 128
[  141.059592][  T454] bond0 (unregistering): Released all slaves
[  141.073347][ T4022] Bluetooth: hci0: command 0x0419 tx timeout
[  141.133220][   T26] audit: type=1326 audit(1722961515.260:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5086 comm="syz.3.313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x0
[  141.628676][  T454] team0 (unregistering): Port device team_slave_1 removed
[  141.665882][  T454] team0 (unregistering): Port device team_slave_0 removed
[  141.688726][  T454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.740619][  T454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.929050][  T454] bond0 (unregistering): Released all slaves
[  142.007559][ T4924] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  142.127903][ T4924] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  142.189520][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  142.206049][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  142.236798][ T4847] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.320412][ T4924] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  142.366350][ T4924] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  142.462936][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  142.486204][ T5120] loop0: detected capacity change from 0 to 1024
[  142.507885][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  142.565025][ T5120] EXT4-fs (loop0): Ignoring removed nobh option
[  142.577924][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  142.620854][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  142.630246][ T5120] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  142.630284][ T5120] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[  142.630299][ T5120] EXT4-fs (loop0): Ignoring removed oldalloc option
[  142.630598][ T5120] EXT4-fs (loop0): Test dummy encryption mode enabled
[  142.672553][ T5124] device wg1 entered promiscuous mode
[  142.701285][ T4847] device veth0_vlan entered promiscuous mode
[  142.727895][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  142.761619][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  142.826811][ T4847] device veth1_vlan entered promiscuous mode
[  142.837709][ T5120] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,lazytime,errors=continue,noinit_itable,nobh,jqfmt=vfsold,usrquota,errors=continue,grpjquota=./file0,oldalloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  142.938525][ T4924] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.986101][ T5117] netlink: 16 bytes leftover after parsing attributes in process `syz.0.321'.
[  143.003408][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  143.019048][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  143.049354][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  143.068506][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  143.089871][ T4847] device veth0_macvtap entered promiscuous mode
[  143.104563][ T5117] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  143.115096][ T4023] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  143.143039][   T26] audit: type=1804 audit(1722961517.280:13): pid=5120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.321" name="/newroot/28/file0/cgroup.controllers" dev="loop0" ino=18 res=1 errno=0
[  143.210982][ T4924] 8021q: adding VLAN 0 to HW filter on device team0
[  143.261373][ T4847] device veth1_macvtap entered promiscuous mode
[  143.278840][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  143.280110][   T26] audit: type=1804 audit(1722961517.290:14): pid=5117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.321" name="/newroot/28/file0/cgroup.controllers" dev="loop0" ino=18 res=1 errno=0
[  143.303790][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  143.330240][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  143.366386][ T5150] loop0: detected capacity change from 0 to 128
[  143.381110][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  143.412794][ T4023] usb 5-1: Using ep0 maxpacket: 16
[  143.446265][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  143.463133][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  143.488761][ T5152] loop3: detected capacity change from 0 to 256
[  143.501316][ T1074] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.509906][ T1074] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.531503][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  143.543551][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  143.557840][ T4023] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.586763][ T1074] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.587611][ T5152] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  143.595711][ T1074] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.596489][ T4023] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.652852][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  143.669123][   T26] audit: type=1326 audit(1722961517.810:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5149 comm="syz.0.324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e0ee2b9f9 code=0x0
[  143.672184][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.717766][ T4023] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  143.719688][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.743326][ T4023] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  143.751399][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.768551][ T4023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.793287][ T4023] usb 5-1: config 0 descriptor??
