last executing test programs:

22.376436933s ago: executing program 0 (id=836):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'gre0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x4c5, "46b94294057053d8b4bbfb1a4dfed102"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

22.325974826s ago: executing program 0 (id=837):
r0 = syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x10038ab, 0x80, 0x0, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x20, 0x3, 0x7, 0x301, 0x0, 0x0, {0x5, 0x0, 0xd}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

22.197550818s ago: executing program 0 (id=838):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000a80)=ANY=[@ANYBLOB="63726561746f723da8fa40b32c6465636f6d706f73652c63726561746f723dbd1c66f52c6e6c733d63703836392c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c666f7263652c00f2d2d783dca321ca066f379066a92598376c0a6fb6ebb186b9be7a1d0debd4c2ce3408ded03a80e9839d59c9e7ee798f53e0387168295df851a241c8ce5a7094002fc55c1a66f9e609ea2409393aeb7f8902fcfb60db30dde50ac8f677ad022ab20fcf35644f0090f1861caf534652a239e63533b1a1d4251af75bb0ab1e3bffcf118f464e5f296a5e488bc804019abdcd6deed70d74ab439ff1b9839c7a8666aefe533565f6c6146cfd6ee47347c7dd230d2bfddd5b171026823367db7821b2c9b936b83cd77a9374bfba82530c6b3267130c"], 0x3, 0x6b4, &(0x7f0000000180)="$eJzs3U9sHFcdB/DvbJx1Nkip+y8NCKlWI1XQiMTOqiRISA0IoRwiFMGlVytxGiubtHJclFaIbICCxIkT6oFDURUOPSGEkMoJUc5ISFw45R6pNw45AEYzO7te2xvH29het/18pPF7s2/ee7/5Zf54Z2NtgM+t86/mYDdFzp+4cKtcv3e33bl3t329X08ynaSRTPWKFK2k+Cg5l96SL5Yv1sMVD5vn5fsfFlPvftDurZVjvX+w3r6xVb9NRm7ZTQ4NVg4kme1V/7PtYTeNVy3VOJfWxnu46a0ai0HcZcKO9xMHk7a6SXetsfHI7ts/b4F963bvvrnJTHI4vbtrdYurrw6PvjJM3pbXpu7exQEAAAC7ZeR7+WFPPMiD3MqRvQkHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhuK3ncGFvXS6NdnU/S//7859J36zQmH+5jeuVIV339i0oEAAAAAAAAAwGN5/kEe5FaO9NdXi+oz/xeqlWeqn1/Im7mZxSznZG5lIStZyXLmk8wMDdS8tbCysjy/ueevU/ZcXV29Xfc8PbLn6fVxdTcGOup/GmzaCAAAAAAAAAA+t36S82uf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH5QJAd6RbU806/PpDGV5FCSZjE72Lw50WB3wF8mHQAAAADsvlZdHin+16usFtV7/qPV+/5DeTM3spKlrKSTxVyungX03vU3/tFtd+7dbV8vl80Df+vjseKoRkzv2cPomeeqLZ4d9Dif7+YHOZHZXMxylvLDLGQli5nNd6raQorM1E8vZu7dbaUf6+Z4z61bu7gxtueH6mV8x6pIWrmSpSq2k7nU7IfeqLc7NjTbn5rJhhnvlNkpXqltM0eX67Lco1/V5Y478Ek6zVR7fnCQkbk692U2nhzO++bcj3mcbJxpPo3BM6hn1mYpVzfOdOfj5vg5P1yXZa5/vls57xnzUdr6THR/Wa71j76jW+c8+eo//3rxauPGtatXbp7YxV3aGxuPifZQJp7bViY6ZSa6j5GJQ48T/85p1tnoncTjXS1fqPoeyVK+l9dzOYs5k7nM52zm8o2cTjunh/L67NZ5ra5vjfHOteNfqSvlPekXQ/emPTP9sIYyr08O5XX4SjdTtQ2/spalp7aRpaKZ0Vn618hQpr5UV8o5fjp0x5m8jZmYH8rE01tn4rf/XU1ys3Pj2vLVhTe2Od+LdVmetu+svza/vyM7NL56d8vj5anyHyu928bw0VG2Pd1v25CvZv2Jy1Q92Lq2Zqrzudf2qDO1HOnonVEj9dqeGzlLu2o7NtS27recvJ7O4LcQAPaxwy8dbrbut/7eeq/1s9bV1oVD354+O/3lZg7+berPB37f+F3jm8VLeS8/zpFJRwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8FN996+9pCp7O4vA8raezwgHdGNvVT0XuluT/2/dNamd7qiPpDki26NycRcyvJvkhdpvZgrumMaLoweKWVNAbxJLm2T77gDtgNp1auv3Hq5ltvf23p+sJri68t3jh99swrZ9pfn7996spSZ3Gu93PSUQK7Ye3XgElHAgAAAAAAAAAAAGzXWH9F0Mwn+tuDEdMW3QnsKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDpdP7VHOymyPzcybly/d7ddqdc+vW1LaeSNJIUP0qKj5Jz6S2ZGRqueNg8L9//8DcvvvtBe22sqf72jQ39/vjv1dUx96JbL5lNcqAuH216W+NdqsrmoGF8xWAPy4Qd7ycOJu3/AQAA//9Hgwei")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
read$FUSE(r0, &(0x7f0000002a80)={0x2020}, 0x2020)

22.096643777s ago: executing program 0 (id=839):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000180)={[{@iocharset={'iocharset', 0x3d, 'cp869'}}, {@umask={'umask', 0x3d, 0x5}}, {@namecase}, {}, {@fmask={'fmask', 0x3d, 0xab}}, {@discard}, {@fmask={'fmask', 0x3d, 0x6}}, {@utf8}, {@umask={'umask', 0x3d, 0x6}}, {@allow_utime={'allow_utime', 0x3d, 0xce38}}]}, 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f000003f980)=""/4088, 0xff8)

21.936947277s ago: executing program 0 (id=842):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x71, &(0x7f0000000080)={r1}, 0x8)

21.668882914s ago: executing program 0 (id=851):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$LINK_DETACH(0x22, 0x0, 0x0)

21.541723873s ago: executing program 32 (id=851):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$LINK_DETACH(0x22, 0x0, 0x0)

2.909401857s ago: executing program 1 (id=1033):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0xe}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

2.786668193s ago: executing program 1 (id=1035):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'ip6tnl0\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6}]}}}]}, 0x50}}, 0x0)

2.705397127s ago: executing program 1 (id=1036):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}], 0x4)

2.606668878s ago: executing program 1 (id=1038):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x101800, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
pselect6(0x40, &(0x7f0000000180)={0x0, 0x0, 0x12, 0x2, 0x6, 0x9, 0x40, 0x8000}, 0x0, &(0x7f0000000240)={0x1f, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000004}, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
r1 = syz_open_dev$video(&(0x7f00000002c0), 0x8, 0x12000)
syz_mount_image$hfsplus(&(0x7f0000000a40), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000000)=ANY=[], 0x1, 0x68b, &(0x7f0000000a80)="$eJzs3U1sHFcdAPD/rNdrbwip2zptQJVqNRIgLBI7lgvmQkCALNFDVQ6crcRprGzSYm+RWyG6fF976BWpHHxA4oTEPVK5cIFbD734WAmJSy+Y06KZndnvTXeTOLumv180+97Mm3kf/5nZt95VNAF8bm2vRvl+JLG9+sphun58tFE7Ptq4W+QjYiEiGhHliChFRPKfZrP5YcT1iKRdTdKXRsz3tvP+3tZrH316/ElrrZwv2f6lnuMeSiNfYiUi5vL0cdV345HrS9ojvB4Rl/MUpi69TZs9fvr3862SSs+O1WFHLz6ZTgKnKmnNmwOWIs7lN3r6OaA1K7bm7DOtMe0OAAAAwBPw1EmcxGFyYdr9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLOi0Xn+f5IvpSK/Eknx/P9Kvi3y/Gx5cbLd759WPwAAAAAAAADgYS1MfsiLJ3ESh3GhWG8m2W/+L2Ury9nrF+KtOIjd2I8rcRg7UY967Md6RCx1VVQ53KnX99fHOPLa0COvjTm26kDJ4BYAAAAAAAAA+Pz5VWx3fv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBZkETMtZJsWY5ya/NSlNLcYkRU0g2NiH8W+bPs/rQ7AAAAAI+uOmzjQlf+qZM4icO4UKw3k1iOiOeyv/8X4624F/XYi3rUYjduZt8JtP7qLx0fbdSOjzbupstgG9/990T9zGqM1ncPw1u+lO1RjVuxl225EjfijajFzShlR6Yu5f0pau3r1y/TPiXfyY3Zs5t5mo78vTwd8O5Egx3lwV+m3FnMM3N5upRFZL4dkbW8b2k0ni7OzPAzVJyd+fE61t/SepTanV3ua6lvEJ2YL47XVupcnqbj+d2omE9FTySyEXWuvuceHPOIr/71zz+5Xbt35/atg9XZGdJ4iouumb1WB6+Jja5IPP//HIkBa1kkLrbXt+OH8eNYjZV4NfZjL34WO1GP3ViJ72e5nfx6Trpu+RGRut6z9uqIDrTfvCv5Fdo6WZP16aXs2Aux135TeDn7dy3W45uxGZux1XWGLz74DGd3fWnEO23zi0NHcflreSads34/au6aijSuTxdxTaLnPXcpK+ve0onSM2NEacL5qPzl/B5M2/h1ns6G/kisd0Xi2QdH4o/ZkA5q9+7s3955c7zmnnkvz6T30W9napao5PdQ67eT3qsjvZaeHVq2npUtt8tKA2UX22WtO7URb8TN2B1yp1byz3CDNV3Lyp4fWraRlV3qKhv2eQuAmZZOh+e+fq5S/Vf1H9UPqr+p3q6+svi9hW8tvFCJ+b/Nf7u8NveV0gvJX+KD+EXnIyQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDwDt5+585Orba735Np1JrN5rtDix418/HHf8oe8PT4ax4nUzzO7Ak2+qXzEZ+58/mpROORM0ky7s7/bTab+Zbk8XWjFKczrmZuVuI8jcx035eA03e1fvfNqwdvv/ONvbs7r+++vntva3Nza21r8+WNq7f2artrrdf+oyZ4piswszqTfn/JH6bTIQAAAAAAAAAAAOAznfb/IkimPUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzNtejfL9SGJ97cpaun58tFFLlyLf2bMcEaWISH4ekXwYcT1aSyx1VZeMauf9va3XPvr0+JNOXeVi/9KQ434w2Sga+RIrETGXp4UfjVVFeWR9N/pLJ5a0R5gG7HIROJi2/wUAAP//UBcJ2Q==")
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x4, 0x7fff0000}]})
sync()
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_G_STD(r1, 0x80085617, &(0x7f0000000500))
accept(r0, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000180)=0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'sit0\x00', &(0x7f00000001c0)={'tunl0\x00', 0x0, 0x7800, 0x40, 0xa1, 0x4, {{0x5, 0x4, 0x2, 0x1, 0x14, 0x64, 0x0, 0xd, 0x2f, 0x0, @remote, @private=0xa010101}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$kcm(r0, 0x0, 0x0)

2.036267938s ago: executing program 3 (id=1052):
shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x5000)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000300)=""/47)

1.925496856s ago: executing program 3 (id=1053):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@RTA_IIF={0x8}, @RTA_DST={0x8, 0x1, @local}]}, 0x2c}}, 0x10)

1.86695992s ago: executing program 3 (id=1054):
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0xec, 0xb3, 0x4d, 0x20, 0xb95, 0x2791, 0xd2d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x23, 0x86}}]}}]}}, 0x0)

1.742363776s ago: executing program 1 (id=1058):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/204, 0xcc}], 0x1, 0xcc, 0x0)

1.546599422s ago: executing program 1 (id=1059):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0xbd, 0xf7, 0x13, 0x8, 0x2770, 0x930c, 0x8d6a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2a, 0xc5, 0x98}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="001306000000ec19d02303f6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000005c0)={0x2c, &(0x7f00000002c0)={0x40, 0x16}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x1}, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

699.207968ms ago: executing program 3 (id=1062):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190)
syz_emit_ethernet(0x46, &(0x7f00000004c0)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x0, 0xe4}}}}}}, 0x0)

667.489049ms ago: executing program 3 (id=1063):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000001240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)=""/143, 0x1a, 0x8f, 0x1}, 0x28)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

548.222604ms ago: executing program 3 (id=1065):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='./bus/file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x516, &(0x7f0000000740)="$eJzs3c9vG1kdAPCvnV9umm6ysIcFAVuWhYKq2om7G632wnJBQqvVIi2cEGqjxI2i2HEUO6UJkUjPXJGoxAn+BA5IHJB64s4NblzKAalABWqQEPJq7HGbOHFiNXHcxp+PNPJ7MxN/v8/SvBc/2/MCGFpXI2I3IsYj4nZETKf7M+kWH7a25LynT3YW957sLGai0fj0n6PpmTuL7fPbLqfPmYv4JKlPHBG3trW9ulAulzbSeqFeWS/UtrZvrFQWlkvLpbVicX5ufvb9m+8Vz6ytb1V++/i7Kx/98A+///KjP+1+66dJzt9OjyVtO7NA+7Rel7GY2rcveeU+6kewARhJ2zM+6ER4IdmI+FxEvJ2Wn8kNLicAoL8ajeloTO+vd5fp4RwA4OWXvOefikw2n77/n4psNp9vzuHl3ojJbLlaq1+/U91cW4rmHNZMjGXvrJRLs+lc4UyMZZL6XLP8vF7sqN+MiNcj4hcTl5r1/GK1vDSof3oAYMhd7hj//zPRGv974BMCAHiVGckBYPgcHv/HBpIHAHB+vP8HgOGzb/w/6re6AMAFlOv47T8AcPGdOP//Zvzsx+eTCgBwTnz+DwBD5fsff5xsjb30/tdLd7c2V6t3byyVaqv5yuZifrG6sZ5frlaXm/fsqZz0fOVqdX3u3di8V6iXavVCbWv7VqW6uVa/1byv962SHxYAwOC9/tbDv2QiYveDS80t2ms5+EIAXHgucxheI4NOABiY0UEnAAyM+Xggc8Lxrl8RetD9by6dIh+g/659ocv8//H/G/y/cT7pAX1k/h+G1+nm/80ewKvM/D8Mr0YjYz1/ABgyPbyD9xVBuOBe+PN/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGGJTzS2TzadrgU9FNpvPR1yJiJkYy9xZKZdmI+K1iPjzxNhEUp8bdNIAwCll/55J1/+6Nv3OVOfR8cx/J5qPEfGTX336y3sL9frGXLL/X8/21x+k+4tHBpjofxsAgH1GO3e0x+n2ON5e3/fpk53F9naeCT7+Tmtx0STuXrq1U28ln4uxiJj8d+ZAYzJntDDx7v2IeLOz/dlnx2fSlU874yexr/QtfjRbOHUgfvZA/GzzWOsxeS0+fwa5wLB5mPQ/Hx51/WXjavMxvf4yBzvTXPz8cOf6Atr9316js/9rXe+fXMk1+5qj+r+rvcZ494/f63rs/kjji6MRe4f63/aK0Llm6aj47/QY/69f+srb3Y41fh1xLY6L3yoV6pX1Qm1r+8ZKZWG5tFxaKxbn5+Zn37/5XrHQnKMutGeqD/vHB9df697+iMku8XMntP/rPbb/N/+7/aOvHhP/m187Kn423jgmfjImfqPH+AuTv+u6fHcSf6lL+0cPxB8/8HfJvus9xn/0t+2lHk8FAM5BbWt7daFcLm0onLaQ69czX35JGqhwTGEkyu35qJcin1MXBtwxAX33/KIfdCYAAAAAAAAAAAAAAEA3tR+kt/zr44/hBt1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq7PAgAA//+iDcmp")
syz_usb_connect(0x0, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109022400010000000009040000025c291d0009050900000000060009050ae5"], 0x0)

