last executing test programs:

2m51.141685419s ago: executing program 0 (id=70):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5800006a, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000140)='./bus\x00', 0x1ac0c54, &(0x7f0000000a40)=ANY=[], 0xdf, 0x0, &(0x7f0000000000))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000280)='./bus/file0\x00', 0x0)
renameat2(r2, &(0x7f00000004c0)='./file0\x00', r3, &(0x7f00000000c0)='./bus/file0\x00', 0x2)

2m51.05596221s ago: executing program 0 (id=75):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x3c, 0x0, 0x8, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0x8, 0x9, 0x1, 0x0, 0x56}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x814}, 0x0)

2m50.888085641s ago: executing program 0 (id=77):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xffffffff}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x40)

2m50.795301763s ago: executing program 0 (id=79):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1000, 0x0)

2m50.726922515s ago: executing program 0 (id=83):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)="088e80053e0adaa8f9d58e4e83ce0c32a68f83476cd32ce044b0de485743d5b3082081f38eb9033daefaa734fa65dc67de97c3b2e328c4d424ce8c30ff6fd3a0dfd9dfc9c701c6ef300336da1c87133f9addaf5d6975fef9b5bffa806dfeca78ed47ce4950fcdac4bfa37265650a", 0x6e}, 0x1, 0x0, 0x0, 0x80}, 0x4048020)

2m49.178834819s ago: executing program 0 (id=99):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000140)={0x0, 0x6, 0x0, 0xeab0})

2m48.963718949s ago: executing program 32 (id=99):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000140)={0x0, 0x6, 0x0, 0xeab0})

3.184350739s ago: executing program 3 (id=1781):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
r1 = eventfd2(0x2, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000061c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da09"], 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000000c0)={0x0, r1})

2.207680424s ago: executing program 2 (id=1791):
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r3, 0x110, 0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000040), &(0x7f0000000080)={0x6}, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x1d, 0x0, 0x1, {0x2, 0x379ae3b83aa840de, 0x4}, 0xff}, 0x18, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0x91)
unshare(0x6020480)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)

1.767931807s ago: executing program 3 (id=1796):
socket$phonet(0x23, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
getpid()
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}, {0x0}], 0x2, 0x12})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x1)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.27997602s ago: executing program 2 (id=1799):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
preadv(r0, &(0x7f0000001500)=[{&(0x7f0000000140)=""/37, 0x25}], 0x1, 0x1, 0x1)

1.279802417s ago: executing program 2 (id=1800):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
setsockopt$sock_int(r0, 0x1, 0xa919af39f726e52b, &(0x7f0000000040)=0x4, 0x4)

1.165165981s ago: executing program 3 (id=1801):
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000010c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e40)=[@cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c}}], 0x58, 0x840}}], 0x1, 0x0)

1.164914319s ago: executing program 3 (id=1802):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x78, &(0x7f00002a0000/0x1000)=nil, 0x2)

1.164738563s ago: executing program 2 (id=1803):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a1)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x0)
msgsnd(0x0, &(0x7f00000008c0)={0x1}, 0x8, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r3, 0x89fb, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000180)={@loopback, @loopback, 0xc, 0x1d}})

1.015975454s ago: executing program 1 (id=1804):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r2, @ANYBLOB="0a000600080211000001000006006600c78800001a0033"], 0x50}}, 0x0)

1.01531401s ago: executing program 1 (id=1805):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b8500000007000000850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='sys_exit\x00', r0, 0x0, 0x100000000}, 0x18)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))

1.015146159s ago: executing program 3 (id=1806):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c)
sendto$inet6(r0, &(0x7f00000000c0)="738f", 0x2, 0x800, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x8f, @loopback, 0x1}}, 0x9caa, 0x6, 0x9, 0x3, 0x6}, &(0x7f00000001c0)=0x98)

947.311253ms ago: executing program 1 (id=1807):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x8102}, {{0x0, 0x0, 0x0}, 0x10006}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000000)=""/180, 0xb4}, {&(0x7f0000000680)=""/232, 0xe8}, {&(0x7f0000001b40)=""/4109, 0x100d}], 0x3}, 0x80000000}, {{0x0, 0x0, 0x0}, 0x10001}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000940)=""/127, 0x7f}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000005080)=""/4096, 0x1000}, {&(0x7f0000006080)=""/4096, 0x1000}, {&(0x7f0000000600)=""/91, 0x5b}], 0x5}, 0xb0}, {{0x0, 0x0, 0x0}, 0x6}], 0x8, 0x20, 0x0)

946.964436ms ago: executing program 1 (id=1808):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000180)=[{&(0x7f00000004c0)="99", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e24, 0xa, @empty, 0x5}}, 0x9, 0x5}, 0x90)

897.451404ms ago: executing program 1 (id=1809):
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x884, &(0x7f0000000540)={[{@jqfmt_vfsold}, {@delalloc}, {@sysvgroups}, {@noblock_validity}], [{@context={'context', 0x3d, 'staff_u'}}, {@subj_type={'subj_type', 0x3d, '[@.\x95}\xb0!'}}, {@dont_hash}, {@dont_measure}, {@permit_directio}, {@smackfsroot={'smackfsroot', 0x3d, 'staff_u'}}]}, 0x1, 0x24c, &(0x7f0000000900)="$eJzs3EFoFFcYB/BvZnebJllK2l4KhbZQSmkDIb0VekkvLQRKCKUU2kJKKb20JIWY4C3ryYsHPavk5CWIN6NHySV4UQRPUXOIF0GDB4MHPazMzkYSs8HAxh3J/H4wOzO7b+Z7w+z/7cAyE0BpDUXEWERUImI4ImoRkexs8Fk+DbVXF/tXpyKazZ8fJ612+Xpue7vBiGhExLcRsZIm8W81Yn75942naz9+eWqu9sWF5d/6e3qQbZsb6z9tnZ84eXn8m/mbtx9OJDEW9V3HdfiSDu9Vk4gP3kSxt0RSLboHHMTk8Ut3stx/GBGft/JfizTyk3d69p2VWnx9br9tzzy69XEv+wocvmazlv0GNppA6aQRUY8kHYmIfDlNR0bya/i7lYH0v5nZY8P/zMxN/130SAUclnrE+g9X+64MvpL/B5U8/8DRleX/l8mle9nyVqXo3gC9lOV/+M+Fr0L+oXTkH8pk91/u8g/lJf9QKrsuAOQfykv+obzkH46g9GDN5B/KS/6hvOQfymtn/gGAcmn2FX0HMlCUoscfAAAAAAAAAAAAAAAAAABgr8X+1antqVc1r5+N2Pw+Iqqd6lfajzJ9t/U68CTJmr2U5Jt15Y9Pu9xBly4WfPf1e/eLrX/jk2LrL0xHNE5ExGi1uvf7lxz0Ubr7ev81n9f+6rJAl777taDCjXz2fKmg+m3jaxHXsvFntNP4k8ZHrXnn8aeenb8u6///rMsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DMvAgAA//9VnG29")
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$kcm(0x23, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000b80)=@raw={'raw\x00', 0x9, 0x3, 0x218, 0x98, 0xffffffff, 0xffffffff, 0x98, 0xffffffff, 0x180, 0xffffffff, 0xffffffff, 0x180, 0xffffffff, 0x3, &(0x7f00000001c0), {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0xffffff00, 0x0, 'vxcan1\x00', 'veth1_macvtap\x00', {0xff}, {0xff}, 0xc, 0x0, 0x29}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x932, 0x7}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x7}}, @inet=@rpfilter={{0x28}, {0x3}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x426}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x278)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x2}, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc})
r6 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r6, 0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

237.593757ms ago: executing program 2 (id=1810):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x2, &(0x7f00000003c0)={r1, 0x1, 0x4, @remote}, 0x10)

187.462355ms ago: executing program 2 (id=1811):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000000040000000800000001"], 0x48)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2200004, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

117.058853ms ago: executing program 3 (id=1812):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000340)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x5, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x150)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000002c)
fcntl$setsig(r0, 0xa, 0x21)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
connect$ax25(r0, &(0x7f0000000040)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x8}, [@default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, 0x0)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0, 0x1)

0s ago: executing program 1 (id=1813):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3000003, 0x204031, 0xffffffffffffffff, 0xffffd000)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x151, &(0x7f0000000140)={0x0, 0xa206, 0x400, 0x43, 0x26}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
munlockall()
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)

kernel console output (not intermixed with test programs):