[  143.799894][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.811035][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.825730][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.848084][ T4847] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.863846][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  143.872602][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  143.884139][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  143.910117][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.945106][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.958358][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.971489][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.984898][ T4847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.000359][ T4847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.026454][ T4847] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.065559][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  144.081225][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.099391][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.109814][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  144.124517][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  144.141616][ T4847] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.154779][ T4847] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.173615][ T4847] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.185146][ T4847] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.201077][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  144.211024][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  144.231507][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  144.250009][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  144.263384][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  144.314678][ T4924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  144.315266][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.344322][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.373325][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  144.394608][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.407108][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  144.418892][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  144.428968][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.437615][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.450370][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.462712][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.482615][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.491549][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.511546][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.557143][ T4023] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  144.581533][ T4023] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0005/input/input11
[  144.598195][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.621038][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.656119][ T3793] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  144.666249][ T4023] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  144.697134][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.721790][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.756360][ T4023] usb 5-1: USB disconnect, device number 7
[  144.780831][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  144.803324][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  144.825941][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  144.852736][ T4924] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.884561][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  144.946792][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  144.977362][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  145.022184][ T4924] device veth0_vlan entered promiscuous mode
[  145.039387][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  145.044709][ T3793] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.098556][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  145.102499][ T3793] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  145.201435][ T5166] netlink: 188 bytes leftover after parsing attributes in process `syz.1.263'.
[  145.221248][ T3793] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.258049][ T4924] device veth1_vlan entered promiscuous mode
[  145.266375][ T3793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.285312][ T5157] loop3: detected capacity change from 0 to 40427
[  145.297154][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  145.316707][ T3793] usb 1-1: config 0 descriptor??
[  145.324949][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  145.400384][ T5157] F2FS-fs (loop3): invalid crc value
[  145.438383][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  145.532047][   T26] audit: type=1326 audit(1722961519.670:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5167 comm="syz.4.329" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067308d9f9 code=0x0
[  145.551572][ T4024] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  145.583627][ T5157] F2FS-fs (loop3): Found nat_bits in checkpoint
[  145.620088][ T4924] device veth0_macvtap entered promiscuous mode
[  145.719451][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  145.747215][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  145.749071][ T5157] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[  145.817018][ T5157] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  145.830239][ T4924] device veth1_macvtap entered promiscuous mode
[  145.873360][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  145.913145][ T1074] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  146.150827][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.212409][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.399191][ T5183] attempt to access beyond end of device
[  146.399191][ T5183] loop3: rw=2049, want=53376, limit=40427
[  146.523071][   T26] audit: type=1804 audit(1722961520.520:17): pid=5183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.328" name="/newroot/44/bus/cgroup.controllers" dev="loop3" ino=10 res=1 errno=0
[  146.932869][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.975872][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.059480][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.092779][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.122474][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.142782][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.158158][ T4275] attempt to access beyond end of device
[  147.158158][ T4275] loop3: rw=2049, want=45104, limit=40427
[  147.197593][ T4924] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.226826][ T5194] syz.4.336 sent an empty control message without MSG_MORE.
[  147.232710][ T3793] usbhid 1-1:0.0: can't add hid device: -71
[  147.248600][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  147.269310][ T3793] usbhid: probe of 1-1:0.0 failed with error -71
[  147.279481][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.294376][ T3793] usb 1-1: USB disconnect, device number 4
[  147.304066][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.358722][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.424403][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.453503][ T5197] loop4: detected capacity change from 0 to 512
[  147.482442][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.507800][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.532628][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.565040][ T4924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.577183][ T4924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.591766][ T4924] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.626596][ T4924] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.639257][ T4924] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.693801][ T5197] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:163: inode #12: comm syz.4.337: inline data xattr refers to an external xattr inode
[  147.713020][ T5197] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.337: couldn't read orphan inode 12 (err -117)
[  147.728311][ T5197] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: none.
[  147.752774][ T5197] syz.4.337[5197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.752884][ T5197] syz.4.337[5197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.782836][ T4924] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.934851][ T4924] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.950898][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.973213][ T3793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.008760][ T3658] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.073083][ T3658] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.130030][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  149.172571][ T4309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.205269][ T4309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.241444][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  149.372505][ T3796] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  149.436976][ T5201] loop1: detected capacity change from 0 to 32768
[  149.532035][ T5201] diRead: diIAGRead returned -5
[  149.642520][ T3796] usb 4-1: Using ep0 maxpacket: 16
[  149.656255][ T5226] loop2: detected capacity change from 0 to 2048
[  149.762576][ T3796] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.818461][ T3796] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.862979][ T3796] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  149.906989][ T3796] usb 4-1: config 0 interface 0 has no altsetting 0
[  149.927791][ T3796] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  149.938017][ T5218] loop0: detected capacity change from 0 to 40427
[  149.959987][ T3796] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.037054][ T5220] loop4: detected capacity change from 0 to 40427
[  150.040749][ T3796] usb 4-1: config 0 descriptor??
