last executing test programs:

950.723273ms ago: executing program 2 (id=1481):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f0000000040)={0x1d, ""/29})

900.114644ms ago: executing program 2 (id=1483):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000180)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYRESOCT], 0x7f, 0x4bc, &(0x7f00000006c0)="$eJzs20tsG1UXwPFzPLbruvk+3Adpi6piCSRCn05S0lZBQn0QgdQ2kDQgKh4KsRNMnDiKU0iqlnYJ7Fh0yZIti64QW1SJJWKBAqi70g0bryi7ojuel10ntpvEk9T/X9XeeRy7997jmXvvJBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBy9vUzmV4NuxYAAKCdLo2OZPoZ/wEA6CiXWf8DAAB0EhVL/hSVo9NlvWjvVyQu5GevLo6dH6r/su0qKhGx7HjzN9Hb13/ilYGTp9xy9devt/0yPHr5TPpccWZuPlcq5bLpsdn8RDGba/od1vr6WofsDkjPTF/NTk6W0n13/qg6vZh6sG1Hd2pw4INzcTd27PzQ0GggJhp74v/9MSvN8ONiycui8ukP3+slEYnI2vuiwWdno223G3HIbsTY+SG7IYX8+OyCOakRJypS3Sdxt4/akIs1iYiYeml8fdZsMbHkR1E5e7yswyJiuf1w2H4w3FR9whA1S1cR6ZEtkLNNbJtY8pGo3D2ekrecfrXzHxe5HnblsOGizvVf1LK+bd8PzPVkbpsX3km/OTtZDMRqxLmiWhkf6lyDoY8P7bTJ700JsWTYvuLLOhJ2ZdB228WSGVGJf/OZPa8Qe176zODJg8+fDs4w9jZ4HxN7zLm4mhmTY87UQSPmzxNUG+sioZb8JSoPf0/Y+z1ObviJQIdQSwqi8u+NsmrNutQKrO89W31t2Lj+j7at8gaNnoskzhXnlubzU58s1D2fTJz5uLQwPz5R/3Rl7WoFjzRax9aKtLYkS2plxffl52Xvdc4a4H+VPb823133Pws9NaUr+PlpZrvp+0wL8yhTJ1VL7ovK5If7KuOMJFvum05g8j8kKqXyL+pm2sl/tLIXyP+rfv8ltLr02Ln9f+W5ljuX2H9lz0rHNyL/pk4m/++Jytl/9jnPNCr5t2piTVy3qLx/+4ATF4mbuKjbnMo7TuYLuYyJfSQqu352Y8WOTTqxu/3YXhNbEpWv7lbH7nBi9/ixfSZ2WVTu/VY/9lk/tt/ELpl83Uu7sUkTe9CJ7fZjj00UC9lG3Wry3ycq7958Q902r5j/wPV/q6b0PJbz1bfXK/+pwLFbTl6vOPmPNsj/16Ky9PcBt91237sfq532v37+zVz5zu3qWHcyusuP7W22WWEz+d8pKg9eW/ba7LTN2fUzFMz/c9Hq0uvXkPK/M3As5dQr3mJfdKLS0rXp8UIhN88GG2wENqzNUY3QNsK+M6EdzPg/Ykb1AUudecwRqYz6XZVdf8b08At//B+sKT0hjf+7AscGnVlLLCqSWJiZi+0VSZSWrh3Nz4xP5aZys/0nBjJ9p09k+k+5U4RcJhZ3p3nN1uipYPJ/WFRu/PSrt46pnv/Vn/8na0pPSPnfHWxT1bym6a7oSCb/XaIycH/ZW2+uNv931/89L1SX3vUXUv73BI6lnHp1tdgXAAAAAAAAAAAAAAAAALCVJNWSF0VlceSIut8haub3/7I1pSek3//qDhzLrv/3GtyvRlWdarbqAAAAAAAAAAAA7RQRS74VlZekrDfNgS6Ri8EST7X/AgAA//9yxkKx")
keyctl$search(0x14, 0x0, &(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={'syz', 0x1}, 0xfffffffffffffffc)

849.630907ms ago: executing program 0 (id=1486):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)

788.949842ms ago: executing program 2 (id=1487):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000180)={0xd, 0x8, 0x7fffffff}, 0xc)

788.66313ms ago: executing program 1 (id=1488):
r0 = socket(0xa, 0x3, 0xff)
sendmmsg$unix(r0, &(0x7f0000003040)=[{{&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000180)="cf6d236d28550a957a69362e39417d4214e72a391d77ff5c23970fd44a1261d62d580a9b0ec2c9ee", 0x28}], 0x1, &(0x7f0000000640)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30, 0x10}}], 0x1, 0x10)

730.485104ms ago: executing program 1 (id=1489):
r0 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000200)={0x9, 0x5, 0x14, 0x5})

730.133447ms ago: executing program 2 (id=1490):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5}, 0x50)
close(r0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

729.990242ms ago: executing program 0 (id=1491):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000080)=0x4)

680.112984ms ago: executing program 1 (id=1492):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

679.889319ms ago: executing program 0 (id=1493):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r0, 0x0, 0x0, 0x40, &(0x7f0000000e00)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast]}, 0x48)

679.704788ms ago: executing program 2 (id=1494):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

620.021899ms ago: executing program 2 (id=1495):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x4000, &(0x7f0000000380)={[{@coherency_buffered}, {@heartbeat_none}, {@user_xattr}, {@err_cont}, {@resv_level={'resv_level', 0x3d, 0x5}}, {@localflocks}, {@localflocks}, {@dir_resv_level}]}, 0x9, 0x4436, &(0x7f0000004480)="$eJzs3c9PXNUeAPBzL/QV+to+6OuiL3nJm+Q1MVFDoCuVJlJKS6HFmmob42Y6wLRFB6aBwbjoAndNXJm4MC4aTdyxali4rX+CG5d13agLNyYmjZiZuQNzL4yMhAFbP58Fl3t+D997z5y7uJw4Ubkzt5SbW8oVFnLlmVtLZ3IflEvL88UQ75Nt+z+0f/3Tnk5cJwd97f2dXT1/8a0bZ0L4Zva7J+vr6+uhqjskotBsqOn3X36+N9N8bIhDWrXd0FHvhhBObhlXVVcI4Z2v65/iXJI2mhx7QwjHkk94497HN3N7NJqHj4tn80+n7q8Nn55cfbDW+rNHIXxe+s/Lt+d//H/X8Pcv7lH3AAAAAAAAAAAAAAAAAAA848avXb3+5uBQeBSF7tVo6/u648mx1fux63vmf7sZ/qPdVAIAAAAAAAAAAAAAAAAAAIC/ms33/3PRiW3e/x9LjiMt6q+/3vkx0jkTb1wduzA4lOz/Hm3JfyVJ+ulcV+jfZt/37P7v5zL1t9//fWs/u9UYX6PfvhDFA6nzOB4YCOHLZOP3U9GRuFReqrx0q7y8MLtnw3hmpeNf370/FZ1kQ/924z+aab/z+///e8vVVD2/uXeX2HMtHf+uluW++ihqK/7nM/X2I/7sXjr+3bW03uYCI/UJoBr/T7p3jv9Ypv1Oxf94CCEXVceaS80A1TVMNb3VeoW0dPwP1dJSU2fyh2x1//+aif+FTPsHNf+vZL+I2FY6/v+opfWkSmze//3xzvf/xUz7BxH/6vhXfP+3JR3/w/XE7lSR2l+y3fl/PNN+6/j/wWKjDdfjZJzHo9QVsBrV01v9vzrS0vHv2ZK/+fwXt7X+u5Spv1/Pf41+G89/jen/h6j+/Mf20vHvbVmu3ft/IlOv0/P/SG39x26l43+klpZeO/fVfrYb/8lM+52Kf21V0tOI/+Z88tvhevoX1n9tScf/n/XEuLnESu1nbf0X7bz+v5xp/yDWf9Xxr8Sd7fV50Rz/rnC0Zblq/L9t4/v/SqZe5+MfwqC1/q6l7/9jLcvV7v+eneM/lanX6fi/0MnGAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4Bo8mxL0TxQOo8jgcGQjifnJ8KR6Lpwmx+ulSeeX8phLEkPRdORLdL5elCKT+3UJ4t5gulUnkmhAtJ/snQEy2VypX8fOHuxY22eqM7xcJiZbpYqIQQxpP0/4Zjjbam5yrzhbshhEsbef+Ky4t37xQW8rNzi68NDg4OhomNMfRHxQ8rxYVKvfd6bgiTG3X7oqbB1bIvb4zlaPReeXlxoVCqpV9pqlMqzxRKTXWmkrxPQ39UWVxemClUivlS+Xajv4M0khzHJq69fe3K0Jb8m1H9OLq/wwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3o0/OpnIYTu+lkcQhhp/BJtV/7h4+LZ/NOp+2vDpydXH6w9aVUOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgd3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coEQNRGIDfjIXaeQyrkHS2EUW0MCJ4Aj2Gh9GjeAnvYGFhK8uysDuB3WwCadJ9X/NIfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzHP33L081U1EirP1acTX2/fPfv5Q6sf1+PmTg6/VYnOyjPvH7ua2bsq7p6P8qvz6bfM2/f97f42R2vsc7Mlwn3b6PueTc03t29R8fd+LSLmKiLbklynnqpp3FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIYdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+so+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH4FAAD//4dVIJc=")
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0xb0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x5)
renameat2(r0, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000200)='./file0\x00', 0x0)

555.308455ms ago: executing program 1 (id=1496):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0xac1d})
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000700)={'#! ', './file0', [], 0xa, "dce7949b6dd8f4cf21976c17114cd13542d28b1312a15e3025bca8f06694040cf507bdc1459012cb1e13e49f714c09ff242e05bf9da6fa8c4332ee17906d13c3353a930db52a1d0d13a4483223b104a7883e98dddc2954f111cce254a7636b82902095d06128ef8352fd0d"}, 0x76)
fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r0, 0x24, &(0x7f00000000c0)={0x2, 0x2, 0x9, 0x2})

555.105535ms ago: executing program 1 (id=1497):
socket$isdn(0x22, 0x3, 0x24)

480.181015ms ago: executing program 1 (id=1498):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x9)
fchdir(r4)
r5 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
unshare(0x22020400)

289.31196ms ago: executing program 0 (id=1499):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000300)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xb, 0x8, 0x9}, {0x4, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0x7, 0x8}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

237.313µs ago: executing program 0 (id=1500):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0xc081, 0x4)

0s ago: executing program 0 (id=1501):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000940)={&(0x7f00000007c0)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0002}}}, 0x14, &(0x7f0000000900)={0x0, 0x66}, 0x1, 0x0, 0x0, 0xf3c3f8d42d8bba71}, 0x800)

kernel console output (not intermixed with test programs):