s_bg+0x10/0x10
[  151.392270][   T27]  ? look_up_lock_class+0x74/0x170
[  151.392295][   T27]  ? trace_f2fs_writepages+0x7f/0x200
[  151.392313][   T27]  ? f2fs_write_node_pages+0x478/0x6e0
[  151.392334][   T27]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  151.392363][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  151.392381][   T27]  do_writepages+0x32e/0x550
[  151.392402][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  151.392414][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  151.392436][   T27]  __writeback_single_inode+0x145/0xff0
[  151.392452][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  151.392470][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  151.392509][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  151.392561][   T27]  ? rcu_is_watching+0x15/0xb0
[  151.392582][   T27]  wb_writeback+0x43b/0xaf0
[  151.392605][   T27]  ? queue_io+0x341/0x590
[  151.392623][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  151.392646][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  151.392665][   T27]  wb_workfn+0x409/0xef0
[  151.392692][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  151.392710][   T27]  ? __lock_acquire+0xab9/0xd20
[  151.392738][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  151.392757][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  151.392770][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  151.392808][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  151.392821][   T27]  process_scheduled_works+0xae1/0x17b0
[  151.392860][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  151.392888][   T27]  worker_thread+0x8a0/0xda0
[  151.392924][   T27]  kthread+0x711/0x8a0
[  151.392943][   T27]  ? __pfx_worker_thread+0x10/0x10
[  151.392954][   T27]  ? __pfx_kthread+0x10/0x10
[  151.392970][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  151.392983][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.392997][   T27]  ? __pfx_kthread+0x10/0x10
[  151.393012][   T27]  ret_from_fork+0x3fc/0x770
[  151.393035][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  151.393053][   T27]  ? __switch_to_asm+0x39/0x70
[  151.393068][   T27]  ? __switch_to_asm+0x33/0x70
[  151.393081][   T27]  ? __pfx_kthread+0x10/0x10
[  151.393096][   T27]  ret_from_fork_asm+0x1a/0x30
[  151.393126][   T27]  </TASK>
[  151.393132][   T27] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  152.180970][ T8325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.860'.
[  152.327886][ T8327] loop3: detected capacity change from 0 to 1024
[  152.471881][   T27] hfsplus: b-tree write err: -5, ino 4
[  152.864367][ T8331] block nbd0: server does not support multiple connections per device.
[  152.872185][ T8331] block nbd0: shutting down sockets
[  153.264330][ T8353] loop1: detected capacity change from 0 to 256
[  153.299401][ T8353] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  153.589167][ T8382] netlink: 'syz.1.885': attribute type 1 has an invalid length.
[  153.617182][ T8382] 8021q: adding VLAN 0 to HW filter on device bond3
[  153.673856][ T8391] netlink: 20 bytes leftover after parsing attributes in process `syz.3.890'.
[  153.680232][ T8388] bond3: (slave geneve2): making interface the new active one
[  153.684340][ T8388] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  153.731585][ T8394] loop2: detected capacity change from 0 to 1024
[  153.737580][ T8394] EXT4-fs: Ignoring removed bh option
[  153.769222][ T8394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  153.820948][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  154.223743][ T8411] loop2: detected capacity change from 0 to 32768
[  154.260076][ T8411] find_entry called with index = 0
[  154.267895][ T8411] read_mapping_page failed!
[  154.274513][ T8411] ERROR: (device loop2): txCommit: 
[  154.274513][ T8411] 
[  154.276149][  T791] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  154.314736][   T51] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  154.416445][ T8421] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  154.437246][  T791] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.446216][  T791] usb 4-1: New USB device found, idVendor=056a, idProduct=032b, bcdDevice= 0.00
[  154.450108][  T791] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.465731][   T51] usb 2-1: Using ep0 maxpacket: 32
[  154.470777][  T791] usb 4-1: config 0 descriptor??
[  154.477642][   T51] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  154.481114][   T51] usb 2-1: config 0 has no interface number 0
[  154.482072][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.905'.
[  154.489910][   T51] usb 2-1: config 0 interface 12 has no altsetting 0
[  154.499471][   T51] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[  154.509961][   T51] usb 2-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[  154.513405][   T51] usb 2-1: Product: syz
[  154.520148][   T51] usb 2-1: Manufacturer: syz
[  154.522279][   T51] usb 2-1: SerialNumber: syz
[  154.535991][   T51] usb 2-1: config 0 descriptor??
[  155.088064][ T6363] usb 4-1: USB disconnect, device number 12
[  155.107340][   T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  155.257855][   T24] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  155.262471][   T24] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  155.266779][   T24] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  155.271144][   T24] usb 3-1: config 220 has no interface number 2
[  155.273927][   T24] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  155.280544][   T24] usb 3-1: config 220 interface 0 has no altsetting 0
[  155.283037][   T24] usb 3-1: config 220 interface 76 has no altsetting 0
[  155.285829][   T24] usb 3-1: config 220 interface 1 has no altsetting 0
[  155.291995][   T24] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  155.295957][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.299278][   T24] usb 3-1: Product: syz
[  155.301228][   T24] usb 3-1: Manufacturer: syz
[  155.303109][   T24] usb 3-1: SerialNumber: syz
[  155.520133][   T24] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  155.522798][   T24] usb 3-1: No valid video chain found.
[  155.525013][   T24] usb 3-1: selecting invalid altsetting 0
[  155.537864][   T24] usb 3-1: selecting invalid altsetting 0
[  155.539790][   T24] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  155.547040][   T24] usb 3-1: USB disconnect, device number 12
[  155.874608][ T6363] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  156.028212][ T6363] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.033069][ T6363] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.036404][ T6363] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  156.040834][ T6363] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  156.044078][ T6363] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.049892][ T6363] usb 4-1: config 0 descriptor??
[  156.100535][ T8448] netlink: 108 bytes leftover after parsing attributes in process `syz.2.917'.
[  156.216164][ T8454] loop2: detected capacity change from 0 to 1024
[  156.219467][ T8454] EXT4-fs: inline encryption not supported
[  156.221666][ T8454] EXT4-fs: Ignoring removed i_version option
[  156.224737][ T8454] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  156.250241][ T8454] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.920: lblock 2 mapped to illegal pblock 2 (length 1)
[  156.256432][ T8454] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  156.260061][ T8454] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.920: lblock 0 mapped to illegal pblock 48 (length 1)
[  156.267367][ T8454] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  156.272163][ T8454] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.920: Failed to acquire dquot type 0
[  156.277795][ T8454] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  156.281490][ T8454] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.920: mark_inode_dirty error
[  156.286339][ T8454] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  156.290161][ T8454] EXT4-fs (loop2): 1 orphan inode deleted
[  156.293598][ T8454] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.300085][   T28] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  156.310219][   T28] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  156.314773][   T28] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u9:1: Failed to release dquot type 0
[  156.315953][ T8454] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm syz.2.920: lblock 1 mapped to illegal pblock 1 (length 1)
[  156.328038][ T8454] Quota error (device loop2): find_next_id: Can't read quota tree block 1
[  156.346267][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.350253][ T5952] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  156.357678][ T5952] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  156.361545][ T5952] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  156.489814][ T6363] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  156.704666][ T5995] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  156.857342][ T5995] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[  156.860996][ T5995] usb 3-1: config 0 has no interface number 0
[  156.863704][ T5995] usb 3-1: config 0 interface 255 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  156.867830][ T5995] usb 3-1: config 0 interface 255 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  156.875238][ T5995] usb 3-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79
[  156.878959][ T5995] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.882404][ T5995] usb 3-1: Product: syz
[  156.884371][ T5995] usb 3-1: Manufacturer: syz
[  156.886145][ T5995] usb 3-1: SerialNumber: syz
[  156.890362][ T5995] usb 3-1: config 0 descriptor??
[  156.903695][ T5995] vmk80xx 3-1:0.255: driver 'vmk80xx' failed to auto-configure device.
[  156.910930][ T5995] vmk80xx 3-1:0.255: probe with driver vmk80xx failed with error -22
[  156.976714][   T51] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: f8 failed: -71
[  156.980618][   T51] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  156.983462][   T51] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  156.987925][   T51] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  156.993096][   T51] usb 2-1: USB disconnect, device number 9
[  157.106499][ T6363] usb 3-1: USB disconnect, device number 13
[  157.682280][ T8466] loop1: detected capacity change from 0 to 512
[  157.702072][ T8466] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  158.064724][  T791] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  158.152402][ T8482] loop1: detected capacity change from 0 to 32768
[  158.164178][ T8482] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.183959][ T8482] XFS (loop1): Ending clean mount
[  158.187370][ T8482] XFS (loop1): Quotacheck needed: Please wait.
[  158.216191][  T791] usb 3-1: Using ep0 maxpacket: 32
[  158.218038][ T8482] XFS (loop1): Quotacheck: Done.
[  158.219685][  T791] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  158.222639][  T791] usb 3-1: config 0 has no interface number 0
[  158.227325][  T791] usb 3-1: config 0 interface 12 has no altsetting 0
[  158.231963][  T791] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[  158.236079][  T791] usb 3-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[  158.239059][  T791] usb 3-1: Product: syz
[  158.240623][  T791] usb 3-1: Manufacturer: syz
[  158.242401][ T5948] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.242986][  T791] usb 3-1: SerialNumber: syz
[  158.251489][  T791] usb 3-1: config 0 descriptor??
[  158.420242][ T8494] netlink: 104 bytes leftover after parsing attributes in process `syz.3.936'.
[  158.573750][ T8504] loop3: detected capacity change from 0 to 128
[  158.582249][   T51] usb 4-1: USB disconnect, device number 13
[  158.773564][ T5995] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  158.930936][ T8510] fuse: Bad value for 'fd'
[  158.937304][ T8510] loop3: detected capacity change from 0 to 16
[  158.945409][ T8510] erofs (device loop3): mounted with root inode @ nid 36.
[  158.958995][ T8510] erofs (device loop3): readahead error at folio 87 @ nid 36
[  158.961927][ T8510] erofs (device loop3): readahead error at folio 86 @ nid 36
[  158.965540][ T8510] erofs (device loop3): bogus lookback distance 363 @ lcn 82 of nid 36
[  158.968781][ T8510] erofs (device loop3): readahead error at folio 83 @ nid 36
[  158.971682][ T8510] erofs (device loop3): bogus lookback distance 363 @ lcn 82 of nid 36
[  158.975012][ T8510] erofs (device loop3): readahead error at folio 82 @ nid 36
[  158.979312][ T8510] erofs (device loop3): readahead error at folio 79 @ nid 36
[  158.982295][ T8510] erofs (device loop3): readahead error at folio 78 @ nid 36
[  158.985959][ T8510] erofs (device loop3): bogus lookback distance 1485 @ lcn 75 of nid 36
[  158.989275][ T8510] erofs (device loop3): readahead error at folio 76 @ nid 36
[  158.992248][ T8510] erofs (device loop3): bogus lookback distance 1485 @ lcn 75 of nid 36
[  158.995769][ T8510] erofs (device loop3): readahead error at folio 75 @ nid 36
[  158.998771][ T8510] erofs (device loop3): readahead error at folio 74 @ nid 36
[  159.001845][ T8510] erofs (device loop3): readahead error at folio 72 @ nid 36
[  159.005115][ T8510] erofs (device loop3): readahead error at folio 71 @ nid 36
[  159.008111][ T8510] erofs (device loop3): readahead error at folio 70 @ nid 36
[  159.011856][ T8510] erofs (device loop3): readahead error at folio 63 @ nid 36
[  159.014922][ T8510] erofs (device loop3): readahead error at folio 61 @ nid 36
[  159.017945][ T8510] erofs (device loop3): bogus lookback distance 1024 @ lcn 58 of nid 36
[  159.021166][ T8510] erofs (device loop3): readahead error at folio 59 @ nid 36
[  159.024059][ T8510] erofs (device loop3): bogus lookback distance 1024 @ lcn 58 of nid 36
[  159.027567][ T8510] erofs (device loop3): readahead error at folio 58 @ nid 36
[  159.030652][ T8510] erofs (device loop3): readahead error at folio 56 @ nid 36