[  150.098499][ T5218] F2FS-fs (loop0): invalid crc value
[  150.189253][ T5218] F2FS-fs (loop0): Found nat_bits in checkpoint
[  150.204908][ T5220] F2FS-fs (loop4): invalid crc value
[  150.265921][ T5220] F2FS-fs (loop4): Found nat_bits in checkpoint
[  150.364966][ T5218] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  150.378080][ T5231] loop1: detected capacity change from 0 to 4096
[  150.411777][ T5218] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  150.428525][ T5220] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[  150.467237][ T5220] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  150.716233][ T3796] hid-generic 0003:045E:05DA.0006: unbalanced delimiter at end of report description
[  150.727163][ T3796] hid-generic: probe of 0003:045E:05DA.0006 failed with error -22
[  151.044456][ T5242] attempt to access beyond end of device
[  151.044456][ T5242] loop0: rw=2049, want=53376, limit=40427
[  151.099094][   T26] audit: type=1804 audit(1722961525.170:18): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.344" name="/newroot/34/bus/cgroup.controllers" dev="loop0" ino=10 res=1 errno=0
[  151.485910][ T3796] usb 4-1: USB disconnect, device number 8
[  151.494829][ T3574] attempt to access beyond end of device
[  151.494829][ T3574] loop4: rw=2049, want=45104, limit=40427
[  151.515225][ T4152] attempt to access beyond end of device
[  151.515225][ T4152] loop0: rw=2049, want=45104, limit=40427
[  151.758852][ T5247] netlink: 28 bytes leftover after parsing attributes in process `syz.1.352'.
[  151.952654][ T3616] Bluetooth: hci1: command 0x0406 tx timeout
[  152.095149][ T5256] loop1: detected capacity change from 0 to 256
[  152.135209][ T5258] loop3: detected capacity change from 0 to 128
[  152.296442][ T5256] FAT-fs (loop1): bogus sectors per cluster 0
[  152.298424][ T5265] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  152.322721][ T5256] FAT-fs (loop1): Can't find a valid FAT filesystem
[  153.369365][ T5276] loop1: detected capacity change from 0 to 512
[  154.080375][ T5276] EXT4-fs (loop1): orphan cleanup on readonly fs
[  154.108723][ T5276] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  154.161709][ T5276] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  154.196984][ T5284] loop4: detected capacity change from 0 to 128
[  154.222619][ T5276] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  154.279855][ T5276] EXT4-fs (loop1): 1 truncate cleaned up
[  154.290148][ T5284] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  154.325867][ T5276] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000009,init_itable,,errors=continue. Quota mode: writeback.
[  154.341137][ T5287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  154.417652][ T5289] netlink: 36 bytes leftover after parsing attributes in process `syz.3.364'.
[  154.456945][ T5287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.366'.
[  154.530354][ T5289] xt_bpf: check failed: parse error
[  154.854003][ T5303] loop1: detected capacity change from 0 to 1024
[  155.704152][ T5303] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.704447][ T5313] overlayfs: './file0' not a directory
[  156.144075][ T5337] loop0: detected capacity change from 0 to 1024
[  156.163668][ T5336] ALSA: mixer_oss: invalid OSS volume '�}8z��00000'
[  156.208623][   T26] audit: type=1326 audit(1722961530.350:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  156.254452][ T5343] loop2: detected capacity change from 0 to 164
[  156.330425][ T5337] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  156.346435][   T26] audit: type=1326 audit(1722961530.350:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  156.371501][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.411688][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.517973][ T5343] Unable to read rock-ridge attributes
[  156.565948][ T5342] loop4: detected capacity change from 0 to 8192
[  156.656940][   T26] audit: type=1326 audit(1722961530.350:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  156.831073][   T26] audit: type=1326 audit(1722961530.350:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  156.860228][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.092494][   T26] audit: type=1326 audit(1722961530.350:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  157.124815][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.141893][ T5358] loop2: detected capacity change from 0 to 2048
[  157.269559][ T5358] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  157.383799][   T26] audit: type=1326 audit(1722961530.350:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  157.413312][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.469722][ T5360] loop4: detected capacity change from 0 to 64
[  157.595633][   T26] audit: type=1326 audit(1722961530.350:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  157.623867][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.811627][ T5365] loop0: detected capacity change from 0 to 8
[  157.878765][   T26] audit: type=1326 audit(1722961530.350:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  158.010445][ T5349] loop1: detected capacity change from 0 to 32768
[  158.103807][   T26] audit: type=1326 audit(1722961530.350:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  158.130259][    C0] vkms_vblank_simulate: vblank timer overrun
[  158.143170][ T5369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.393'.