removed bh option
[  115.622082][ T7470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.706292][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.923016][ T7479] netlink: 'syz.2.550': attribute type 7 has an invalid length.
[  115.927571][ T7479] netlink: 'syz.2.550': attribute type 3 has an invalid length.
[  115.930163][ T7479] netlink: 224 bytes leftover after parsing attributes in process `syz.2.550'.
[  115.932961][ T7481] loop0: detected capacity change from 0 to 512
[  116.018406][ T7485] loop0: detected capacity change from 0 to 512
[  116.038055][ T7485] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.552: iget: bad extended attribute block 1
[  116.042420][ T7485] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.552: couldn't read orphan inode 15 (err -117)
[  116.056213][ T7485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.071677][ T7485] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  116.097019][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.352044][ T7494] loop2: detected capacity change from 0 to 32768
[  116.577539][ T7518] loop2: detected capacity change from 0 to 128
[  116.583738][ T7518] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  116.588021][ T7518] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.652973][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  116.793305][ T5841] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  116.938791][ T7533] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  116.954095][ T5841] usb 1-1: Using ep0 maxpacket: 8
[  116.961927][ T5841] usb 1-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c
[  116.973379][ T5841] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.976892][ T5841] usb 1-1: Product: syz
[  116.978593][ T5841] usb 1-1: Manufacturer: syz
[  116.980447][ T5841] usb 1-1: SerialNumber: syz
[  116.989387][ T5841] usb 1-1: config 0 descriptor??
[  116.994775][ T5911] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  117.005557][ T5841] usb 1-1: bad CDC descriptors
[  117.006701][ T7535] loop2: detected capacity change from 0 to 1024
[  117.012754][ T5841] usb 1-1: unsupported MDLM descriptors
[  117.035949][ T7535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.052058][ T7535] EXT4-fs: Ignoring sb option on remount
[  117.055736][ T7535] EXT4-fs: Ignoring removed orlov option
[  117.057490][ T7535] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.059598][ T7535] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  117.062538][ T7535] EXT4-fs: Remounting fs w/o journal so ignoring data_err option
[  117.066055][ T7535] EXT4-fs: can't change dax mount option while remounting
[  117.085892][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.143408][ T5911] usb 2-1: Using ep0 maxpacket: 32
[  117.146993][ T5911] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  117.149466][ T5911] usb 2-1: config 0 has no interface number 0
[  117.153437][ T5911] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  117.156138][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.158185][ T7541] sctp: [Deprecated]: syz.2.577 (pid 7541) Use of struct sctp_assoc_value in delayed_ack socket option.
[  117.158185][ T7541] Use struct sctp_sack_info instead
[  117.159480][ T5911] usb 2-1: Product: syz
[  117.169055][ T5911] usb 2-1: Manufacturer: syz
[  117.170493][ T5911] usb 2-1: SerialNumber: syz
[  117.178880][ T5911] usb 2-1: config 0 descriptor??
[  117.187061][ T5911] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  117.208337][ T5841] usb 1-1: USB disconnect, device number 10
[  117.250673][ T7545] loop2: detected capacity change from 0 to 1024
[  117.255441][ T7545] EXT4-fs: Ignoring removed oldalloc option
[  117.289371][ T7545] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  117.293735][ T7545] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.302960][ T7545] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.579: Freeing blocks not in datazone - block = 0, count = 16
[  117.325856][ T2960] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  117.334110][ T2960] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  117.338008][ T2960] EXT4-fs (loop2): This should not happen!! Data will be lost
[  117.338008][ T2960] 
[  117.340998][ T2960] EXT4-fs (loop2): Total free blocks count 0
[  117.342900][ T2960] EXT4-fs (loop2): Free/Dirty block details
[  117.346716][ T2960] EXT4-fs (loop2): free_blocks=4293918736
[  117.348515][ T2960] EXT4-fs (loop2): dirty_blocks=16
[  117.350056][ T2960] EXT4-fs (loop2): Block reservation details
[  117.351874][ T2960] EXT4-fs (loop2): i_reserved_data_blocks=1
[  117.355881][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  117.581324][ T7555] ieee802154 phy0 wpan0: encryption failed: -22
[  117.749145][ T5911] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  117.777736][ T5911] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  117.805479][ T7568] netlink: 16 bytes leftover after parsing attributes in process `syz.0.589'.
[  117.810697][ T7568] openvswitch: netlink: Missing key (keys=40, expected=80)
[  117.923261][ T5841] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  117.937874][ T7574] loop0: detected capacity change from 0 to 2048
[  117.946796][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  117.949457][ T5915] usb 2-1: USB disconnect, device number 13
[  117.967006][ T5915] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  117.989655][ T5915] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  117.994838][ T7575] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.002093][ T5915] quatech2 2-1:0.51: device disconnected
[  118.085330][ T5841] usb 3-1: config 0 has an invalid interface number: 117 but max is 0
[  118.087830][ T5841] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.090828][ T5841] usb 3-1: config 0 has no interface number 0
[  118.092697][ T5841] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  118.103825][ T5841] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  118.117532][ T5841] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  118.120722][ T5841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.127261][ T5841] usb 3-1: Product: syz
[  118.128601][ T5841] usb 3-1: Manufacturer: syz
[  118.130032][ T5841] usb 3-1: SerialNumber: syz
[  118.138974][ T5841] usb 3-1: config 0 descriptor??
[  118.161031][ T7583] warning: `syz.0.596' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  118.423371][ T5911] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  118.546594][   T59] usb 3-1: USB disconnect, device number 7
[  118.584256][ T5911] usb 1-1: unable to get BOS descriptor or descriptor too short
[  118.588679][ T5911] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  118.591853][ T5911] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  118.599355][ T5911] usb 1-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[  118.602478][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.605844][ T5911] usb 1-1: Product: syz
[  118.608989][ T5911] usb 1-1: Manufacturer: syz
[  118.610757][ T5911] usb 1-1: SerialNumber: syz
[  118.616898][ T5911] usb 1-1: config 0 descriptor??
[  118.627622][ T5911] pn533_usb 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  118.858617][   T59] usb 1-1: USB disconnect, device number 11
[  119.536358][ T7599] loop0: detected capacity change from 0 to 128
[  119.545302][ T7599] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  119.568917][ T7599] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  119.688403][ T7595] loop2: detected capacity change from 0 to 40427
[  119.698702][ T7595] F2FS-fs (loop2): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  119.701370][ T7595] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  119.706314][ T7604] loop1: detected capacity change from 0 to 256
[  119.709969][ T7595] F2FS-fs (loop2): build fault injection type: 0x6
[  119.718609][ T7604] FAT-fs (loop1): Directory bread(block 64) failed
[  119.720509][ T7595] F2FS-fs (loop2): invalid crc value
[  119.720693][ T7604] FAT-fs (loop1): Directory bread(block 65) failed
[  119.724633][ T7604] FAT-fs (loop1): Directory bread(block 66) failed
[  119.726792][ T7604] FAT-fs (loop1): Directory bread(block 67) failed
[  119.728987][ T7604] FAT-fs (loop1): Directory bread(block 68) failed
[  119.731352][ T7604] FAT-fs (loop1): Directory bread(block 69) failed
[  119.735703][ T7604] FAT-fs (loop1): Directory bread(block 70) failed
[  119.962548][ T7604] FAT-fs (loop1): Directory bread(block 71) failed
[  119.967924][ T7604] FAT-fs (loop1): Directory bread(block 72) failed
[  119.969999][ T7604] FAT-fs (loop1): Directory bread(block 73) failed
[  119.983195][   T33] audit: type=1326 audit(1755121115.427:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  119.999238][   T33] audit: type=1326 audit(1755121115.427:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.023206][   T33] audit: type=1326 audit(1755121115.427:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.043429][   T33] audit: type=1326 audit(1755121115.427:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.064015][   T33] audit: type=1326 audit(1755121115.427:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.075097][ T7595] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  120.078264][   T33] audit: type=1326 audit(1755121115.427:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.086237][ T7595] F2FS-fs (loop2): Start checkpoint disabled!
[  120.086283][ T7606] loop0: detected capacity change from 0 to 40427
[  120.091971][   T33] audit: type=1326 audit(1755121115.427:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.101295][ T7606] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  120.103930][ T7606] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  120.107909][ T7606] F2FS-fs (loop0): invalid crc value
[  120.130721][ T7595] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  120.136276][   T33] audit: type=1326 audit(1755121115.427:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.151725][ T7595] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  120.159600][   T33] audit: type=1326 audit(1755121115.427:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.160840][ T7606] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  120.177956][ T7606] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  120.180188][ T7606] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  120.214200][ T7595] syz.2.601: attempt to access beyond end of device
[  120.214200][ T7595] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  120.221573][   T33] audit: type=1326 audit(1755121115.437:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.0.603" exe="/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  120.235482][ T7602] syz.0.603: attempt to access beyond end of device
[  120.235482][ T7602] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  120.262130][ T7615] loop1: detected capacity change from 0 to 512
[  120.268627][ T7615] EXT4-fs: Ignoring removed mblk_io_submit option
[  120.271913][   T26] kworker/u9:0: attempt to access beyond end of device
[  120.271913][   T26] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  120.279798][ T7615] ext4: Unknown parameter 'seclabel'
[  120.286560][   T26] CPU: 1 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  120.286573][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  120.286579][   T26] Workqueue: writeback wb_workfn (flush-7:2)
[  120.286596][   T26] Call Trace:
[  120.286600][   T26]  <TASK>
[  120.286604][   T26]  dump_stack_lvl+0x189/0x250
[  120.286619][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.286628][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  120.286637][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  120.286647][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  120.286661][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  120.286676][   T26]  f2fs_write_end_io+0x886/0xb60
[  120.286695][   T26]  __submit_merged_bio+0x27a/0x6a0
[  120.286707][   T26]  __submit_merged_write_cond+0x255/0x530
[  120.286720][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  120.286745][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.286761][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  120.286788][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  120.286803][   T26]  ? trace_f2fs_writepages+0x7f/0x200
[  120.286813][   T26]  ? f2fs_write_node_pages+0x478/0x6e0
[  120.286824][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  120.286839][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.286850][   T26]  do_writepages+0x32e/0x550
[  120.286863][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  120.286871][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  120.286885][   T26]  __writeback_single_inode+0x145/0xff0
[  120.286895][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  120.286906][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  120.286928][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  120.286956][   T26]  ? rcu_is_watching+0x15/0xb0
[  120.286969][   T26]  wb_writeback+0x43b/0xaf0
[  120.286982][   T26]  ? queue_io+0x391/0x590
[  120.287014][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  120.287028][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  120.287038][   T26]  wb_workfn+0x409/0xef0
[  120.287072][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  120.287084][   T26]  ? __lock_acquire+0xab9/0xd20
[  120.287101][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  120.287112][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  120.287120][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  120.287127][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  120.287135][   T26]  process_scheduled_works+0xae1/0x17b0
[  120.287156][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  120.287177][   T26]  worker_thread+0x8a0/0xda0
[  120.287197][   T26]  kthread+0x711/0x8a0
[  120.287209][   T26]  ? __pfx_worker_thread+0x10/0x10
[  120.287216][   T26]  ? __pfx_kthread+0x10/0x10
[  120.287226][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  120.287234][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.287244][   T26]  ? __pfx_kthread+0x10/0x10
[  120.287253][   T26]  ret_from_fork+0x3fc/0x770
[  120.287263][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  120.287274][   T26]  ? __switch_to_asm+0x39/0x70
[  120.287283][   T26]  ? __switch_to_asm+0x33/0x70
[  120.287292][   T26]  ? __pfx_kthread+0x10/0x10
[  120.287302][   T26]  ret_from_fork_asm+0x1a/0x30
[  120.287319][   T26]  </TASK>
[  120.287396][   T26] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  120.291873][ T7615] netlink: 8 bytes leftover after parsing attributes in process `syz.1.607'.
[  120.399222][ T7615] netlink: 60 bytes leftover after parsing attributes in process `syz.1.607'.
[  120.458683][ T6710] syz-executor: attempt to access beyond end of device
[  120.458683][ T6710] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  120.476325][ T6710] CPU: 0 UID: 0 PID: 6710 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  120.476348][ T6710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  120.476357][ T6710] Call Trace:
[  120.476371][ T6710]  <TASK>
[  120.476378][ T6710]  dump_stack_lvl+0x189/0x250
[  120.476405][ T6710]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.476423][ T6710]  ? __pfx_queue_work_on+0x10/0x10
[  120.476437][ T6710]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  120.476454][ T6710]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  120.476478][ T6710]  f2fs_handle_critical_error+0x37c/0x540
[  120.476503][ T6710]  f2fs_write_end_io+0x886/0xb60
[  120.476538][ T6710]  __submit_merged_bio+0x27a/0x6a0
[  120.476552][ T6710]  ? up_write+0x1c4/0x420
[  120.476573][ T6710]  __submit_merged_write_cond+0x44c/0x530
[  120.476595][ T6710]  f2fs_sync_node_pages+0x1479/0x15e0
[  120.476627][ T6710]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  120.476667][ T6710]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  120.476690][ T6710]  ? up_write+0x1c4/0x420
[  120.476702][ T6710]  ? do_raw_spin_unlock+0x4d/0x240
[  120.476723][ T6710]  f2fs_write_checkpoint+0xe6f/0x1df0
[  120.476762][ T6710]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  120.476821][ T6710]  ? kill_f2fs_super+0x298/0x6c0
[  120.476846][ T6710]  kill_f2fs_super+0x2c3/0x6c0
[  120.476871][ T6710]  ? __pfx_kill_f2fs_super+0x10/0x10
[  120.476888][ T6710]  ? radix_tree_delete_item+0x2b6/0x400
[  120.476911][ T6710]  ? shrinker_free+0x2ce/0x3e0
[  120.476930][ T6710]  deactivate_locked_super+0xbc/0x130
[  120.476949][ T6710]  cleanup_mnt+0x425/0x4c0
[  120.476966][ T6710]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.476986][ T6710]  task_work_run+0x1d4/0x260
[  120.477008][ T6710]  ? __pfx_task_work_run+0x10/0x10
[  120.477024][ T6710]  ? __x64_sys_umount+0x122/0x160
[  120.477075][ T6710]  ? exit_to_user_mode_loop+0x40/0x110
[  120.477100][ T6710]  exit_to_user_mode_loop+0xec/0x110
[  120.477119][ T6710]  do_syscall_64+0x2bd/0x3b0
[  120.477135][ T6710]  ? lockdep_hardirqs_on+0x9c/0x150
[  120.477151][ T6710]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.477164][ T6710]  ? exc_page_fault+0x9f/0xf0
[  120.477182][ T6710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.477195][ T6710] RIP: 0033:0x7f6834f8ff17
[  120.477209][ T6710] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  120.477221][ T6710] RSP: 002b:00007ffc4606a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  120.477237][ T6710] RAX: 0000000000000000 RBX: 00007f6835011c05 RCX: 00007f6834f8ff17