[  159.033856][ T8510] erofs (device loop3): bogus lookback distance 1586 @ lcn 46 of nid 36
[  159.037275][ T8510] erofs (device loop3): readahead error at folio 47 @ nid 36
[  159.040188][ T8510] erofs (device loop3): bogus lookback distance 1586 @ lcn 46 of nid 36
[  159.043512][ T8510] erofs (device loop3): readahead error at folio 46 @ nid 36
[  159.046594][ T8510] erofs (device loop3): readahead error at folio 45 @ nid 36
[  159.049761][ T8510] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  159.053023][ T8510] erofs (device loop3): readahead error at folio 43 @ nid 36
[  159.056104][ T8510] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  159.059475][ T8510] erofs (device loop3): readahead error at folio 42 @ nid 36
[  159.062417][ T8510] erofs (device loop3): bogus lookback distance 774 @ lcn 40 of nid 36
[  159.065716][ T8510] erofs (device loop3): readahead error at folio 41 @ nid 36
[  159.068613][ T8510] erofs (device loop3): bogus lookback distance 774 @ lcn 40 of nid 36
[  159.071831][ T8510] erofs (device loop3): readahead error at folio 40 @ nid 36
[  159.074829][ T8510] erofs (device loop3): readahead error at folio 39 @ nid 36
[  159.077710][ T8510] erofs (device loop3): readahead error at folio 38 @ nid 36
[  159.082185][ T8510] erofs (device loop3): readahead error at folio 36 @ nid 36
[  159.085935][ T8510] erofs (device loop3): bogus lookback distance 1468 @ lcn 31 of nid 36
[  159.089110][ T8510] erofs (device loop3): readahead error at folio 31 @ nid 36
[  159.092574][ T8510] erofs (device loop3): readahead error at folio 25 @ nid 36
[  159.095648][ T8510] erofs (device loop3): readahead error at folio 24 @ nid 36
[  159.099159][ T8510] erofs (device loop3): readahead error at folio 19 @ nid 36
[  159.102656][ T8510] syz.3.942: attempt to access beyond end of device
[  159.102656][ T8510] loop3: rw=524288, sector=784, nr_sectors = 64 limit=16
[  159.108114][ T8510] syz.3.942: attempt to access beyond end of device
[  159.108114][ T8510] loop3: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  159.113532][ T8510] syz.3.942: attempt to access beyond end of device
[  159.113532][ T8510] loop3: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  159.119069][ T8510] syz.3.942: attempt to access beyond end of device
[  159.119069][ T8510] loop3: rw=524288, sector=32, nr_sectors = 64 limit=16
[  159.124167][ T8510] syz.3.942: attempt to access beyond end of device
[  159.124167][ T8510] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16
[  159.129435][ T8510] syz.3.942: attempt to access beyond end of device
[  159.129435][ T8510] loop3: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  159.141796][ T5995] usb 2-1: Using ep0 maxpacket: 32
[  159.216014][ T5995] usb 2-1: config 0 has an invalid interface number: 247 but max is 0
[  159.219188][ T5995] usb 2-1: config 0 has no interface number 0
[  159.225838][ T5995] usb 2-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice= 1.9b
[  159.231208][ T5995] usb 2-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0
[  159.238713][ T5995] usb 2-1: Manufacturer: syz
[  159.243704][ T5995] usb 2-1: config 0 descriptor??
[  159.269184][ T8512] hugetlbfs: Bad value '' for mount option 'size'
[  159.269184][ T8512] 
[  159.474988][ T5995] usb 2-1: USB disconnect, device number 10
[  159.547028][ T8524] loop3: detected capacity change from 0 to 4096
[  159.559385][ T8524] ntfs3(loop3): ino=18, mi_enum_attr
[  159.561709][ T8524] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  159.569278][  T791] f81534 3-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71
[  159.572107][  T791] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  159.576217][  T791] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  159.579793][  T791] f81534 3-1:0.12: probe with driver f81534 failed with error -71
[  159.586528][  T791] usb 3-1: USB disconnect, device number 14
[  159.924876][ T8536] loop3: detected capacity change from 0 to 32768
[  159.932563][ T8536] ERROR: (device loop3): diAllocBit: iag inconsistent
[  159.932563][ T8536] 
[  159.939827][ T8536] ERROR: (device loop3): remounting filesystem as read-only
[  159.942687][ T8536] ialloc: diAlloc returned -5!
[  160.049315][ T8541] netlink: 256 bytes leftover after parsing attributes in process `syz.3.954'.
[  160.080250][ T8544] mmap: syz.3.957 (8544) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  160.158683][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.959'.
[  160.224423][ T8551] lo: entered promiscuous mode
[  160.232649][ T8553] loop3: detected capacity change from 0 to 128
[  160.238004][ T8550] lo: left promiscuous mode
[  160.247284][ T8553] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  160.250573][ T8553] System zones: 1-3, 19-19, 35-36
[  160.253927][ T8553] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  160.260423][ T8553] ext4 filesystem being mounted at /287/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  160.297746][ T6083] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  161.184669][   T24] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  161.344644][   T24] usb 2-1: Using ep0 maxpacket: 32
[  161.348063][   T24] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  161.350733][   T24] usb 2-1: config 0 has no interface number 0
[  161.353098][   T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.357509][   T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.360853][   T24] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  161.363991][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.370635][   T24] usb 2-1: config 0 descriptor??
[  161.841368][ T8578] loop3: detected capacity change from 0 to 32768
[  161.953150][ T8578] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  161.953162][ T8578]   allowing incompatible features above 0.0: (unknown version)
[  161.953167][ T8578]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  161.969013][ T8578] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  161.972012][ T8578] bcachefs (loop3): initializing new filesystem
[  161.978612][ T8578] bcachefs (loop3): going read-write
[  161.982444][ T8578] bcachefs (loop3): marking superblocks
[  161.987909][ T8578] bcachefs (loop3): initializing freespace
[  161.991586][ T8578] bcachefs (loop3): done initializing freespace
[  161.995624][ T8578] bcachefs (loop3): reading snapshots table
[  161.998087][ T8578] bcachefs (loop3): reading snapshots done
[  162.019751][   T24] uclogic 0003:28BD:0094.0008: pen parameters not found
[  162.022748][   T24] uclogic 0003:28BD:0094.0008: interface is invalid, ignoring
[  162.025641][ T8578] bcachefs (loop3): done starting filesystem
[  162.054178][ T8600] use of bytesused == 0 is deprecated and will be removed in the future,
[  162.059089][ T8600] use the actual size instead.
[  162.385299][ T5995] usb 2-1: USB disconnect, device number 11
[  162.457551][ T8602] loop2: detected capacity change from 0 to 40427
[  162.465030][ T8602] F2FS-fs (loop2): Image doesn't support compression
[  162.467830][ T8602] F2FS-fs (loop2): build fault injection rate: 690
[  162.470423][ T8602] F2FS-fs (loop2): build fault injection type: 0x35f7
[  162.473825][ T8602] F2FS-fs (loop2): invalid crc value
[  162.510534][ T8602] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  162.515138][ T8602] F2FS-fs (loop2): Start checkpoint disabled!
[  162.518885][ T8602] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  162.554890][ T6083] bcachefs (loop3): shutting down
[  162.556514][ T6083] bcachefs (loop3): going read-only
[  162.558351][ T6083] bcachefs (loop3): finished waiting for writes to stop
[  162.561178][ T6083] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[  162.582019][ T6083] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  162.589395][ T6083] bcachefs (loop3): clean shutdown complete, journal seq 4
[  162.592431][ T6083] bcachefs (loop3): marking filesystem clean
[  162.608059][ T6083] bcachefs (loop3): shutdown complete
[  163.042401][ T8630] sp0: Synchronizing with TNC
[  163.048161][ T8629] [U] 
[  163.330633][ T8636] loop2: detected capacity change from 0 to 32768
[  163.334047][ T8636] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.994 (8636)
[  163.349174][ T8636] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.373996][ T8636] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  163.377829][ T8636] BTRFS info (device loop2): disk space caching is enabled
[  163.380968][ T8636] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  163.507752][ T8636] BTRFS info (device loop2): rebuilding free space tree
[  163.517368][ T8636] BTRFS info (device loop2): disabling free space tree
[  163.519617][ T8636] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  163.522637][ T8636] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  163.553577][ T8640] loop1: detected capacity change from 0 to 32768
[  163.588606][ T8640] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  163.674079][ T5948] ocfs2: Unmounting device (7,1) on (node local)
[  163.696617][ T5952] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.891391][ T8665] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  163.911230][ T8665] CIFS: Unable to determine destination address
[  163.941003][ T8669] loop1: detected capacity change from 0 to 16
[  163.982632][ T8669] erofs (device loop1): mounted with root inode @ nid 36.
[  164.074165][ T8671] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  164.699011][ T8669] erofs (device loop1): corrupted dir block 72 @ nid 36
[  164.703729][ T8683] 9pnet: p9_errstr2errno: server reported unknown error @L	O!L+
[  165.168204][ T5995] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  165.341355][   T33] audit: type=1326 audit(1755553409.159:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.3.1011" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  165.349297][   T33] audit: type=1326 audit(1755553409.159:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.3.1011" exe="/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  165.356221][ T5995] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[  165.361989][ T5995] usb 3-1: config 0 has no interface number 0
[  165.366838][ T5995] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  165.373643][ T5995] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  165.374837][   T33] audit: type=1326 audit(1755553409.159:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.3.1011" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  165.379308][ T5995] usb 3-1: config 0 interface 255 has no altsetting 0
[  165.388697][ T5995] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  165.392159][ T5995] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.397193][   T33] audit: type=1326 audit(1755553409.159:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.3.1011" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  165.411132][ T5995] usb 3-1: config 0 descriptor??
[  165.422124][ T5995] ums-realtek 3-1:0.255: USB Mass Storage device detected
[  165.617990][   T24] usb 3-1: USB disconnect, device number 15
[  165.936720][ T5995] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  166.111836][ T5995] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  166.120554][ T5995] usb 2-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  166.125179][ T5995] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.152998][ T5995] usb 2-1: config 0 descriptor??
[  166.357252][ T8716] netlink: 340 bytes leftover after parsing attributes in process `syz.2.1020'.
[  166.599174][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.602307][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.607700][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.610747][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.627790][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.630159][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.633238][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.638149][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.641203][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.644221][ T5995] elecom 0003:056E:00E6.0009: unknown main item tag 0x0
[  166.651639][ T5995] elecom 0003:056E:00E6.0009: hidraw0: USB HID v0.00 Device [HID 056e:00e6] on usb-dummy_hcd.1-1/input0
[  166.791575][ T5995] usb 2-1: USB disconnect, device number 12
[  167.403600][ T8742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1033'.
[  167.413616][ T8742] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  167.419756][ T8742] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  167.485576][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  167.715101][   T24] usb 4-1: Using ep0 maxpacket: 32
[  167.781174][   T24] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  167.785323][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.788620][   T24] usb 4-1: Product: syz
[  167.790512][   T24] usb 4-1: Manufacturer: syz
[  167.792504][   T24] usb 4-1: SerialNumber: syz
[  167.813125][   T24] usb 4-1: config 0 descriptor??
[  167.834502][   T24] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  168.305445][ T8755] loop2: detected capacity change from 0 to 1024
[  168.636793][   T24] gspca_ov534_9: reg_w failed -71
[  168.861082][ T8762] loop1: detected capacity change from 0 to 256
[  168.974950][   T24] gspca_ov534_9: Unknown sensor 0000
[  168.975461][   T24] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  169.003981][   T24] usb 4-1: USB disconnect, device number 14
[  169.537110][   T26] hfsplus: b-tree write err: -5, ino 4
[  169.834669][ T1272] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  169.871741][ T8783] loop3: detected capacity change from 0 to 32768
[  169.919109][ T8783] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  169.919127][ T8783]   allowing incompatible features above 0.0: (unknown version)
[  169.919134][ T8783]   features: 
[  169.933628][ T8783] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  169.936558][ T8783] bcachefs (loop3): initializing new filesystem