547.975423ms ago: executing program 2 (id=1066):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x332)

449.760604ms ago: executing program 2 (id=1067):
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\\\x00')
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
read$FUSE(r0, &(0x7f0000001300)={0x2020}, 0x2020)

399.510862ms ago: executing program 2 (id=1068):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)={0x1c, 0x22, 0x601, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @generic="b7"]}, 0x1c}], 0x1}, 0x0)

339.14647ms ago: executing program 2 (id=1069):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x2, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000b00)={0x0, 0xf22fff7f, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc00e}], 0x9, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d5f47f000000000000010000000000020000000000140000000000000000000000020000000000000000000000140000000000000000000000020000000000000000000000110000000000000000000000010000000000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000002"], 0xf}, 0x0)

168.585495ms ago: executing program 2 (id=1070):
socket$kcm(0xa, 0x3, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x3c56, 0x1, 0x2}, 0x48)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000080)="1c0000006d0081044e81f782db1f4cb9041c1d0800fe007c05e8fe55", 0x1c}], 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf79d}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{0x0}, {0x0}, {&(0x7f0000000800)}], 0x3, 0x0, 0x0, 0x5865}, 0x0)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001201", 0x2e}], 0x1}, 0x0)

0s ago: executing program 2 (id=1071):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x4000, &(0x7f0000000380)={[{@coherency_buffered}, {@heartbeat_none}, {@coherency_full}, {@err_cont}, {@data_writeback}, {@localflocks}, {@localflocks}, {@data_ordered}]}, 0x89, 0x4430, &(0x7f00000088c0)="$eJzs3c9PXNUeAPBzL/QV+to+6OuiL3nJm+Q1MVFDoCuVJlJKS6HFmmob42Y6wLRFB6aBwbjoAndNXJm4MC4aTdyxali4rX+CG5d13agLNyYmjZiZuQNzL4yMhAFbP58Fl3t+D997z5y7uJw4Ubkzt5SbW8oVFnLlmVtLZ3IflEvL88UQ75Nt+z+0f/3Tnk5cJwd97f2dXT1/8a0bZ0L4Zva7J+vr6+uhqjskotBsqOn3X36+N9N8bIhDWrXd0FHvhhBObhlXVVcI4Z2v65/iXJI2mhx7QwjHkk94497HN3N7NJqHj4tn80+n7q8Nn55cfbDW+rNHIXxe+s/Lt+d//H/X8Pcv7lH3AAAAAAAAAAAAAAAAAAA848avXb3+5uBQeBSF7tVo6/u648mx1fux63vmf53/sAAAAAAAAAAAAAAAAAAAAPAXtfn+fy46sc37/2PJcaRF/fXXOz9GOmfijatjFwaHkv3foy35ryRJP53rCv3b7Pue3f/9XKb+9vu/b+1ntxrja/TbF6J4IHUexwMDIXyZbPx+KjoSl8pLlZdulZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+//9/b7maquc39+4Se66l49/VstxXH0Vtxf98pt5+xJ/dS8e/u5bW21xgpD4BVOP/SffO8R/LtN+p+B8PIeSi6lhzqRmguoapprdar5CWjv+hWlpq6kz+kK3u/18z8b+Qaf+g5v+V7BcR20rH/x+1tJ5Uic37vz/e+f6/mGn/IOJfHf+K7/+2pON/uJ7YnSpS+0u2O/+PZ9pvHf8/WGy04XqcjPN4lLoCVqN6eqv/V0daOv49W/I3n//ittZ/lzL19+v5r9Fv4/mvMf3/ENWf/9heOv69Lcu1e/9PZOp1ev4fqa3/2K10/I/U0tJr577az3bjP5lpv1Pxr61Kehrx35xPfjtcT//C+q8t6fj/s54YN5dYqf2srf+indf/lzPtH8T6rzr+lbizvT4vmuPfFY62LFeN/7dtfP9fydTrfPxDGLTW37X0/X+sZbna/d+zc/ynMvU6Hf8XOtk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDNgNDn2hSgeSJ3H8cBACOeT81PhSDRdmM1Pl8oz7y+FMJak58KJ6HapPF0o5ecWyrPFfKFUKs+EcCHJPxl6oqVSuZKfL9y9uNFWb3SnWFisTBcLlRDCeJL+33Cs0db0XGW+cDeEcGkj719xefHuncJCfnZu8bXBwcHBMLExhv6o+GGluFCp917PDWFyo25f1DS4WvbljbEcjd4rLy8uFEq19CtNdUrlmUKpqc5Ukvdp6I8qi8sLM4VKMV8q3270d5BGkuPYxLW3r10Z2pJ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8SY+GX/0shNBdP4tDCCONX6Ltyj98XDybfzp1f2349OTqg7UnrcoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl45RGgiiMAC/GQu18xhWy25nu6KIFq4InkCP4WH0KF7CO6RIkTZFCCSzEDa7sE1SfV/zYH5m3oN5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDxP793HW91EpLjaXEb8ff0vDvOXUn/ux+9fnGFGTuf5tXt4rJvy7+kovytHyzbv0vXq+zNGau93sCfDfdrr+1xPzjW1b1Pz9X1vIuUqItqS36acq2reWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABbduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvyto+jbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgVAAD//xCzHts=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x101442, 0x0)
pwrite64(r0, &(0x7f0000000140)="16eb", 0x2, 0x3)
ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000000)={0x0, 0x1, 0x8, 0x9})

kernel console output (not intermixed with test programs):