[  120.477246][ T6710] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4606a0e0
[  120.477253][ T6710] RBP: 00007ffc4606a0e0 R08: 0000000000000000 R09: 0000000000000000
[  120.477261][ T6710] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4606b170
[  120.477270][ T6710] R13: 00007f6835011c05 R14: 000000000001d5ea R15: 00007ffc4606b1b0
[  120.477294][ T6710]  </TASK>
[  120.477300][ T6710] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  120.703399][ T5841] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  120.858592][ T5841] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  120.861453][ T5841] usb 2-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  120.864304][ T5841] usb 2-1: Product: syz
[  120.865635][ T5841] usb 2-1: Manufacturer: syz
[  120.867150][ T5841] usb 2-1: SerialNumber: syz
[  120.875310][ T5841] usb 2-1: config 0 descriptor??
[  120.881268][ T5841] ch341 2-1:0.0: ch341-uart converter detected
[  121.154503][ T7621] loop2: detected capacity change from 0 to 131072
[  121.158019][ T7621] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  121.160562][ T7621] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  121.169104][ T7621] F2FS-fs (loop2): invalid crc value
[  121.207093][ T7621] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  121.211131][ T7621] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  121.213440][ T7621] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  121.382049][ T7629] loop0: detected capacity change from 0 to 1764
[  121.391221][ T7629] netlink: 16 bytes leftover after parsing attributes in process `syz.0.613'.
[  121.909175][ T5841] usb 2-1: ch341-uart converter now attached to ttyUSB0
[  122.114445][   T59] usb 2-1: USB disconnect, device number 14
[  122.157865][   T59] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  122.166609][   T59] ch341 2-1:0.0: device disconnected
[  122.662155][ T7661] loop2: detected capacity change from 0 to 2048
[  122.670164][ T7661] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  122.673539][ T7661] NILFS (loop2): mounting unchecked fs
[  122.714890][ T7649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.721335][ T7661] NILFS (loop2): recovery complete
[  122.730703][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop2
[  122.751798][ T7664] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.951289][ T7671] loop2: detected capacity change from 0 to 256
[  122.954076][ T7671] exfat: Deprecated parameter 'utf8'
[  122.955781][ T7671] exfat: Deprecated parameter 'namecase'
[  122.958108][ T7671] exfat: Deprecated parameter 'namecase'
[  122.960218][ T7671] exfat: Deprecated parameter 'utf8'
[  122.967962][ T7671] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x8212fc2e, utbl_chksum : 0xe619d30d)
[  123.029213][ T7673] loop2: detected capacity change from 0 to 256
[  123.041525][ T7673] FAT-fs (loop2): Directory bread(block 64) failed
[  123.045314][ T7673] FAT-fs (loop2): Directory bread(block 65) failed
[  123.048494][ T7673] FAT-fs (loop2): Directory bread(block 66) failed
[  123.050805][ T7673] FAT-fs (loop2): Directory bread(block 67) failed
[  123.055580][ T7673] FAT-fs (loop2): Directory bread(block 68) failed
[  123.057782][ T7673] FAT-fs (loop2): Directory bread(block 69) failed
[  123.060022][ T7673] FAT-fs (loop2): Directory bread(block 70) failed
[  123.061981][ T7673] FAT-fs (loop2): Directory bread(block 71) failed
[  123.064419][ T7673] FAT-fs (loop2): Directory bread(block 72) failed
[  123.067233][ T7673] FAT-fs (loop2): Directory bread(block 73) failed
[  123.541422][ T7683] tipc: Failed to remove unknown binding: 66,1,1/0:379166854/379166856
[  123.546257][ T7683] tipc: Failed to remove unknown binding: 66,1,1/0:379166854/379166856
[  123.835626][ T5841] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  124.005950][ T5841] usb 1-1: Using ep0 maxpacket: 16
[  124.009481][ T5841] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.018582][ T5841] usb 1-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.022516][ T5841] usb 1-1: config 0 interface 0 has no altsetting 0
[  124.024610][ T5841] usb 1-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  124.027395][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.031292][ T5841] usb 1-1: config 0 descriptor??
[  124.122279][ T7704] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  124.234093][ T5915] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  124.412642][ T5915] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  124.415926][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.418488][ T5915] usb 2-1: Product: syz
[  124.420012][ T5915] usb 2-1: Manufacturer: syz
[  124.421758][ T5915] usb 2-1: SerialNumber: syz
[  124.432497][ T5915] usb 2-1: config 0 descriptor??
[  124.461045][ T5915] gspca_main: sunplus-2.14.0 probing 055f:c230
[  124.505067][ T5841] mcp2200 0003:04D8:00DF.0005: collection stack underflow
[  124.507766][ T5841] mcp2200 0003:04D8:00DF.0005: item 0 4 0 12 parsing failed
[  124.512049][ T5841] mcp2200 0003:04D8:00DF.0005: can't parse reports
[  124.514989][ T5841] mcp2200 0003:04D8:00DF.0005: probe with driver mcp2200 failed with error -22
[  124.697647][ T5911] usb 1-1: USB disconnect, device number 12
[  124.852905][ T5915] gspca_sunplus: reg_r err -71
[  124.858150][ T5915] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  124.870240][ T5915] usb 2-1: USB disconnect, device number 15
[  125.279789][ T7719] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  125.338765][ T7723] capability: warning: `syz.0.652' uses deprecated v2 capabilities in a way that may be insecure
[  125.365547][ T7725] openvswitch: netlink: Message has 16 unknown bytes.
[  125.453869][ T5915] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  125.571238][ T7741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.660'.
[  125.575070][ T7740] netlink: 'syz.0.661': attribute type 1 has an invalid length.
[  125.580850][ T7740] netlink: 'syz.0.661': attribute type 2 has an invalid length.
[  125.612279][ T7740] netlink: 'syz.0.661': attribute type 1 has an invalid length.
[  125.633291][ T7740] netlink: 'syz.0.661': attribute type 2 has an invalid length.
[  125.639046][ T5915] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  125.642108][ T5915] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.652055][ T5915] usb 3-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0x18, changing to 0x8
[  125.667943][ T5915] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  125.678751][ T5915] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  125.691827][ T5915] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  125.699487][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.710424][ T5915] usb 3-1: Product: syz
[  125.711756][ T5915] usb 3-1: Manufacturer: syz
[  125.725332][ T5915] usb 3-1: SerialNumber: syz
[  125.746225][ T7751] loop0: detected capacity change from 0 to 512
[  125.749608][ T7751] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.771809][ T7751] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  125.783572][ T7751] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002]
[  125.787103][ T7751] System zones: 0-1, 15-15, 18-18, 34-34
[  125.789658][ T7751] EXT4-fs (loop0): orphan cleanup on readonly fs
[  125.798602][ T7751] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #16: comm syz.0.666: casefold flag without casefold feature
[  125.805042][ T7751] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.666: couldn't read orphan inode 16 (err -117)
[  125.811341][ T7751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  125.830547][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.060955][ T7761] tmpfs: Bad value for 'mpol'
[  126.429095][ T7758] loop0: detected capacity change from 0 to 131072
[  126.483678][ T7758] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  126.486744][ T7758] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  126.501605][ T7758] F2FS-fs (loop0): invalid crc value
[  126.542935][ T7758] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.551024][ T7758] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  126.554863][ T7758] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  126.896222][ T5915] cdc_mbim 3-1:1.0: bind() failure
[  126.904889][ T5915] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  126.907805][ T5915] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  126.911053][ T5915] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  126.919713][ T5915] usb 3-1: USB disconnect, device number 8
[  127.313291][ T5911] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  127.473248][ T5915] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  127.477158][ T5911] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  127.480213][ T5911] usb 1-1: config 0 has no interface number 0
[  127.482736][ T5911] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  127.486418][ T5911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.494011][ T5911] usb 1-1: config 0 descriptor??
[  127.499173][ T5911] usb 1-1: selecting invalid altsetting 1
[  127.502379][ T5911] dvb_ttusb_budget: ttusb_init_controller: error
[  127.511368][ T5911] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  127.542054][ T5911] DVB: Unable to find symbol cx22700_attach()
[  127.558530][ T5911] DVB: Unable to find symbol tda10046_attach()
[  127.560546][ T5911] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  127.623983][ T5915] usb 2-1: Using ep0 maxpacket: 32
[  127.628953][ T5915] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.634841][ T5915] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  127.637769][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  127.640304][ T5915] usb 2-1: Product: syz
[  127.641624][ T5915] usb 2-1: Manufacturer: syz
[  127.643077][ T5915] usb 2-1: SerialNumber: syz
[  127.651088][ T5915] usb 2-1: config 0 descriptor??
[  127.701623][ T5911] usb 1-1: USB disconnect, device number 13
[  127.862967][   T59] usb 2-1: USB disconnect, device number 16
[  128.768488][ T7817] dlm: no locking on control device
[  128.799788][   T33] kauditd_printk_skb: 30 callbacks suppressed
[  128.799801][   T33] audit: type=1804 audit(1755121124.437:47): pid=7815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.691" name="/newroot/222/file1" dev="fuse" ino=1 res=1 errno=0
[  129.086214][ T5841] IPVS: starting estimator thread 0...
[  129.183292][ T7828] IPVS: using max 61 ests per chain, 146400 per kthread
[  129.262831][ T7822] loop2: detected capacity change from 0 to 40427
[  129.297621][ T7822] F2FS-fs (loop2): build fault injection rate: 771
[  129.320909][ T7830] loop0: detected capacity change from 0 to 1024
[  129.326352][ T7822] F2FS-fs (loop2): invalid crc value
[  129.435059][   T33] audit: type=1804 audit(1755121125.087:48): pid=7833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.697" name="/newroot/115/file1/file1" dev="loop0" ino=20 res=1 errno=0
[  129.460284][ T7822] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  129.465340][ T7822] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  129.545920][ T5840] syz-executor: attempt to access beyond end of device
[  129.545920][ T5840] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  129.558302][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  129.558331][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  129.558338][ T5840] Call Trace:
[  129.558342][ T5840]  <TASK>
[  129.558367][ T5840]  dump_stack_lvl+0x189/0x250
[  129.558386][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.558396][ T5840]  ? __pfx_queue_work_on+0x10/0x10
[  129.558405][ T5840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  129.558417][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  129.558431][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  129.558446][ T5840]  f2fs_write_end_io+0x886/0xb60
[  129.558467][ T5840]  __submit_merged_bio+0x27a/0x6a0
[  129.558480][ T5840]  __submit_merged_write_cond+0x255/0x530
[  129.558493][ T5840]  f2fs_write_data_pages+0x261d/0x3000
[  129.558519][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  129.558536][ T5840]  ? kernel_text_address+0xa5/0xe0
[  129.558560][ T5840]  ? stack_depot_save_flags+0x40/0x860
[  129.558589][ T5840]  ? __lock_acquire+0xab9/0xd20
[  129.558606][ T5840]  ? do_raw_spin_lock+0x121/0x290
[  129.558620][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  129.558630][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  129.558641][ T5840]  do_writepages+0x32e/0x550
[  129.558658][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  129.558669][ T5840]  filemap_fdatawrite+0x199/0x240
[  129.558681][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  129.558713][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  129.558724][ T5840]  f2fs_sync_dirty_inodes+0x31f/0x830
[  129.558743][ T5840]  f2fs_write_checkpoint+0x95a/0x1df0
[  129.558765][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  129.558794][ T5840]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  129.558805][ T5840]  ? kfree+0x18e/0x440
[  129.558816][ T5840]  ? kill_f2fs_super+0x298/0x6c0
[  129.558830][ T5840]  kill_f2fs_super+0x2c3/0x6c0
[  129.558844][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  129.558853][ T5840]  ? radix_tree_delete_item+0x2b6/0x400
[  129.558866][ T5840]  ? shrinker_free+0x2ce/0x3e0
[  129.558875][ T5840]  deactivate_locked_super+0xbc/0x130
[  129.558887][ T5840]  cleanup_mnt+0x425/0x4c0
[  129.558898][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.558909][ T5840]  task_work_run+0x1d4/0x260
[  129.558921][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  129.558930][ T5840]  ? __x64_sys_umount+0x122/0x160
[  129.558943][ T5840]  ? exit_to_user_mode_loop+0x40/0x110
[  129.558957][ T5840]  exit_to_user_mode_loop+0xec/0x110
[  129.558968][ T5840]  do_syscall_64+0x2bd/0x3b0
[  129.558978][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.558987][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.558994][ T5840]  ? exc_page_fault+0x9f/0xf0
[  129.559004][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.559012][ T5840] RIP: 0033:0x7f135278ff17
[  129.559021][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  129.559028][ T5840] RSP: 002b:00007fff1f660088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  129.559038][ T5840] RAX: 0000000000000000 RBX: 00007f1352811c05 RCX: 00007f135278ff17
[  129.559043][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1f660140
[  129.559048][ T5840] RBP: 00007fff1f660140 R08: 0000000000000000 R09: 0000000000000000
[  129.559052][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1f6611d0
[  129.559057][ T5840] R13: 00007f1352811c05 R14: 000000000001f980 R15: 00007fff1f661210
[  129.559071][ T5840]  </TASK>
[  129.559115][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  130.307381][ T7849] loop1: detected capacity change from 0 to 512
[  130.316779][ T7849] EXT4-fs (loop1): blocks per group (34) and clusters per group (32768) inconsistent
[  130.525913][ T7861] loop0: detected capacity change from 0 to 4096
[  130.546322][ T7861] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  130.619628][ T7861] ntfs3(loop0): ino=9, mi_enum_attr
[  130.624714][ T7861] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  130.632767][ T7861] ntfs3(loop0): Failed to load $Secure (-22).
[  130.640294][ T7861] ntfs3(loop0): Failed to initialize $Secure (-22).
[  131.007206][ T7870] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan0, syncid = 3, id = 0
[  131.015758][ T7865] loop1: detected capacity change from 0 to 32768
[  131.028799][ T7865] BTRFS: device fsid 3a375e4e-b156-4d76-a2ad-16e198ce1409 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.710 (7865)
[  131.094112][ T7865] BTRFS info (device loop1): first mount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409
[  131.108893][ T7865] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  131.114404][ T7865] BTRFS info (device loop1): using free-space-tree
[  131.607823][ T5845] BTRFS info (device loop1): last unmount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409
[  132.263283][ T5911] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  132.367085][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  132.369024][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  132.373195][ T7923] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  132.496766][ T5911] usb 3-1: Using ep0 maxpacket: 8
[  132.500194][ T5911] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice=b0.23
[  132.502979][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.507344][ T5911] usb 3-1: config 0 descriptor??
[  132.511969][ T5911] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input10
[  132.796014][ T5280] bcm5974 3-1:0.0: could not read from device
[  132.828185][ T5280] bcm5974 3-1:0.0: could not read from device
[  132.835173][ T5280] bcm5974 3-1:0.0: could not read from device
[  132.841058][ T5911] usb 3-1: USB disconnect, device number 9
[  132.842216][ T5280] bcm5974 3-1:0.0: could not read from device
[  132.857535][ T5853] udevd[5853]: Error opening device "/dev/input/event3": No such device
[  132.860862][ T5853] udevd[5853]: Unable to EVIOCGABS device "/dev/input/event3"
[  132.866512][ T5853] udevd[5853]: Unable to EVIOCGABS device "/dev/input/event3"
[  132.868823][ T5853] udevd[5853]: Unable to EVIOCGABS device "/dev/input/event3"
[  132.871147][ T5853] udevd[5853]: Unable to EVIOCGABS device "/dev/input/event3"