[  169.943267][ T8783] bcachefs (loop3): going read-write
[  169.946752][ T8783] bcachefs (loop3): marking superblocks
[  169.960701][ T8783] bcachefs (loop3): initializing freespace
[  169.967442][ T8783] bcachefs (loop3): done initializing freespace
[  169.975400][ T8783] bcachefs (loop3): reading snapshots table
[  169.978078][ T8783] bcachefs (loop3): reading snapshots done
[  169.984825][ T1272] usb 3-1: Using ep0 maxpacket: 32
[  169.990011][ T1272] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.001036][ T1272] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.005534][ T1272] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  170.008522][ T8783] bcachefs (loop3): done starting filesystem
[  170.009228][ T1272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.017737][ T1272] usb 3-1: config 0 descriptor??
[  170.174352][ T6083] bcachefs (loop3): shutting down
[  170.176712][ T6083] bcachefs (loop3): going read-only
[  170.178733][ T6083] bcachefs (loop3): finished waiting for writes to stop
[  170.182392][ T6083] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  170.216427][ T6083] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  170.221105][ T6083] bcachefs (loop3): clean shutdown complete, journal seq 5
[  170.225098][ T6083] bcachefs (loop3): marking filesystem clean
[  170.245402][ T6083] bcachefs (loop3): shutdown complete
[  170.448855][ T1272] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  170.708058][   T51] usb 3-1: USB disconnect, device number 16
[  170.774948][ T8803] loop1: detected capacity change from 0 to 32768
[  170.778388][ T8803] btrfs: Deprecated parameter 'usebackuproot'
[  170.781030][ T8803] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  170.785609][ T8803] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1057 (8803)
[  170.816535][ T8803] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  170.820705][ T8803] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  170.824249][ T8803] BTRFS info (device loop1): using free-space-tree
[  170.959038][ T8803] BTRFS info (device loop1): rebuilding free space tree
[  170.986228][   T33] audit: type=1800 audit(1755553414.809:39): pid=8803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1057" name="file1" dev="loop1" ino=260 res=0 errno=0
[  171.062219][ T5948] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  171.215250][ T8822] loop1: detected capacity change from 0 to 128
[  171.218088][ T8822] EXT4-fs: Ignoring removed nobh option
[  171.273941][ T8822] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.280941][ T8822] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  171.290888][ T8826] loop2: detected capacity change from 0 to 64
[  171.332692][ T8826] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  171.336481][ T8826] BFS-fs: bfs_fill_super(): Impossible last inode number 262303 > 513 on loop2
[  171.398318][ T5948] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  171.477064][ T8832] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1063'.
[  171.687180][ T8844] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1066'.
[  171.713407][ T8846] loop3: detected capacity change from 0 to 1024
[  171.719729][ T8846] EXT4-fs: Ignoring removed bh option
[  171.721880][ T8846] EXT4-fs: inline encryption not supported
[  171.727728][ T8846] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  171.737401][ T8846] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1068: lblock 2 mapped to illegal pblock 2 (length 1)
[  171.742977][ T8846] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  171.752521][ T8846] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1068: lblock 0 mapped to illegal pblock 48 (length 1)
[  171.763447][ T8846] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  171.769450][ T8846] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1068: Failed to acquire dquot type 0
[  171.775947][ T8846] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  171.782402][ T8846] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1068: mark_inode_dirty error
[  171.789442][ T8846] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  171.793561][ T8846] EXT4-fs (loop3): 1 orphan inode deleted
[  171.796332][ T4036] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  171.802372][ T8851] loop1: detected capacity change from 0 to 256
[  171.803765][ T8846] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.819078][ T4036] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  171.822445][ T4036] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u9:4: Failed to release dquot type 0
[  171.824431][ T8851] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a371bfb, utbl_chksum : 0xe619d30d)
[  171.837306][ T8846] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #2: block 16: comm syz.3.1068: lblock 0 mapped to illegal pblock 16 (length 1)
[  171.870682][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.875027][ T6083] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  171.880456][ T6083] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  171.884367][ T6083] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  171.905549][   T51] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  171.982083][ T8854] loop3: detected capacity change from 0 to 4096
[  171.987560][ T8854] ntfs3(loop3): ino=3, Correct links count -> 2.
[  172.029991][ T8857] loop1: detected capacity change from 0 to 1024
[  172.040540][ T8857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.054788][   T51] usb 3-1: Using ep0 maxpacket: 8
[  172.058044][   T51] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.061970][   T51] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.068032][   T51] usb 3-1: config 0 interface 0 has no altsetting 0
[  172.070507][   T51] usb 3-1: New USB device found, idVendor=046d, idProduct=c219, bcdDevice= 0.00
[  172.073491][   T51] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.080510][   T51] usb 3-1: config 0 descriptor??
[  172.235091][ T5948] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.497119][   T51] hid_parser_main: 59 callbacks suppressed
[  172.497136][   T51] logitech 0003:046D:C219.000B: unknown main item tag 0x4
[  172.502482][   T51] logitech 0003:046D:C219.000B: unknown main item tag 0x0
[  172.505898][   T51] logitech 0003:046D:C219.000B: unknown main item tag 0x0
[  172.511447][   T51] logitech 0003:046D:C219.000B: hidraw0: USB HID v0.00 Device [HID 046d:c219] on usb-dummy_hcd.2-1/input0
[  172.516185][   T51] logitech 0003:046D:C219.000B: no inputs found
[  172.565199][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  172.699326][    T9] usb 3-1: USB disconnect, device number 17
[  172.724796][   T24] usb 2-1: Using ep0 maxpacket: 8
[  172.729309][   T24] usb 2-1: config 6 has an invalid interface number: 213 but max is 1
[  172.732488][   T24] usb 2-1: config 6 has an invalid interface number: 211 but max is 1
[  172.736454][   T24] usb 2-1: config 6 has no interface number 0
[  172.738977][   T24] usb 2-1: config 6 has no interface number 1
[  172.741470][   T24] usb 2-1: config 6 interface 213 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  172.746908][   T24] usb 2-1: config 6 interface 213 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  172.751446][   T24] usb 2-1: config 6 interface 213 altsetting 0 endpoint 0x83 has an invalid bInterval 63, changing to 7
[  172.756113][   T24] usb 2-1: config 6 interface 213 altsetting 0 endpoint 0x83 has invalid maxpacket 57448, setting to 1024
[  172.760524][   T24] usb 2-1: config 6 interface 213 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  172.769781][   T24] usb 2-1: config 6 interface 211 has no altsetting 0
[  172.776110][   T24] usb 2-1: New USB device found, idVendor=eb1a, idProduct=e357, bcdDevice=85.86
[  172.779918][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.782690][   T24] usb 2-1: Product: syz
[  172.784333][   T24] usb 2-1: Manufacturer: syz
[  172.786837][   T24] usb 2-1: SerialNumber: syz
[  173.028244][   T24] em28xx 2-1:6.213: New device syz syz @ 480 Mbps (eb1a:e357, interface 213, class 213)
[  173.033883][   T24] em28xx 2-1:6.213: Audio interface 213 found (Vendor Class)
[  173.095219][   T24] em28xx 2-1:6.213: unknown em28xx chip ID (0)
[  173.098385][   T24] em28xx 2-1:6.213: Config register raw data: 0xfffffffb
[  173.101863][   T24] em28xx 2-1:6.213: AC97 chip type couldn't be determined
[  173.104809][   T24] em28xx 2-1:6.213: No AC97 audio processor
[  173.124380][   T24] usb 2-1: USB disconnect, device number 13
[  173.137520][   T24] em28xx 2-1:6.213: Disconnecting em28xx
[  173.148836][   T24] em28xx 2-1:6.213: Freeing device
[  174.086936][   T24] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  174.181301][ T8883] loop1: detected capacity change from 0 to 40427
[  174.181930][ T8883] F2FS-fs: heap/no_heap options were deprecated
[  174.182486][ T8883] F2FS-fs (loop1): build fault injection rate: 19
[  174.182502][ T8883] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  174.201180][ T8883] F2FS-fs (loop1): invalid crc value
[  174.222486][ T8883] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  174.236861][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.242941][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.248071][   T24] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  174.250973][ T8883] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  174.251868][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.257643][   T24] usb 3-1: config 0 descriptor??
[  174.265012][ T8883] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  174.268189][ T8883] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  174.285821][ T8883] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  174.292080][ T8883] syz.1.1084: attempt to access beyond end of device
[  174.292080][ T8883] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  174.298340][ T8883] CPU: 0 UID: 0 PID: 8883 Comm: syz.1.1084 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  174.298351][ T8883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  174.298356][ T8883] Call Trace:
[  174.298360][ T8883]  <TASK>
[  174.298363][ T8883]  dump_stack_lvl+0x189/0x250
[  174.298377][ T8883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.298385][ T8883]  ? __pfx_queue_work_on+0x10/0x10
[  174.298393][ T8883]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  174.298405][ T8883]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  174.298419][ T8883]  f2fs_handle_critical_error+0x37c/0x540
[  174.298432][ T8883]  f2fs_write_end_io+0x886/0xb60
[  174.298448][ T8883]  __submit_merged_bio+0x27a/0x6a0
[  174.298461][ T8883]  __submit_merged_write_cond+0x255/0x530
[  174.298475][ T8883]  f2fs_write_data_pages+0x261d/0x3000
[  174.298485][ T8883]  ? lockdep_unlock+0x89/0x120
[  174.298510][ T8883]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  174.298541][ T8883]  ? check_path+0x21/0x40
[  174.298548][ T8883]  ? check_noncircular+0xe0/0x160
[  174.298578][ T8883]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  174.298588][ T8883]  do_writepages+0x32e/0x550
[  174.298603][ T8883]  ? do_raw_spin_unlock+0x4d/0x240
[  174.298639][ T8883]  filemap_fdatawrite+0x199/0x240
[  174.298652][ T8883]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  174.298685][ T8883]  ? do_raw_spin_unlock+0x4d/0x240
[  174.298695][ T8883]  f2fs_sync_dirty_inodes+0x31f/0x830
[  174.298710][ T8883]  f2fs_write_checkpoint+0x95a/0x1df0
[  174.298729][ T8883]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  174.298760][ T8883]  ? down_write+0x162/0x1f0
[  174.298767][ T8883]  ? __pfx_down_write+0x10/0x10
[  174.298782][ T8883]  f2fs_issue_checkpoint+0x3ac/0x570
[  174.298791][ T8883]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  174.298798][ T8883]  ? __lock_acquire+0xab9/0xd20
[  174.298817][ T8883]  ? __up_read+0x280/0x680
[  174.298829][ T8883]  ? f2fs_sync_fs+0x200/0x3d0
[  174.298841][ T8883]  f2fs_do_sync_file+0x869/0x1860
[  174.298853][ T8883]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  174.298879][ T8883]  ? f2fs_file_write_iter+0x4ac/0x2410
[  174.298890][ T8883]  ? vfs_fsync_range+0x12c/0x1c0
[  174.298897][ T8883]  ? f2fs_sync_file+0xe9/0x160
[  174.298906][ T8883]  f2fs_file_write_iter+0x753/0x2410
[  174.298926][ T8883]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  174.298932][ T8883]  ? rcu_read_lock_any_held+0xb3/0x120
[  174.298948][ T8883]  vfs_write+0x5c9/0xb30
[  174.298959][ T8883]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  174.298967][ T8883]  ? __pfx_vfs_write+0x10/0x10
[  174.298981][ T8883]  ? __fget_files+0x2a/0x420
[  174.298992][ T8883]  ksys_write+0x145/0x250
[  174.299002][ T8883]  ? __pfx_ksys_write+0x10/0x10
[  174.299009][ T8883]  ? rcu_is_watching+0x15/0xb0
[  174.299019][ T8883]  ? do_syscall_64+0xbe/0x3b0
[  174.299030][ T8883]  do_syscall_64+0xfa/0x3b0
[  174.299038][ T8883]  ? lockdep_hardirqs_on+0x9c/0x150
[  174.299046][ T8883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.299053][ T8883]  ? exc_page_fault+0x9f/0xf0
[  174.299062][ T8883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.299068][ T8883] RIP: 0033:0x7f047738ebe9
[  174.299075][ T8883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.299081][ T8883] RSP: 002b:00007f04782c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  174.299090][ T8883] RAX: ffffffffffffffda RBX: 00007f04775b5fa0 RCX: 00007f047738ebe9
[  174.299094][ T8883] RDX: 0000000000000078 RSI: 0000200000000180 RDI: 0000000000000004
[  174.299099][ T8883] RBP: 00007f0477411e19 R08: 0000000000000000 R09: 0000000000000000
[  174.299103][ T8883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  174.299107][ T8883] R13: 00007f04775b6038 R14: 00007f04775b5fa0 R15: 00007fffc74e4d68
[  174.299120][ T8883]  </TASK>
[  174.299123][ T8883] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  174.481902][   T24] usbhid 3-1:0.0: can't add hid device: -71
[  174.484512][   T24] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  174.491699][   T24] usb 3-1: USB disconnect, device number 18
[  174.798926][ T8899] overlayfs: missing 'lowerdir'