 bytes leftover after parsing attributes in process `syz.0.309'.
[   96.963929][ T6701] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[   97.641096][ T6705] loop0: detected capacity change from 0 to 32768
[   97.671312][ T6705] xfs: Unknown parameter 'smackfstransmute'
[   98.012624][ T6728] loop0: detected capacity change from 0 to 128
[   98.214910][ T6732] loop0: detected capacity change from 0 to 4096
[   98.231457][ T6732] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   98.531102][ T6747] netlink: 'syz.0.327': attribute type 12 has an invalid length.
[   98.656683][ T6754] loop0: detected capacity change from 0 to 512
[   98.670501][ T6754] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[   98.699535][ T6754] EXT4-fs (loop0): Remounting filesystem read-only
[   98.702675][ T6754] EXT4-fs (loop0): 1 truncate cleaned up
[   98.710675][ T6754] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.719398][ T6754] EXT4-fs (loop0): shut down requested (2)
[   98.720265][ T6743] loop2: detected capacity change from 0 to 32768
[   98.743113][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.126215][ T6771] binder: 6770:6771 ioctl c0306201 200000000640 returned -22
[   99.153777][ T6773] loop2: detected capacity change from 0 to 256
[   99.166609][ T6773] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[   99.247357][ T6775] overlayfs: missing 'lowerdir'
[   99.447273][ T5859] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   99.451156][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: kworker/u11:4 Not tainted syzkaller #0 PREEMPT(full) 
[   99.451176][ T5859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   99.451185][ T5859] Workqueue: hci1 hci_rx_work
[   99.451209][ T5859] Call Trace:
[   99.451215][ T5859]  <TASK>
[   99.451223][ T5859]  dump_stack_lvl+0x189/0x250
[   99.451245][ T5859]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.451262][ T5859]  ? __pfx__printk+0x10/0x10
[   99.451287][ T5859]  ? kernfs_path_from_node+0x250/0x290
[   99.451301][ T5859]  ? kernfs_path_from_node+0x2f/0x290
[   99.451319][ T5859]  sysfs_create_dir_ns+0x259/0x280
[   99.451335][ T5859]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   99.451360][ T5859]  ? do_raw_spin_unlock+0x4d/0x240
[   99.451380][ T5859]  kobject_add_internal+0x59f/0xb40
[   99.451400][ T5859]  kobject_add+0x155/0x220
[   99.451420][ T5859]  ? __pfx_kobject_add+0x10/0x10
[   99.451434][ T5859]  ? _raw_spin_unlock+0x28/0x50
[   99.451484][ T5859]  ? get_device_parent+0x366/0x3a0
[   99.451503][ T5859]  device_add+0x408/0xb50
[   99.451518][ T5859]  hci_conn_add_sysfs+0xd5/0x1e0
[   99.451531][ T5859]  le_conn_complete_evt+0xc3a/0x1220
[   99.451551][ T5859]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   99.451563][ T5859]  ? __mutex_unlock_slowpath+0x1a1/0x740
[   99.451575][ T5859]  ? __asan_memcpy+0x40/0x70
[   99.451587][ T5859]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   99.451597][ T5859]  ? skb_pull_data+0xfb/0x200
[   99.451610][ T5859]  hci_le_conn_complete_evt+0x187/0x450
[   99.451625][ T5859]  hci_event_packet+0x78f/0x1200
[   99.451636][ T5859]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   99.451649][ T5859]  ? __pfx_hci_event_packet+0x10/0x10
[   99.451659][ T5859]  ? kcov_remote_start+0x4d3/0x7f0
[   99.451671][ T5859]  ? lockdep_hardirqs_on+0x90/0x150
[   99.451683][ T5859]  ? hci_send_to_monitor+0xe2/0x570
[   99.451692][ T5859]  hci_rx_work+0x46a/0xe80
[   99.451706][ T5859]  ? process_scheduled_works+0x9ef/0x17b0
[   99.451714][ T5859]  process_scheduled_works+0xae1/0x17b0
[   99.451735][ T5859]  ? __pfx_process_scheduled_works+0x10/0x10
[   99.451750][ T5859]  worker_thread+0x8a0/0xda0
[   99.451759][ T5859]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.451773][ T5859]  ? __kthread_parkme+0x7b/0x200
[   99.451793][ T5859]  kthread+0x711/0x8a0
[   99.451805][ T5859]  ? __pfx_worker_thread+0x10/0x10
[   99.451812][ T5859]  ? __pfx_kthread+0x10/0x10
[   99.451822][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[   99.451837][ T5859]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.451847][ T5859]  ? __pfx_kthread+0x10/0x10
[   99.451856][ T5859]  ret_from_fork+0x3fc/0x770
[   99.451866][ T5859]  ? __pfx_ret_from_fork+0x10/0x10
[   99.451877][ T5859]  ? __switch_to_asm+0x39/0x70
[   99.451888][ T5859]  ? __switch_to_asm+0x33/0x70
[   99.451897][ T5859]  ? __pfx_kthread+0x10/0x10
[   99.451906][ T5859]  ret_from_fork_asm+0x1a/0x30
[   99.451929][ T5859]  </TASK>
[   99.451950][ T5859] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   99.553450][ T5859] Bluetooth: hci1: failed to register connection device
[   99.699859][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   99.858745][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   99.863531][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   99.868121][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   99.872323][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   99.891696][   T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   99.900124][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.915488][   T10] usb 3-1: config 0 descriptor??
[  100.284267][ T5859] Bluetooth: Wrong link type (-71)
[  100.371141][   T10] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  100.672903][ T5880] usb 3-1: USB disconnect, device number 8
[  100.783938][ T6821] loop0: detected capacity change from 0 to 40427
[  100.788070][ T6821] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  100.790486][ T6821] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  100.794986][ T6821] F2FS-fs (loop0): invalid crc value
[  100.830621][ T6821] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  100.837946][ T6821] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  100.840549][ T6821] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  101.126094][ T6821] F2FS-fs (loop0): Encrypt feature is off
[  101.332566][ T6832] loop0: detected capacity change from 0 to 512
[  101.339206][ T6832] EXT4-fs: Mount option(s) incompatible with ext3
[  101.621112][ T6838] loop0: detected capacity change from 0 to 1024
[  101.880039][ T6841] 9p: Unknown uid 00000000004294967295
[  101.922365][ T6843] loop1: detected capacity change from 0 to 4096
[  101.927969][ T6843] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  102.011565][ T6843] ntfs3(loop1): ino=1d, mi_enum_attr
[  102.014450][ T6843] ntfs3(loop1): ino=1d, mi_enum_attr
[  102.018959][ T6843] ntfs3(loop1): ino=1d, mi_enum_attr
[  102.090561][ T6850] loop1: detected capacity change from 0 to 256
[  102.094853][ T6850] exfat: Deprecated parameter 'utf8'
[  102.106539][ T6850] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  102.247382][ T6851] loop2: detected capacity change from 0 to 7
[  102.272036][ T6851] Dev loop2: unable to read RDB block 7
[  102.278929][ T6851]  loop2: AHDI p1 p2 p3
[  102.281172][ T6851] loop2: partition table partially beyond EOD, truncated
[  102.290985][ T6851] loop2: p1 start 1601398130 is beyond EOD, truncated
[  102.293618][ T6851] loop2: p2 start 1702059890 is beyond EOD, truncated
[  102.454297][ T6856] netlink: 'syz.0.371': attribute type 7 has an invalid length.
[  102.456882][ T6856] netlink: 'syz.0.371': attribute type 8 has an invalid length.
[  102.552462][ T6858] netlink: 288 bytes leftover after parsing attributes in process `syz.0.372'.
[  102.964602][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.376'.
[  102.993700][ T5298] Dev loop2: unable to read RDB block 7
[  102.999751][ T5298]  loop2: AHDI p1 p2 p3
[  103.005551][ T5298] loop2: partition table partially beyond EOD, truncated
[  103.010385][ T5298] loop2: p1 start 1601398130 is beyond EOD, truncated
[  103.019062][ T5298] loop2: p2 start 1702059890 is beyond EOD, truncated
[  103.305605][ T6870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.378'.
[  103.833803][ T6896] netlink: 'syz.2.387': attribute type 3 has an invalid length.
[  103.907153][ T6899] netlink: 96 bytes leftover after parsing attributes in process `syz.1.388'.
[  103.947719][ T6906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.392'.
[  104.133000][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  104.162303][ T6927] syz_tun: refused to change device tx_queue_len
[  104.166287][ T6927] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  104.285860][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  104.290492][   T10] usb 1-1: config 66 interface 0 altsetting 16 bulk endpoint 0x7 has invalid maxpacket 16
[  104.294859][   T10] usb 1-1: config 66 interface 0 has no altsetting 0
[  104.302072][   T10] usb 1-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95
[  104.305990][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.309196][   T10] usb 1-1: Product: syz
[  104.310909][   T10] usb 1-1: Manufacturer: syz
[  104.315475][   T10] usb 1-1: SerialNumber: syz
[  104.326583][ T6900] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  104.543399][   T10] ati_remote2 1-1:66.0: ati_remote2_probe(): interface 1 must have an endpoint
[  104.551989][   T10] usb 1-1: USB disconnect, device number 5
[  104.900084][ T6945] loop1: detected capacity change from 0 to 512
[  104.913197][ T6945] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  104.920925][ T6945] EXT4-fs (loop1): 1 truncate cleaned up
[  104.926569][ T6945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.939868][ T6945] EXT4-fs warning (device loop1): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  104.963591][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.009533][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.409'.
[  105.190876][ T6960] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.414'.
[  105.367100][ T6968] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.418'.
[  105.565112][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  105.781686][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  105.800289][   T24] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  105.830844][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  105.910035][   T24] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  105.924540][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.946356][   T24] usb 1-1: Product: syz
[  105.949312][   T24] usb 1-1: Manufacturer: syz
[  105.954494][   T24] usb 1-1: SerialNumber: syz
[  105.960232][   T24] usb 1-1: config 0 descriptor??
[  105.966255][ T6958] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  105.968943][ T6958] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  105.973872][   T24] usb 1-1: ucan: probing device on interface #0
[  106.598157][   T24] ucan 1-1:0.0 can0: registered device
[  106.786936][   T24] ucan 1-1:0.0 can0: firmware string: unknown
[  106.798702][   T24] usb 1-1: USB disconnect, device number 6
[  107.398109][ T6988] sch_fq: defrate 4294967295 ignored.
[  107.483039][ T6993] netem: change failed
[  107.501499][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  107.540933][ T6997] netlink: 36 bytes leftover after parsing attributes in process `syz.2.429'.
[  107.652852][   T10] usb 2-1: Using ep0 maxpacket: 8
[  107.660680][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  107.662995][ T7002] loop2: detected capacity change from 0 to 1024
[  107.670909][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  107.675359][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  107.685807][ T7002] hfsplus: invalid btree flag
[  107.689038][ T7002] hfsplus: failed to load catalog file
[  107.706767][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  107.711220][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  107.714954][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  107.744133][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 166
[  107.762771][   T10] usb 2-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  107.773925][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.790014][   T10] usb 2-1: Product: syz
[  107.791905][   T10] usb 2-1: Manufacturer: syz
[  107.793843][   T10] usb 2-1: SerialNumber: syz
[  107.806570][ T7007] syzkaller1: entered promiscuous mode
[  107.808767][ T7007] syzkaller1: entered allmulticast mode
[  107.815152][   T10] usb 2-1: config 0 descriptor??
[  107.818087][ T6983] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  107.821030][ T6983] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  107.839115][   T10] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  107.934466][ T7011] loop2: detected capacity change from 0 to 1024
[  108.000106][   T33] kauditd_printk_skb: 296 callbacks suppressed
[  108.000121][   T33] audit: type=1800 audit(1757318197.459:312): pid=7011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.436" name="file2" dev="loop2" ino=22 res=0 errno=0
[  108.052859][   T10] usb 2-1: USB disconnect, device number 6
[  108.081158][ T3537] hfsplus: b-tree write err: -5, ino 4
[  108.133096][ T7009] loop0: detected capacity change from 0 to 32768
[  108.139837][ T7009] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.435 (7009)
[  108.175776][ T7009] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  108.182069][ T7009] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  108.262725][ T7009] BTRFS info (device loop0): rebuilding free space tree
[  108.268654][ T7034] Zero length message leads to an empty skb
[  108.311154][ T7009] BTRFS info (device loop0): enabling ssd optimizations
[  108.314046][ T7009] BTRFS info (device loop0): using spread ssd allocation scheme
[  108.316955][ T7009] BTRFS info (device loop0): enabling free space tree
[  108.327194][ T7009] BTRFS info (device loop0): force clearing of disk cache
[  108.456111][ T5854] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  108.717770][ T7048] loop0: detected capacity change from 0 to 512
[  108.762113][ T7048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.773509][ T7048] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.797522][ T7048] fs-verity (loop0, inode 15): Unrecognized descriptor size: 0 bytes
[  108.835692][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.975419][ T7094] loop2: detected capacity change from 0 to 2048
[  110.015177][ T7094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.033828][   T33] audit: type=1804 audit(1757318199.549:313): pid=7094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.463" name="/newroot/150/file1/bus" dev="loop2" ino=18 res=1 errno=0
[  110.053848][ T7094] Invalid ELF header magic: != ELF
[  110.065057][   T33] audit: type=1800 audit(1757318199.549:314): pid=7094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.463" name="bus" dev="loop2" ino=18 res=0 errno=0
[  110.082146][ T7102] syz.0.466 uses obsolete (PF_INET,SOCK_PACKET)
[  110.088800][ T7102] syzkaller1: entered promiscuous mode
[  110.091627][ T7102] syzkaller1: entered allmulticast mode
[  110.096662][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.164343][ T7108] openvswitch: netlink: Missing valid actions attribute.
[  110.171583][ T7108] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  110.270776][ T7114] netlink: 64 bytes leftover after parsing attributes in process `syz.2.471'.
[  110.424900][ T7126] loop0: detected capacity change from 0 to 1024
[  110.640059][ T6278] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  110.646601][ T7140] loop2: detected capacity change from 0 to 256
[  110.658975][ T7140] exfat: Bad value for 'uid'
[  110.665291][ T7140] exfat: Bad value for 'uid'
[  110.741454][ T7146] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  110.801463][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  110.815345][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  110.828290][ T6278] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  110.840464][ T6278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.848356][ T6278] usb 2-1: Product: syz
[  110.850271][ T6278] usb 2-1: Manufacturer: syz
[  110.855517][ T6278] usb 2-1: SerialNumber: syz
[  110.862295][ T6278] usb 2-1: config 0 descriptor??
[  110.878723][ T6278] iguanair 2-1:0.0: probe with driver iguanair failed with error -12
[  111.133548][ T6278] usb 2-1: USB disconnect, device number 7
[  111.164999][ T7153] loop0: detected capacity change from 0 to 40427
[  111.524442][ T7153] F2FS-fs (loop0): invalid crc value
[  111.572910][ T7153] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.577067][ T7153] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  111.595557][   T33] audit: type=1804 audit(1757318201.151:315): pid=7153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.491" name="/newroot/179/file1/file1" dev="loop0" ino=10 res=1 errno=0
[  111.613932][ T5854] syz-executor: attempt to access beyond end of device
[  111.613932][ T5854] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.624957][ T5854] CPU: 0 UID: 0 PID: 5854 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  111.624992][ T5854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  111.625001][ T5854] Call Trace:
[  111.625006][ T5854]  <TASK>
[  111.625012][ T5854]  dump_stack_lvl+0x189/0x250
[  111.625037][ T5854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.625051][ T5854]  ? __pfx_queue_work_on+0x10/0x10
[  111.625064][ T5854]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  111.625080][ T5854]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  111.625106][ T5854]  f2fs_handle_critical_error+0x37c/0x540
[  111.625128][ T5854]  f2fs_write_end_io+0x886/0xb60
[  111.625153][ T5854]  __submit_merged_bio+0x27a/0x6a0
[  111.625173][ T5854]  __submit_merged_write_cond+0x255/0x530
[  111.625193][ T5854]  f2fs_write_data_pages+0x261d/0x3000
[  111.625221][ T5854]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.625251][ T5854]  ? __mod_zone_page_state+0xd7/0x140
[  111.625267][ T5854]  ? folios_put_refs+0x560/0x640
[  111.625281][ T5854]  ? __lock_acquire+0xab9/0xd20
[  111.625296][ T5854]  ? do_raw_spin_lock+0x121/0x290
[  111.625310][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[  111.625319][ T5854]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.625332][ T5854]  do_writepages+0x32e/0x550
[  111.625347][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[  111.625358][ T5854]  filemap_fdatawrite+0x199/0x240
[  111.625369][ T5854]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  111.625438][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[  111.625453][ T5854]  f2fs_sync_dirty_inodes+0x31f/0x830
[  111.625468][ T5854]  f2fs_write_checkpoint+0x95a/0x1df0
[  111.625486][ T5854]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  111.625514][ T5854]  ? kill_f2fs_super+0x298/0x6c0
[  111.625524][ T5854]  kill_f2fs_super+0x2c3/0x6c0
[  111.625535][ T5854]  ? __pfx_kill_f2fs_super+0x10/0x10
[  111.625541][ T5854]  ? radix_tree_delete_item+0x2b6/0x400
[  111.625555][ T5854]  ? shrinker_free+0x2ce/0x3e0
[  111.625565][ T5854]  deactivate_locked_super+0xbc/0x130
[  111.625575][ T5854]  cleanup_mnt+0x425/0x4c0
[  111.625584][ T5854]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.625597][ T5854]  task_work_run+0x1d4/0x260
[  111.625613][ T5854]  ? __pfx_task_work_run+0x10/0x10
[  111.625622][ T5854]  ? __x64_sys_umount+0x122/0x160
[  111.625634][ T5854]  ? exit_to_user_mode_loop+0x40/0x110
[  111.625648][ T5854]  exit_to_user_mode_loop+0xec/0x110
[  111.625659][ T5854]  do_syscall_64+0x2bd/0x3b0
[  111.625665][ T5854]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.625675][ T5854]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.625683][ T5854]  ? exc_page_fault+0x9f/0xf0
[  111.625694][ T5854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.625701][ T5854] RIP: 0033:0x7fd1bb18ff17
[  111.625710][ T5854] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  111.625718][ T5854] RSP: 002b:00007ffe8f82fe88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  111.625727][ T5854] RAX: 0000000000000000 RBX: 00007fd1bb211c05 RCX: 00007fd1bb18ff17
[  111.625732][ T5854] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8f82ff40
[  111.625736][ T5854] RBP: 00007ffe8f82ff40 R08: 000000000000c088 R09: 0000000000000000
[  111.625741][ T5854] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8f830fd0
[  111.625745][ T5854] R13: 00007fd1bb211c05 R14: 000000000001b3f8 R15: 00007ffe8f831010
[  111.625758][ T5854]  </TASK>
[  111.625762][ T5854] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  112.207733][ T7184] loop0: detected capacity change from 0 to 2048