[  133.282038][   T33] audit: type=1326 audit(1755121128.917:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7930 comm="syz.0.730" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  133.288837][   T33] audit: type=1326 audit(1755121128.917:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7930 comm="syz.0.730" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  133.304933][   T33] audit: type=1326 audit(1755121128.927:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7930 comm="syz.0.730" exe="/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  133.312756][   T33] audit: type=1326 audit(1755121128.927:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7930 comm="syz.0.730" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  133.319977][   T33] audit: type=1326 audit(1755121128.927:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7930 comm="syz.0.730" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7ffc0000
[  133.352631][ T7934] loop1: detected capacity change from 0 to 512
[  133.373518][ T7934] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  133.396685][ T7934] EXT4-fs (loop1): 1 truncate cleaned up
[  133.399278][ T7934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.489446][ T7946] loop2: detected capacity change from 0 to 1024
[  133.493009][ T7946] EXT4-fs: Ignoring removed oldalloc option
[  133.498862][ T7946] EXT4-fs: Ignoring removed bh option
[  133.520642][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.539666][ T7946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.558398][   T33] audit: type=1800 audit(1755121129.197:54): pid=7946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.736" name="file1" dev="loop2" ino=15 res=0 errno=0
[  133.623841][ T7946] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.736: Allocating blocks 1-17 which overlap fs metadata
[  133.650287][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.996805][ T7971] loop2: detected capacity change from 0 to 1024
[  134.024259][ T5915] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  134.032736][ T7971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.037115][ T7971] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.176343][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.183287][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.191046][ T5915] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  134.203790][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.222353][ T5915] usb 2-1: config 0 descriptor??
[  134.328048][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.647368][ T5915] arvo 0003:1E7D:30D4.0006: bogus close delimiter
[  134.649749][ T5915] arvo 0003:1E7D:30D4.0006: item 0 0 2 10 parsing failed
[  134.652711][ T5915] arvo 0003:1E7D:30D4.0006: parse failed
[  134.657319][ T5915] arvo 0003:1E7D:30D4.0006: probe with driver arvo failed with error -22
[  134.854708][ T5915] usb 2-1: USB disconnect, device number 17
[  135.608210][ T7994] loop2: detected capacity change from 0 to 164
[  135.624714][ T7994] ISOFS: unable to read i-node block
[  135.626431][ T7994] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  135.730074][ T7991] loop1: detected capacity change from 0 to 32768
[  135.732908][ T7991] bcachefs: bch2_fs_parse_param() Error parsing option gc_reserve_bytes: option_value
[  136.211872][ T8026] sp0: Synchronizing with TNC
[  136.291543][ T8022] loop0: detected capacity change from 0 to 40427
[  136.308620][ T8022] F2FS-fs (loop0): Wrong segment_count / block_count (31 > 0)
[  136.320770][ T8022] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  136.347004][ T8022] F2FS-fs (loop0): invalid crc value
[  136.362639][ T8029] loop2: detected capacity change from 0 to 512
[  136.392972][ T8029] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.408851][ T8029] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #17: comm syz.2.771: iget: bad i_size value: -6917529027641081756
[  136.415400][ T8029] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.771: couldn't read orphan inode 17 (err -117)
[  136.420377][ T8029] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.440049][ T8022] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  136.451814][ T8022] F2FS-fs (loop0): Try to recover 2th superblock, ret: -30
[  136.454614][ T8022] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  136.461167][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.518155][ T8034] binfmt_misc: register: failed to install interpreter file ./file0
[  136.661991][ T8038] bridge0: port 3(batadv0) entered blocking state
[  136.664253][ T8038] bridge0: port 3(batadv0) entered forwarding state
[  136.678699][ T8038] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.682628][ T8038] 8021q: adding VLAN 0 to HW filter on device team0
[  136.688485][ T8038] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  136.763061][ T8045] loop2: detected capacity change from 0 to 256
[  136.774033][ T8045] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  136.777358][ T8045] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  136.782932][ T8045] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  136.801728][ T8045] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  136.806670][ T8045] exFAT-fs (loop2): Filesystem has been set read-only
[  136.809760][ T8045] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  136.812918][ T8045] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  136.943702][   T59] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  136.962569][ T8049] loop2: detected capacity change from 0 to 512
[  136.966738][ T8049] EXT4-fs: Ignoring removed oldalloc option
[  136.969852][ T8049] EXT4-fs: test_dummy_encryption requires encrypt feature
[  137.105667][   T59] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  137.109276][   T59] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  137.112347][   T59] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  137.115723][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.123707][ T8042] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  137.131350][   T59] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  137.243532][ T5841] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  137.382304][ T5915] usb 1-1: USB disconnect, device number 14
[  137.399064][ T5841] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  137.402593][ T5841] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.417871][ T5841] usb 3-1: config 0 descriptor??
[  137.825988][ T5841] ath6kl: Unsupported hardware version: 0x0
[  137.837032][ T5841] ath6kl: Failed to init ath6kl core: -22
[  137.839659][ T5841] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -22
[  138.030442][ T5915] usb 3-1: USB disconnect, device number 10
[  138.143348][ T5841] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  138.293224][ T5841] usb 1-1: Using ep0 maxpacket: 32
[  138.297115][ T5841] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  138.299918][ T5841] usb 1-1: config 0 has no interface number 0
[  138.302131][ T5841] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.305786][ T5841] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.309251][ T5841] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  138.312212][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.316896][ T5841] usb 1-1: config 0 descriptor??
[  138.562724][ T8056] netlink: 'syz.2.782': attribute type 39 has an invalid length.
[  138.728198][ T5841] ft260 0003:0403:6030.0007: item fetching failed at offset 0/2
[  138.731017][ T5841] ft260 0003:0403:6030.0007: failed to parse HID
[  138.733080][ T5841] ft260 0003:0403:6030.0007: probe with driver ft260 failed with error -22
[  138.881820][ T8064] loop2: detected capacity change from 0 to 1024
[  138.932583][ T7591] usb 1-1: USB disconnect, device number 15
[  138.935627][ T8064] hfsplus: bad catalog folder thread
[  139.088865][ T8078] loop1: detected capacity change from 0 to 512
[  139.115297][ T8078] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  139.128880][ T8078] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.793: invalid indirect mapped block 2683928664 (level 1)
[  139.145415][ T8078] EXT4-fs (loop1): 1 truncate cleaned up
[  139.148156][ T8078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.150741][ T8084] loop2: detected capacity change from 0 to 4096
[  139.165314][ T8078] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.793: Invalid block bitmap block 3 in block_group 0
[  139.204306][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.219319][ T8084] ntfs3(loop2): ino=9, attr_set_size
[  139.296001][ T8090] loop2: detected capacity change from 0 to 512
[  139.309970][ T8090] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  139.713358][ T8137] fuse: Bad value for 'fd'
[  139.724266][ T8137] loop2: detected capacity change from 0 to 16
[  139.741010][ T8137] erofs (device loop2): mounted with root inode @ nid 36.
[  139.770676][ T8137] erofs (device loop2): readahead error at folio 87 @ nid 36
[  139.773277][ T8137] erofs (device loop2): readahead error at folio 86 @ nid 36
[  139.776788][ T8137] erofs (device loop2): bogus lookback distance 363 @ lcn 82 of nid 36
[  139.779347][ T8137] erofs (device loop2): readahead error at folio 83 @ nid 36
[  139.781619][ T8137] erofs (device loop2): bogus lookback distance 363 @ lcn 82 of nid 36
[  139.784295][ T8137] erofs (device loop2): readahead error at folio 82 @ nid 36
[  139.787090][ T8137] erofs (device loop2): readahead error at folio 79 @ nid 36
[  139.789404][ T8137] erofs (device loop2): readahead error at folio 78 @ nid 36
[  139.791804][ T8137] erofs (device loop2): bogus lookback distance 1485 @ lcn 75 of nid 36
[  139.794561][ T8137] erofs (device loop2): readahead error at folio 76 @ nid 36
[  139.796850][ T8137] erofs (device loop2): bogus lookback distance 1485 @ lcn 75 of nid 36
[  139.799385][ T8137] erofs (device loop2): readahead error at folio 75 @ nid 36
[  139.801939][ T8137] erofs (device loop2): readahead error at folio 74 @ nid 36
[  139.804384][ T8137] erofs (device loop2): readahead error at folio 72 @ nid 36
[  139.806789][ T8137] erofs (device loop2): readahead error at folio 71 @ nid 36
[  139.809352][ T8137] erofs (device loop2): readahead error at folio 70 @ nid 36
[  139.813762][ T8137] erofs (device loop2): readahead error at folio 63 @ nid 36
[  139.816018][ T8137] erofs (device loop2): readahead error at folio 61 @ nid 36
[  139.818217][ T8137] erofs (device loop2): bogus lookback distance 1024 @ lcn 58 of nid 36
[  139.820666][ T8137] erofs (device loop2): readahead error at folio 59 @ nid 36
[  139.822914][ T8137] erofs (device loop2): bogus lookback distance 1024 @ lcn 58 of nid 36
[  139.825473][ T8137] erofs (device loop2): readahead error at folio 58 @ nid 36
[  139.827889][ T8137] erofs (device loop2): readahead error at folio 56 @ nid 36
[  139.830156][ T8137] erofs (device loop2): bogus lookback distance 1586 @ lcn 46 of nid 36
[  139.832591][ T8137] erofs (device loop2): readahead error at folio 47 @ nid 36
[  139.834876][ T8137] erofs (device loop2): bogus lookback distance 1586 @ lcn 46 of nid 36
[  139.837415][ T8137] erofs (device loop2): readahead error at folio 46 @ nid 36
[  139.839756][ T8137] erofs (device loop2): readahead error at folio 45 @ nid 36
[  139.841962][ T8137] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  139.844463][ T8137] erofs (device loop2): readahead error at folio 43 @ nid 36
[  139.846644][ T8137] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  139.849078][ T8137] erofs (device loop2): readahead error at folio 42 @ nid 36
[  139.851300][ T8137] erofs (device loop2): bogus lookback distance 774 @ lcn 40 of nid 36
[  139.854468][ T8137] erofs (device loop2): readahead error at folio 41 @ nid 36
[  139.856704][ T8137] erofs (device loop2): bogus lookback distance 774 @ lcn 40 of nid 36
[  139.859133][ T8137] erofs (device loop2): readahead error at folio 40 @ nid 36
[  139.861888][ T8137] erofs (device loop2): readahead error at folio 39 @ nid 36
[  139.864189][ T8137] erofs (device loop2): readahead error at folio 38 @ nid 36
[  139.866475][ T8137] erofs (device loop2): readahead error at folio 36 @ nid 36
[  139.868806][ T8137] erofs (device loop2): bogus lookback distance 1468 @ lcn 31 of nid 36
[  139.871272][ T8137] erofs (device loop2): readahead error at folio 31 @ nid 36
[  139.874596][ T8137] erofs (device loop2): readahead error at folio 25 @ nid 36
[  139.876815][ T8137] erofs (device loop2): readahead error at folio 24 @ nid 36
[  139.881477][ T8137] erofs (device loop2): readahead error at folio 19 @ nid 36
[  139.884201][ T8137] syz.2.801: attempt to access beyond end of device
[  139.884201][ T8137] loop2: rw=524288, sector=784, nr_sectors = 64 limit=16
[  139.888314][ T8137] syz.2.801: attempt to access beyond end of device
[  139.888314][ T8137] loop2: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  139.892707][ T8137] syz.2.801: attempt to access beyond end of device
[  139.892707][ T8137] loop2: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  139.897067][ T8137] syz.2.801: attempt to access beyond end of device
[  139.897067][ T8137] loop2: rw=524288, sector=32, nr_sectors = 64 limit=16
[  139.901091][ T8137] syz.2.801: attempt to access beyond end of device
[  139.901091][ T8137] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  139.905623][ T8137] syz.2.801: attempt to access beyond end of device
[  139.905623][ T8137] loop2: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  140.927303][   T33] audit: type=1326 audit(1755121136.577:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8188 comm="syz.2.807" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1352785ba7 code=0x7fc00000
[  141.203258][   T59] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  141.356906][   T59] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  141.360117][   T59] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.365224][   T59] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  141.368522][   T59] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  141.371163][   T59] usb 3-1: Manufacturer: syz
[  141.375291][   T59] usb 3-1: config 0 descriptor??
[  141.383746][   T59] igorplugusb 3-1:0.0: incorrect number of endpoints
[  141.588104][   T59] usb 3-1: USB disconnect, device number 11
[  142.120389][ T8221] loop2: detected capacity change from 0 to 1024
[  142.125214][ T8221] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.127813][ T8221] EXT4-fs (loop2): Test dummy encryption mode enabled
[  142.129817][ T8221] EXT4-fs (loop2): filesystem too large to mount safely on this system
[  142.165473][ T8223] loop2: detected capacity change from 0 to 128
[  142.168186][ T8223] ext4: Unknown parameter 'context'
[  142.625904][ T8227] loop0: detected capacity change from 0 to 256
[  142.646823][ T8227] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  142.737037][ T8229] loop0: detected capacity change from 0 to 8192
[  142.741060][ T8229] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  144.064845][ T8243] loop2: detected capacity change from 0 to 32768
[  144.095517][ T8243] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  144.126263][   T33] audit: type=1800 audit(1755121139.767:56): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.819" name="file1" dev="loop2" ino=17058 res=0 errno=0
[  144.137281][   T33] audit: type=1804 audit(1755121139.767:57): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.819" name="/newroot/326/file1/file1" dev="loop2" ino=17058 res=1 errno=0
[  144.144657][   T33] audit: type=1800 audit(1755121139.767:58): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.819" name="file1" dev="loop2" ino=17058 res=0 errno=0
[  144.160158][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  144.321009][ T8262] loop0: detected capacity change from 0 to 4096
[  144.326353][ T8262] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  144.344052][ T8262] ntfs3(loop0): ino=19, mi_enum_attr
[  144.346971][ T8262] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  144.350817][ T8262] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  144.496885][ T8274] netlink: 165 bytes leftover after parsing attributes in process `syz.2.831'.
[  144.545822][ T8277] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  144.547987][ T8277] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  144.557417][ T8277] vhci_hcd vhci_hcd.0: Device attached
[  144.686438][ T8283] loop1: detected capacity change from 0 to 128
[  144.915973][ T8296] loop1: detected capacity change from 0 to 1024
[  144.921260][ T8296] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  144.937964][ T8296] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  144.949784][ T8296] JBD2: no valid journal superblock found
[  144.955511][ T8296] EXT4-fs (loop1): Could not load journal inode
[  144.959965][ T8292] loop2: detected capacity change from 0 to 32768
[  144.962551][ T8292] XFS: noikeep mount option is deprecated.
[  144.964495][ T8292] XFS: ikeep mount option is deprecated.
[  144.966869][   T59] usb 33-1: new high-speed USB device number 2 using vhci_hcd
[  144.976548][ T8278] vhci_hcd: connection reset by peer
[  144.983989][ T5858] vhci_hcd: stop threads
[  144.986198][ T8292] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.987730][ T5858] vhci_hcd: release socket
[  145.005042][ T5858] vhci_hcd: disconnect device
[  145.022495][ T8292] XFS (loop2): Ending clean mount
[  145.103264][ T8307] No control pipe specified
[  146.179505][ T8316] loop1: detected capacity change from 0 to 64