[  174.936699][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  175.075521][ T8905] loop3: detected capacity change from 0 to 512
[  175.083791][ T8905] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  175.091524][ T8905] EXT4-fs (loop3): orphan cleanup on readonly fs
[  175.097838][ T8905] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1092: bg 0: block 248: padding at end of block bitmap is not set
[  175.105298][ T8905] Quota error (device loop3): write_blk: dquota write failed
[  175.105451][    T9] usb 3-1: Using ep0 maxpacket: 32
[  175.108570][ T8905] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  175.114253][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.114916][ T8905] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1092: Failed to acquire dquot type 1
[  175.119772][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.126825][ T8905] EXT4-fs (loop3): 1 truncate cleaned up
[  175.128694][    T9] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  175.134813][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.136433][ T8905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  175.149379][    T9] usb 3-1: config 0 descriptor??
[  175.153816][    T9] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  175.170254][    T9] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  175.175175][ T8905] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  175.179947][ T8905] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  175.184099][ T8905] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  175.196221][ T8905] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  175.199873][ T8905] ext4 filesystem being remounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.235394][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.411975][ T8881] ldusb 3-1:0.0: Couldn't submit interrupt_in_urb -90
[  175.420578][   T51] usb 3-1: USB disconnect, device number 19
[  175.429816][   T51] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  177.745956][ T8940] tipc: Started in network mode
[  177.748188][ T8940] tipc: Node identity 0000000000000000000085d3ab8e0001, cluster identity 4711
[  177.752001][ T8940] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  177.764136][ T8936] loop3: detected capacity change from 0 to 32768
[  177.769092][ T8936] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1102 (8936)
[  177.777465][ T8936] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.781743][ T8936] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  177.785450][ T8936] BTRFS info (device loop3): disk space caching is enabled
[  177.788730][ T8936] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  177.869153][ T8936] BTRFS info (device loop3): rebuilding free space tree
[  177.882952][ T8936] BTRFS info (device loop3): disabling free space tree
[  177.895078][ T8936] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  177.899032][ T8936] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  178.059113][ T6083] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  178.166824][ T8963] loop2: detected capacity change from 0 to 32768
[  178.180864][ T8963] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1107 (8963)
[  178.201696][ T8963] BTRFS info (device loop2 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  178.213911][ T8963] BTRFS info (device loop2 state S): using crc32c (crc32c-lib) checksum algorithm
[  178.218321][ T8963] BTRFS info (device loop2 state S): using free-space-tree
[  178.292355][   T69] BTRFS warning (device loop2 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xb6869543 level 0, ignored
[  178.303091][ T8963] BTRFS error (device loop2 state S): failed to find fsid c9fe44da-de57-406a-8241-570000000000 when attempting to open seed devices
[  178.318913][ T8963] BTRFS error (device loop2 state S): failed to read chunk tree: -2
[  178.340647][ T8963] BTRFS error (device loop2 state S): open_ctree failed: -2
[  178.449532][   T51] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  178.570827][ T8986] loop2: detected capacity change from 0 to 1024
[  178.579505][ T8986] EXT4-fs: Ignoring removed orlov option
[  178.594822][ T8986] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.609443][ T8986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.615699][   T51] usb 4-1: Using ep0 maxpacket: 16
[  178.619375][   T51] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  178.622462][   T51] usb 4-1: config 0 has no interface number 0
[  178.625123][   T51] usb 4-1: config 0 interface 41 has no altsetting 0
[  178.631115][   T51] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  178.635147][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.638190][   T51] usb 4-1: Product: syz
[  178.639955][   T51] usb 4-1: Manufacturer: syz
[  178.641689][   T51] usb 4-1: SerialNumber: syz
[  178.660629][   T51] usb 4-1: config 0 descriptor??
[  178.673561][   T51] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -22
[  178.717967][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.797195][ T8993] loop2: detected capacity change from 0 to 512
[  178.809493][ T8993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.815642][ T8993] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.881956][   T51] usb 4-1: USB disconnect, device number 15
[  178.977180][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.013495][ T9004] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1116'.
[  179.354745][   T51] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  179.525091][   T51] usb 3-1: Using ep0 maxpacket: 8
[  179.542644][   T51] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  179.551010][   T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.554019][   T51] usb 3-1: Product: syz
[  179.560218][   T51] usb 3-1: Manufacturer: syz
[  179.562234][   T51] usb 3-1: SerialNumber: syz
[  179.588821][   T51] usb 3-1: config 0 descriptor??
[  179.652075][   T51] gspca_main: se401-2.14.0 probing 047d:5003
[  179.817409][ T9035] loop3: detected capacity change from 0 to 1024
[  179.871716][ T1090] hfsplus: b-tree write err: -5, ino 4
[  180.049983][   T51] gspca_se401: Too many frame sizes
[  180.157541][ T9040] loop3: detected capacity change from 0 to 32768
[  180.182192][ T9040] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  180.258660][ T9040] (syz.3.1133,9040,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  180.265030][   T51] usb 3-1: USB disconnect, device number 20
[  180.303130][ T6083] ocfs2: Unmounting device (7,3) on (node local)
[  181.124738][ T5995] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  181.277542][ T5995] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  181.289933][ T5995] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  181.294301][ T5995] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  181.300489][ T5995] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  181.304155][ T5995] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.326752][ T9069] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  181.506973][ T9082] loop1: detected capacity change from 0 to 764
[  181.670214][ T9088] netlink: 'syz.1.1152': attribute type 1 has an invalid length.
[  181.742407][ T5995] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  181.752181][ T5995] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input12
[  181.794304][ T5995] usb 3-1: USB disconnect, device number 21
[  181.796977][    C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  182.111487][ T9110] loop1: detected capacity change from 0 to 1024
[  182.129227][ T9110] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  182.141427][ T9110] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.157309][ T9110] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.1163: missing EA_INODE flag
[  182.165658][ T9110] EXT4-fs (loop1): Remounting filesystem read-only
[  182.183617][ T5948] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.372473][ T9124] loop1: detected capacity change from 0 to 1024
[  182.585677][ T5995] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  182.744979][ T5995] usb 3-1: Using ep0 maxpacket: 16
[  182.750406][ T5995] usb 3-1: unable to get BOS descriptor or descriptor too short
[  182.755268][ T5995] usb 3-1: config 1 has an invalid interface number: 206 but max is 0
[  182.758833][ T5995] usb 3-1: config 1 has no interface number 0
[  182.765337][ T5995] usb 3-1: string descriptor 0 read error: -22
[  182.768247][ T5995] usb 3-1: New USB device found, idVendor=152d, idProduct=0310, bcdDevice=3b.0a
[  182.773985][ T5995] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.802440][ T5995] uvcvideo 3-1:1.206: probe with driver uvcvideo failed with error -22
[  182.817932][ T9143] loop1: detected capacity change from 0 to 8192
[  182.866863][ T6271]  loop1: p1 < > p2 < p5 > p4
[  182.873322][ T6271] loop1: p4 size 16776960 extends beyond EOD, truncated
[  182.878683][ T6271] loop1: p5 size 16776960 extends beyond EOD, truncated
[  182.891920][ T9143]  loop1: p1 < > p2 < p5 > p4
[  182.896638][ T9143] loop1: p4 size 16776960 extends beyond EOD, truncated
[  182.900453][ T9143] loop1: p5 size 16776960 extends beyond EOD, truncated
[  182.933999][ T9145] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1179'.
[  182.940700][ T9145] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  182.976586][ T5947] udevd[5947]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  182.980932][ T6270] udevd[6270]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  182.981398][ T6271] udevd[6271]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  182.988968][ T6269] udevd[6269]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  183.003733][ T9147] geneve3: entered allmulticast mode
[  183.008243][ T5995] usb 3-1: USB disconnect, device number 22
[  183.020785][ T5947] udevd[5947]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  183.026735][ T6270] udevd[6270]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  183.029839][ T6271] udevd[6271]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  183.040398][ T6278] udevd[6278]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  183.092042][ T5950] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  183.100085][ T5950] Bluetooth: hci1: Injecting HCI hardware error event
[  183.104312][ T5944] Bluetooth: hci1: hardware error 0x00
[  183.304342][ T9155] netlink: 'syz.3.1184': attribute type 9 has an invalid length.
[  183.730246][ T9175] capability: warning: `syz.3.1194' uses 32-bit capabilities (legacy support in use)
[  183.813487][ T9169] loop2: detected capacity change from 0 to 32768
[  183.831510][ T9169] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1191 (9169)
[  183.865155][ T9169] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  183.870389][ T9169] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  183.875415][ T9169] BTRFS info (device loop2): using free-space-tree
[  183.893452][ T9186] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1196'.
[  183.968474][   T33] audit: type=1800 audit(1755553427.789:40): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1191" name="file2" dev="loop2" ino=261 res=0 errno=0
[  184.029871][ T5952] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  184.284839][ T5995] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  184.312917][ T9205] loop2: detected capacity change from 0 to 32768
[  184.320060][ T9205] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.329729][ T9205] XFS (loop2): Ending clean mount
[  184.339288][ T9205] XFS (loop2): Quotacheck needed: Please wait.
[  184.366426][ T9205] XFS (loop2): Quotacheck: Done.
[  184.404029][ T5952] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.447108][ T5995] usb 4-1: Using ep0 maxpacket: 8
[  184.456411][ T5995] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  184.463407][ T5995] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  184.486507][ T5995] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  184.490860][ T5995] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  184.504040][ T5995] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  184.520168][ T5995] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  184.540940][ T5995] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  184.546525][ T5995] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.550107][ T5995] usb 4-1: Product: syz
[  184.552025][ T5995] usb 4-1: Manufacturer: syz
[  184.553903][ T5995] usb 4-1: SerialNumber: syz
[  184.561508][ T5995] usb 4-1: config 0 descriptor??
[  184.573149][ T9201] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  184.578606][ T5995] ati_remote 4-1:0.0: ati_remote_probe: Unexpected endpoint_out
[  184.787036][   T51] usb 4-1: USB disconnect, device number 16
[  185.164717][ T5944] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  185.497373][ T9221] loop3: detected capacity change from 0 to 32768
[  185.501358][ T9221] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1203 (9221)
[  185.518355][ T9221] BTRFS info (device loop3 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  185.522867][ T9221] BTRFS info (device loop3 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  185.527587][ T9221] BTRFS info (device loop3 state S): using free-space-tree
[  185.605022][ T9221] BTRFS info (device loop3 state MCS): max_inline set to 0
[  185.633240][ T6083] BTRFS info (device loop3 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  185.775694][ T9239] loop2: detected capacity change from 0 to 32768
[  185.812975][   T33] audit: type=1800 audit(1755553429.629:41): pid=9239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1207" name="file1" dev="loop2" ino=4 res=0 errno=0
[  186.053289][ T9255] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1211'.
[  186.111222][ T9257] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  186.178991][ T9239] ERROR: (device loop2): dbAdjCtl: the maximum free buddy is not the old root
[  186.178991][ T9239] 
[  186.186706][ T9239] ERROR: (device loop2): remounting filesystem as read-only