[  112.219080][ T7184] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  112.249595][ T6278] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  112.259760][ T5880] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  112.405575][ T5880] usb 2-1: Using ep0 maxpacket: 16
[  112.409158][ T5880] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.412315][ T5880] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  112.415634][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  112.421966][ T5880] usb 2-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  112.425443][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.427177][ T6278] usb 3-1: Using ep0 maxpacket: 32
[  112.428018][ T5880] usb 2-1: Product: syz
[  112.431194][ T5880] usb 2-1: Manufacturer: syz
[  112.432919][ T5880] usb 2-1: SerialNumber: syz
[  112.437067][ T6278] usb 3-1: config 2 has an invalid interface number: 20 but max is 0
[  112.440070][ T6278] usb 3-1: config 2 has no interface number 0
[  112.442474][ T6278] usb 3-1: config 2 interface 20 altsetting 3 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  112.447652][ T5880] usb 2-1: config 0 descriptor??
[  112.454795][ T6278] usb 3-1: config 2 interface 20 has no altsetting 0
[  112.459436][ T5880] gspca_main: STV06xx-2.14.0 probing 046d:08f0
[  112.461440][ T6278] usb 3-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=60.93
[  112.461552][ T5880] gspca_stv06xx: st6422 sensor detected
[  112.472609][ T6278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.684535][ T6278] usb 3-1: string descriptor 0 read error: -71
[  112.694661][ T6278] usb 3-1: USB disconnect, device number 9
[  112.718892][ T5880] STV06xx 2-1:0.0: probe with driver STV06xx failed with error -71
[  112.726674][ T5880] usb 2-1: USB disconnect, device number 8
[  112.729425][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  112.886498][   T10] usb 1-1: descriptor type invalid, skip
[  112.890219][   T10] usb 1-1: config 0 has no interfaces?
[  112.894905][   T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=df.40
[  112.898741][   T10] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  112.902252][   T10] usb 1-1: Product: syz
[  112.904329][   T10] usb 1-1: SerialNumber: syz
[  112.909052][   T10] usb 1-1: config 0 descriptor??
[  113.119942][   T24] usb 1-1: USB disconnect, device number 7
[  113.238504][ T7200] netlink: 8 bytes leftover after parsing attributes in process `syz.1.511'.
[  113.387512][ T7213] netlink: 'syz.2.517': attribute type 4 has an invalid length.
[  113.474385][ T7217] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  113.528633][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.520'.
[  113.589712][ T7221] loop2: detected capacity change from 0 to 512
[  113.604996][ T7221] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  113.609222][   T10] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  113.775645][   T10] usb 2-1: Using ep0 maxpacket: 8
[  113.782934][   T10] usb 2-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=54.48
[  113.789427][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.802739][   T10] usb 2-1: config 0 descriptor??
[  113.838109][ T7231] syz_tun: tun_net_xmit 1514
[  113.839732][ T7231] syz_tun: tun_net_xmit 1514
[  113.841078][ T7231] syz_tun: tun_net_xmit 1514
[  113.853431][ T7231] syz_tun: tun_net_xmit 1514
[  113.856335][ T7231] syz_tun: tun_net_xmit 1514
[  113.857951][ T7231] syz_tun: tun_net_xmit 834
[  113.973382][ T7237] loop0: detected capacity change from 0 to 8192
[  113.986049][ T7237] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  114.002374][ T7237] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  114.006778][ T7237] FAT-fs (loop0): Filesystem has been set read-only
[  114.030332][   T24] usb 2-1: USB disconnect, device number 9
[  114.035185][ T5854] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  114.317787][ T7246] loop0: detected capacity change from 0 to 32768
[  114.321959][ T7246] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section replicas: no devices in entry need_discard: 0/0 []
[  114.321959][ T7246] replicas (size 40):
[  114.321959][ T7246] need_discard: 0/0 []
[  114.321959][ T7246] 
[  114.331416][ T7246] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  114.672038][ T7258] netlink: 60 bytes leftover after parsing attributes in process `syz.0.538'.
[  114.677109][ T7258] unsupported nlmsg_type 40
[  114.807362][ T7262] loop0: detected capacity change from 0 to 4096
[  115.026245][ T7274] loop2: detected capacity change from 0 to 16
[  115.032804][ T7274] erofs (device loop2): mounted with root inode @ nid 36.
[  115.051020][ T7276] loop0: detected capacity change from 0 to 1024
[  115.072468][ T7276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.082393][ T7276] EXT4-fs (loop0): shut down requested (1)
[  115.122930][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.176956][   T33] audit: type=1326 audit(1757318204.811:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.203778][   T33] audit: type=1326 audit(1757318204.811:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.217776][   T33] audit: type=1326 audit(1757318204.832:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.232393][   T33] audit: type=1326 audit(1757318204.832:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.245270][   T33] audit: type=1326 audit(1757318204.832:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.255766][   T33] audit: type=1326 audit(1757318204.842:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.263559][   T33] audit: type=1326 audit(1757318204.842:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.270692][   T33] audit: type=1326 audit(1757318204.842:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.279990][   T33] audit: type=1326 audit(1757318204.842:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.292529][   T33] audit: type=1326 audit(1757318204.842:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz.0.549" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1bb18ebe9 code=0x7ffc0000
[  115.309698][ T7289] loop0: detected capacity change from 0 to 256
[  115.419856][ T6278] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  115.554635][ T7297] netlink: 'syz.1.555': attribute type 32 has an invalid length.
[  115.612781][ T6278] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.619167][ T6278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  115.632154][ T6278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  115.643904][ T6278] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  115.655343][ T6278] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  115.658761][ T6278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.682569][ T6278] usb 3-1: config 0 descriptor??
[  115.733216][ T7311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.563'.
[  115.737115][ T7311] nbd: socks must be embedded in a SOCK_ITEM attr
[  115.886878][ T2331] usb 3-1: USB disconnect, device number 10
[  115.940171][ T6278] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  116.008716][   T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  116.106697][ T6278] usb 2-1: Using ep0 maxpacket: 32
[  116.110183][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.114191][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.117790][ T6278] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  116.121358][ T6278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.126807][ T6278] usb 2-1: config 0 descriptor??
[  116.187528][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.191569][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  116.198690][   T24] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  116.201948][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  116.204459][   T24] usb 1-1: SerialNumber: syz
[  116.420868][   T24] usb 1-1: 0:2 : does not exist
[  116.422622][   T24] usb 1-1: unit 5: unexpected type 0x0a
[  116.433799][   T24] usb 1-1: USB disconnect, device number 8
[  116.458540][ T6152] udevd[6152]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  116.839627][ T6278] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0
[  116.848614][ T6278] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0
[  116.854717][ T6278] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0
[  116.857676][ T6278] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0
[  116.860584][ T6278] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0
[  116.871754][ T6278] koneplus 0003:1E7D:2D51.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0
[  117.080869][ T6278] usb 2-1: USB disconnect, device number 10
[  117.469515][ T7328] loop2: detected capacity change from 0 to 1024
[  117.502396][ T7328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.507128][ T7328] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.522622][ T7328] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.570: bg 0: block 480: padding at end of block bitmap is not set
[  117.533277][ T7328] EXT4-fs (loop2): Remounting filesystem read-only
[  117.545768][ T7320] loop0: detected capacity change from 0 to 32768
[  117.565839][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.578617][ T7320] (syz.0.567,7320,0):ocfs2_read_blocks:239 ERROR: status = -12
[  117.582647][ T7320] (syz.0.567,7320,0):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  117.595110][ T7320] (syz.0.567,7320,0):ocfs2_read_dir_block:511 ERROR: status = -12
[  117.598049][ T7320] (syz.0.567,7320,0):ocfs2_read_blocks:239 ERROR: status = -12
[  117.610082][ T7320] (syz.0.567,7320,0):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  117.622120][ T7320] (syz.0.567,7320,0):ocfs2_read_dir_block:511 ERROR: status = -12
[  117.625085][ T7320] (syz.0.567,7320,0):ocfs2_read_blocks:239 ERROR: status = -12
[  117.627819][ T7320] (syz.0.567,7320,0):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  117.651884][ T7320] (syz.0.567,7320,1):ocfs2_read_dir_block:511 ERROR: status = -12
[  117.655174][ T7320] (syz.0.567,7320,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  117.658430][ T7320] (syz.0.567,7320,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs?
[  117.658454][ T7320] (syz.0.567,7320,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  117.674807][ T7320] (syz.0.567,7320,1):ocfs2_initialize_super:2198 ERROR: status = -22
[  117.680022][ T7320] (syz.0.567,7320,1):ocfs2_fill_super:1177 ERROR: status = -22
[  117.812488][ T7340] netlink: 68 bytes leftover after parsing attributes in process `syz.2.575'.
[  117.901102][ T7343] loop1: detected capacity change from 0 to 1024
[  117.938693][ T7343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  117.943260][ T7343] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.990058][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  118.034531][ T7350] netlink: 'syz.2.579': attribute type 1 has an invalid length.
[  118.037028][ T7350] netlink: 224 bytes leftover after parsing attributes in process `syz.2.579'.
[  118.085990][ T7355] loop0: detected capacity change from 0 to 1024
[  118.213986][ T7358] loop2: detected capacity change from 0 to 2048
[  118.220929][ T7358] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  118.223343][ T7358] UDF-fs: Scanning with blocksize 512 failed
[  118.231342][ T7358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.430972][ T7367] loop1: detected capacity change from 0 to 1024
[  118.448710][ T7367] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  118.463812][ T7367] EXT4-fs (loop1): group descriptors corrupted!
[  118.840574][ T7374] Illegal XDP return value 78 on prog  (id 39) dev syz_tun, expect packet loss!
[  118.992118][   T68] hfsplus: b-tree write err: -5, ino 4
[  119.087882][ T7382] nbd: nbd0 already in use
[  119.172332][ T7387] loop0: detected capacity change from 0 to 64
[  119.191189][ T7387] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  119.439001][ T7392] loop0: detected capacity change from 0 to 4096
[  119.447863][ T7392] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  119.476537][ T7392] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  119.486614][ T7392] ntfs3(loop0): ino=19, mi_enum_attr
[  119.787702][ T7390] loop2: detected capacity change from 0 to 32768
[  119.790950][ T7390] btrfs: Deprecated parameter 'usebackuproot'
[  119.793219][ T7390] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  119.799976][ T7390] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.596 (7390)
[  119.826176][ T7390] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  119.833465][ T7390] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  119.918485][ T7390] BTRFS info (device loop2): rebuilding free space tree
[  119.958173][ T7390] BTRFS info (device loop2): allowing degraded mounts
[  119.960795][ T7390] BTRFS info (device loop2): enabling ssd optimizations
[  119.972604][ T7390] BTRFS info (device loop2): turning on flush-on-commit
[  119.982906][ T7390] BTRFS info (device loop2): enabling free space tree
[  119.985564][ T7390] BTRFS info (device loop2): force clearing of disk cache
[  120.022056][ T7390] BTRFS info (device loop2): trying to use backup root at mount time
[  120.030496][ T7390] BTRFS info (device loop2): use zstd compression, level 3
[  120.235526][ T5848] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  121.619306][   T10] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  121.642457][ T7448] loop0: detected capacity change from 0 to 8192
[  121.669956][ T6152]  loop0: p1 < > p3 < > p4 < >
[  121.671512][ T6152] loop0: partition table partially beyond EOD, truncated
[  121.684695][ T6152] loop0: p3 start 327168 is beyond EOD, truncated
[  121.708233][ T7448]  loop0: p1 < > p3 < > p4 < >
[  121.709817][ T7448] loop0: partition table partially beyond EOD, truncated
[  121.716587][ T7448] loop0: p3 start 327168 is beyond EOD, truncated
[  121.737762][ T5880] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  121.767202][   T10] usb 2-1: Using ep0 maxpacket: 16
[  121.770355][   T10] usb 2-1: config 0 has an invalid interface number: 120 but max is 0
[  121.772920][   T10] usb 2-1: config 0 has no interface number 0
[  121.787620][   T10] usb 2-1: New USB device found, idVendor=1b71, idProduct=3002, bcdDevice=e5.9f
[  121.790352][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.792790][   T10] usb 2-1: Product: syz
[  121.802146][   T10] usb 2-1: Manufacturer: syz
[  121.803656][   T10] usb 2-1: SerialNumber: syz
[  121.808593][   T10] usb 2-1: config 0 descriptor??
[  121.887510][ T5880] usb 1-1: config 0 has an invalid interface number: 123 but max is 0
[  121.891653][ T5880] usb 1-1: config 0 has an invalid descriptor of length 178, skipping remainder of the config
[  121.894985][ T5880] usb 1-1: config 0 has no interface number 0
[  121.899555][ T5880] usb 1-1: New USB device found, idVendor=20df, idProduct=0001, bcdDevice=97.6d
[  121.902448][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.904931][ T5880] usb 1-1: Product: syz
[  121.907377][ T5880] usb 1-1: Manufacturer: syz
[  121.908913][ T5880] usb 1-1: SerialNumber: syz
[  121.913980][ T5880] usb 1-1: config 0 descriptor??
[  121.918234][ T5880] cdc_acm 1-1:0.123: skipping garbage
[  121.920334][ T5880] cdc_acm 1-1:0.123: skipping garbage
[  122.012406][ T2331] usb 2-1: USB disconnect, device number 11
[  122.118092][ T6278] usb 1-1: USB disconnect, device number 9
[  122.543684][ T7458] bridge: RTM_NEWNEIGH with invalid state 0x0
[  122.713550][ T7468] loop0: detected capacity change from 0 to 256
[  122.730954][ T7468] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  122.747710][ T7468] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  122.752052][ T7468] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  122.756992][ T7468] UDF-fs: Scanning with blocksize 512 failed
[  122.761828][ T7468] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  122.768290][ T7468] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  122.814536][ T5880] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  122.858014][ T7466] loop2: detected capacity change from 0 to 40427
[  122.868368][ T7466] F2FS-fs (loop2): Image doesn't support compression
[  122.870511][ T7466] F2FS-fs (loop2): build fault injection rate: 690
[  122.887425][ T7466] F2FS-fs (loop2): invalid crc value
[  122.944845][ T7466] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  122.950684][ T7466] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  122.965487][ T5880] usb 2-1: Using ep0 maxpacket: 8
[  122.968788][ T7466] syz.2.621: attempt to access beyond end of device
[  122.968788][ T7466] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  122.985840][ T5880] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  122.989345][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.017883][ T5880] pvrusb2: Hardware description: Terratec Grabster AV400
[  123.020612][ T5880] pvrusb2: **********
[  123.033175][ T5880] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  123.039094][ T5848] syz-executor: attempt to access beyond end of device
[  123.039094][ T5848] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  123.040723][ T5880] pvrusb2: Important functionality might not be entirely working.
[  123.050154][ T5880] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  123.055497][ T5880] pvrusb2: **********
[  123.056216][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.056233][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.056241][ T5848] Call Trace:
[  123.056246][ T5848]  <TASK>
[  123.056252][ T5848]  dump_stack_lvl+0x189/0x250
[  123.056275][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.056291][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  123.056304][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.056322][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.056349][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  123.056374][ T5848]  f2fs_write_end_io+0x886/0xb60
[  123.056401][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  123.056424][ T5848]  __submit_merged_write_cond+0x255/0x530
[  123.056479][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  123.056525][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.056554][ T5848]  ? arch_stack_walk+0xfc/0x150
[  123.056592][ T5848]  ? __mod_zone_page_state+0xd7/0x140
[  123.056618][ T5848]  ? folios_put_refs+0x560/0x640
[  123.056641][ T5848]  ? __pfx_folios_put_refs+0x10/0x10
[  123.056653][ T5848]  ? rcu_is_watching+0x15/0xb0
[  123.056673][ T5848]  ? __lock_acquire+0xab9/0xd20
[  123.056705][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.056725][ T5848]  do_writepages+0x32e/0x550
[  123.056751][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  123.056771][ T5848]  filemap_fdatawrite+0x199/0x240
[  123.056788][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  123.056842][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  123.056861][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  123.056887][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  123.056924][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  123.056974][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  123.056991][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  123.057010][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  123.057020][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  123.057045][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  123.057062][ T5848]  deactivate_locked_super+0xbc/0x130
[  123.057079][ T5848]  cleanup_mnt+0x425/0x4c0
[  123.057094][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.057114][ T5848]  task_work_run+0x1d4/0x260
[  123.057134][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  123.057149][ T5848]  ? __x64_sys_umount+0x122/0x160
[  123.057170][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  123.057192][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  123.057210][ T5848]  do_syscall_64+0x2bd/0x3b0
[  123.057221][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.057239][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.057252][ T5848]  ? exc_page_fault+0x9f/0xf0
[  123.057272][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.057284][ T5848] RIP: 0033:0x7ff45138ff17
[  123.057297][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  123.057308][ T5848] RSP: 002b:00007fff6f602a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  123.057322][ T5848] RAX: 0000000000000000 RBX: 00007ff451411c05 RCX: 00007ff45138ff17