[  146.367302][ T5840] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  146.376695][ T8318] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.674827][ T8323] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  146.684293][ T8323] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  146.723633][ T8326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.849'.
[  146.736473][ T8326] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  146.822732][ T8330] loop2: detected capacity change from 0 to 256
[  146.864963][ T8330] FAT-fs (loop2): Directory bread(block 64) failed
[  146.869306][ T8330] FAT-fs (loop2): Directory bread(block 65) failed
[  146.872104][ T8330] FAT-fs (loop2): Directory bread(block 66) failed
[  146.875173][ T8330] FAT-fs (loop2): Directory bread(block 67) failed
[  146.877257][ T8330] FAT-fs (loop2): Directory bread(block 68) failed
[  146.879274][ T8330] FAT-fs (loop2): Directory bread(block 69) failed
[  146.881380][ T8330] FAT-fs (loop2): Directory bread(block 70) failed
[  146.886319][ T8330] FAT-fs (loop2): Directory bread(block 71) failed
[  146.893853][ T8330] FAT-fs (loop2): Directory bread(block 72) failed
[  146.899640][ T8330] FAT-fs (loop2): Directory bread(block 73) failed
[  147.132616][ T8336] sit0: entered promiscuous mode
[  147.161144][ T8336] netlink: 'syz.2.854': attribute type 1 has an invalid length.
[  147.171104][ T8336] netlink: 1 bytes leftover after parsing attributes in process `syz.2.854'.
[  148.087013][ T8348] loop1: detected capacity change from 0 to 64
[  148.562986][ T7591] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  148.683054][    T9] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  148.714685][ T7591] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[  148.717639][ T7591] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  148.721109][ T7591] usb 2-1: config 0 has no interface number 0
[  148.723041][ T7591] usb 2-1: config 0 interface 251 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  148.729546][ T7591] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  148.732484][ T7591] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.735173][ T7591] usb 2-1: Product: syz
[  148.736597][ T7591] usb 2-1: Manufacturer: syz
[  148.738375][ T7591] usb 2-1: SerialNumber: syz
[  148.743743][ T7591] usb 2-1: config 0 descriptor??
[  148.752431][ T7591] asix 2-1:0.251: probe with driver asix failed with error -22
[  148.834499][    T9] usb 3-1: config 5 has an invalid interface number: 42 but max is 0
[  148.837867][    T9] usb 3-1: config 5 has no interface number 0
[  148.840246][    T9] usb 3-1: config 5 interface 42 has no altsetting 0
[  148.847149][    T9] usb 3-1: New USB device found, idVendor=2304, idProduct=021f, bcdDevice= 0.15
[  148.850417][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.854023][    T9] usb 3-1: Product: syz
[  148.855633][    T9] usb 3-1: Manufacturer: syz
[  148.857457][    T9] usb 3-1: SerialNumber: syz
[  148.956248][ T7591] usb 2-1: USB disconnect, device number 18
[  149.070949][    T9] dvb-usb: found a 'PCTV HDTV USB' in warm state.
[  149.073822][    T9] pctv452e: pctv452e_power_ctrl: 1
[  149.073822][    T9] 
[  149.077059][    T9] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  149.077059][    T9] 
[  149.081009][    T9] dvb-usb: bulk message failed: -22 (5/0)
[  149.085645][    T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  149.091572][    T9] dvb-usb: PCTV HDTV USB error while loading driver (-19)
[  149.096804][    T9] usb 3-1: USB disconnect, device number 12
[  149.387486][ T8365] loop0: detected capacity change from 0 to 1024
[  149.390978][ T8365] EXT4-fs: Ignoring removed bh option
[  149.437418][ T8365] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.453808][ T8365] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.867: inode #6: comm syz.0.867: iget: illegal inode #
[  149.458954][ T8365] EXT4-fs (loop0): Remounting filesystem read-only
[  149.461142][ T8365] EXT4-fs warning (device loop0): ext4_xattr_block_set:2190: inode #19: comm syz.0.867: dec ref error=-30
[  149.486978][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.611169][ T8376] loop1: detected capacity change from 0 to 1024
[  149.631532][ T8376] EXT4-fs: Ignoring removed nobh option
[  149.638685][ T8376] EXT4-fs: Ignoring removed bh option
[  149.661250][ T8376] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.717420][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.801876][ T8386] loop2: detected capacity change from 0 to 4096
[  149.880283][ T8386] ntfs3(loop2): try to read out of volume at offset 0x3fffffc7000
[  150.113597][   T59] vhci_hcd: vhci_device speed not set
[  150.122673][    T9] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  150.150958][ T8394] loop2: detected capacity change from 0 to 32768
[  150.158240][ T8394] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.879 (8394)
[  150.167701][ T8394] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.170959][ T8394] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  150.174192][ T8394] BTRFS info (device loop2): disk space caching is enabled
[  150.176527][ T8394] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  150.208908][ T8394] BTRFS info (device loop2): rebuilding free space tree
[  150.215271][ T8394] BTRFS info (device loop2): disabling free space tree
[  150.219951][ T8394] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  150.225034][ T8394] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  150.282424][ T5840] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.283103][    T9] usb 2-1: Using ep0 maxpacket: 16
[  150.294920][    T9] usb 2-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[  150.311897][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.322624][    T9] usb 2-1: Product: syz
[  150.323974][    T9] usb 2-1: Manufacturer: syz
[  150.325503][    T9] usb 2-1: SerialNumber: syz
[  150.331384][    T9] usb 2-1: config 0 descriptor??
[  150.343728][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  150.380865][    T9] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[  150.401402][ T5844] udevd[5844]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  150.498514][ T8418] loop0: detected capacity change from 0 to 512
[  150.513829][ T8418] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  150.519364][ T8418] EXT4-fs (loop0): invalid journal inode
[  150.521310][ T8418] EXT4-fs (loop0): can't get journal size
[  150.546321][ T8418] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c119, mo2=0002]
[  150.549411][ T8418] System zones: 1-12, 13-13
[  150.560266][ T5911] usb 2-1: USB disconnect, device number 19
[  150.563330][ T8418] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.882: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  150.586009][ T8418] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.882: couldn't read orphan inode 15 (err -117)
[  150.605628][ T8418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.628847][ T7591] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  150.658329][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.788317][ T7591] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.795028][ T7591] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.805628][ T7591] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  150.809144][ T7591] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.812295][ T7591] usb 3-1: Product: syz
[  150.820033][ T7591] usb 3-1: Manufacturer: syz
[  150.821946][ T7591] usb 3-1: SerialNumber: syz
[  150.843925][ T7591] usb 3-1: config 0 descriptor??
[  150.855049][ T7591] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[  150.858904][ T7591] usb 3-1: No valid video chain found.
[  150.933719][ T8430] loop0: detected capacity change from 0 to 128
[  150.937927][ T8430] EXT4-fs: Ignoring removed nobh option
[  150.950017][ T8430] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  150.954995][ T8430] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  150.990204][ T6710] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.058838][    T9] usb 3-1: USB disconnect, device number 13
[  151.387041][ T8437] loop1: detected capacity change from 0 to 40427
[  151.394269][ T8437] F2FS-fs: heap/no_heap options were deprecated
[  151.412450][ T8437] F2FS-fs (loop1): invalid crc value
[  151.770201][ T8437] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  151.780256][ T8437] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  152.445750][ T8474] loop0: detected capacity change from 0 to 4096
[  152.471112][ T8474] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  152.474835][ T8477] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.507865][ T8474] NILFS (loop0): mounting fs with errors
[  152.536263][ T8479] loop1: detected capacity change from 0 to 128
[  152.761565][ T8485] loop1: detected capacity change from 0 to 256
[  152.791401][ T8485] FAT-fs (loop1): Directory bread(block 64) failed
[  152.803625][ T8485] FAT-fs (loop1): Directory bread(block 65) failed
[  152.806713][ T8485] FAT-fs (loop1): Directory bread(block 66) failed
[  152.809390][ T8485] FAT-fs (loop1): Directory bread(block 67) failed
[  152.815681][ T8485] FAT-fs (loop1): Directory bread(block 68) failed
[  152.817903][ T8485] FAT-fs (loop1): Directory bread(block 69) failed
[  152.820098][ T8485] FAT-fs (loop1): Directory bread(block 70) failed
[  152.822528][ T8485] FAT-fs (loop1): Directory bread(block 71) failed
[  152.824785][ T8485] FAT-fs (loop1): Directory bread(block 72) failed
[  152.827291][ T8485] FAT-fs (loop1): Directory bread(block 73) failed
[  153.502488][ T8493] loop1: detected capacity change from 0 to 32768
[  153.528925][ T8493] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.620282][ T8493] XFS (loop1): Ending clean mount
[  153.636890][ T8493] XFS (loop1): Quotacheck needed: Please wait.
[  153.678564][ T8493] XFS (loop1): Quotacheck: Done.
[  153.705886][   T33] audit: type=1800 audit(1755123727.348:59): pid=8493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.914" name="bus" dev="loop1" ino=9291 res=0 errno=0
[  153.721420][ T5845] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.042373][ T5849] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  154.067720][ T8516] loop0: detected capacity change from 0 to 256
[  154.145773][ T8518] openvswitch: netlink: Message has 4 unknown bytes.
[  154.149033][ T8518] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  154.435013][ T8528] loop2: detected capacity change from 0 to 1764
[  154.458580][ T8528] iso9660: Corrupted directory entry in block 1 of inode 1920
[  155.399800][ T8536] loop2: detected capacity change from 0 to 32768
[  155.407910][ T8536] (syz.2.930,8536,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.416462][ T8536] (syz.2.930,8536,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.459078][ T8536] JBD2: Ignoring recovery information on journal
[  155.670926][ T8536] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  156.100212][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  156.289139][ T8550] loop1: detected capacity change from 0 to 32768
[  156.293529][ T8550] XFS: attr2 mount option is deprecated.
[  156.305673][ T8550] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.458106][ T8550] XFS (loop1): Ending clean mount
[  156.488653][ T8550] XFS (loop1): Quotacheck needed: Please wait.
[  156.535472][ T8550] XFS (loop1): Quotacheck: Done.
[  156.724501][ T8568] loop0: detected capacity change from 0 to 32768
[  156.776918][ T8568] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.857260][ T5845] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.057425][ T8568] XFS (loop0): Ending clean mount
[  157.198534][ T8568] XFS (loop0): Quotacheck needed: Please wait.
[  157.382020][ T8568] XFS (loop0): Quotacheck: Done.
[  157.474787][ T6710] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.656332][ T8584] netlink: 256 bytes leftover after parsing attributes in process `syz.1.941'.
[  157.672974][ T8584] netlink: 72 bytes leftover after parsing attributes in process `syz.1.941'.
[  157.678277][ T8586] loop2: detected capacity change from 0 to 1024
[  157.808263][ T8586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.850983][ T8588] loop1: detected capacity change from 0 to 4096
[  157.863647][ T8588] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  157.872585][ T8588] ntfs3(loop1): ino=3, mi_enum_attr
[  157.916596][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.000536][ T8588] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  158.007773][ T8588] ntfs3(loop1): ino=1f, "file2" failed to open parent directory r=5 to update
[  158.060835][ T8122] ntfs3(loop1): ino=1f, failed to open parent directory r=5 to update
[  158.185228][ T8601] syz.1.947 uses obsolete (PF_INET,SOCK_PACKET)
[  158.191872][ T5915] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  158.351979][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  158.369683][ T5915] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  158.373913][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  158.378501][ T5915] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  158.399800][ T5915] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 223
[  158.430601][ T5915] usb 1-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  158.451714][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.462417][ T5915] usb 1-1: Product: syz
[  158.465803][ T5915] usb 1-1: Manufacturer: syz
[  158.469578][ T5915] usb 1-1: SerialNumber: syz
[  158.485328][ T5915] usb 1-1: config 0 descriptor??
[  158.490911][ T8595] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  158.502552][ T8595] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  158.568395][    C0] mcba_usb 1-1:0.0 can0: Tx URB aborted (-71)
[  158.571245][ T5915] mcba_usb 1-1:0.0: Microchip CAN BUS Analyzer connected
[  158.574938][    C0] mcba_usb 1-1:0.0 can0: Tx URB aborted (-71)
[  158.734584][ T5915] usb 1-1: USB disconnect, device number 16
[  158.750408][ T5915] mcba_usb 1-1:0.0 can0: device disconnected
[  159.838249][ T5915] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  160.003963][ T5915] usb 1-1: Using ep0 maxpacket: 32
[  160.014344][ T5915] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  160.017362][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.029911][ T5915] usb 1-1: config 0 descriptor??
[  160.160238][ T8645] loop2: detected capacity change from 0 to 1024
[  160.198214][ T8647] loop1: detected capacity change from 0 to 8
[  160.209859][ T8647] SQUASHFS error: lzo decompression failed, data probably corrupt
[  160.211945][ T8645] hfsplus: bad catalog entry type
[  160.217377][ T8647] SQUASHFS error: Failed to read block 0x91: -5
[  160.220238][ T8647] SQUASHFS error: Unable to read metadata cache entry [8f]
[  160.226221][ T8647] SQUASHFS error: Unable to read inode 0x11f
[  160.246981][ T5915] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  160.272231][ T5915] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  160.277689][ T8193] hfsplus: b-tree write err: -5, ino 4
[  160.282718][ T5915] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  160.286726][ T5915] usb 1-1: media controller created
[  160.308099][ T5915] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  160.405647][ T8649] loop1: detected capacity change from 0 to 4096
[  160.409157][ T8649] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.418610][ T8649] EXT4-fs (loop1): Test dummy encryption mode enabled
[  160.464738][ T8649] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.513777][ T8657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.968'.
[  160.519988][ T8657] netlink: 12 bytes leftover after parsing attributes in process `syz.2.968'.
[  160.623409][ T8649] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  160.689354][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.862184][ T5915] az6027: usb out operation failed. (-71)
[  160.864522][ T5915] stb0899_attach: Driver disabled by Kconfig
[  160.867035][ T5915] az6027: no front-end attached
[  160.867035][ T5915] 
[  160.881899][ T5915] az6027: usb out operation failed. (-71)
[  160.884054][ T5915] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  160.889553][ T5915] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input12
[  160.907830][ T8664] loop2: detected capacity change from 0 to 32768
[  160.911758][ T5915] dvb-usb: schedule remote query interval to 400 msecs.
[  160.916632][ T5915] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  160.932922][ T5915] usb 1-1: USB disconnect, device number 17
[  160.939233][ T8664] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.969 (8664)
[  160.993213][ T8664] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  161.007412][ T8664] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  161.023765][ T8664] BTRFS info (device loop2): using free-space-tree
[  161.040549][ T5915] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  161.219196][ T8666] loop1: detected capacity change from 0 to 40427
[  161.236391][ T8666] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  161.247668][ T8666] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  161.273706][ T8666] F2FS-fs (loop1): invalid crc value
[  161.278336][ T5840] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  161.455273][ T8666] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  161.471903][ T8666] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  161.475344][ T8666] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  161.519865][ T8691] loop0: detected capacity change from 0 to 1024
[  161.595899][ T8691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.624944][   T33] audit: type=1800 audit(1755123735.269:60): pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.973" name="bus" dev="loop0" ino=18 res=0 errno=0