[  186.203169][ T9261] loop3: detected capacity change from 0 to 1024
[  186.317599][ T9265] loop1: detected capacity change from 0 to 2048
[  186.328593][ T9267] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  186.335973][ T9267] syzkaller0: entered promiscuous mode
[  186.343163][ T9267] syzkaller0: entered allmulticast mode
[  186.356985][ T9268] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  186.364481][ T9267] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  186.399742][ T9267] tipc: Resetting bearer <eth:syzkaller0>
[  186.404293][ T9266] tipc: Resetting bearer <eth:syzkaller0>
[  186.425872][ T9266] tipc: Disabling bearer <eth:syzkaller0>
[  186.430446][ T9265] NILFS (loop1): error -2 truncating bmap (ino=16)
[  186.455094][ T9268] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[  186.460245][ T9268] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16)
[  186.471336][ T9268] Remounting filesystem read-only
[  186.473400][ T5948] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  186.529470][ T9272] loop3: detected capacity change from 0 to 512
[  186.539628][ T9271] loop1: detected capacity change from 0 to 2048
[  186.545299][ T9272] EXT4-fs: Ignoring removed nobh option
[  186.550659][ T9272] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  186.555776][ T9271] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.560706][ T9272] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1220: iget: bad i_size value: 38620345925642
[  186.571588][ T9272] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1220: couldn't read orphan inode 15 (err -117)
[  186.577164][ T9272] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.587735][ T9271] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.613044][   T28] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u9:1: bg 0: block 5: invalid block bitmap
[  186.621808][   T28] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  186.628279][   T28] EXT4-fs (loop3): This should not happen!! Data will be lost
[  186.628279][   T28] 
[  186.632329][   T28] EXT4-fs (loop3): Total free blocks count 0
[  186.635090][   T28] EXT4-fs (loop3): Free/Dirty block details
[  186.637222][   T28] EXT4-fs (loop3): free_blocks=0
[  186.638999][   T28] EXT4-fs (loop3): dirty_blocks=64
[  186.640871][   T28] EXT4-fs (loop3): Block reservation details
[  186.643134][   T28] EXT4-fs (loop3): i_reserved_data_blocks=64
[  186.651312][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.689352][ T9278] loop3: detected capacity change from 0 to 256
[  186.729710][ T5948] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.964265][ T9298] netlink: 'syz.2.1230': attribute type 1 has an invalid length.
[  186.977356][ T9296] loop1: detected capacity change from 0 to 4096
[  186.990505][ T9296] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  187.023050][ T9296] ntfs3(loop1): ino=19, mi_enum_attr
[  187.027561][ T9296] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  187.039350][ T9296] ntfs3(loop1): failed to convert "c46c" to cp737
[  187.047451][ T9296] ntfs3(loop1): ino=20, mi_enum_attr
[  187.254790][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  187.404723][   T24] usb 3-1: Using ep0 maxpacket: 8
[  187.409079][   T24] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.413895][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.418278][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  187.422545][   T24] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.427997][   T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  187.431825][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.568832][ T5995] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  187.642816][   T24] usb 3-1: GET_CAPABILITIES returned 0
[  187.650477][   T24] usbtmc 3-1:16.0: can't read capabilities
[  187.728072][ T5995] usb 4-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  187.732547][ T5995] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  187.737773][ T5995] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  187.744855][ T5995] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  187.748619][ T5995] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  187.752008][ T5995] usb 4-1: SerialNumber: syz
[  187.849713][    T9] usb 3-1: USB disconnect, device number 23
[  187.934654][   T24] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  187.962897][ T5995] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  187.970150][ T5995] usb 4-1: USB disconnect, device number 17
[  188.087681][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.092282][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.096786][   T24] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  188.100489][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.108096][   T24] usb 2-1: config 0 descriptor??
[  188.530104][   T24] lenovo 0003:17EF:6047.000C: unknown main item tag 0x0
[  188.533202][   T24] lenovo 0003:17EF:6047.000C: unknown main item tag 0x0
[  188.540416][   T24] lenovo 0003:17EF:6047.000C: unknown main item tag 0x0
[  188.542903][   T24] lenovo 0003:17EF:6047.000C: unknown main item tag 0x0
[  188.550753][   T24] lenovo 0003:17EF:6047.000C: unknown main item tag 0x0
[  188.558207][   T24] lenovo 0003:17EF:6047.000C: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0
[  188.591920][ T9333] loop3: detected capacity change from 0 to 512
[  188.599966][ T9333] EXT4-fs (loop3): Test dummy encryption mode enabled
[  188.612686][ T9333] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.639028][ T9333] EXT4-fs error (device loop3): ext4_add_entry:2417: inode #2: comm syz.3.1247: Directory hole found for htree leaf block 0
[  188.646886][ T9333] EXT4-fs (loop3): Remounting filesystem read-only
[  188.666975][ T6083] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  188.731069][   T24] usb 2-1: USB disconnect, device number 14
[  188.767564][ T9339] loop3: detected capacity change from 0 to 512
[  188.793859][ T9339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.800195][ T9339] ext4 filesystem being mounted at /371/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.814199][ T9339] fs-verity (loop3, inode 15): Unrecognized descriptor size: 0 bytes
[  188.835940][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.872390][ T9343] loop3: detected capacity change from 0 to 64
[  188.883133][ T9343] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  189.348761][ T9347] loop2: detected capacity change from 0 to 4096
[  189.385022][ T9347] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.401197][   T33] audit: type=1800 audit(1755553433.219:42): pid=9347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1252" name="bus" dev="loop2" ino=18 res=0 errno=0
[  189.780033][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.093096][ T9386] loop2: detected capacity change from 0 to 512
[  191.099636][ T9386] EXT4-fs: Ignoring removed bh option
[  191.102584][ T9386] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  191.112850][ T9386] EXT4-fs (loop2): 1 truncate cleaned up
[  191.121752][ T9386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.624057][   T33] audit: type=1800 audit(1755553435.429:43): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1268" name="bus" dev="loop2" ino=18 res=0 errno=0
[  191.872001][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1271'.
[  191.991878][ T9401] CUSE: info not properly terminated
[  192.017433][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.864656][   T51] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  193.016629][   T51] usb 2-1: No LPM exit latency info found, disabling LPM.
[  193.022456][   T51] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  193.026776][   T51] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  193.031133][   T51] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  193.043989][   T51] usb 2-1: string descriptor 0 read error: -22
[  193.125556][   T51] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  193.129989][   T51] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.154359][   T51] usb 2-1: 0:2 : does not exist
[  193.362772][   T51] usb 2-1: USB disconnect, device number 15
[  193.684685][ T5995] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  193.856251][ T5995] usb 4-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=de.ad
[  193.859325][ T5995] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.875365][ T5995] usb 4-1: config 0 descriptor??
[  194.106087][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  194.108246][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  194.116839][ T5995] usb 4-1: can't set first interface for hiFace device.
[  194.119065][ T5995] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -5
[  194.133725][ T5995] usb 4-1: USB disconnect, device number 18
[  194.196125][ T9431] netlink: 'syz.2.1284': attribute type 5 has an invalid length.
[  196.050688][ T9480] loop3: detected capacity change from 0 to 1024
[  196.133486][ T5950] Bluetooth: hci2: command 0x0406 tx timeout
[  196.140565][   T52] hfsplus: b-tree write err: -5, ino 3
[  196.145755][ T6083] hfsplus: node 4:3 still has 1 user(s)!
[  196.938591][ T9497] loop2: detected capacity change from 0 to 64
[  196.946550][ T9497] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  196.953071][ T9497] BFS-fs: bfs_fill_super(): Inode 0x00000003 corrupted on loop2
[  197.406738][ T9523] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1325'.
[  197.506738][ T9522] loop1: detected capacity change from 0 to 2048
[  197.530793][ T9525] loop2: detected capacity change from 0 to 512
[  197.581164][ T9525] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.597519][ T9525] ext4 filesystem being mounted at /456/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  197.623591][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.640266][ T9529] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  197.641888][ T9525] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1326: mark_inode_dirty error
[  197.653903][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.684110][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.702811][ T9525] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1326: mark_inode_dirty error
[  197.713271][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.719360][ T9525] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.1326: mark_inode_dirty error
[  197.724370][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.730669][ T9525] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.1326: mark_inode_dirty error
[  197.740490][ T9525] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.1326: corrupted inode contents
[  197.741100][ T9522] NILFS (loop1): error -2 truncating bmap (ino=16)
[  197.796843][ T9529] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[  197.799828][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.801202][ T9529] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16)
[  197.822613][ T9529] Remounting filesystem read-only
[  197.835532][ T5948] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  198.069545][ T9533] loop2: detected capacity change from 0 to 1024
[  198.089958][ T9533] EXT4-fs: Ignoring removed orlov option
[  198.117706][ T9533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.186939][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.276484][ T9543] loop2: detected capacity change from 0 to 64
[  198.401866][ T9547] loop2: detected capacity change from 0 to 256
[  198.415339][ T9547] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  198.510672][ T9551] loop2: detected capacity change from 0 to 1024
[  198.514324][ T9551] EXT4-fs: Ignoring removed nobh option
[  198.518101][ T9551] EXT4-fs: Ignoring removed bh option
[  198.562598][ T9551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.635178][   T51] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  198.663052][ T5952] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.795266][   T51] usb 4-1: Using ep0 maxpacket: 16
[  198.806253][   T51] usb 4-1: config 0 has an invalid interface number: 101 but max is 0
[  198.809589][   T51] usb 4-1: config 0 has no interface number 0
[  198.812129][   T51] usb 4-1: config 0 interface 101 has no altsetting 0
[  198.821200][   T51] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  198.825267][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.828855][   T51] usb 4-1: Product: syz
[  198.830673][   T51] usb 4-1: Manufacturer: syz
[  198.835687][   T51] usb 4-1: SerialNumber: syz
[  198.850980][   T51] usb 4-1: config 0 descriptor??
[  198.855840][   T51] ums-onetouch 4-1:0.101: USB Mass Storage device detected
[  199.083124][ T5995] usb 4-1: USB disconnect, device number 19
[  199.721765][ T9570] loop3: detected capacity change from 0 to 1024
[  199.728364][ T9572] 9pnet: p9_errstr2errno: server reported unknown error @c0xffffffffffffffff
[  199.732949][ T9570] EXT4-fs: Ignoring removed orlov option
[  199.735878][ T9570] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.761559][ T9570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.889507][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.235513][ T9595] loop3: detected capacity change from 0 to 1024
[  200.245004][ T9597] loop2: detected capacity change from 0 to 256
[  200.255537][ T9595] hfsplus: bad catalog entry type
[  200.259972][ T9597] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xecfd5def, utbl_chksum : 0xe619d30d)
[  200.297752][   T69] hfsplus: b-tree write err: -5, ino 4
[  200.408922][ T9601] loop3: detected capacity change from 0 to 512
[  200.411596][ T9601] EXT4-fs: Ignoring removed mblk_io_submit option
[  200.414503][ T9601] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  200.419870][ T9601] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  200.423081][ T9601] EXT4-fs (loop3): orphan cleanup on readonly fs
[  200.449182][ T9601] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1357: Invalid block bitmap block 0 in block_group 0
[  200.480580][ T9601] EXT4-fs (loop3): Remounting filesystem read-only