[  158.145778][ T5349] XFS: attr2 mount option is deprecated.
[  158.276999][ T5369] tipc: Started in network mode
[  158.332571][ T5369] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  158.338867][   T26] audit: type=1326 audit(1722961530.350:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5338 comm="syz.3.387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8cda3249f9 code=0x7ffc0000
[  158.369565][ T5369] tipc: Enabled bearer <eth:macvlan0>, priority 0
[  158.405065][ T5376] loop0: detected capacity change from 0 to 16
[  158.453321][ T5376] erofs: Unknown parameter '����t�5�;�
�}	�7_c��������N�����"L������a�m)p�������'6~�'
[  158.484916][ T5349] XFS (loop1): Mounting V5 Filesystem
[  158.581687][ T5384] loop4: detected capacity change from 0 to 64
[  158.783466][ T5349] XFS (loop1): Ending clean mount
[  158.838807][ T5349] XFS (loop1): Quotacheck needed: Please wait.
[  158.999544][ T5385] device macsec0 entered promiscuous mode
[  159.115492][ T5385] device macsec1 entered promiscuous mode
[  159.142023][ T5349] XFS (loop1): Quotacheck: Done.
[  159.556292][    T7] tipc: Node number set to 10398378
[  159.954001][ T4847] XFS (loop1): Unmounting Filesystem
[  159.961822][ T5394] loop3: detected capacity change from 0 to 24
[  160.037375][ T5394] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  160.144976][ T5394] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  160.514554][ T5420] binder: 5418:5420 ioctl c018620c 20000040 returned -22
[  160.890662][ T5432] loop1: detected capacity change from 0 to 8192
[  161.008557][ T5417] loop4: detected capacity change from 0 to 32768
[  161.016612][ T5432] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  161.073931][ T5417] 
[  161.073931][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.073931][ T5417] 
[  161.258031][ T5417] 
[  161.258031][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.258031][ T5417] 
[  161.312549][ T5446] loop0: detected capacity change from 0 to 128
[  161.330916][ T5417] 
[  161.330916][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.330916][ T5417] 
[  161.360124][ T5446] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  161.405130][ T5417] 
[  161.405130][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.405130][ T5417] 
[  161.413981][ T5450] loop1: detected capacity change from 0 to 64
[  161.484093][ T5417] 
[  161.484093][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.484093][ T5417] 
[  161.498275][ T5417] 
[  161.498275][ T5417]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.498275][ T5417] 
[  161.547022][  T275] 
[  161.547022][  T275]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.547022][  T275] 
[  161.763441][ T4743] 
[  161.763441][ T4743]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.763441][ T4743] 
[  161.826800][ T4743] 
[  161.826800][ T4743]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.826800][ T4743] 
[  161.933268][ T3574] 
[  161.933268][ T3574]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  161.933268][ T3574] 
[  162.009577][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.422'.