[  161.652508][ T8691] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  161.686069][ T8697] loop2: detected capacity change from 0 to 256
[  161.716482][ T8697] exFAT-fs (loop2): failed to load upcase table (idx : 0x000106cd, chksum : 0x0aeab83c, utbl_chksum : 0xe619d30d)
[  161.765103][ T8697] exFAT-fs (loop2): valid_size(10) is greater than size(0)
[  161.842268][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.057931][ T8708] loop0: detected capacity change from 0 to 512
[  162.090014][ T8708] EXT4-fs: user quota file already specified
[  162.141328][ T7591] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  162.301618][ T7591] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  162.313031][ T7591] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.317467][ T7591] usb 3-1: Product: syz
[  162.319441][ T7591] usb 3-1: Manufacturer: syz
[  162.331324][ T7591] usb 3-1: SerialNumber: syz
[  162.355766][ T7591] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  162.429549][ T5911] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  162.487518][ T8720] loop0: detected capacity change from 0 to 4096
[  162.498120][ T8720] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  162.570042][ T8720] ntfs3(loop0): ino=1b, "file0" indx_read
[  162.621246][ T5915] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  162.651752][ T8700] random: crng reseeded on system resumption
[  162.695689][    T9] usb 3-1: USB disconnect, device number 14
[  162.774589][ T5915] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  162.781735][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  162.786667][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  162.794067][ T5915] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  162.800318][ T5915] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  162.805423][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.813081][ T5915] usb 2-1: config 0 descriptor??
[  162.991192][ T7591] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  163.143672][ T7591] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  163.148749][ T7591] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  163.154873][ T7591] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  163.158746][ T7591] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  163.164959][ T7591] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.168196][ T7591] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.173476][ T7591] usb 1-1: config 0 descriptor??
[  163.258743][ T5915] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  163.287311][ T8726] loop2: detected capacity change from 0 to 512
[  163.295972][ T8726] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  163.317340][ T8726] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.988: invalid indirect mapped block 4294967295 (level 0)
[  163.330042][ T8726] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.988: invalid indirect mapped block 4294967295 (level 1)
[  163.339335][ T8726] EXT4-fs (loop2): 1 orphan inode deleted
[  163.343171][ T8726] EXT4-fs (loop2): 1 truncate cleaned up
[  163.347171][ T8726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.383087][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.483983][ T5911] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  163.487883][ T5911] ath9k_htc: Failed to initialize the device
[  163.627276][ T7591] plantronics 0003:047F:FFFF.0009: ignoring exceeding usage max
[  163.648714][ T8729] loop2: detected capacity change from 0 to 32768
[  163.653009][    T9] usb 3-1: ath9k_htc: USB layer deinitialized
[  163.665443][ T7591] plantronics 0003:047F:FFFF.0009: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  163.763552][ T8729] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  163.763574][ T8729]   allowing incompatible features above 0.0: (unknown version)
[  163.763584][ T8729]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  163.779324][ T8729] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  163.782919][ T8729] bcachefs (loop2): initializing new filesystem
[  163.795799][ T8729] bcachefs (loop2): going read-write
[  163.808979][ T8729] bcachefs (loop2): marking superblocks
[  163.817777][ T8729] bcachefs (loop2): initializing freespace
[  163.824490][ T8729] bcachefs (loop2): done initializing freespace
[  163.829480][ T8729] bcachefs (loop2): reading snapshots table
[  163.832259][ T8729] bcachefs (loop2): reading snapshots done
[  163.880722][ T8729] bcachefs (loop2):  loop2: Superblock write was silently dropped! (seq 0 expected 42)
[  163.886497][ T8729] bcachefs (loop2): done starting filesystem
[  163.995384][ T8729] syz.2.989 (8729) used greatest stack depth: 15896 bytes left
[  164.022623][ T8741] wg1 speed is unknown, defaulting to 1000
[  164.104705][ T5840] bcachefs (loop2): shutting down
[  164.106755][ T5840] bcachefs (loop2): going read-only
[  164.108747][ T5840] bcachefs (loop2): finished waiting for writes to stop
[  164.124933][ T5840] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  164.290006][ T5840] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  164.298286][ T5840] bcachefs (loop2): clean shutdown complete, journal seq 5
[  164.303421][ T5840] bcachefs (loop2): marking filesystem clean
[  164.360349][ T5840] bcachefs (loop2): shutdown complete
[  164.655540][   T59] usb 1-1: USB disconnect, device number 18
[  165.200281][ T8746] loop1: detected capacity change from 0 to 2048
[  165.219524][ T8747] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.268767][ T8747] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  165.274765][ T8747] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  165.279379][ T8747] Remounting filesystem read-only
[  165.298676][ T5845] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  165.410926][ T7591] usb 2-1: USB disconnect, device number 20
[  166.072410][ T8765] loop2: detected capacity change from 0 to 256
[  166.077834][ T8765] exfat: Deprecated parameter 'utf8'
[  166.092774][ T8765] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  166.926911][ T8780] loop1: detected capacity change from 0 to 32768
[  166.954175][ T8780] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  167.022092][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  167.521622][   T33] audit: type=1326 audit(1755123741.170:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.0.1016" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6834f8ebe9 code=0x0
[  167.631265][ T8813] loop2: detected capacity change from 0 to 164
[  167.642533][ T8813] rock: corrupted directory entry. extent=32, offset=131072, size=237
[  167.849051][ T8822] loop1: detected capacity change from 0 to 8
[  167.869697][ T8822] SQUASHFS error: zlib decompression failed, data probably corrupt
[  167.876636][ T8822] SQUASHFS error: Failed to read block 0x9b: -5
[  167.887245][ T8822] SQUASHFS error: Unable to read metadata cache entry [99]
[  167.898878][ T8822] SQUASHFS error: Unable to read inode 0x127
[  168.558160][ T8834] loop1: detected capacity change from 0 to 16
[  168.573106][ T8834] erofs (device loop1): mounted with root inode @ nid 36.
[  168.877328][ T8844] loop1: detected capacity change from 0 to 4096
[  168.891290][ T8844] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  168.914437][ T8844] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.999047][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.674552][ T8873] loop2: detected capacity change from 0 to 256
[  169.817913][ T8877] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1047'.
[  169.823246][ T8877] bond_slave_0: entered promiscuous mode
[  169.826517][ T8877] bond_slave_1: entered promiscuous mode
[  170.037206][ T8880] loop0: detected capacity change from 0 to 4096
[  170.380012][ T8903] loop2: detected capacity change from 0 to 4096
[  170.390615][ T8903] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  170.425835][ T8901] loop0: detected capacity change from 0 to 4096
[  170.455962][ T8901] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  170.479068][ T8901] ntfs3(loop0): volume is dirty and "force" flag is not set!
[  170.642716][ T8910] loop1: detected capacity change from 0 to 1024
[  171.227682][ T8925] loop1: detected capacity change from 0 to 32768
[  171.270295][ T8925] JBD2: Ignoring recovery information on journal
[  171.371403][ T8925] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  171.485324][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  171.522858][ T8928] loop2: detected capacity change from 0 to 32768
[  171.552358][ T8941] loop0: detected capacity change from 0 to 256
[  173.479361][ T9001] loop2: detected capacity change from 0 to 2048
[  173.603540][ T9001] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.816145][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.116440][ T9012] loop2: detected capacity change from 0 to 128
[  174.212841][ T9012] qnx6: superblock #1 checksum error
[  174.287668][ T9016] loop0: detected capacity change from 0 to 2048
[  174.388010][ T9017] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  174.466441][ T9016] NILFS (loop0): error -2 truncating bmap (ino=16)
[  174.843784][ T9027] loop1: detected capacity change from 0 to 512
[  174.870432][ T9027] EXT4-fs (loop1): Test dummy encryption mode enabled
[  174.873424][ T9027] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  174.909135][ T9027] EXT4-fs (loop1): 1 truncate cleaned up
[  174.916292][ T9027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.942959][ T9027] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  174.974467][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.151847][   T59] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  175.302990][   T59] usb 1-1: Using ep0 maxpacket: 8
[  175.345906][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  175.351137][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  175.355181][   T59] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  175.361201][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  175.366319][   T59] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  175.371137][   T59] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  175.374251][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.380331][   T59] usb 1-1: config 0 descriptor??
[  175.395744][ T9029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  175.667709][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.692166][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.695611][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.698332][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.701605][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.704384][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.707145][ T5849] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  175.816284][ T5841] usb 1-1: USB disconnect, device number 19
[  175.817456][ T5848] Bluetooth: hci3: Opcode 0x0c03 failed: -71
[  176.604176][ T9039] loop0: detected capacity change from 0 to 512
[  176.607342][ T9039] EXT4-fs: Ignoring removed nobh option
[  176.647931][ T9039] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1118: iget: bad i_size value: 38620345925642
[  176.657434][ T9039] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1118: couldn't read orphan inode 15 (err -117)
[  176.695391][ T9039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.737849][ T9039] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1118: bg 0: block 5: invalid block bitmap
[  176.999120][ T9039] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  177.018019][ T9039] EXT4-fs (loop0): This should not happen!! Data will be lost
[  177.018019][ T9039] 
[  177.022290][ T9039] EXT4-fs (loop0): Total free blocks count 0
[  177.024846][ T9039] EXT4-fs (loop0): Free/Dirty block details
[  177.036192][ T9039] EXT4-fs (loop0): free_blocks=0
[  177.038459][ T9039] EXT4-fs (loop0): dirty_blocks=2
[  177.041278][ T9039] EXT4-fs (loop0): Block reservation details
[  177.043984][ T9039] EXT4-fs (loop0): i_reserved_data_blocks=2
[  177.116420][ T6710] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.151417][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.234487][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.268470][ T9043] loop0: detected capacity change from 0 to 1024
[  177.274998][ T9043] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  177.280101][ T9043] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  177.284203][ T9043] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  177.289009][ T9043] EXT4-fs (loop0): invalid journal inode
[  179.595938][ T9056] loop0: detected capacity change from 0 to 2048
[  179.614754][ T9056] UDF-fs: error (device loop0): udf_load_logicalvol: error loading logical volume descriptor: Too many partition maps (4 > 0)
[  179.626479][ T9056] UDF-fs: Scanning with blocksize 512 failed
[  179.647318][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  179.662838][ T9056] UDF-fs: Scanning with blocksize 1024 failed
[  179.674942][ T9056] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  179.702698][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  179.711355][ T9056] UDF-fs: Scanning with blocksize 2048 failed
[  179.716216][ T9056] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  179.728176][ T9056] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  179.737625][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  179.742592][ T9056] UDF-fs: Scanning with blocksize 4096 failed
[  179.753867][ T9056] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[  180.309337][ T9071] loop0: detected capacity change from 0 to 4096
[  180.519182][ T5236] Bluetooth: hci1: command 0x0406 tx timeout
[  180.526109][ T5848] Bluetooth: hci0: command 0x0406 tx timeout
[  181.377870][ T9087] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  181.385264][ T9087] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  182.237573][ T9102] input: syz1 as /devices/virtual/input/input14
[  182.522928][   T59] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  182.711027][   T59] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  182.714287][   T59] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  182.718350][   T59] usb 1-1: config 220 has no interface number 2
[  182.730707][   T59] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  182.738265][   T59] usb 1-1: config 220 interface 0 has no altsetting 0
[  182.744822][   T59] usb 1-1: config 220 interface 76 has no altsetting 0
[  182.768024][   T59] usb 1-1: config 220 interface 1 has no altsetting 0
[  182.815544][   T59] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  182.836506][   T59] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.847911][   T59] usb 1-1: Product: syz
[  182.854034][   T59] usb 1-1: Manufacturer: syz
[  182.856236][   T59] usb 1-1: SerialNumber: syz
[  183.099400][   T59] usb 1-1: selecting invalid altsetting 0
[  183.101906][   T59] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  183.103963][   T59] usb 1-1: No valid video chain found.
[  183.113538][   T59] usb 1-1: selecting invalid altsetting 0
[  183.115656][   T59] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  183.122901][   T59] usb 1-1: USB disconnect, device number 20
[  183.893486][ T9117] loop1: detected capacity change from 0 to 4096
[  184.478321][ T9124] Bluetooth: hci3: Frame reassembly failed (-84)
[  184.497519][ T8125] Bluetooth: hci3: Frame reassembly failed (-84)
[  184.975045][ T9150] loop2: detected capacity change from 0 to 2048
[  185.020307][ T9150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.053822][ T9150] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 102 with max blocks 1 with error 28
[  185.058509][ T9150] EXT4-fs (loop2): This should not happen!! Data will be lost
[  185.058509][ T9150] 
[  185.061677][ T9150] EXT4-fs (loop2): Total free blocks count 0
[  185.063746][ T9150] EXT4-fs (loop2): Free/Dirty block details
[  185.065810][ T9150] EXT4-fs (loop2): free_blocks=0
[  185.067555][ T9150] EXT4-fs (loop2): dirty_blocks=0
[  185.070644][ T9150] EXT4-fs (loop2): Block reservation details
[  185.073399][ T9150] EXT4-fs (loop2): i_reserved_data_blocks=0
[  185.104503][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.608522][ T5915] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  185.770834][ T5915] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.778016][ T5915] usb 1-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[  185.784727][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.788774][ T5915] usb 1-1: Product: syz
[  185.790628][ T5915] usb 1-1: Manufacturer: syz
[  185.792575][ T5915] usb 1-1: SerialNumber: syz
[  185.805783][ T5915] usb 1-1: config 0 descriptor??
[  185.871924][ T9167] loop2: detected capacity change from 0 to 32768
[  185.876547][ T9167] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1174 (9167)
[  185.891300][ T9167] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  185.902832][ T9167] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  185.907308][ T9167] BTRFS info (device loop2): disk space caching is enabled
[  185.911340][ T9167] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  185.983793][ T9167] BTRFS info (device loop2): rebuilding free space tree
[  185.999194][ T9167] BTRFS info (device loop2): disabling free space tree
[  186.002156][ T9167] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  186.006586][ T9167] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  186.024916][ T7591] usb 1-1: USB disconnect, device number 21