[  200.830997][ T9601] Quota error (device loop3): write_blk: dquota write failed
[  200.834310][ T9601] Quota error (device loop3): write_blk: dquota write failed
[  200.853486][ T9601] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  200.861353][ T9601] EXT4-fs (loop3): 1 orphan inode deleted
[  200.869557][ T9601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  200.910818][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.031007][ T9618] loop3: detected capacity change from 0 to 512
[  201.039520][ T9618] EXT4-fs: Ignoring removed nobh option
[  201.079033][ T9618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.084172][ T9618] ext4 filesystem being mounted at /400/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  201.114131][ T9618] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #2: block 3: comm syz.3.1365: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  201.125107][ T9618] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #2: block 3: comm syz.3.1365: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  201.196874][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.244819][ T5950] Bluetooth: hci0: command 0x0406 tx timeout
[  201.446480][ T9635] loop3: detected capacity change from 0 to 2048
[  201.471723][ T9636] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  201.497210][ T9635] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=7, rec_len=16, name_len=1
[  201.521972][ T9635] Remounting filesystem read-only
[  201.522250][ T9638] loop1: detected capacity change from 0 to 256
[  201.536563][ T9638] exfat: Deprecated parameter 'namecase'
[  201.552548][ T9638] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  201.804635][ T5995] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  201.854772][    T9] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  201.880676][ T9642] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  201.975553][ T5995] usb 2-1: Using ep0 maxpacket: 8
[  201.978728][ T5995] usb 2-1: config 0 has an invalid interface number: 122 but max is 0
[  201.982090][ T5995] usb 2-1: config 0 has an invalid descriptor of length 138, skipping remainder of the config
[  201.987303][ T5995] usb 2-1: config 0 has no interface number 0
[  201.989582][ T5995] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  201.993329][ T5995] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  201.998096][ T5995] usb 2-1: config 0 interface 122 altsetting 0 has an endpoint descriptor with address 0x26, changing to 0x6
[  202.002130][ T5995] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0x6 has invalid maxpacket 30788, setting to 64
[  202.006652][ T5995] usb 2-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  202.012222][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  202.018474][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 24929, setting to 64
[  202.023400][ T5995] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  202.027148][ T5995] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.030039][ T5995] usb 2-1: Product: syz
[  202.031829][ T5995] usb 2-1: Manufacturer: syz
[  202.033701][ T5995] usb 2-1: SerialNumber: syz
[  202.041661][    T9] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  202.045695][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.048546][ T5995] usb 2-1: config 0 descriptor??
[  202.050543][    T9] usb 4-1: Product: syz
[  202.052981][ T9638] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  202.057952][    T9] usb 4-1: Manufacturer: syz
[  202.059719][    T9] usb 4-1: SerialNumber: syz
[  202.063227][    T9] usb 4-1: config 0 descriptor??
[  202.066158][ T9640] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  202.124912][    T9] rc_core: IR keymap rc-streamzap not found
[  202.129304][    T9] Registered IR keymap rc-empty
[  202.133458][    T9] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  202.146953][    T9] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input13
[  202.240917][ T9649] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1376'.
[  202.274805][   T24] usb 4-1: USB disconnect, device number 20
[  202.276062][ T5995] usb 2-1: NFC: intf ffff8880277c0000 id ffffffff8eb53ba0
[  202.309386][ T5995] usb 2-1: USB disconnect, device number 16
[  202.318506][ T9651] loop2: detected capacity change from 0 to 1024
[  203.200780][ T9667] loop1: detected capacity change from 0 to 32768
[  203.209933][ T9667] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1383 (9667)
[  203.219556][ T9667] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.223763][ T9667] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  203.227522][ T9667] BTRFS info (device loop1): using free-space-tree
[  203.249267][ T9667] BTRFS info (device loop1): rebuilding free space tree
[  203.347197][ T5987] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  203.518154][ T5948] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.527137][ T9695] ieee802154 phy0 wpan0: encryption failed: -22
[  206.215006][ T9723] loop1: detected capacity change from 0 to 40427
[  206.222974][ T9723] F2FS-fs (loop1): invalid crc value
[  206.457305][ T9723] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  206.465290][ T9723] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  206.467859][ T9733] loop3: detected capacity change from 0 to 16
[  206.479317][ T9733] erofs (device loop3): mounted with root inode @ nid 36.
[  206.707529][ T9723] syz.1.1399: attempt to access beyond end of device
[  206.707529][ T9723] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  206.760676][ T5948] syz-executor: attempt to access beyond end of device
[  206.760676][ T5948] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  206.771867][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  206.771912][ T5948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  206.771920][ T5948] Call Trace:
[  206.771926][ T5948]  <TASK>
[  206.771932][ T5948]  dump_stack_lvl+0x189/0x250
[  206.771954][ T5948]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.771967][ T5948]  ? __pfx_queue_work_on+0x10/0x10
[  206.771980][ T5948]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  206.771995][ T5948]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  206.772016][ T5948]  f2fs_handle_critical_error+0x37c/0x540
[  206.772036][ T5948]  f2fs_write_end_io+0x886/0xb60
[  206.772060][ T5948]  __submit_merged_bio+0x27a/0x6a0
[  206.772079][ T5948]  __submit_merged_write_cond+0x255/0x530
[  206.772099][ T5948]  f2fs_write_data_pages+0x261d/0x3000
[  206.772138][ T5948]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  206.772163][ T5948]  ? kernel_text_address+0xa5/0xe0
[  206.772199][ T5948]  ? stack_depot_save_flags+0x40/0x860
[  206.772237][ T5948]  ? __lock_acquire+0xab9/0xd20
[  206.772264][ T5948]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  206.772279][ T5948]  do_writepages+0x32e/0x550
[  206.772303][ T5948]  ? do_raw_spin_unlock+0x4d/0x240
[  206.772320][ T5948]  filemap_fdatawrite+0x199/0x240
[  206.772334][ T5948]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  206.772382][ T5948]  ? do_raw_spin_unlock+0x4d/0x240
[  206.772433][ T5948]  f2fs_sync_dirty_inodes+0x31f/0x830
[  206.772455][ T5948]  f2fs_write_checkpoint+0x95a/0x1df0
[  206.772483][ T5948]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  206.772527][ T5948]  ? kill_f2fs_super+0x298/0x6c0
[  206.772542][ T5948]  kill_f2fs_super+0x2c3/0x6c0
[  206.772557][ T5948]  ? __pfx_kill_f2fs_super+0x10/0x10
[  206.772566][ T5948]  ? radix_tree_delete_item+0x2b6/0x400
[  206.772586][ T5948]  ? shrinker_free+0x2ce/0x3e0
[  206.772600][ T5948]  deactivate_locked_super+0xbc/0x130
[  206.772616][ T5948]  cleanup_mnt+0x425/0x4c0
[  206.772629][ T5948]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.772645][ T5948]  task_work_run+0x1d4/0x260
[  206.772661][ T5948]  ? __pfx_task_work_run+0x10/0x10
[  206.772682][ T5948]  ? __x64_sys_umount+0x122/0x160
[  206.772701][ T5948]  ? exit_to_user_mode_loop+0x40/0x110
[  206.772719][ T5948]  exit_to_user_mode_loop+0xec/0x110
[  206.772734][ T5948]  do_syscall_64+0x2bd/0x3b0
[  206.772749][ T5948]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.772762][ T5948]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.772774][ T5948]  ? exc_page_fault+0x9f/0xf0
[  206.772788][ T5948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.772798][ T5948] RIP: 0033:0x7f047738ff17
[  206.772811][ T5948] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  206.772820][ T5948] RSP: 002b:00007fffc74e3ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  206.772834][ T5948] RAX: 0000000000000000 RBX: 00007f0477411c05 RCX: 00007f047738ff17
[  206.772842][ T5948] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc74e40b0
[  206.772848][ T5948] RBP: 00007fffc74e40b0 R08: 0000000000000000 R09: 0000000000000000
[  206.772855][ T5948] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffc74e5140
[  206.772862][ T5948] R13: 00007f0477411c05 R14: 0000000000032713 R15: 00007fffc74e5180
[  206.772882][ T5948]  </TASK>
[  206.772947][ T5948] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  206.915036][   T51] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  207.064790][   T51] usb 4-1: Using ep0 maxpacket: 32
[  207.069881][   T51] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  207.076147][   T51] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.099800][   T51] usb 4-1: config 0 descriptor??
[  207.104023][   T51] gspca_main: sunplus-2.14.0 probing 041e:400b
[  208.178367][   T33] audit: type=1326 audit(1755553451.999:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.192920][   T33] audit: type=1326 audit(1755553452.009:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.211883][   T33] audit: type=1326 audit(1755553452.009:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.220455][   T33] audit: type=1326 audit(1755553452.009:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.228805][   T33] audit: type=1326 audit(1755553452.009:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.238442][   T33] audit: type=1326 audit(1755553452.009:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.249596][   T33] audit: type=1326 audit(1755553452.009:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.260598][   T33] audit: type=1326 audit(1755553452.009:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9740 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec078ebe9 code=0x7ffc0000
[  208.902289][   T51] gspca_sunplus: reg_w_riv err -71
[  208.905607][   T51] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  208.918765][   T51] usb 4-1: USB disconnect, device number 21
[  209.378881][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1409'.
[  210.284725][ T6363] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  210.434688][ T6363] usb 4-1: Using ep0 maxpacket: 16
[  210.441190][ T6363] usb 4-1: config index 0 descriptor too short (expected 4495, got 71)
[  210.449089][ T6363] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  210.457654][ T6363] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.461989][ T6363] usb 4-1: config 0 has no interface number 0
[  210.499627][ T6363] usb 4-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01
[  210.503612][ T6363] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.507183][ T6363] usb 4-1: Product: syz
[  210.509643][ T6363] usb 4-1: Manufacturer: syz
[  210.511770][ T6363] usb 4-1: SerialNumber: syz
[  210.528148][ T6363] usb 4-1: config 0 descriptor??
[  210.905958][ T6363] usb 4-1: Found UVC 0.00 device syz (046c:14e0)
[  210.909057][ T6363] usb 4-1: No valid video chain found.
[  211.069616][ T5995] usb 4-1: USB disconnect, device number 22
[  211.343321][ T9779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1420'.
[  211.441877][ T9789] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1425'.
[  211.460479][ T9791] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1426'.
[  211.698112][ T9809] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1435'.
[  211.823200][ T9822] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1442'.
[  211.831199][ T9823] netlink: 'syz.3.1440': attribute type 2 has an invalid length.
[  212.062985][ T9829] loop3: detected capacity change from 0 to 32768
[  212.455769][ T9831] loop1: detected capacity change from 0 to 32768
[  212.464267][ T9831] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1445 (9831)
[  212.473342][ T9829] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  212.479568][ T9831] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  212.484242][ T9831] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  212.489867][ T9831] BTRFS info (device loop1): disk space caching is enabled
[  212.493103][ T9831] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  212.567113][ T9831] BTRFS info (device loop1): rebuilding free space tree
[  212.588442][ T9831] BTRFS info (device loop1): disabling free space tree
[  212.591453][ T9831] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  212.596521][ T9831] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  212.596686][ T6083] ocfs2: Unmounting device (7,3) on (node local)
[  212.747654][ T5948] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  213.405195][ T5950] Bluetooth: hci0: command 0x0406 tx timeout
[  213.785479][ T9885] IPv6: Can't replace route, no match found
[  213.854733][    T9] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  214.021090][    T9] usb 3-1: Using ep0 maxpacket: 32
[  214.040122][    T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  214.045557][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  214.050112][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  214.054444][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  214.428704][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  214.457044][    T9] usb 3-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  214.460601][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.463622][    T9] usb 3-1: Product: syz
[  214.475395][    T9] usb 3-1: Manufacturer: syz
[  214.477258][    T9] usb 3-1: SerialNumber: syz