[  123.057330][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff6f602ad0
[  123.057338][ T5848] RBP: 00007fff6f602ad0 R08: 0000000000000000 R09: 0000000000000000
[  123.057346][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff6f603b60
[  123.057354][ T5848] R13: 00007ff451411c05 R14: 000000000001e14c R15: 00007fff6f603ba0
[  123.057376][ T5848]  </TASK>
[  123.057382][ T5848] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  123.217957][ T2398] pvrusb2: Invalid write control endpoint
[  123.277911][ T2398] pvrusb2: Invalid write control endpoint
[  123.282346][ T2398] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  123.286965][ T2398] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  123.293692][ T2398] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  123.297682][ T2398] pvrusb2: Device being rendered inoperable
[  123.304017][ T2398] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  123.306994][ T2398] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  123.319629][ T2398] pvrusb2: Attached sub-driver cx25840
[  123.325104][ T2398] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  123.330150][ T2398] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  123.419980][ T5880] usb 2-1: USB disconnect, device number 12
[  123.841690][ T6278] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  123.992043][ T6278] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  123.995223][ T6278] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  123.998589][ T6278] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  124.010627][ T6278] usb 3-1: config 220 has no interface number 2
[  124.013205][ T6278] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  124.028502][ T6278] usb 3-1: config 220 interface 0 has no altsetting 0
[  124.035116][ T6278] usb 3-1: config 220 interface 76 has no altsetting 0
[  124.037791][ T6278] usb 3-1: config 220 interface 1 has no altsetting 0
[  124.055037][ T6278] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  124.058550][ T6278] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.069743][ T6278] usb 3-1: Product: syz
[  124.071425][ T6278] usb 3-1: Manufacturer: syz
[  124.073171][ T6278] usb 3-1: SerialNumber: syz
[  124.226540][ T7493] loop0: detected capacity change from 0 to 32768
[  124.242021][ T7493] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  124.264157][ T7493] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  124.296020][ T5878] (kworker/u8:3,5878,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  124.319672][ T6278] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  124.322137][ T6278] usb 3-1: No valid video chain found.
[  124.324283][ T6278] usb 3-1: selecting invalid altsetting 0
[  124.343118][ T6278] usb 3-1: selecting invalid altsetting 0
[  124.345076][ T6278] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  124.350726][ T6278] usb 3-1: USB disconnect, device number 11
[  124.398899][ T5854] ocfs2: Unmounting device (7,0) on (node local)
[  124.529482][ T7499] loop1: detected capacity change from 0 to 40427
[  124.543060][ T7499] F2FS-fs (loop1): build fault injection rate: 771
[  124.549791][ T7499] F2FS-fs (loop1): invalid crc value
[  124.609628][ T7499] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.615233][ T7499] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  124.641858][ T7499] syz.1.635: attempt to access beyond end of device
[  124.641858][ T7499] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  124.666815][ T5852] syz-executor: attempt to access beyond end of device
[  124.666815][ T5852] loop1: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  124.673335][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  124.673355][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  124.673364][ T5852] Call Trace:
[  124.673370][ T5852]  <TASK>
[  124.673377][ T5852]  dump_stack_lvl+0x189/0x250
[  124.673403][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.673420][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  124.673434][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  124.673452][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  124.673481][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  124.673507][ T5852]  f2fs_write_end_io+0x886/0xb60
[  124.673538][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  124.673562][ T5852]  __submit_merged_write_cond+0x255/0x530
[  124.673606][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  124.673657][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.673689][ T5852]  ? kernel_text_address+0xa5/0xe0
[  124.673735][ T5852]  ? stack_depot_save_flags+0x40/0x860
[  124.673776][ T5852]  ? cleanup_mnt+0x425/0x4c0
[  124.673790][ T5852]  ? task_work_run+0x1d4/0x260
[  124.673804][ T5852]  ? exit_to_user_mode_loop+0xec/0x110
[  124.673829][ T5852]  ? __lock_acquire+0xab9/0xd20
[  124.673858][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.673877][ T5852]  do_writepages+0x32e/0x550
[  124.673900][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  124.673916][ T5852]  filemap_fdatawrite+0x199/0x240
[  124.673932][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  124.674005][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  124.674027][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  124.674050][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  124.674084][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  124.674130][ T5852]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  124.674141][ T5852]  ? kfree+0x18e/0x440
[  124.674156][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  124.674172][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  124.674190][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  124.674201][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  124.674223][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  124.674239][ T5852]  deactivate_locked_super+0xbc/0x130
[  124.674257][ T5852]  cleanup_mnt+0x425/0x4c0
[  124.674271][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.674318][ T5852]  task_work_run+0x1d4/0x260
[  124.674340][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  124.674355][ T5852]  ? __x64_sys_umount+0x122/0x160
[  124.674377][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  124.674399][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  124.674418][ T5852]  do_syscall_64+0x2bd/0x3b0
[  124.674429][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.674446][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.674458][ T5852]  ? exc_page_fault+0x9f/0xf0
[  124.674477][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.674488][ T5852] RIP: 0033:0x7fc20838ff17
[  124.674501][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  124.674511][ T5852] RSP: 002b:00007fffcd8c6258 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  124.674524][ T5852] RAX: 0000000000000000 RBX: 00007fc208411c05 RCX: 00007fc20838ff17
[  124.674533][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffcd8c6310
[  124.674540][ T5852] RBP: 00007fffcd8c6310 R08: 0000000000000000 R09: 0000000000000000
[  124.674547][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffcd8c73a0
[  124.674555][ T5852] R13: 00007fc208411c05 R14: 000000000001e7d2 R15: 00007fffcd8c73e0
[  124.674578][ T5852]  </TASK>
[  124.676385][ T5852] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  125.137428][ T6278] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  125.295453][ T6278] usb 3-1: Using ep0 maxpacket: 8
[  125.299419][ T6278] usb 3-1: config 5 has an invalid interface number: 22 but max is 0
[  125.302298][ T6278] usb 3-1: config 5 has no interface number 0
[  125.304451][ T6278] usb 3-1: config 5 interface 22 altsetting 25 endpoint 0x6 has invalid wMaxPacketSize 0
[  125.308790][ T6278] usb 3-1: config 5 interface 22 has no altsetting 0
[  125.313258][ T6278] usb 3-1: New USB device found, idVendor=0bfd, idProduct=010d, bcdDevice=ba.fa
[  125.316421][ T6278] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.319101][ T6278] usb 3-1: Product: syz
[  125.320487][ T6278] usb 3-1: Manufacturer: syz
[  125.321974][ T6278] usb 3-1: SerialNumber: syz
[  125.384527][   T48] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  125.533719][ T6278] kvaser_usb 3-1:5.22: error -ENODEV: Cannot get usb endpoint(s)
[  125.537060][ T6278] rndis_host 3-1:5.22: skipping garbage
[  125.539083][   T48] usb 2-1: Using ep0 maxpacket: 8
[  125.549905][ T6278] usb 3-1: bad CDC descriptors
[  125.554139][   T48] usb 2-1: config 162 has an invalid interface number: 97 but max is 0
[  125.556922][   T48] usb 2-1: config 162 has no interface number 0
[  125.559412][   T48] usb 2-1: config 162 interface 97 has no altsetting 0
[  125.581113][   T48] usb 2-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[  125.593594][ T7521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.642'.
[  125.623064][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.639114][   T48] usb 2-1: Product: syz
[  125.645690][   T48] usb 2-1: Manufacturer: syz
[  125.650963][   T48] usb 2-1: SerialNumber: syz
[  125.660224][ T6278] usb 3-1: USB disconnect, device number 12
[  125.975800][   T48] metro_usb 2-1:162.97: interrupt-out endpoint missing
[  125.983267][   T48] usb 2-1: USB disconnect, device number 13
[  126.417546][ T7526] loop0: detected capacity change from 0 to 32768
[  126.433743][ T7526] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  126.457126][ T5854] ocfs2: Unmounting device (7,0) on (node local)
[  126.513424][   T48] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  126.642269][   T48] usb 3-1: device descriptor read/64, error -71
[  126.776193][ T7547] netlink: 48 bytes leftover after parsing attributes in process `syz.1.653'.
[  126.879648][   T48] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  127.008487][   T48] usb 3-1: device descriptor read/64, error -71
[  127.102476][ T7559] loop1: detected capacity change from 0 to 8
[  127.108832][ T7559] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  127.121682][   T48] usb usb3-port1: attempt power cycle
[  127.454416][   T48] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  127.475345][   T48] usb 3-1: device descriptor read/8, error -71
[  127.731936][   T48] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  127.775644][   T48] usb 3-1: device descriptor read/8, error -71
[  127.900735][   T48] usb usb3-port1: unable to enumerate USB device
[  128.039068][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  128.216356][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.223408][    T9] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  128.229114][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.236342][    T9] usb 1-1: config 0 descriptor??
[  128.504956][   T48] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  128.633757][   T48] usb 2-1: device descriptor read/64, error -71
[  128.736572][    T9] lua 0003:1E7D:2C2E.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.0-1/input0
[  128.891517][   T48] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  128.937237][    T9] usb 1-1: USB disconnect, device number 10
[  129.033475][   T48] usb 2-1: device descriptor read/64, error -71
[  129.143147][   T48] usb usb2-port1: attempt power cycle
[  129.425302][ T7576] dlm: no local IP address has been set
[  129.431627][ T7576] dlm: cannot start dlm midcomms -107
[  129.495252][   T48] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  129.527107][   T48] usb 2-1: device descriptor read/8, error -71
[  129.533100][ T7582] capability: warning: `syz.2.669' uses deprecated v2 capabilities in a way that may be insecure
[  129.630553][ T7588] netlink: 'syz.0.672': attribute type 6 has an invalid length.
[  129.687519][ T7593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.675'.
[  129.732028][ T7596] netlink: 48 bytes leftover after parsing attributes in process `syz.2.676'.
[  129.785877][   T48] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  129.815426][   T48] usb 2-1: device descriptor read/8, error -71
[  129.855965][ T7600] Invalid ELF header len 1
[  129.934313][   T48] usb usb2-port1: unable to enumerate USB device
[  129.974565][ T7604] netlink: 'syz.2.679': attribute type 4 has an invalid length.
[  130.118849][ T7610] tipc: Failed to remove unknown binding: 66,1,1/0:249351059/249351061
[  130.569060][ T7623] loop2: detected capacity change from 0 to 32768
[  130.583078][ T7623] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.688 (7623)
[  130.603124][ T7623] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  130.617748][ T7623] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  130.620536][ T7623] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  130.714322][ T7650] loop0: detected capacity change from 0 to 256
[  130.720664][ T7623] BTRFS info (device loop2): rebuilding free space tree
[  130.732739][ T7623] BTRFS info (device loop2): disabling free space tree
[  130.735707][ T7623] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  130.741018][ T7623] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  130.753939][ T7623] BTRFS info (device loop2): setting nodatasum
[  130.756104][ T7623] BTRFS info (device loop2): setting nodatacow
[  130.758637][ T7623] BTRFS info (device loop2): enabling ssd optimizations
[  130.761641][ T7623] BTRFS info (device loop2): turning off barriers
[  130.768606][ T7623] BTRFS info (device loop2): turning on flush-on-commit
[  130.771947][ T7623] BTRFS info (device loop2): enabling disk space caching
[  130.774158][ T7623] BTRFS info (device loop2): force clearing of disk cache
[  130.777673][ T7623] BTRFS info (device loop2): doing ref verification
[  130.779926][ T7623] BTRFS info (device loop2): max_inline set to 4096
[  130.860655][ T5848] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  130.990954][ T7658] loop0: detected capacity change from 0 to 1024
[  131.221045][ T7660] loop2: detected capacity change from 0 to 32768
[  131.284885][ T6152]  loop2: p9 p11 p16
[  131.302023][ T7660]  loop2: p9 p11 p16
[  131.343292][ T7669] netlink: 48 bytes leftover after parsing attributes in process `syz.1.702'.
[  131.346946][ T7669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.702'.
[  131.355896][ T7669] netlink: 8 bytes leftover after parsing attributes in process `syz.1.702'.
[  131.427397][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop2p11, 10) failed: No such file or directory
[  131.433358][ T6152] udevd[6152]: inotify_add_watch(7, /dev/loop2p9, 10) failed: No such file or directory
[  131.448870][ T7012] udevd[7012]: inotify_add_watch(7, /dev/loop2p16, 10) failed: No such file or directory
[  131.466642][ T7012] udevd[7012]: inotify_add_watch(7, /dev/loop2p16, 10) failed: No such file or directory
[  131.472983][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop2p11, 10) failed: No such file or directory
[  131.477089][ T6152] udevd[6152]: inotify_add_watch(7, /dev/loop2p9, 10) failed: No such file or directory
[  131.503313][  T792] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  132.020280][  T792] usb 1-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  132.032463][  T792] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  132.039135][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.042717][  T792] usb 1-1: Product: syz
[  132.044423][  T792] usb 1-1: Manufacturer: syz
[  132.046234][  T792] usb 1-1: SerialNumber: syz
[  132.209965][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.212420][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  132.329321][  T792] comedi comedi5: Wrong number of endpoints
[  132.331529][  T792] ni6501 1-1:5.0: driver 'ni6501' failed to auto-configure device.
[  132.355493][  T792] usb 1-1: USB disconnect, device number 11
[  132.627838][ T7694] loop1: detected capacity change from 0 to 16384
[  132.642704][ T7687] loop2: detected capacity change from 0 to 32768
[  132.684017][ T7687] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  132.744548][ T7687] XFS (loop2): Ending clean mount
[  132.751126][ T7694] bcachefs (loop1): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=none,data_checksum=none,prjquota,degraded=yes,norecovery,version_upgrade=incompatible
[  132.751140][ T7694]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  132.755781][ T7687] XFS (loop2): Quotacheck needed: Please wait.
[  132.758211][ T7694] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  132.768005][ T7694] bcachefs (loop1): recovering from clean shutdown, journal seq 18
[  132.771033][ T7694] bcachefs (loop1): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  132.771033][ T7694]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  132.783130][ T7694] bcachefs (loop1): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 1.13: inode_has_child_snapshots
[  132.783130][ T7694] 
[  132.803068][ T7687] XFS (loop2): Quotacheck: Done.
[  132.832663][ T7694] bcachefs (loop1): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[  132.848578][ T7694] bcachefs (loop1): check_topology... done
[  132.868508][ T7694] bcachefs (loop1): accounting_read... done
[  132.876393][ T7694] bcachefs (loop1): alloc_read... done
[  132.885760][ T7694] bcachefs (loop1): snapshots_read... done
[  132.888761][ T7694] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  132.896361][ T7711] F2FS-fs: Conflicting test_dummy_encryption options
[  132.910337][ T7694] bcachefs (loop1): reading quotas
[  132.939204][ T7694] bcachefs (loop1): quotas done
[  132.946012][ T7694] bcachefs (loop1): done starting filesystem
[  132.962444][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  133.028728][ T5852] bcachefs (loop1): shutting down
[  133.114512][ T5852] bcachefs (loop1): shutdown complete
[  133.171028][ T7717] netlink: 384 bytes leftover after parsing attributes in process `syz.0.719'.
[  133.310416][ T7726] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  134.258268][ T7738] loop0: detected capacity change from 0 to 4096
[  135.087394][ T7748] loop1: detected capacity change from 0 to 1024
[  135.104497][ T7748] EXT4-fs: inline encryption not supported
[  135.121812][ T7748] EXT4-fs: Mount option(s) incompatible with ext3
[  135.553295][ T7777] loop0: detected capacity change from 0 to 2048
[  135.591237][ T7780] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.602980][ T7777] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5
[  135.613144][ T7777] Remounting filesystem read-only
[  135.695965][ T7784] pim6reg1: entered promiscuous mode
[  135.698147][ T7784] pim6reg1: entered allmulticast mode
[  135.979687][ T7792] netlink: 32 bytes leftover after parsing attributes in process `syz.1.752'.
[  136.001618][ T7792] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  136.238287][ T7786] loop2: detected capacity change from 0 to 40427
[  136.262015][ T7786] F2FS-fs (loop2): Image doesn't support compression
[  136.264231][ T7786] F2FS-fs (loop2): LFS is not compatible with ATGC
[  136.536417][ T7804] loop1: detected capacity change from 0 to 32768
[  136.549868][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  136.579363][ T7804] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  136.613043][ T7804] XFS (loop1): Ending clean mount
[  136.623972][ T7804] XFS (loop1): Quotacheck needed: Please wait.
[  136.650479][ T7826] loop2: detected capacity change from 0 to 4096
[  136.652095][ T7804] XFS (loop1): Quotacheck: Done.
[  136.700312][    T9] usb 1-1: Using ep0 maxpacket: 16
[  136.704908][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  136.723110][    T9] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  136.726775][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.739213][    T9] usb 1-1: Product: syz
[  136.740958][    T9] usb 1-1: Manufacturer: syz
[  136.742859][    T9] usb 1-1: SerialNumber: syz
[  136.752936][    T9] usb 1-1: config 0 descriptor??
[  136.763487][    T9] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  136.776883][    T9] usb 1-1: Detected FT232R
[  136.777429][ T7828] trusted_key: encrypted_key: master key parameter 'C' is invalid
[  136.779198][ T5852] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  136.981954][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  137.070843][ T7832] loop1: detected capacity change from 0 to 1024
[  137.120519][ T7830] loop2: detected capacity change from 0 to 32768