[  162.081524][ T3574] 
[  162.081524][ T3574]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  162.081524][ T3574] 
[  162.445646][  T275] ==================================================================
[  162.459451][  T275] BUG: KASAN: use-after-free in __lock_acquire+0x74/0x1ff0
[  162.470999][  T275] Read of size 8 at addr ffff888061de28d8 by task jfsCommit/275
[  162.480518][  T275] 
[  162.483477][  T275] CPU: 1 PID: 275 Comm: jfsCommit Not tainted 5.15.164-syzkaller #0
[  162.493466][  T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  162.505346][  T275] Call Trace:
[  162.510752][  T275]  <TASK>
[  162.514263][  T275]  dump_stack_lvl+0x1e3/0x2d0
[  162.519909][  T275]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  162.527674][  T275]  ? _printk+0xd1/0x120
[  162.535233][  T275]  ? __wake_up_klogd+0xcc/0x100
[  162.542516][  T275]  ? panic+0x860/0x860
[  162.546890][  T275]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  162.553431][  T275]  ? do_raw_spin_unlock+0x137/0x8b0
[  162.561244][  T275]  print_address_description+0x63/0x3b0
[  162.568866][  T275]  ? __lock_acquire+0x74/0x1ff0
[  162.575584][  T275]  kasan_report+0x16b/0x1c0
[  162.581215][  T275]  ? __lock_acquire+0x74/0x1ff0
[  162.586638][  T275]  __lock_acquire+0x74/0x1ff0
[  162.593387][  T275]  lock_acquire+0x1db/0x4f0
[  162.597991][  T275]  ? __mutex_lock_common+0x46d/0x25a0
[  162.604961][  T275]  ? read_lock_is_recursive+0x10/0x10
[  162.611335][  T275]  ? mutex_spin_on_owner+0x35d/0x370
[  162.617819][  T275]  ? schedule+0x132/0x1f0
[  162.623204][  T275]  ? preempt_count_add+0x8f/0x180
[  162.628945][  T275]  _raw_spin_lock+0x2a/0x40
[  162.633886][  T275]  ? __mutex_lock_common+0x46d/0x25a0
[  162.639988][  T275]  __mutex_lock_common+0x46d/0x25a0
[  162.646500][  T275]  ? jfs_syncpt+0x22/0x90
[  162.652622][  T275]  ? mutex_lock_io_nested+0x60/0x60
[  162.658994][  T275]  ? do_raw_spin_unlock+0x137/0x8b0
[  162.664930][  T275]  mutex_lock_nested+0x17/0x20
[  162.671686][  T275]  jfs_syncpt+0x22/0x90
[  162.677622][  T275]  txEnd+0x30b/0x560
[  162.682351][  T275]  jfs_lazycommit+0x60d/0xc30
[  162.688033][  T275]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  162.694996][  T275]  ? lockdep_hardirqs_on+0x94/0x130
[  162.700842][  T275]  ? txFreelock+0x580/0x580
[  162.705710][  T275]  ? sched_dynamic_update+0x240/0x240
[  162.711713][  T275]  kthread+0x3f6/0x4f0
[  162.715809][  T275]  ? txFreelock+0x580/0x580
[  162.722099][  T275]  ? kthread_blkcg+0xd0/0xd0
[  162.727319][  T275]  ret_from_fork+0x1f/0x30
[  162.732587][  T275]  </TASK>
[  162.737082][  T275] 
[  162.740399][  T275] Allocated by task 5417:
[  162.746010][  T275]  ____kasan_kmalloc+0xba/0xf0
[  162.752011][  T275]  kmem_cache_alloc_trace+0x143/0x290
[  162.760032][  T275]  lmLogOpen+0x314/0x1030
[  162.765965][  T275]  jfs_mount_rw+0xe3/0x640
[  162.771711][  T275]  jfs_fill_super+0x69f/0xc70
[  162.777755][  T275]  mount_bdev+0x2c9/0x3f0
[  162.782566][  T275]  legacy_get_tree+0xeb/0x180
[  162.787581][  T275]  vfs_get_tree+0x88/0x270
[  162.793058][  T275]  do_new_mount+0x2ba/0xb40
[  162.797891][  T275]  __se_sys_mount+0x2d5/0x3c0
[  162.803534][  T275]  do_syscall_64+0x3b/0xb0
[  162.808524][  T275]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  162.815030][  T275] 
[  162.818492][  T275] Freed by task 3574:
[  162.823719][  T275]  kasan_set_track+0x4b/0x80