[  186.076419][ T5840] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  186.438608][ T5915] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  186.518412][ T5849] Bluetooth: hci3: command 0x1003 tx timeout
[  186.518787][ T5842] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  186.619708][ T5915] usb 3-1: Using ep0 maxpacket: 16
[  186.631368][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  186.643962][ T5915] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  186.647688][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.658826][ T5915] usb 3-1: Product: syz
[  186.661527][ T5915] usb 3-1: Manufacturer: syz
[  186.663696][ T5915] usb 3-1: SerialNumber: syz
[  186.681103][ T5915] usb 3-1: config 0 descriptor??
[  186.695798][ T5915] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  186.704845][ T5915] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  187.635181][ T5915] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  188.273333][ T5915] em28xx 3-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  188.290917][ T5915] em28xx 3-1:0.0: board has no eeprom
[  188.368540][ T5915] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  188.372040][ T5915] em28xx 3-1:0.0: dvb set to bulk mode.
[  188.374968][    T9] em28xx 3-1:0.0: Binding DVB extension
[  188.397065][ T5915] usb 3-1: USB disconnect, device number 15
[  188.403104][ T5915] em28xx 3-1:0.0: Disconnecting em28xx
[  188.469422][    T9] em28xx 3-1:0.0: Registering input extension
[  188.472576][ T5915] em28xx 3-1:0.0: Closing input extension
[  188.534311][ T5915] em28xx 3-1:0.0: Freeing device
[  189.961024][ T9305] Illegal XDP return value 3424027462 on prog  (id 133) dev N/A, expect packet loss!
[  190.326431][ T9307] loop2: detected capacity change from 0 to 32768
[  190.479536][   T59] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  190.584798][ T9322] tc_dump_action: action bad kind
[  190.611570][ T9323] loop2: detected capacity change from 0 to 256
[  190.618678][ T9323] exfat: Deprecated parameter 'namecase'
[  190.621192][ T9323] exfat: Deprecated parameter 'utf8'
[  190.628201][   T59] usb 1-1: Using ep0 maxpacket: 32
[  190.635105][   T59] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  190.646662][ T9323] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  190.655049][   T59] usb 1-1: config 0 interface 0 has no altsetting 1
[  190.671371][   T59] usb 1-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00
[  190.676198][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  190.684523][   T59] usb 1-1: SerialNumber: syz
[  190.691119][   T59] usb 1-1: config 0 descriptor??
[  190.697158][   T59] usb-storage 1-1:0.0: USB Mass Storage device detected
[  190.703908][   T59] usb-storage 1-1:0.0: Quirks match for vid 152d pid 0539: 4000000
[  190.900827][   T59] usb 1-1: USB disconnect, device number 22
[  190.908219][ T5915] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  191.060842][ T5915] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  191.068170][ T5915] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  191.071960][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.075264][ T5915] usb 2-1: Product: syz
[  191.077055][ T5915] usb 2-1: Manufacturer: syz
[  191.079280][ T5915] usb 2-1: SerialNumber: syz
[  191.084358][ T5915] usb 2-1: config 0 descriptor??
[  191.098912][ T5915] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  191.308863][ T5915] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[  191.334588][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  191.498958][    T9] usb 2-1: USB disconnect, device number 21
[  191.916106][ T9355] loop2: detected capacity change from 0 to 256
[  191.923001][ T9355] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  191.927789][ T9355] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  191.938477][ T9355] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  193.251217][ T9364] loop2: detected capacity change from 0 to 4096
[  193.252262][   T59] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  193.288713][ T9364] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  193.315525][ T9364] ntfs3(loop2): ino=b, mi_enum_attr
[  193.318039][ T9364] ntfs3(loop2): Failed to load $Extend (-22).
[  193.320701][ T9364] ntfs3(loop2): Failed to initialize $Extend.
[  193.417441][   T59] usb 1-1: Using ep0 maxpacket: 32
[  193.427116][   T59] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  193.444198][   T59] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  193.448612][   T59] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.452036][   T59] usb 1-1: Product: syz
[  193.453814][   T59] usb 1-1: Manufacturer: syz
[  193.455718][   T59] usb 1-1: SerialNumber: syz
[  193.460329][   T59] usb 1-1: config 0 descriptor??
[  193.465211][ T9353] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  193.491748][   T59] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input16
[  193.582897][ T9377] loop1: detected capacity change from 0 to 256
[  193.631137][ T9377] FAT-fs (loop1): Directory bread(block 64) failed
[  193.637599][ T9377] FAT-fs (loop1): Directory bread(block 65) failed
[  193.640240][ T9377] FAT-fs (loop1): Directory bread(block 66) failed
[  193.657899][ T9377] FAT-fs (loop1): Directory bread(block 67) failed
[  193.659932][ T9377] FAT-fs (loop1): Directory bread(block 68) failed
[  193.662243][ T9377] FAT-fs (loop1): Directory bread(block 69) failed
[  193.664206][ T9377] FAT-fs (loop1): Directory bread(block 70) failed
[  193.675699][ T9377] FAT-fs (loop1): Directory bread(block 71) failed
[  193.707669][ T9377] FAT-fs (loop1): Directory bread(block 72) failed
[  193.710856][ T9377] FAT-fs (loop1): Directory bread(block 73) failed
[  193.722313][   T59] usb 1-1: USB disconnect, device number 23
[  193.724866][    C1] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  193.805835][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  193.811299][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  193.866124][ T9385] loop1: detected capacity change from 0 to 2048
[  193.875132][ T9385] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  193.887812][ T5853] udevd[5853]: incorrect nilfs2 checksum on /dev/loop1
[  193.900649][ T9385] NILFS (loop1): too large checkpoint size: 1741 bytes
[  193.916129][ T9385] NILFS (loop1): error -22 while loading super root
[  194.153992][ T9398] loop2: detected capacity change from 0 to 1764
[  194.657369][ T7591] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  194.877194][ T7591] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  194.892283][ T7591] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.901877][ T7591] usb 2-1: Product: syz
[  194.906651][ T7591] usb 2-1: Manufacturer: syz
[  194.912038][ T7591] usb 2-1: SerialNumber: syz
[  195.012761][ T7591] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  195.054985][   T59] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  196.040528][ T9426] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1278'.
[  196.368687][   T59] usb 2-1: Service connection timeout for: 256
[  196.374190][   T59] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services
[  196.406577][   T59] ath9k_htc: Failed to initialize the device
[  196.484886][   T59] usb 2-1: ath9k_htc: USB layer deinitialized
[  196.691525][ T9430] loop2: detected capacity change from 0 to 32768
[  196.697763][ T9430] XFS: ikeep mount option is deprecated.
[  196.721353][ T5841] usb 2-1: USB disconnect, device number 22
[  196.744384][ T9430] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  196.768527][ T9430] XFS (loop2): Ending clean mount
[  196.772698][ T9430] XFS (loop2): Quotacheck needed: Please wait.
[  196.815371][ T9430] XFS (loop2): Quotacheck: Done.
[  196.862347][ T5840] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  197.388129][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  197.548519][    T9] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  197.554509][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  197.563593][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  197.567705][    T9] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  197.574965][    T9] usb 3-1: Product: syz
[  197.577246][    T9] usb 3-1: Manufacturer: syz
[  197.579579][    T9] usb 3-1: SerialNumber: syz
[  197.584921][    T9] usb 3-1: config 0 descriptor??
[  197.593268][    T9] usb 3-1: selecting invalid altsetting 0
[  197.805330][   T59] usb 3-1: USB disconnect, device number 16
[  198.031445][ T9455] loop1: detected capacity change from 0 to 8
[  200.699552][ T9494] loop1: detected capacity change from 0 to 128
[  200.812187][ T9500] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1309'.
[  200.852921][ T9502] loop1: detected capacity change from 0 to 256
[  200.869274][ T9502] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  200.876617][   T33] audit: type=1800 audit(1755123774.524:62): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1310" name="file2" dev="loop1" ino=1048640 res=0 errno=0
[  200.914338][ T9504] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1311'.
[  201.163390][ T9520] loop1: detected capacity change from 0 to 4096
[  201.164346][ T9522] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1320'.
[  201.184210][ T9520] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  201.195626][ T9520] ntfs3(loop1): ino=1a, mi_enum_attr
[  201.199060][ T9520] ntfs3(loop1): ino=1a, mi_enum_attr
[  201.200803][ T9520] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  201.219970][ T9520] ntfs3(loop1): ino=1a, mi_enum_attr
[  201.286631][   T59] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  201.291097][ T9528] loop1: detected capacity change from 0 to 64
[  201.446579][   T59] usb 3-1: Using ep0 maxpacket: 8
[  201.456250][   T59] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  201.463330][   T59] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b09, bcdDevice= 0.00
[  201.469244][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.482417][   T59] usb 3-1: config 0 descriptor??
[  201.588665][ T9547] loop1: detected capacity change from 0 to 2048
[  201.605349][ T9547] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  201.908693][   T59] corsair 0003:1B1C:1B09.000A: unbalanced delimiter at end of report description
[  201.912781][   T59] corsair 0003:1B1C:1B09.000A: parse failed
[  201.915105][   T59] corsair 0003:1B1C:1B09.000A: probe with driver corsair failed with error -22
[  202.107262][   T59] usb 3-1: USB disconnect, device number 17
[  203.086246][ T5841] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  203.253470][    C0] vcan0: j1939_tp_rxtimer: 0xffff888039f26000: rx timeout, send abort
[  203.262591][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888039f26000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  203.306337][ T5841] usb 3-1: Using ep0 maxpacket: 32
[  203.310329][ T5841] usb 3-1: config 8 has an invalid interface number: 203 but max is 0
[  203.313364][ T5841] usb 3-1: config 8 has no interface number 0
[  203.315312][ T5841] usb 3-1: config 8 interface 203 altsetting 1 bulk endpoint 0xB has invalid maxpacket 1023
[  203.318514][ T5841] usb 3-1: config 8 interface 203 has no altsetting 0
[  203.324122][ T5841] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  203.327095][ T5841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.329711][ T5841] usb 3-1: Product: syz
[  203.331079][ T5841] usb 3-1: Manufacturer: syz
[  203.332468][ T5841] usb 3-1: SerialNumber: syz
[  203.336573][ T9614] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  203.547572][ T5841] port100 3-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint
[  203.555924][ T5841] usb 3-1: USB disconnect, device number 18
[  204.309815][ T9641] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1374'.
[  204.313281][ T9641] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1374'.
[  204.474161][ T9645] team_slave_0: entered promiscuous mode
[  204.476945][ T9645] team_slave_1: entered promiscuous mode
[  204.507072][ T9645] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  204.511954][ T9645] team0: Device macvtap1 is already an upper device of the team interface
[  204.526127][ T9645] team_slave_0: left promiscuous mode
[  204.529125][ T9645] team_slave_1: left promiscuous mode
[  205.769958][ T9669] Falling back ldisc for ptm0.
[  205.907396][ T9682] loop2: detected capacity change from 0 to 4096
[  205.922285][ T9682] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  205.924958][ T9682] ntfs3(loop2): Failed to load $Extend (-22).
[  205.928728][ T9682] ntfs3(loop2): Failed to initialize $Extend.
[  206.110048][ T9698] loop2: detected capacity change from 0 to 128
[  206.311397][ T9693] loop1: detected capacity change from 0 to 40427
[  206.326293][ T9693] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  206.329248][ T9693] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  206.344110][ T9693] F2FS-fs (loop1): invalid crc value
[  206.426758][ T9693] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  206.432627][ T9719] loop2: detected capacity change from 0 to 256
[  206.443574][ T9719] FAT-fs (loop2): Directory bread(block 64) failed
[  206.443915][ T9693] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  206.445697][ T9719] FAT-fs (loop2): Directory bread(block 65) failed
[  206.448695][ T9693] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  206.450423][ T9719] FAT-fs (loop2): Directory bread(block 66) failed
[  206.454778][ T9719] FAT-fs (loop2): Directory bread(block 67) failed
[  206.456952][ T9719] FAT-fs (loop2): Directory bread(block 68) failed
[  206.459003][ T9719] FAT-fs (loop2): Directory bread(block 69) failed
[  206.461093][ T9719] FAT-fs (loop2): Directory bread(block 70) failed
[  206.463207][ T9719] FAT-fs (loop2): Directory bread(block 71) failed
[  206.465255][ T9719] FAT-fs (loop2): Directory bread(block 72) failed
[  206.467353][ T9719] FAT-fs (loop2): Directory bread(block 73) failed
[  207.111483][ T9727] loop1: detected capacity change from 0 to 32768
[  207.193088][ T9727] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  207.193106][ T9727]   allowing incompatible features above 0.0: (unknown version)
[  207.193111][ T9727]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  207.204847][ T9727] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  207.207327][ T9727] bcachefs (loop1): initializing new filesystem
[  207.215122][ T9727] bcachefs (loop1): going read-write
[  207.218912][ T9727] bcachefs (loop1): marking superblocks
[  207.224295][ T9727] bcachefs (loop1): initializing freespace
[  207.227942][ T9727] bcachefs (loop1): done initializing freespace
[  207.231242][ T9727] bcachefs (loop1): reading snapshots table
[  207.233334][ T9727] bcachefs (loop1): reading snapshots done
[  207.258497][ T9727] bcachefs (loop1): done starting filesystem
[  207.286898][   T33] audit: type=1800 audit(1755123780.944:63): pid=9727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1409" name="file1" dev="loop1" ino=4098 res=0 errno=0
[  207.392779][   T33] audit: type=1800 audit(1755123781.044:64): pid=9739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1409" name="file1" dev="loop1" ino=4098 res=0 errno=0
[  207.428094][ T5841] kernel write not supported for file [eventfd] (pid: 5841 comm: kworker/0:3)
[  207.736363][ T5841] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  207.749303][ T9758] loop2: detected capacity change from 0 to 1764
[  207.826880][ T9727] syz.1.1409 (9727) used greatest stack depth: 14216 bytes left
[  207.847254][ T5845] bcachefs (loop1): shutting down
[  207.848820][ T5845] bcachefs (loop1): going read-only
[  207.850373][ T5845] bcachefs (loop1): finished waiting for writes to stop
[  207.854332][ T5845] bcachefs (loop1): flushing journal and stopping allocators, journal seq 393
[  207.870786][ T5845] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 394
[  207.874277][ T5845] bcachefs (loop1): clean shutdown complete, journal seq 395
[  207.877576][ T5845] bcachefs (loop1): marking filesystem clean
[  207.886901][ T9760] binder: 9759:9760 ioctl c0306201 200000000280 returned -14
[  207.898383][ T5845] bcachefs (loop1): shutdown complete
[  207.916436][ T5841] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  207.919308][ T5841] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  207.922175][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.948716][ T5841] usb 1-1: config 0 descriptor??
[  208.160913][ T9746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.166196][ T9746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.171930][ T9746] netlink: 'syz.0.1413': attribute type 10 has an invalid length.
[  208.175070][ T9746] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.177740][ T9746] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.262691][ T9746] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.265060][ T9746] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.269623][ T9746] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.271919][ T9746] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.377136][ T9771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1413'.
[  208.398677][ T9746] bridge0: entered promiscuous mode
[  208.401072][ T9746] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  208.415174][ T9771] bridge_slave_1: left allmulticast mode
[  208.417123][ T9771] bridge_slave_1: left promiscuous mode
[  208.419086][ T9771] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.426177][ T9771] bridge_slave_0: left allmulticast mode