[  137.137136][   T26] hfsplus: b-tree write err: -5, ino 4
[  137.149572][ T7830] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.204873][    T9] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  137.211129][ T7830] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  137.233892][ T7830] XFS (loop2): Starting recovery (logdev: internal)
[  137.262498][ T7830] XFS (loop2): Ending recovery (logdev: internal)
[  137.314070][ T5848] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.426638][    T9] usb 1-1: USB disconnect, device number 12
[  137.450623][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  137.454576][    T9] ftdi_sio 1-1:0.0: device disconnected
[  137.630996][ T7844] loop1: detected capacity change from 0 to 32768
[  137.639562][ T7844] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.770 (7844)
[  137.818834][ T7844] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.826410][ T7844] BTRFS info (device loop1 state S): using crc32c (crc32c-lib) checksum algorithm
[  137.918830][ T7856] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  137.925860][ T7856] Error validating options; rc = [-22]
[  138.090803][   T27] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  138.099481][   T68] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[  138.106014][   T27] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  138.113938][   T68] BTRFS warning (device loop1 state S): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x0bc7de37 level 0, ignored
[  138.125901][ T7844] BTRFS error (device loop1 state S): logical 6881280 len 1638400 found bg but no related chunk
[  138.133286][ T7844] BTRFS info (device loop1 state S): enabling ssd optimizations
[  138.135878][ T7844] BTRFS info (device loop1 state S): force clearing of disk cache
[  138.138563][ T7844] BTRFS info (device loop1 state S): ignoring bad roots
[  138.141003][ T7844] BTRFS info (device loop1 state S): ignoring meta csums
[  138.144610][ T7844] BTRFS info (device loop1 state S): force lzo compression, level 0
[  138.164289][ T5852] BTRFS info (device loop1 state S): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.433427][   T33] kauditd_printk_skb: 7 callbacks suppressed
[  138.433437][   T33] audit: type=1326 audit(1757318228.316:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.1.777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20838ebe9 code=0x7ffc0000
[  138.444631][   T33] audit: type=1326 audit(1757318228.316:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.1.777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20838ebe9 code=0x7ffc0000
[  138.452950][   T33] audit: type=1326 audit(1757318228.336:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.1.777" exe="/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7fc20838ebe9 code=0x7ffc0000
[  138.461211][   T33] audit: type=1326 audit(1757318228.336:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.1.777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20838ebe9 code=0x7ffc0000
[  138.514831][   T33] audit: type=1326 audit(1757318228.336:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7876 comm="syz.1.777" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20838ebe9 code=0x7ffc0000
[  138.593762][ T7885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.781'.
[  138.639314][  T792] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  138.788618][  T792] usb 1-1: Using ep0 maxpacket: 16
[  138.794244][  T792] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  138.809678][  T792] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  138.822478][  T792] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  138.838406][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.841761][  T792] usb 1-1: Product: syz
[  138.843485][  T792] usb 1-1: Manufacturer: syz
[  138.847962][  T792] usb 1-1: SerialNumber: syz
[  139.065995][  T792] usb 1-1: 0:2 : does not exist
[  139.075609][  T792] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  139.080337][ T7895] loop2: detected capacity change from 0 to 40427
[  139.094190][ T7895] F2FS-fs (loop2): invalid crc value
[  139.129858][  T792] usb 1-1: USB disconnect, device number 13
[  139.183749][ T6152] udevd[6152]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  139.191221][ T7895] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  139.195184][ T7895] F2FS-fs (loop2): Start checkpoint disabled!
[  139.210501][ T7895] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  139.228747][ T7895] syz.2.786: attempt to access beyond end of device
[  139.228747][ T7895] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  139.252687][   T26] kworker/u9:0: attempt to access beyond end of device
[  139.252687][   T26] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  139.259149][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  139.259170][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  139.259179][   T26] Workqueue: writeback wb_workfn (flush-7:2)
[  139.259201][   T26] Call Trace:
[  139.259207][   T26]  <TASK>
[  139.259214][   T26]  dump_stack_lvl+0x189/0x250
[  139.259236][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.259252][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  139.259265][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  139.259285][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  139.259312][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  139.259337][   T26]  f2fs_write_end_io+0x886/0xb60
[  139.259367][   T26]  __submit_merged_bio+0x27a/0x6a0
[  139.259393][   T26]  __submit_merged_write_cond+0x255/0x530
[  139.259437][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  139.259491][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  139.259524][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  139.259572][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  139.259608][   T26]  ? trace_f2fs_writepages+0x7f/0x200
[  139.259627][   T26]  ? f2fs_write_node_pages+0x478/0x6e0
[  139.259650][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  139.259683][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  139.259702][   T26]  do_writepages+0x32e/0x550
[  139.259723][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  139.259736][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  139.259758][   T26]  __writeback_single_inode+0x145/0xff0
[  139.259775][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  139.259795][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  139.259833][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  139.259888][   T26]  ? rcu_is_watching+0x15/0xb0
[  139.259911][   T26]  wb_writeback+0x43b/0xaf0
[  139.259936][   T26]  ? queue_io+0x331/0x590
[  139.259956][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  139.259989][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.260012][   T26]  wb_workfn+0x409/0xef0
[  139.260041][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  139.260089][   T26]  ? __lock_acquire+0xab9/0xd20
[  139.260119][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  139.260140][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.260161][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  139.260173][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  139.260188][   T26]  process_scheduled_works+0xae1/0x17b0
[  139.260227][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  139.260256][   T26]  worker_thread+0x8a0/0xda0
[  139.260291][   T26]  kthread+0x711/0x8a0
[  139.260311][   T26]  ? __pfx_worker_thread+0x10/0x10
[  139.260324][   T26]  ? __pfx_kthread+0x10/0x10
[  139.260342][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  139.260359][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.260374][   T26]  ? __pfx_kthread+0x10/0x10
[  139.260391][   T26]  ret_from_fork+0x3fc/0x770
[  139.260409][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  139.260429][   T26]  ? __switch_to_asm+0x39/0x70
[  139.260445][   T26]  ? __switch_to_asm+0x33/0x70
[  139.260459][   T26]  ? __pfx_kthread+0x10/0x10
[  139.260477][   T26]  ret_from_fork_asm+0x1a/0x30
[  139.260509][   T26]  </TASK>
[  139.263143][   T26] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  139.659334][ T7904] loop2: detected capacity change from 0 to 8192
[  139.709106][ T6152]  loop2: AHDI p1 p2 p4
[  139.878248][ T7906] loop0: detected capacity change from 0 to 65536
[  139.900650][ T7906] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  139.906195][ T7904]  loop2: AHDI p1 p2 p4
[  139.939755][ T7906] XFS (loop0): Ending clean mount
[  139.993205][  T792] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  140.421410][  T792] usb 2-1: Using ep0 maxpacket: 32
[  140.433005][  T792] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  140.436449][  T792] usb 2-1: config 0 has no interface number 0
[  140.439006][  T792] usb 2-1: config 0 interface 12 has no altsetting 0
[  140.495125][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  140.504355][ T6152] udevd[6152]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  140.527433][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.533199][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.535572][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.538695][  T792] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  140.542912][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.546279][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.549595][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.553407][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.556587][  T792] usb 2-1: Product: syz
[  140.558307][  T792] usb 2-1: Manufacturer: syz
[  140.560159][  T792] usb 2-1: SerialNumber: syz
[  140.562521][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.565991][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.569412][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.575397][  T792] usb 2-1: config 0 descriptor??
[  140.580720][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.585893][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.590299][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.595147][   T27] XFS (loop0): page discard on page ffffea00047e8400, inode 0x29, pos 0.
[  140.601307][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.605708][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.608135][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.611213][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.614779][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.618412][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.622165][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.626740][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.630769][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.634435][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.638084][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.642381][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.646799][   T27] XFS (loop0): page discard on page ffffea00048a4500, inode 0x26, pos 1024.
[  140.653448][    T9] loop0: writeback error on inode 38, offset 0, sector 22
[  140.663799][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.671864][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.673873][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.676134][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.678639][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.683026][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.686118][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.689099][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.693274][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.696031][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.698844][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.703122][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.706677][   T27] XFS (loop0): page discard on page ffffea00047f4600, inode 0x29, pos 32768.
[  140.711642][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.715071][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.717201][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.719790][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.723562][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.727042][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.731257][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.734306][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.737435][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.741344][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.743131][ T7925] loop2: detected capacity change from 0 to 32768
[  140.744712][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.744758][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.748945][ T7925] XFS: noikeep mount option is deprecated.
[  140.758637][   T27] XFS (loop0): page discard on page ffffea00047fe380, inode 0x29, pos 49152.
[  140.763203][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.767574][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.771726][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.774691][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.779106][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.784077][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.788138][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.792234][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.797736][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.803276][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.810072][ T7925] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.814206][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.818275][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.823957][   T27] XFS (loop0): page discard on page ffffea00048a4540, inode 0x29, pos 57344.
[  140.838774][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.849282][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.852081][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.856986][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.860944][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.864437][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.867690][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.869154][ T7925] XFS (loop2): Ending clean mount
[  140.873068][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.875895][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.878222][ T7925] XFS (loop2): Quotacheck needed: Please wait.
[  140.878681][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.884403][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.887235][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.896889][   T27] XFS (loop0): page discard on page ffffea00048a4580, inode 0x29, pos 61440.
[  140.911953][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.913699][ T7925] XFS (loop2): Quotacheck: Done.
[  140.916462][   T27] XFS (loop0): Unmount and run xfs_repair
[  140.927071][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  140.936788][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  140.946973][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  140.951279][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  140.954967][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  140.958577][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  140.968528][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  140.973108][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.976844][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  140.981408][ T7925] XFS (loop2): User initiated shutdown received.
[  140.982823][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  140.988191][   T27] XFS (loop0): page discard on page ffffea00048a45c0, inode 0x26, pos 4096.
[  140.988267][ T7925] XFS (loop2): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  140.992664][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  140.998178][ T7925] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  141.007185][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.009884][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.012858][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.016343][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.022039][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.025512][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.029525][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.033433][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.036921][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.042787][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.046224][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  141.059783][   T27] XFS (loop0): page discard on page ffffea00047f4700, inode 0x26, pos 8192.
[  141.061939][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.070579][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  141.075174][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.095070][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.098012][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.103349][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.128145][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.131442][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.135103][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.154729][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.165988][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.169110][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.172106][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  141.175754][   T27] XFS (loop0): page discard on page ffffea0004672f00, inode 0x26, pos 16384.
[  141.190426][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  141.193642][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.195389][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.197584][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.200475][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.213716][  T792] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -71
[  141.217093][  T792] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  141.219755][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.223262][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.226619][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.230526][  T792] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  141.230617][  T792] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  141.235442][  T792] usb 2-1: USB disconnect, device number 18
[  141.248604][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.255600][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.259193][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.262935][   T27] XFS (loop0): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  141.273148][   T27] XFS (loop0): page discard on page ffffea000474ca00, inode 0x26, pos 32768.
[  141.278263][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  141.281936][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.284069][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.286574][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.289962][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.290512][ T7935] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  141.292578][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.292588][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.292594][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.292600][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.292605][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.292611][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.292989][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  141.300261][ T7935] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  141.300767][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.326545][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.338512][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.344507][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.347265][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.359076][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.362027][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.364733][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.368452][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.371223][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.374272][   T27] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  141.380016][   T27] XFS (loop0): Unmount and run xfs_repair