[  162.828714][  T275]  kasan_set_free_info+0x1f/0x40
[  162.834860][  T275]  ____kasan_slab_free+0xd8/0x120
[  162.841691][  T275]  slab_free_freelist_hook+0xdd/0x160
[  162.850301][  T275]  kfree+0xf1/0x270
[  162.854575][  T275]  lmLogClose+0x29d/0x530
[  162.859250][  T275]  jfs_umount+0x298/0x370
[  162.865725][  T275]  jfs_put_super+0x86/0x180
[  162.871306][  T275]  generic_shutdown_super+0x136/0x2c0
[  162.877757][  T275]  kill_block_super+0x7a/0xe0
[  162.886069][  T275]  deactivate_locked_super+0xa0/0x110
[  162.894023][  T275]  cleanup_mnt+0x44e/0x500
[  162.899091][  T275]  task_work_run+0x129/0x1a0
[  162.904570][  T275]  exit_to_user_mode_loop+0x106/0x130
[  162.910836][  T275]  exit_to_user_mode_prepare+0xb1/0x140
[  162.918861][  T275]  syscall_exit_to_user_mode+0x5d/0x240
[  162.925377][  T275]  do_syscall_64+0x47/0xb0
[  162.930962][  T275]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  162.937806][  T275] 
[  162.940423][  T275] The buggy address belongs to the object at ffff888061de2800
[  162.940423][  T275]  which belongs to the cache kmalloc-1k of size 1024
[  162.957277][  T275] The buggy address is located 216 bytes inside of
[  162.957277][  T275]  1024-byte region [ffff888061de2800, ffff888061de2c00)
[  162.976660][  T275] The buggy address belongs to the page:
[  162.983596][  T275] page:ffffea0001877800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61de0
[  162.998305][  T275] head:ffffea0001877800 order:3 compound_mapcount:0 compound_pincount:0
[  163.009893][  T275] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  163.018727][  T275] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888011c41dc0
[  163.030367][  T275] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  163.042957][  T275] page dumped because: kasan: bad access detected
[  163.051435][  T275] page_owner tracks the page as allocated
[  163.058746][  T275] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3566, ts 52905109108, free_ts 13246315420
[  163.087035][  T275]  get_page_from_freelist+0x322a/0x33c0
[  163.093301][  T275]  __alloc_pages+0x272/0x700
[  163.099804][  T275]  new_slab+0xbb/0x4b0
[  163.104237][  T275]  ___slab_alloc+0x6f6/0xe10
[  163.109720][  T275]  __kmalloc_node+0x1fa/0x390
[  163.115586][  T275]  qdisc_alloc+0x95/0xaf0
[  163.120561][  T275]  qdisc_create_dflt+0x5e/0x460
[  163.128111][  T275]  dev_activate+0x33c/0x12c0
[  163.136719][  T275]  __dev_open+0x3eb/0x500
[  163.142428][  T275]  __dev_change_flags+0x1db/0x6e0
[  163.149824][  T275]  dev_change_flags+0x87/0x190
[  163.157560][  T275]  do_setlink+0xcd1/0x3b00
[  163.163991][  T275]  rtnl_newlink+0x17a4/0x2070
[  163.171067][  T275]  rtnetlink_rcv_msg+0x993/0xee0
[  163.176740][  T275]  netlink_rcv_skb+0x1cf/0x410
[  163.183167][  T275]  netlink_unicast+0x7b6/0x980
[  163.190243][  T275] page last free stack trace:
[  163.195782][  T275]  free_unref_page_prepare+0xc34/0xcf0
[  163.205410][  T275]  free_unref_page+0x95/0x2d0
[  163.212579][  T275]  free_contig_range+0x95/0xf0
[  163.218592][  T275]  destroy_args+0xfe/0x980
[  163.224434][  T275]  debug_vm_pgtable+0x40d/0x470
[  163.231424][  T275]  do_one_initcall+0x22b/0x7a0
[  163.237433][  T275]  do_initcall_level+0x157/0x210
[  163.244626][  T275]  do_initcalls+0x49/0x90
[  163.252831][  T275]  kernel_init_freeable+0x425/0x5c0
[  163.259599][  T275]  kernel_init+0x19/0x290
[  163.265235][  T275]  ret_from_fork+0x1f/0x30