[  208.427978][ T9771] bridge_slave_0: left promiscuous mode
[  208.429852][ T9771] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.456760][ T9771] bond0: (slave bridge0): Releasing backup interface
[  208.529693][ T5841] usb 1-1: USB disconnect, device number 24
[  209.483787][   T33] audit: type=1804 audit(1755123783.135:65): pid=9809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1441" name="/newroot/535/bus/file0" dev="overlay" ino=2846 res=1 errno=0
[  209.999287][   T59] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  210.001312][ T9818] misc userio: The device must be registered before sending interrupts
[  210.165359][   T59] usb 3-1: Using ep0 maxpacket: 16
[  210.173141][   T59] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  210.176468][   T59] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  210.182397][   T59] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  210.185167][   T59] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.187729][   T59] usb 3-1: Product: syz
[  210.190590][   T59] usb 3-1: Manufacturer: syz
[  210.192076][   T59] usb 3-1: SerialNumber: syz
[  210.441385][   T59] usb 3-1: 0:2 : does not exist
[  210.462433][   T59] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  210.508895][   T59] usb 3-1: USB disconnect, device number 19
[  210.547560][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  210.669481][ T9820] loop1: detected capacity change from 0 to 40427
[  210.719130][ T9820] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  210.723596][ T9820] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  210.730326][ T9820] syz.1.1445: attempt to access beyond end of device
[  210.730326][ T9820] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  210.876134][    T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  210.951098][ T9840] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1453'.
[  211.028755][ T9846] loop2: detected capacity change from 0 to 2048
[  211.036988][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  211.040254][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  211.046529][    T9] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  211.050975][ T9846] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.058017][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  211.062219][    T9] usb 1-1: SerialNumber: syz
[  211.287956][    T9] usb 1-1: 0:2 : does not exist
[  211.308898][    T9] usb 1-1: USB disconnect, device number 25
[  211.492205][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  211.533914][ T9864] loop2: detected capacity change from 0 to 512
[  211.730757][ T9864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  211.735330][ T9864] ext4 filesystem being mounted at /543/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  211.754786][   T33] audit: type=1800 audit(1755123785.405:66): pid=9864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1464" name="file1" dev="loop2" ino=20 res=0 errno=0
[  211.778120][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  212.450382][ T9882] netlink: 'syz.1.1470': attribute type 10 has an invalid length.
[  212.459143][ T9882] veth1_vlan: entered allmulticast mode
[  212.470740][ T9882] team0: Device veth1_vlan failed to register rx_handler
[  212.820626][   T33] audit: type=1326 audit(1755123786.475:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.829138][   T33] audit: type=1326 audit(1755123786.475:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.849063][   T33] audit: type=1326 audit(1755123786.475:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.867539][   T33] audit: type=1326 audit(1755123786.475:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.881484][   T33] audit: type=1326 audit(1755123786.475:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.893837][   T33] audit: type=1326 audit(1755123786.475:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.900839][   T33] audit: type=1326 audit(1755123786.475:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.919143][   T33] audit: type=1326 audit(1755123786.475:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.935157][   T33] audit: type=1326 audit(1755123786.475:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  212.953586][   T33] audit: type=1326 audit(1755123786.475:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9876 comm="syz.0.1468" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6834f8ebe9 code=0x7fc00000
[  213.264440][ T9909] loop2: detected capacity change from 0 to 128
[  213.264591][ T9907] loop1: detected capacity change from 0 to 1764
[  213.274806][ T9907] iso9660: Corrupted directory entry in block 2 of inode 1920
[  213.300391][ T9909] udf: Unknown parameter '01777777777777777777777'
[  214.161589][ T9946] sock: sock_timestamping_bind_phc: sock not bind to device
[  214.176621][ T9934] loop2: detected capacity change from 0 to 32768
[  214.207754][ T9934] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  214.222639][ T5917] (kworker/u8:5,5917,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  214.272063][ T9934] 
[  214.272875][ T9934] ======================================================
[  214.274997][ T9934] WARNING: possible circular locking dependency detected
[  214.277076][ T9934] 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 Not tainted
[  214.279354][ T9934] ------------------------------------------------------
[  214.282549][ T9934] syz.2.1495/9934 is trying to acquire lock:
[  214.284409][ T9934] ffff88811869cf78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_init_acl+0x2f9/0x720
[  214.287179][ T9934] 
[  214.287179][ T9934] but task is already holding lock:
[  214.289378][ T9934] ffff88802a5ec950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  214.292125][ T9934] 
[  214.292125][ T9934] which lock already depends on the new lock.
[  214.292125][ T9934] 
[  214.295220][ T9934] 
[  214.295220][ T9934] the existing dependency chain (in reverse order) is:
[  214.297956][ T9934] 
[  214.297956][ T9934] -> #4 (jbd2_handle){++++}-{0:0}:
[  214.300154][ T9934]        lock_acquire+0x120/0x360
[  214.301729][ T9934]        start_this_handle+0x1fa7/0x21c0
[  214.303439][ T9934]        jbd2__journal_start+0x2c1/0x5b0
[  214.305097][ T9934]        jbd2_journal_start+0x2a/0x40
[  214.306678][ T9934]        ocfs2_start_trans+0x376/0x6d0
[  214.308300][ T9934]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  214.310160][ T9934]        ocfs2_dismount_volume+0x201/0x8d0
[  214.311916][ T9934]        generic_shutdown_super+0x135/0x2c0
[  214.313705][ T9934]        kill_block_super+0x44/0x90
[  214.315277][ T9934]        deactivate_locked_super+0xbc/0x130
[  214.317067][ T9934]        cleanup_mnt+0x425/0x4c0
[  214.318569][ T9934]        task_work_run+0x1d4/0x260
[  214.320153][ T9934]        exit_to_user_mode_loop+0xec/0x110
[  214.321958][ T9934]        do_syscall_64+0x2bd/0x3b0
[  214.323539][ T9934]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.325519][ T9934] 
[  214.325519][ T9934] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  214.328097][ T9934]        lock_acquire+0x120/0x360
[  214.329618][ T9934]        down_read+0x46/0x2e0
[  214.331039][ T9934]        ocfs2_start_trans+0x36a/0x6d0
[  214.332646][ T9934]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  214.334530][ T9934]        ocfs2_dismount_volume+0x201/0x8d0
[  214.336325][ T9934]        generic_shutdown_super+0x135/0x2c0
[  214.338110][ T9934]        kill_block_super+0x44/0x90
[  214.339726][ T9934]        deactivate_locked_super+0xbc/0x130
[  214.341557][ T9934]        cleanup_mnt+0x425/0x4c0
[  214.343120][ T9934]        task_work_run+0x1d4/0x260
[  214.344697][ T9934]        exit_to_user_mode_loop+0xec/0x110
[  214.346500][ T9934]        do_syscall_64+0x2bd/0x3b0
[  214.348047][ T9934]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.349998][ T9934] 
[  214.349998][ T9934] -> #2 (sb_internal#5){.+.+}-{0:0}:
[  214.352259][ T9934]        lock_acquire+0x120/0x360
[  214.353780][ T9934]        ocfs2_start_trans+0x26b/0x6d0
[  214.355444][ T9934]        ocfs2_truncate_file+0x643/0x1420
[  214.357159][ T9934]        ocfs2_setattr+0x1520/0x1b40
[  214.358760][ T9934]        notify_change+0xb36/0xe40
[  214.360322][ T9934]        do_truncate+0x1a4/0x220
[  214.361823][ T9934]        path_openat+0x306c/0x3830
[  214.363362][ T9934]        do_filp_open+0x1fa/0x410
[  214.364854][ T9934]        do_sys_openat2+0x121/0x1c0
[  214.366444][ T9934]        __x64_sys_open+0x11e/0x150
[  214.368023][ T9934]        do_syscall_64+0xfa/0x3b0
[  214.369525][ T9934]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.371457][ T9934] 
[  214.371457][ T9934] -> #1 (&oi->ip_alloc_sem){++++}-{4:4}:
[  214.373815][ T9934]        lock_acquire+0x120/0x360
[  214.375590][ T9934]        down_write+0x96/0x1f0
[  214.377054][ T9934]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  214.378998][ T9934]        ocfs2_truncate_file+0xda0/0x1420
[  214.380721][ T9934]        ocfs2_setattr+0x1520/0x1b40
[  214.382359][ T9934]        notify_change+0xb36/0xe40
[  214.383958][ T9934]        do_truncate+0x1a4/0x220
[  214.385462][ T9934]        path_openat+0x306c/0x3830
[  214.386985][ T9934]        do_filp_open+0x1fa/0x410
[  214.388478][ T9934]        do_sys_openat2+0x121/0x1c0
[  214.390041][ T9934]        __x64_sys_open+0x11e/0x150
[  214.391601][ T9934]        do_syscall_64+0xfa/0x3b0
[  214.393111][ T9934]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.395012][ T9934] 
[  214.395012][ T9934] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}:
[  214.397345][ T9934]        validate_chain+0xb9b/0x2140
[  214.398942][ T9934]        __lock_acquire+0xab9/0xd20
[  214.400553][ T9934]        lock_acquire+0x120/0x360
[  214.402143][ T9934]        down_read+0x46/0x2e0
[  214.403588][ T9934]        ocfs2_init_acl+0x2f9/0x720
[  214.405228][ T9934]        ocfs2_mknod+0x1321/0x2050
[  214.406812][ T9934]        ocfs2_create+0x1a5/0x440
[  214.408366][ T9934]        path_openat+0x14f4/0x3830
[  214.409930][ T9934]        do_filp_open+0x1fa/0x410
[  214.411587][ T9934]        do_sys_openat2+0x121/0x1c0
[  214.413206][ T9934]        __x64_sys_openat+0x138/0x170
[  214.414873][ T9934]        do_syscall_64+0xfa/0x3b0
[  214.416432][ T9934]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.418423][ T9934] 
[  214.418423][ T9934] other info that might help us debug this:
[  214.418423][ T9934] 
[  214.421531][ T9934] Chain exists of:
[  214.421531][ T9934]   &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle
[  214.421531][ T9934] 
[  214.425522][ T9934]  Possible unsafe locking scenario:
[  214.425522][ T9934] 
[  214.427725][ T9934]        CPU0                    CPU1
[  214.429345][ T9934]        ----                    ----
[  214.430933][ T9934]   rlock(jbd2_handle);
[  214.432208][ T9934]                                lock(&journal->j_trans_barrier);
[  214.434586][ T9934]                                lock(jbd2_handle);
[  214.436640][ T9934]   rlock(&oi->ip_xattr_sem);
[  214.438124][ T9934] 
[  214.438124][ T9934]  *** DEADLOCK ***
[  214.438124][ T9934] 
[  214.440615][ T9934] 8 locks held by syz.2.1495/9934:
[  214.442214][ T9934]  #0: ffff88802270c428 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  214.445018][ T9934]  #1: ffff88811869d240 (&type->i_mutex_dir_key#14){+.+.}-{4:4}, at: path_openat+0x8da/0x3830
[  214.448128][ T9934]  #2: ffff8881185309c0 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  214.452361][ T9934]  #3: ffff8881186989c0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  214.456602][ T9934]  #4: ffff8881185326c0 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  214.460742][ T9934]  #5: ffff88802270c618 (sb_internal#5){.+.+}-{0:0}, at: ocfs2_mknod+0xe93/0x2050
[  214.463568][ T9934]  #6: ffff88812179dce8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x36a/0x6d0
[  214.466757][ T9934]  #7: ffff88802a5ec950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  214.469675][ T9934] 
[  214.469675][ T9934] stack backtrace:
[  214.471453][ T9934] CPU: 1 UID: 0 PID: 9934 Comm: syz.2.1495 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  214.471466][ T9934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  214.471474][ T9934] Call Trace:
[  214.471482][ T9934]  <TASK>
[  214.471487][ T9934]  dump_stack_lvl+0x189/0x250
[  214.471501][ T9934]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.471513][ T9934]  ? __pfx__printk+0x10/0x10
[  214.471525][ T9934]  ? stack_trace_save+0x9c/0xe0
[  214.471537][ T9934]  print_circular_bug+0x2ee/0x310
[  214.471547][ T9934]  check_noncircular+0x134/0x160
[  214.471557][ T9934]  validate_chain+0xb9b/0x2140
[  214.471569][ T9934]  __lock_acquire+0xab9/0xd20
[  214.471581][ T9934]  ? ocfs2_init_acl+0x2f9/0x720
[  214.471589][ T9934]  lock_acquire+0x120/0x360
[  214.471600][ T9934]  ? ocfs2_init_acl+0x2f9/0x720
[  214.471608][ T9934]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  214.471618][ T9934]  down_read+0x46/0x2e0
[  214.471629][ T9934]  ? ocfs2_init_acl+0x2f9/0x720
[  214.471636][ T9934]  ocfs2_init_acl+0x2f9/0x720
[  214.471643][ T9934]  ? ocfs2_mknod_locked+0x148/0x250
[  214.471659][ T9934]  ? __pfx_ocfs2_init_acl+0x10/0x10
[  214.471666][ T9934]  ? dquot_alloc_inode+0x216/0xa50
[  214.471675][ T9934]  ? ocfs2_block_signals+0x94/0xe0
[  214.471689][ T9934]  ? __pfx_ocfs2_block_signals+0x10/0x10
[  214.471701][ T9934]  ? ocfs2_init_security_get+0x139/0x1a0
[  214.471710][ T9934]  ocfs2_mknod+0x1321/0x2050
[  214.471724][ T9934]  ? __pfx_ocfs2_mknod+0x10/0x10
[  214.471736][ T9934]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  214.471747][ T9934]  ? __lock_acquire+0xab9/0xd20
[  214.471762][ T9934]  ? look_up_lock_class+0x74/0x170
[  214.471772][ T9934]  ? register_lock_class+0x51/0x320
[  214.471783][ T9934]  ? __lock_acquire+0xab9/0xd20
[  214.471795][ T9934]  ? __lock_acquire+0xab9/0xd20
[  214.471807][ T9934]  ? do_raw_spin_lock+0x121/0x290
[  214.471817][ T9934]  ? do_raw_spin_unlock+0x4d/0x240
[  214.471827][ T9934]  ? rcu_is_watching+0x15/0xb0
[  214.471835][ T9934]  ? ocfs2_lookup+0x5b9/0x9b0
[  214.471846][ T9934]  ocfs2_create+0x1a5/0x440
[  214.471857][ T9934]  ? __pfx_ocfs2_lookup+0x10/0x10
[  214.471867][ T9934]  ? from_kgid+0x1b0/0x650
[  214.471877][ T9934]  ? __pfx_ocfs2_create+0x10/0x10
[  214.471915][ T9934]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  214.471925][ T9934]  ? inode_permission+0x149/0x470
[  214.471934][ T9934]  ? __pfx_ocfs2_permission+0x10/0x10
[  214.471945][ T9934]  ? bpf_lsm_inode_create+0x9/0x20
[  214.471955][ T9934]  ? __pfx_ocfs2_create+0x10/0x10
[  214.471966][ T9934]  path_openat+0x14f4/0x3830
[  214.471976][ T9934]  ? arch_stack_walk+0xfc/0x150
[  214.471991][ T9934]  ? __pfx_path_openat+0x10/0x10
[  214.472000][ T9934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.472011][ T9934]  do_filp_open+0x1fa/0x410
[  214.472020][ T9934]  ? __lock_acquire+0xab9/0xd20
[  214.472031][ T9934]  ? __pfx_do_filp_open+0x10/0x10
[  214.472043][ T9934]  ? _raw_spin_unlock+0x28/0x50
[  214.472051][ T9934]  ? alloc_fd+0x64c/0x6c0
[  214.472063][ T9934]  do_sys_openat2+0x121/0x1c0
[  214.472072][ T9934]  ? __se_sys_futex+0x36f/0x400
[  214.472082][ T9934]  ? __pfx_do_sys_openat2+0x10/0x10
[  214.472091][ T9934]  ? rcu_is_watching+0x15/0xb0
[  214.472099][ T9934]  __x64_sys_openat+0x138/0x170
[  214.472108][ T9934]  do_syscall_64+0xfa/0x3b0
[  214.472118][ T9934]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.472126][ T9934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.472134][ T9934]  ? exc_page_fault+0x9f/0xf0
[  214.472142][ T9934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.472151][ T9934] RIP: 0033:0x7f135278ebe9
[  214.472163][ T9934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.472179][ T9934] RSP: 002b:00007f13535e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  214.472189][ T9934] RAX: ffffffffffffffda RBX: 00007f13529b5fa0 RCX: 00007f135278ebe9
[  214.472196][ T9934] RDX: 0000000000101042 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  214.472202][ T9934] RBP: 00007f1352811e19 R08: 0000000000000000 R09: 0000000000000000
[  214.472208][ T9934] R10: 00000000000000b0 R11: 0000000000000246 R12: 0000000000000000
[  214.472213][ T9934] R13: 00007f13529b6038 R14: 00007f13529b5fa0 R15: 00007fff1f660df8
[  214.472223][ T9934]  </TASK>
[  214.720383][ T5840] ocfs2: Unmounting device (7,2) on (node local)

VM DIAGNOSIS:
21:40:10  Registers:
info registers vcpu 0

CPU#0
RAX=54f056346659e000 RBX=ffffffff81968308 RCX=54f056346659e000 RDX=0000000000000001
RSI=ffffffff8be325e0 RDI=ffffffff81968308 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa34230 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7893f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555591d4d808 CR3=000000010e3c0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f6835012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000005a34 RDI=0000000000005a35 RBP=00000000000003f8 RSP=ffffc90002d8e8f0
R8 =ffff888106a70237 R9 =1ffff11020d4e046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af1906 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f13535e76c0 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fcbfda79f11 CR3=000000003fc9a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f3a39187498 00007f3a39187470 XMM03=00007f3a391874a8 00007f3a391874a0
XMM04=00007f3a39ced100 00007f3a39187460 XMM05=00007f3a39187478 00007f3a391874c0
XMM06=00007f3a391874b8 00007f3a391874b0 XMM07=00007f3a391874a8 00007f3a391874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f3a39012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