[  141.381939][   T27] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  141.384523][   T27] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  141.387952][   T27] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  141.390717][   T27] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  141.393369][   T27] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  141.396130][   T27] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  141.399616][   T27] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  141.402402][   T27] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.405122][   T27] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.412766][ T5854] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  141.416914][ T5854] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair.
[  141.578332][ T7937] loop2: detected capacity change from 0 to 32768
[  141.583721][ T7937] (syz.2.796,7937,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: rec_len % 4 != 0 - offset=108, inode=18446744073709486150, rec_len=65535, name_len=9
[  141.590775][ T7937] (syz.2.796,7937,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  141.594153][ T7937] (syz.2.796,7937,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  141.594169][ T7937] (syz.2.796,7937,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  141.601914][ T7937] (syz.2.796,7937,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  141.605167][ T7937] (syz.2.796,7937,0):ocfs2_fill_super:1177 ERROR: status = -22
[  141.953306][ T7954] netlink: 52 bytes leftover after parsing attributes in process `syz.0.802'.
[  142.665311][ T7947] loop2: detected capacity change from 0 to 32768
[  142.733629][ T7947] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.999521][ T7947] XFS (loop2): Ending clean mount
[  143.114565][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.389039][ T7987] netlink: 'syz.0.814': attribute type 39 has an invalid length.
[  143.562927][ T7994] loop2: detected capacity change from 0 to 16
[  143.647355][    C0] Unknown status report in ack skb
[  143.954862][ T8015] tmpfs: Bad value for 'mpol'
[  144.029334][ T8006] loop0: detected capacity change from 0 to 32768
[  144.044964][ T8019] loop1: detected capacity change from 0 to 512
[  144.047739][ T8019] EXT4-fs: Ignoring removed i_version option
[  144.050112][ T8019] EXT4-fs (loop1): can't mount with both data=journal and dax
[  144.532343][ T8031] loop0: detected capacity change from 0 to 512
[  144.541974][ T8031] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.830: casefold flag without casefold feature
[  144.558221][ T8031] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.830: couldn't read orphan inode 15 (err -117)
[  144.563210][ T8031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.590131][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.906346][ T8045] loop0: detected capacity change from 0 to 1024
[  144.934704][   T33] audit: type=1800 audit(1757318234.842:338): pid=8045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.838" name="file1" dev="loop0" ino=20 res=0 errno=0
[  144.973178][   T83] hfsplus: b-tree write err: -5, ino 4
[  145.010236][ T8047] loop0: detected capacity change from 0 to 256
[  145.013330][ T8047] exfat: Deprecated parameter 'namecase'
[  145.016770][ T8047] exfat: Deprecated parameter 'utf8'
[  145.023798][ T8047] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  145.086000][ T8047] loop0: detected capacity change from 256 to 64
[  145.099066][ T8047]  loop0:
[  145.648652][ T8072] loop2: detected capacity change from 0 to 4096
[  145.665414][ T8072] ntfs3(loop2): ino=3, Correct links count -> 2.
[  145.810694][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  145.815603][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  145.820732][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  145.828904][ T5859] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  145.833192][ T5859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  146.397386][ T8091] loop2: detected capacity change from 0 to 2048
[  146.437932][ T8091] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.492507][ T8091] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.860: bg 0: block 234: padding at end of block bitmap is not set
[  146.502063][ T8091] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  146.508816][ T8091] EXT4-fs (loop2): This should not happen!! Data will be lost
[  146.508816][ T8091] 
[  146.512473][ T8091] EXT4-fs (loop2): Total free blocks count 0
[  146.514528][ T8091] EXT4-fs (loop2): Free/Dirty block details
[  146.516513][ T8091] EXT4-fs (loop2): free_blocks=0
[  146.518136][ T8091] EXT4-fs (loop2): dirty_blocks=16
[  146.520837][ T8091] EXT4-fs (loop2): Block reservation details
[  146.523177][ T8091] EXT4-fs (loop2): i_reserved_data_blocks=1
[  146.525173][ T8077] chnl_net:caif_netlink_parms(): no params data found
[  146.548967][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.656376][ T8077] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.661452][ T8077] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.664504][ T8077] bridge_slave_0: entered allmulticast mode
[  146.668240][ T8077] bridge_slave_0: entered promiscuous mode
[  146.680311][ T8077] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.683172][ T8077] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.685528][ T8077] bridge_slave_1: entered allmulticast mode
[  146.695038][ T8077] bridge_slave_1: entered promiscuous mode
[  146.700688][ T8106] kAFS: unable to lookup cell 'syz169@=R'
[  146.746611][ T8077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.753339][ T8077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.786292][ T8077] team0: Port device team_slave_0 added
[  146.791533][ T8077] team0: Port device team_slave_1 added
[  146.826646][ T8077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.830253][ T8077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.861197][ T8077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.867553][ T8077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.873389][ T8077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.884599][ T8077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.975422][ T8077] hsr_slave_0: entered promiscuous mode
[  146.984794][ T8077] hsr_slave_1: entered promiscuous mode
[  146.988361][ T8077] debugfs: 'hsr0' already exists in 'hsr'
[  146.990759][ T8077] Cannot create hsr debugfs directory
[  147.341502][ T8077] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  147.348936][ T8077] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  147.362131][ T8077] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  147.370039][ T8077] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  147.407549][ T8077] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.410673][ T8077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.414385][ T8077] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.417426][ T8077] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.488835][ T8077] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.503292][   T68] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.513135][   T68] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.529671][ T8077] 8021q: adding VLAN 0 to HW filter on device team0
[  147.542813][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.545761][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.555199][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.558176][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.754120][ T8077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.787708][ T8077] veth0_vlan: entered promiscuous mode
[  147.793618][ T8077] veth1_vlan: entered promiscuous mode
[  147.814040][ T8077] veth0_macvtap: entered promiscuous mode
[  147.821588][ T8077] veth1_macvtap: entered promiscuous mode
[  147.834266][ T8077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.845480][ T8077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.853761][ T5879] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.858687][ T5879] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.862844][ T5879] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.867453][ T5879] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.896469][ T5859] Bluetooth: hci2: command tx timeout
[  147.942938][ T3537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.947856][ T3537] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.977763][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.981034][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.222580][ T8147] loop1: detected capacity change from 0 to 512
[  148.235928][ T8147] EXT4-fs: Ignoring removed mblk_io_submit option
[  148.247381][ T8147] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  148.275141][ T8147] EXT4-fs (loop1): 1 truncate cleaned up
[  148.289692][ T8147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.342518][   T33] audit: type=1804 audit(1757318238.262:339): pid=8147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.878" name="/newroot/275/file1/file1" dev="loop1" ino=15 res=1 errno=0
[  148.518081][ T5852] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.082181][  T792] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  149.262044][  T792] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  149.266873][  T792] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  149.273503][  T792] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  149.284332][  T792] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  149.288052][  T792] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.291287][  T792] usb 3-1: Product: syz
[  149.294419][  T792] usb 3-1: Manufacturer: syz
[  149.296322][  T792] usb 3-1: SerialNumber: syz
[  149.319263][  T792] usb 3-1: config 0 descriptor??
[  149.328109][ T8156] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  149.337391][  T792] usb 3-1: ucan: probing device on interface #0
[  149.339937][  T792] usb 3-1: ucan: invalid in_ep MaxPacketSize
[  149.345836][  T792] usb 3-1: ucan: probe failed; try to update the device firmware
[  149.421706][ T7522] usb 2-1: new low-speed USB device number 19 using dummy_hcd
[  149.553460][ T6278] usb 3-1: USB disconnect, device number 17
[  149.583558][ T7522] usb 2-1: LPM exit latency is zeroed, disabling LPM.
[  149.595643][ T7522] usb 2-1: config 0 has no interfaces?
[  149.603480][ T7522] usb 2-1: string descriptor 0 read error: -22
[  149.607879][ T7522] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=9a.90
[  149.612754][ T7522] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.620807][ T7522] usb 2-1: config 0 descriptor??
[  149.650054][ T8172] loop3: detected capacity change from 0 to 512
[  149.683227][ T8172] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.689293][ T8172] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.816271][ T8077] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.832874][ T6278] usb 2-1: USB disconnect, device number 19
[  149.970116][ T5859] Bluetooth: hci2: command tx timeout
[  150.929875][ T8227] loop3: detected capacity change from 0 to 2048
[  150.943936][ T6278] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  150.957613][ T8227] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  151.133414][ T8228] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.194256][ T8227] capability: warning: `syz.3.913' uses 32-bit capabilities (legacy support in use)
[  151.199975][ T6278] usb 2-1: Using ep0 maxpacket: 32
[  151.250171][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.272830][ T6278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.295885][ T6278] usb 2-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  151.315340][ T6278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.381988][ T6278] usb 2-1: config 0 descriptor??
[  152.094564][ T5859] Bluetooth: hci2: command tx timeout
[  152.282351][ T6278] glorious 0003:258A:0033.0005: unknown main item tag 0x1
[  152.312716][ T6278] glorious 0003:258A:0033.0005: unknown main item tag 0x2
[  152.335636][ T6278] glorious 0003:258A:0033.0005: hidraw0: USB HID v0.00 Device [Glorious Model D] on usb-dummy_hcd.1-1/input0
[  152.364482][ T6278] usb 2-1: USB disconnect, device number 20
[  152.408388][ T8234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.916'.
[  153.020273][ T8230] loop2: detected capacity change from 0 to 32768
[  153.131378][ T8230] add_index: next_index = 0.  Resetting!
[  153.136224][ T8230] find_entry called with index >= next_index
[  153.138680][ T8230] find_entry called with index >= next_index
[  153.141179][ T8230] find_entry called with index >= next_index
[  153.145733][ T8230] find_entry called with index >= next_index
[  153.813994][ T8257] netlink: 'syz.3.926': attribute type 29 has an invalid length.
[  153.817455][ T8257] netlink: 'syz.3.926': attribute type 29 has an invalid length.
[  153.820487][ T8257] netlink: 508 bytes leftover after parsing attributes in process `syz.3.926'.
[  154.121996][ T5859] Bluetooth: hci2: command tx timeout
[  156.388095][ T8308] loop1: detected capacity change from 0 to 1024
[  156.876866][   T83] hfsplus: b-tree write err: -5, ino 4
[  156.979345][ T8315] binder: 8313:8315 ioctl c0306201 200000000080 returned -14
[  157.011353][ T8317] netlink: 'syz.3.951': attribute type 1 has an invalid length.
[  157.178821][ T8327] loop2: detected capacity change from 0 to 1024
[  157.220074][ T8329] dvmrp5: entered allmulticast mode
[  157.223050][ T8327] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.233615][ T8334] netlink: 120 bytes leftover after parsing attributes in process `syz.1.958'.
[  157.239854][ T8327] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.244507][ T8334] netlink: 120 bytes leftover after parsing attributes in process `syz.1.958'.
[  157.245945][ T8329] pimreg: entered allmulticast mode
[  157.262862][   T33] audit: type=1800 audit(1757318247.202:340): pid=8327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.955" name="file1" dev="loop2" ino=15 res=0 errno=0
[  157.284456][ T8327] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 1: comm syz.2.955: lblock 1 mapped to illegal pblock 1 (length 15)
[  157.330148][ T8327] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  157.357426][ T8327] EXT4-fs (loop2): This should not happen!! Data will be lost
[  157.357426][ T8327] 
[  157.380868][ T8337] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.955: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  157.397781][ T8337] EXT4-fs error (device loop2) in ext4_setattr:6071: Corrupt filesystem
[  157.486202][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.932942][ T8356] loop3: detected capacity change from 0 to 512
[  157.937604][ T8356] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  157.960734][ T8356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.967983][ T8356] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.000825][ T8077] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.226519][ T8361] loop2: detected capacity change from 0 to 32768
[  158.229396][ T8361] ocfs2: Bad value for 'localalloc'
[  158.285135][   T48] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  158.449441][ T8372] loop2: detected capacity change from 0 to 256
[  158.451969][ T8372] exfat: Deprecated parameter 'namecase'
[  158.464986][   T48] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.469937][   T48] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  158.472539][ T8372] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  158.478434][   T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.487126][   T48] usb 4-1: config 0 descriptor??
[  158.496875][   T33] audit: type=1800 audit(1757318248.444:341): pid=8372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.972" name="file1" dev="loop2" ino=1048611 res=0 errno=0
[  158.552655][ T8374] loop2: detected capacity change from 0 to 4096
[  158.555945][ T8374] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  158.646706][ T8380] xt_l2tp: missing protocol rule (udp|l2tpip)
[  159.032675][   T48] lenovo 0003:17EF:6047.0006: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[  159.186552][   T48] lenovo 0003:17EF:6047.0006: Failed to switch F7/9/11 mode: -71
[  159.203013][   T48] lenovo 0003:17EF:6047.0006: Failed to switch middle button: -71
[  159.207873][   T48] lenovo 0003:17EF:6047.0006: Fn-lock setting failed: -71
[  159.220588][   T48] lenovo 0003:17EF:6047.0006: Sensitivity setting failed: -71
[  159.245903][   T48] usb 4-1: USB disconnect, device number 2
[  159.316122][ T8370] loop1: detected capacity change from 0 to 40427
[  159.360734][ T8370] F2FS-fs (loop1): build fault injection rate: 690
[  159.382742][ T8370] F2FS-fs (loop1): invalid crc value
[  159.658903][ T8370] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  159.669880][ T8370] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  159.785678][ T5852] syz-executor: attempt to access beyond end of device
[  159.785678][ T5852] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  159.791845][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  159.791880][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  159.791888][ T5852] Call Trace:
[  159.791894][ T5852]  <TASK>
[  159.791900][ T5852]  dump_stack_lvl+0x189/0x250
[  159.791920][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.791934][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  159.791946][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  159.791963][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  159.791987][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  159.792011][ T5852]  f2fs_write_end_io+0x886/0xb60
[  159.792037][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  159.792057][ T5852]  __submit_merged_write_cond+0x255/0x530
[  159.792079][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  159.792097][ T5852]  ? arch_stack_walk+0xfc/0x150
[  159.792134][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.792180][ T5852]  ? finish_task_switch+0x266/0x950
[  159.792201][ T5852]  ? __lock_acquire+0xab9/0xd20
[  159.792222][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  159.792242][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  159.792256][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.792275][ T5852]  do_writepages+0x32e/0x550
[  159.792330][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  159.792348][ T5852]  filemap_fdatawrite+0x199/0x240
[  159.792364][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  159.792378][ T5852]  ? preempt_schedule_irq+0xde/0x150
[  159.792422][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  159.792439][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  159.792464][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  159.792492][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  159.792551][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  159.792569][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  159.792586][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  159.792595][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  159.792611][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  159.792620][ T5852]  deactivate_locked_super+0xbc/0x130
[  159.792631][ T5852]  cleanup_mnt+0x425/0x4c0
[  159.792640][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.792653][ T5852]  task_work_run+0x1d4/0x260
[  159.792665][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  159.792674][ T5852]  ? __x64_sys_umount+0x122/0x160
[  159.792687][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  159.792700][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  159.792712][ T5852]  do_syscall_64+0x2bd/0x3b0
[  159.792718][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.792729][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.792736][ T5852]  ? exc_page_fault+0x9f/0xf0
[  159.792748][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.792756][ T5852] RIP: 0033:0x7fc20838ff17
[  159.792767][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.792774][ T5852] RSP: 002b:00007fffcd8c6258 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.792783][ T5852] RAX: 0000000000000000 RBX: 00007fc208411c05 RCX: 00007fc20838ff17