[  163.270505][  T275] 
[  163.273321][  T275] Memory state around the buggy address:
[  163.280462][  T275]  ffff888061de2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  163.293776][  T275]  ffff888061de2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.305773][  T275] >ffff888061de2880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.316270][  T275]                                                     ^
[  163.327653][  T275]  ffff888061de2900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.338548][  T275]  ffff888061de2980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.351225][  T275] ==================================================================
[  163.361125][  T275] Disabling lock debugging due to kernel taint
[  163.369282][  T275] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  163.379467][  T275] CPU: 1 PID: 275 Comm: jfsCommit Tainted: G    B             5.15.164-syzkaller #0
[  163.394053][  T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  163.409560][  T275] Call Trace:
[  163.415292][  T275]  <TASK>
[  163.418937][  T275]  dump_stack_lvl+0x1e3/0x2d0
[  163.426556][  T275]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  163.435874][  T275]  ? panic+0x860/0x860
[  163.442549][  T275]  ? rcu_is_watching+0x11/0xa0
[  163.448064][  T275]  ? lock_release+0xb9/0x9a0
[  163.454547][  T275]  panic+0x318/0x860
[  163.460300][  T275]  ? check_panic_on_warn+0x1d/0xa0
[  163.467069][  T275]  ? fb_is_primary_device+0xd0/0xd0
[  163.473593][  T275]  ? do_raw_spin_unlock+0x137/0x8b0
[  163.479021][  T275]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  163.490868][  T275]  ? _raw_spin_unlock+0x40/0x40
[  163.496942][  T275]  check_panic_on_warn+0x7e/0xa0
[  163.502546][  T275]  ? __lock_acquire+0x74/0x1ff0
[  163.508402][  T275]  end_report+0x6d/0xf0
[  163.515927][  T275]  kasan_report+0x18e/0x1c0
[  163.524558][  T275]  ? __lock_acquire+0x74/0x1ff0
[  163.531854][  T275]  __lock_acquire+0x74/0x1ff0
[  163.539247][  T275]  lock_acquire+0x1db/0x4f0
[  163.546360][  T275]  ? __mutex_lock_common+0x46d/0x25a0
[  163.554188][  T275]  ? read_lock_is_recursive+0x10/0x10
[  163.561249][  T275]  ? mutex_spin_on_owner+0x35d/0x370
[  163.568035][  T275]  ? schedule+0x132/0x1f0
[  163.574985][  T275]  ? preempt_count_add+0x8f/0x180
[  163.583383][  T275]  _raw_spin_lock+0x2a/0x40
[  163.589621][  T275]  ? __mutex_lock_common+0x46d/0x25a0
[  163.596416][  T275]  __mutex_lock_common+0x46d/0x25a0
[  163.602097][  T275]  ? jfs_syncpt+0x22/0x90
[  163.607151][  T275]  ? mutex_lock_io_nested+0x60/0x60
[  163.615533][  T275]  ? do_raw_spin_unlock+0x137/0x8b0
[  163.622095][  T275]  mutex_lock_nested+0x17/0x20
[  163.627727][  T275]  jfs_syncpt+0x22/0x90
[  163.633208][  T275]  txEnd+0x30b/0x560
[  163.637975][  T275]  jfs_lazycommit+0x60d/0xc30
[  163.645614][  T275]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  163.654419][  T275]  ? lockdep_hardirqs_on+0x94/0x130
[  163.661588][  T275]  ? txFreelock+0x580/0x580
[  163.666538][  T275]  ? sched_dynamic_update+0x240/0x240
[  163.674425][  T275]  kthread+0x3f6/0x4f0
[  163.679728][  T275]  ? txFreelock+0x580/0x580
[  163.686469][  T275]  ? kthread_blkcg+0xd0/0xd0
[  163.693582][  T275]  ret_from_fork+0x1f/0x30
[  163.700490][  T275]  </TASK>
[  163.704727][  T275] Kernel Offset: disabled
[  163.710644][  T275] Rebooting in 86400 seconds..