[  159.792788][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffcd8c6310
[  159.792793][ T5852] RBP: 00007fffcd8c6310 R08: 0000000000000000 R09: 0000000000000000
[  159.792797][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffcd8c73a0
[  159.792802][ T5852] R13: 00007fc208411c05 R14: 0000000000027183 R15: 00007fffcd8c73e0
[  159.792816][ T5852]  </TASK>
[  159.796206][ T5852] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  159.819559][ T8390] ceph: No source
[  160.583898][ T8421] loop1: detected capacity change from 0 to 2048
[  160.998535][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  161.019517][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  161.137707][ T8450] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  161.151556][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.159028][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.166343][   T10] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  161.171309][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.183885][    T9] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  161.191822][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  161.199564][   T10] usb 4-1: config 0 descriptor??
[  161.202738][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  161.215281][    T9] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  161.221706][    T9] usb 2-1: Product: syz
[  161.223688][    T9] usb 2-1: Manufacturer: syz
[  161.229557][    T9] usb 2-1: SerialNumber: syz
[  161.236417][    T9] usb 2-1: config 0 descriptor??
[  161.262406][    T9] usb 2-1: selecting invalid altsetting 0
[  161.506896][    T9] usb 2-1: USB disconnect, device number 21
[  161.632559][ T8432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.636497][ T8432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.645992][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  161.654055][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  161.674035][   T10] usb 4-1: USB disconnect, device number 3
[  161.678807][ T8463] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1013'.
[  163.328699][    T9] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  163.347926][ T8498] netlink: 'syz.2.1028': attribute type 6 has an invalid length.
[  163.476884][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  163.483557][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.487830][    T9] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  163.491637][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.512769][    T9] usb 4-1: config 0 descriptor??
[  164.022582][    T9] isku 0003:1E7D:319C.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.3-1/input0
[  164.305299][ T8513] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1034'.
[  164.318710][ T8513] : entered promiscuous mode
[  164.321741][ T8513] : left promiscuous mode
[  164.411752][ T8520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1037'.
[  164.430204][    T9] usb 4-1: USB disconnect, device number 4
[  164.626063][ T8531] loop1: detected capacity change from 0 to 1024
[  164.661404][ T8535] netlink: 372 bytes leftover after parsing attributes in process `syz.2.1042'.
[  164.792167][ T8541] loop2: detected capacity change from 0 to 16
[  164.828007][ T8541] erofs (device loop2): mounted with root inode @ nid 36.
[  165.102403][ T8552] loop2: detected capacity change from 0 to 4096
[  165.114640][ T8552] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  165.158629][ T8552] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  165.188205][ T8552] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  165.197629][ T8552] ntfs3(loop2): ino=1b, mi_enum_attr
[  165.419142][ T8567] loop2: detected capacity change from 0 to 8
[  165.430373][ T8567] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  165.455684][ T8567] cramfs: Error -5 while decompressing!
[  165.461568][ T8567] cramfs: ffffffff99bf3668(26)->ffff888120ead000(4096)
[  165.464262][ T6278] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  165.477453][ T8567] cramfs: Error -3 while decompressing!
[  165.479623][ T8567] cramfs: ffffffff99bf3682(26)->ffff888120184000(4096)
[  165.481868][ T8567] cramfs: Error -3 while decompressing!
[  165.485176][ T8567] cramfs: ffffffff99bf369c(16)->ffff888120ea7000(4096)
[  165.487908][ T8567] cramfs: Error -5 while decompressing!
[  165.490120][ T8567] cramfs: ffffffff99bf3668(26)->ffff888120ead000(4096)
[  165.494240][   T33] audit: type=1800 audit(1757318255.454:342): pid=8567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1057" name="file2" dev="loop2" ino=348 res=0 errno=0
[  165.611930][ T6278] usb 4-1: Using ep0 maxpacket: 32
[  165.619469][ T6278] usb 4-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice= d.2d
[  165.625063][ T6278] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.628158][ T6278] usb 4-1: Product: syz
[  165.629973][ T6278] usb 4-1: Manufacturer: syz
[  165.632385][ T6278] usb 4-1: SerialNumber: syz
[  165.791811][   T48] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  165.848214][ T6278] aqc111 4-1:1.0: probe with driver aqc111 failed with error -22
[  165.860733][ T6278] usb 4-1: USB disconnect, device number 5
[  165.966604][   T48] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  165.971899][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.975168][   T48] usb 2-1: Product: syz
[  165.976914][   T48] usb 2-1: Manufacturer: syz
[  165.978820][   T48] usb 2-1: SerialNumber: syz
[  165.986074][   T48] usb 2-1: config 0 descriptor??
[  165.999117][   T48] gspca_main: sq930x-2.14.0 probing 2770:930c
[  166.328843][ T8574] loop2: detected capacity change from 0 to 4096
[  166.368880][ T8574] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  166.376981][ T8574] ntfs3(loop2): Failed to load $Secure (-22).
[  166.379581][ T8574] ntfs3(loop2): Failed to initialize $Secure (-22).
[  166.454601][ T8578] loop2: detected capacity change from 0 to 7
[  166.458126][ T5848] Dev loop2: unable to read RDB block 7
[  166.460429][ T5848]  loop2: unable to read partition table
[  166.462941][ T5848] loop2: partition table beyond EOD, truncated
[  166.469568][ T8578] Dev loop2: unable to read RDB block 7
[  166.475471][ T8578]  loop2: unable to read partition table
[  166.478275][ T8578] loop2: partition table beyond EOD, truncated
[  166.480397][ T8578] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5)
[  166.566117][ T8582] loop3: detected capacity change from 0 to 512
[  166.830571][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  166.929895][ T8593] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.933026][ T8593] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.937309][ T8593] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.942567][ T8593] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.984506][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  166.988773][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 218, changing to 7
[  166.996048][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 32945, setting to 1024
[  167.009226][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  167.013367][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.018081][    T9] usb 4-1: Product: syz
[  167.020884][    T9] usb 4-1: Manufacturer: syz
[  167.022805][    T9] usb 4-1: SerialNumber: syz
[  167.028722][    T9] usb 4-1: config 0 descriptor??
[  167.041140][    T9] usb 4-1: 0:0 : invalid sync pipe. bmAttributes e5, bLength 9, bSynchAddress 2f
[  167.050605][   T48] gspca_sq930x: reg_w 0105 0f00 failed -71
[  167.053082][   T48] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  167.085579][   T48] usb 2-1: USB disconnect, device number 22
[  167.257259][    T9] usb 4-1: USB disconnect, device number 6
[  167.296910][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  167.388680][ T8595] loop2: detected capacity change from 0 to 32768
[  167.423404][ T8595] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  167.437359][ T5879] (kworker/u8:4,5879,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  167.459175][ T8595] 
[  167.460224][ T8595] ======================================================
[  167.463044][ T8595] WARNING: possible circular locking dependency detected
[  167.465756][ T8595] syzkaller #0 Not tainted
[  167.467589][ T8595] ------------------------------------------------------
[  167.471224][ T8595] syz.2.1071/8595 is trying to acquire lock:
[  167.473574][ T8595] ffff888118a45df8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_init_acl+0x2f9/0x720
[  167.477248][ T8595] 
[  167.477248][ T8595] but task is already holding lock:
[  167.480266][ T8595] ffff888119be4950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  167.483807][ T8595] 
[  167.483807][ T8595] which lock already depends on the new lock.
[  167.483807][ T8595] 
[  167.487870][ T8595] 
[  167.487870][ T8595] the existing dependency chain (in reverse order) is:
[  167.491473][ T8595] 
[  167.491473][ T8595] -> #4 (jbd2_handle){++++}-{0:0}:
[  167.494457][ T8595]        lock_acquire+0x120/0x360
[  167.496473][ T8595]        start_this_handle+0x1fa7/0x21c0
[  167.498664][ T8595]        jbd2__journal_start+0x2c1/0x5b0
[  167.500833][ T8595]        jbd2_journal_start+0x2a/0x40
[  167.502961][ T8595]        ocfs2_start_trans+0x376/0x6d0
[  167.505168][ T8595]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  167.507687][ T8595]        ocfs2_fill_super+0x5571/0x63c0
[  167.509893][ T8595]        get_tree_bdev_flags+0x40e/0x4d0
[  167.512096][ T8595]        vfs_get_tree+0x92/0x2b0
[  167.514027][ T8595]        do_new_mount+0x2a2/0x9e0
[  167.515991][ T8595]        __se_sys_mount+0x317/0x410
[  167.518102][ T8595]        do_syscall_64+0xfa/0x3b0
[  167.520103][ T8595]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.522740][ T8595] 
[  167.522740][ T8595] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  167.526125][ T8595]        lock_acquire+0x120/0x360
[  167.528149][ T8595]        down_read+0x46/0x2e0
[  167.530045][ T8595]        ocfs2_start_trans+0x36a/0x6d0
[  167.532205][ T8595]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  167.534662][ T8595]        ocfs2_fill_super+0x5571/0x63c0
[  167.536857][ T8595]        get_tree_bdev_flags+0x40e/0x4d0
[  167.539118][ T8595]        vfs_get_tree+0x92/0x2b0
[  167.541157][ T8595]        do_new_mount+0x2a2/0x9e0
[  167.543096][ T8595]        __se_sys_mount+0x317/0x410
[  167.545202][ T8595]        do_syscall_64+0xfa/0x3b0
[  167.547219][ T8595]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.549734][ T8595] 
[  167.549734][ T8595] -> #2 (sb_internal#2){.+.+}-{0:0}:
[  167.552685][ T8595]        lock_acquire+0x120/0x360
[  167.554628][ T8595]        ocfs2_start_trans+0x26b/0x6d0
[  167.556819][ T8595]        ocfs2_xattr_set+0xd69/0x11f0
[  167.558995][ T8595]        ocfs2_set_acl+0x701/0x7b0
[  167.561069][ T8595]        ocfs2_iop_set_acl+0x1aa/0x2a0
[  167.563229][ T8595]        vfs_set_acl+0x887/0xb00
[  167.565225][ T8595]        do_set_acl+0xf6/0x190
[  167.567157][ T8595]        filename_setxattr+0x2e0/0x600
[  167.569360][ T8595]        path_setxattrat+0x364/0x3a0
[  167.571474][ T8595]        __x64_sys_setxattr+0xbc/0xe0
[  167.573610][ T8595]        do_syscall_64+0xfa/0x3b0
[  167.575649][ T8595]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.578210][ T8595] 
[  167.578210][ T8595] -> #1 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  167.582480][ T8595]        lock_acquire+0x120/0x360
[  167.584509][ T8595]        down_write+0x96/0x1f0
[  167.586451][ T8595]        ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  167.589034][ T8595]        ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  167.591736][ T8595]        ocfs2_init_xattr_set_ctxt+0x307/0x700
[  167.594218][ T8595]        ocfs2_xattr_set+0xb70/0x11f0
[  167.596375][ T8595]        ocfs2_set_acl+0x701/0x7b0
[  167.598408][ T8595]        ocfs2_iop_set_acl+0x1aa/0x2a0
[  167.600534][ T8595]        vfs_set_acl+0x887/0xb00
[  167.602532][ T8595]        do_set_acl+0xf6/0x190
[  167.604462][ T8595]        filename_setxattr+0x2e0/0x600
[  167.606651][ T8595]        path_setxattrat+0x364/0x3a0
[  167.608782][ T8595]        __x64_sys_setxattr+0xbc/0xe0
[  167.610936][ T8595]        do_syscall_64+0xfa/0x3b0
[  167.613003][ T8595]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.615598][ T8595] 
[  167.615598][ T8595] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}:
[  167.618740][ T8595]        validate_chain+0xb9b/0x2140
[  167.620910][ T8595]        __lock_acquire+0xab9/0xd20
[  167.623014][ T8595]        lock_acquire+0x120/0x360
[  167.625104][ T8595]        down_read+0x46/0x2e0
[  167.627013][ T8595]        ocfs2_init_acl+0x2f9/0x720
[  167.629170][ T8595]        ocfs2_mknod+0x1321/0x2050
[  167.631266][ T8595]        ocfs2_create+0x1a5/0x440
[  167.633365][ T8595]        path_openat+0x14f4/0x3830
[  167.635415][ T8595]        do_filp_open+0x1fa/0x410
[  167.637460][ T8595]        do_sys_openat2+0x121/0x1c0
[  167.639555][ T8595]        __x64_sys_openat+0x138/0x170
[  167.641791][ T8595]        do_syscall_64+0xfa/0x3b0
[  167.643844][ T8595]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.646426][ T8595] 
[  167.646426][ T8595] other info that might help us debug this:
[  167.646426][ T8595] 
[  167.650689][ T8595] Chain exists of:
[  167.650689][ T8595]   &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle
[  167.650689][ T8595] 
[  167.656183][ T8595]  Possible unsafe locking scenario:
[  167.656183][ T8595] 
[  167.659196][ T8595]        CPU0                    CPU1
[  167.661425][ T8595]        ----                    ----
[  167.663734][ T8595]   rlock(jbd2_handle);
[  167.665482][ T8595]                                lock(&journal->j_trans_barrier);
[  167.668788][ T8595]                                lock(jbd2_handle);
[  167.671458][ T8595]   rlock(&oi->ip_xattr_sem);
[  167.673436][ T8595] 
[  167.673436][ T8595]  *** DEADLOCK ***
[  167.673436][ T8595] 
[  167.676615][ T8595] 8 locks held by syz.2.1071/8595:
[  167.678731][ T8595]  #0: ffff888107908428 (sb_writers#16){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  167.682466][ T8595]  #1: ffff888118a460c0 (&type->i_mutex_dir_key#14){+.+.}-{4:4}, at: path_openat+0x8da/0x3830
[  167.686646][ T8595]  #2: ffff888039c160c0 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  167.692148][ T8595]  #3: ffff888118a426c0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  167.697754][ T8595]  #4: ffff888039c11840 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  167.703417][ T8595]  #5: ffff888107908618 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_mknod+0xe93/0x2050
[  167.707197][ T8595]  #6: ffff88810f8584e8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x36a/0x6d0
[  167.711481][ T8595]  #7: ffff888119be4950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  167.715378][ T8595] 
[  167.715378][ T8595] stack backtrace:
[  167.717768][ T8595] CPU: 1 UID: 0 PID: 8595 Comm: syz.2.1071 Not tainted syzkaller #0 PREEMPT(full) 
[  167.717786][ T8595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  167.717797][ T8595] Call Trace:
[  167.717805][ T8595]  <TASK>
[  167.717814][ T8595]  dump_stack_lvl+0x189/0x250
[  167.717836][ T8595]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.717860][ T8595]  ? __pfx__printk+0x10/0x10
[  167.717878][ T8595]  ? stack_trace_save+0x9c/0xe0
[  167.717900][ T8595]  print_circular_bug+0x2ee/0x310
[  167.717917][ T8595]  check_noncircular+0x134/0x160
[  167.717933][ T8595]  validate_chain+0xb9b/0x2140
[  167.717953][ T8595]  __lock_acquire+0xab9/0xd20
[  167.717974][ T8595]  ? ocfs2_init_acl+0x2f9/0x720
[  167.717989][ T8595]  lock_acquire+0x120/0x360
[  167.718007][ T8595]  ? ocfs2_init_acl+0x2f9/0x720
[  167.718026][ T8595]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  167.718045][ T8595]  down_read+0x46/0x2e0
[  167.718059][ T8595]  ? ocfs2_init_acl+0x2f9/0x720
[  167.718073][ T8595]  ocfs2_init_acl+0x2f9/0x720
[  167.718089][ T8595]  ? ocfs2_mknod_locked+0x148/0x250
[  167.718104][ T8595]  ? __pfx_ocfs2_init_acl+0x10/0x10
[  167.718120][ T8595]  ? dquot_alloc_inode+0x216/0xa50
[  167.718135][ T8595]  ? ocfs2_block_signals+0x94/0xe0
[  167.718156][ T8595]  ? __pfx_ocfs2_block_signals+0x10/0x10
[  167.718176][ T8595]  ? ocfs2_init_security_get+0x139/0x1a0
[  167.718194][ T8595]  ocfs2_mknod+0x1321/0x2050
[  167.718212][ T8595]  ? __pfx_ocfs2_mknod+0x10/0x10
[  167.718225][ T8595]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  167.718242][ T8595]  ? __lock_acquire+0xab9/0xd20
[  167.718267][ T8595]  ? look_up_lock_class+0x74/0x170
[  167.718288][ T8595]  ? register_lock_class+0x51/0x320
[  167.718309][ T8595]  ? __lock_acquire+0xab9/0xd20
[  167.718329][ T8595]  ? __lock_acquire+0xab9/0xd20
[  167.718350][ T8595]  ? do_raw_spin_lock+0x121/0x290
[  167.718369][ T8595]  ? do_raw_spin_unlock+0x4d/0x240
[  167.718385][ T8595]  ? rcu_is_watching+0x15/0xb0
[  167.718399][ T8595]  ? ocfs2_lookup+0x5b9/0x9b0
[  167.718413][ T8595]  ocfs2_create+0x1a5/0x440
[  167.718426][ T8595]  ? __pfx_ocfs2_lookup+0x10/0x10
[  167.718438][ T8595]  ? from_kgid+0x1b0/0x650
[  167.718455][ T8595]  ? __pfx_ocfs2_create+0x10/0x10
[  167.718467][ T8595]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  167.718481][ T8595]  ? inode_permission+0x149/0x470
[  167.718494][ T8595]  ? __pfx_ocfs2_permission+0x10/0x10
[  167.718511][ T8595]  ? bpf_lsm_inode_create+0x9/0x20
[  167.718526][ T8595]  ? __pfx_ocfs2_create+0x10/0x10
[  167.718538][ T8595]  path_openat+0x14f4/0x3830
[  167.718554][ T8595]  ? arch_stack_walk+0xfc/0x150
[  167.718579][ T8595]  ? __pfx_path_openat+0x10/0x10
[  167.718594][ T8595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.718613][ T8595]  do_filp_open+0x1fa/0x410
[  167.718658][ T8595]  ? __lock_acquire+0xab9/0xd20
[  167.718678][ T8595]  ? __pfx_do_filp_open+0x10/0x10
[  167.718698][ T8595]  ? _raw_spin_unlock+0x28/0x50
[  167.718715][ T8595]  ? alloc_fd+0x64c/0x6c0
[  167.718739][ T8595]  do_sys_openat2+0x121/0x1c0
[  167.718755][ T8595]  ? __se_sys_futex+0x36f/0x400
[  167.718773][ T8595]  ? __pfx_do_sys_openat2+0x10/0x10
[  167.718789][ T8595]  ? rcu_is_watching+0x15/0xb0
[  167.718802][ T8595]  __x64_sys_openat+0x138/0x170
[  167.718818][ T8595]  do_syscall_64+0xfa/0x3b0
[  167.718831][ T8595]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.718858][ T8595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.718872][ T8595]  ? exc_page_fault+0x9f/0xf0
[  167.718891][ T8595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.718905][ T8595] RIP: 0033:0x7ff45138ebe9
[  167.718920][ T8595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.718934][ T8595] RSP: 002b:00007ff45222f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  167.718949][ T8595] RAX: ffffffffffffffda RBX: 00007ff4515c5fa0 RCX: 00007ff45138ebe9
[  167.718959][ T8595] RDX: 0000000000101442 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  167.718971][ T8595] RBP: 00007ff451411e19 R08: 0000000000000000 R09: 0000000000000000
[  167.718981][ T8595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.718989][ T8595] R13: 00007ff4515c6038 R14: 00007ff4515c5fa0 R15: 00007fff6f603788
[  167.719004][ T8595]  </TASK>
[  167.943125][ T5848] ocfs2: Unmounting device (7,2) on (node local)

VM DIAGNOSIS:
07:57:37  Registers:
info registers vcpu 0

CPU#0
RAX=10acb0895274f500 RBX=ffffffff819683c8 RCX=10acb0895274f500 RDX=0000000000000001
RSI=ffffffff8be33860 RDI=ffffffff819683c8 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa39030 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b79c3f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b3291dff8 CR3=00000001100ce000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=0000000000000000 00007ff451412ee7 XMM09=0000000000000000 00007ff451412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000270b RDI=000000000000270c RBP=00000000000003f8 RSP=ffffc90006b868f0
R8 =ffff888106b00237 R9 =1ffff11020d60046 R10=dffffc0000000000 R11=ffffffff854f3b00
R12=dffffc0000000000 R13=ffffffff99afd8f4 R14=ffffffff99df2420 R15=0000000000000000
RIP=ffffffff854f3b7c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff45222f6c0 ffffffff 00c00000
GS =0000 ffff8881a3c18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff4513733e0 CR3=0000000028d86000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=ff00000000000000 0000ff0000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