[  214.497139][    T9] usb 3-1: config 0 descriptor??
[  214.932190][    T9] iforce 3-1:0.0: usb_submit_urb failed: -32
[  214.937986][    T9] input input15: Device does not respond to id packet M
[  214.945813][    T9] iforce 3-1:0.0: usb_submit_urb failed: -32
[  214.954740][    T9] input input15: Device does not respond to id packet P
[  214.969701][    T9] input input15: Device does not respond to id packet B
[  215.180877][    T9] iforce 3-1:0.0: usb_submit_urb failed: -71
[  215.183450][    T9] input input15: Device does not respond to id packet N
[  215.223676][    T9] iforce 3-1:0.0: usb_submit_urb failed: -71
[  215.226858][    T9] iforce 3-1:0.0: usb_submit_urb failed: -71
[  215.229648][    T9] iforce 3-1:0.0: usb_submit_urb failed: -71
[  215.236773][    T9] iforce 3-1:0.0: usb_submit_urb failed: -71
[  215.242474][    T9] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input15
[  215.254215][    T9] usb 3-1: USB disconnect, device number 24
[  215.271322][ T9908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1472'.
[  215.292368][ T9908] bridge_slave_0: default FDB implementation only supports local addresses
[  216.022735][ T9919] loop1: detected capacity change from 0 to 32768
[  216.084440][ T9919] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc64,noinodes_32bit,nocow
[  216.084453][ T9919]   allowing incompatible features above 0.0: (unknown version)
[  216.084458][ T9919]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  216.100988][ T9919] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  216.103821][ T9919] bcachefs (loop1): initializing new filesystem
[  216.111355][ T9919] bcachefs (loop1): going read-write
[  216.118187][ T9919] bcachefs (loop1): marking superblocks
[  216.130028][ T9919] bcachefs (loop1): initializing freespace
[  216.134009][ T9919] bcachefs (loop1): done initializing freespace
[  216.138805][ T9919] bcachefs (loop1): reading snapshots table
[  216.140935][ T9919] bcachefs (loop1): reading snapshots done
[  216.161076][ T9919] bcachefs (loop1):  loop1: Superblock write was silently dropped! (seq 0 expected 42)
[  216.165445][ T9919] bcachefs (loop1): done starting filesystem
[  216.223755][ T5948] bcachefs (loop1): shutting down
[  216.230477][ T5948] bcachefs (loop1): going read-only
[  216.232610][ T5948] bcachefs (loop1): finished waiting for writes to stop
[  216.238447][ T5948] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  216.261980][ T5948] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 2
[  216.266796][ T5948] bcachefs (loop1): clean shutdown complete, journal seq 3
[  216.270186][ T5948] bcachefs (loop1): marking filesystem clean
[  216.285400][ T5948] bcachefs (loop1): shutdown complete
[  216.444046][ T9943] netlink: 'syz.2.1484': attribute type 1 has an invalid length.
[  216.447720][ T9943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1484'.
[  216.991217][ T9973] syz.2.1499 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  217.306655][ T9981] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1503'.
[  217.630424][ T9945] loop3: detected capacity change from 0 to 262144
[  217.669831][ T9945] F2FS-fs (loop3): invalid crc value
[  217.836776][ T9945] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  217.845872][ T9945] F2FS-fs (loop3): Start checkpoint disabled!
[  217.860549][ T9945] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  219.439985][   T51] IPVS: starting estimator thread 0...
[  219.480486][T10020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1517'.
[  219.484654][T10020] bridge_slave_1: left allmulticast mode
[  219.487319][T10020] bridge_slave_1: left promiscuous mode
[  219.491842][T10020] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.500032][T10020] bridge_slave_0: left allmulticast mode
[  219.501975][T10020] bridge_slave_0: left promiscuous mode
[  219.503950][T10020] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.554952][T10016] IPVS: using max 80 ests per chain, 192000 per kthread
[  219.565082][ T5995] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  219.714664][ T5995] usb 2-1: Using ep0 maxpacket: 32
[  219.719061][ T5995] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.723976][ T5995] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  219.728836][ T5995] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.737565][ T5995] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  219.741941][ T5995] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.756552][ T5995] usb 2-1: config 0 descriptor??
[  219.762468][T10013] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  219.783326][ T5995] hub 2-1:0.0: USB hub found
[  220.031670][ T5995] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  220.039678][T10032] loop3: detected capacity change from 0 to 512
[  220.065151][T10032] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1523: casefold flag without casefold feature
[  220.072219][T10032] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1523: couldn't read orphan inode 15 (err -117)
[  220.084508][T10032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.170722][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.272390][ T5995] hid-generic 0003:046D:C314.000D: unknown main item tag 0x0
[  220.301196][ T5995] hid-generic 0003:046D:C314.000D: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.1-1/input0
[  220.689833][ T5995] usb 2-1: USB disconnect, device number 17
[  221.281177][T10059] loop3: detected capacity change from 0 to 512
[  221.292079][T10059] EXT4-fs: Ignoring removed bh option
[  221.322409][T10059] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  221.330476][T10059] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.335993][T10059] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  221.346835][T10059] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  221.351469][T10059] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  221.358510][T10059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.379159][T10059] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1533: bg 0: block 353: padding at end of block bitmap is not set
[  221.428837][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.492399][T10062] loop3: detected capacity change from 0 to 1024
[  221.501251][T10062] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  221.522956][T10062] hfsplus: filesystem is marked journaled, leaving read-only.
[  221.762421][T10075] loop3: detected capacity change from 0 to 512
[  221.786928][T10075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.860554][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.097424][T10079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'.
[  222.103265][T10079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'.
[  222.120863][T10079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1540'.
[  222.286856][T10088] loop1: detected capacity change from 0 to 2048
[  222.313707][T10092] loop3: detected capacity change from 0 to 256
[  222.317495][T10088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.321797][T10092] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  222.332831][T10092] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  222.400066][T10088] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1542: bg 0: block 234: padding at end of block bitmap is not set
[  222.411663][T10088] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1258 with error 28
[  222.417562][T10088] EXT4-fs (loop1): This should not happen!! Data will be lost
[  222.417562][T10088] 
[  222.420833][T10088] EXT4-fs (loop1): Total free blocks count 0
[  222.422998][T10088] EXT4-fs (loop1): Free/Dirty block details
[  222.426208][T10088] EXT4-fs (loop1): free_blocks=0
[  222.428038][T10088] EXT4-fs (loop1): dirty_blocks=1264
[  222.429793][T10088] EXT4-fs (loop1): Block reservation details
[  222.431893][T10088] EXT4-fs (loop1): i_reserved_data_blocks=79
[  222.501315][ T5948] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.507172][T10096] loop3: detected capacity change from 0 to 32768
[  222.620404][   T33] audit: type=1800 audit(1755553466.439:52): pid=10096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1546" name="file1" dev="loop3" ino=4 res=0 errno=0
[  222.719118][T10096] ERROR: (device loop3): dbAdjCtl: the maximum free buddy is not the old root
[  222.719118][T10096] 
[  222.723760][T10096] ERROR: (device loop3): remounting filesystem as read-only
[  222.872749][ T6363] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  223.034925][ T6363] usb 2-1: Using ep0 maxpacket: 32
[  223.046612][ T6363] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.069611][ T6363] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.072808][ T6363] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  223.076542][ T6363] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.083020][ T6363] usb 2-1: config 0 descriptor??
[  223.088176][ T6363] hub 2-1:0.0: USB hub found
[  223.291174][ T6363] hub 2-1:0.0: 1 port detected
[  224.226175][ T6363] hub 2-1:0.0: activate --> -90
[  224.523315][    T9] usb 2-1: USB disconnect, device number 18
[  224.523489][ T6363] usb 2-1-port1: cannot disable (err = -71)
[  225.854940][T10134] loop3: detected capacity change from 0 to 1024
[  225.900059][   T33] audit: type=1800 audit(1755553469.719:53): pid=10134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1558" name="file1" dev="loop3" ino=20 res=0 errno=0
[  226.047096][T10144] netlink: 'syz.2.1563': attribute type 7 has an invalid length.
[  226.049919][T10144] netlink: 'syz.2.1563': attribute type 8 has an invalid length.
[  226.236198][   T51] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  226.386722][   T51] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  226.390359][   T51] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  226.393739][   T51] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  226.401552][   T51] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  226.404975][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  226.407862][   T51] usb 4-1: Product: syz
[  226.409371][   T51] usb 4-1: Manufacturer: syz
[  226.411129][   T51] usb 4-1: SerialNumber: syz
[  226.752913][   T51] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  226.901141][   T51] usb 4-1: USB disconnect, device number 23
[  226.911911][   T51] usblp0: removed
[  227.484910][ T5995] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  227.533883][   T33] audit: type=1326 audit(1755553471.349:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.543064][   T33] audit: type=1326 audit(1755553471.349:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.553846][   T33] audit: type=1326 audit(1755553471.359:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.567558][   T33] audit: type=1326 audit(1755553471.389:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.579463][   T33] audit: type=1326 audit(1755553471.389:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.590782][   T33] audit: type=1326 audit(1755553471.399:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.600441][   T33] audit: type=1326 audit(1755553471.399:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.611184][   T33] audit: type=1326 audit(1755553471.399:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.627843][   T33] kauditd_printk_skb: 27 callbacks suppressed
[  227.627856][   T33] audit: type=1326 audit(1755553471.449:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc090985ba7 code=0x7ffc0000
[  227.640894][   T33] audit: type=1326 audit(1755553471.449:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc09092add9 code=0x7ffc0000
[  227.650780][   T33] audit: type=1326 audit(1755553471.449:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.660563][   T33] audit: type=1326 audit(1755553471.459:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc090985ba7 code=0x7ffc0000
[  227.669606][ T5995] usb 3-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  227.673611][   T33] audit: type=1326 audit(1755553471.459:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc09092add9 code=0x7ffc0000
[  227.682851][ T5995] usb 3-1: config 220 has 1 interface, different from the descriptor's value: 184
[  227.687299][ T5995] usb 3-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  227.691161][ T5995] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.694743][   T33] audit: type=1326 audit(1755553471.459:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.705800][   T33] audit: type=1326 audit(1755553471.469:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc090985ba7 code=0x7ffc0000
[  227.723094][   T33] audit: type=1326 audit(1755553471.469:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc09092add9 code=0x7ffc0000
[  227.732404][   T33] audit: type=1326 audit(1755553471.469:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  227.743567][ T5995] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  227.746921][   T33] audit: type=1326 audit(1755553471.479:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.3.1576" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc090985ba7 code=0x7ffc0000
[  227.921148][T10179] loop3: detected capacity change from 0 to 8192
[  227.951225][ T5995] gspca_sn9c2028: read1 error -71
[  227.956543][ T5995] gspca_sn9c2028: read1 error -71
[  227.963782][ T5995] gspca_sn9c2028: read1 error -71
[  227.970749][ T5995] sn9c2028 3-1:220.0: probe with driver sn9c2028 failed with error -71
[  227.976912][ T5995] usb 3-1: USB disconnect, device number 25
[  228.264981][ T1272] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  228.391703][T10183] loop1: detected capacity change from 0 to 256
[  228.407616][T10183] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  228.435983][ T1272] usb 4-1: Using ep0 maxpacket: 16
[  228.440131][ T1272] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  228.448298][ T1272] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  228.465684][ T1272] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  228.469428][ T1272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.472685][ T1272] usb 4-1: Product: syz
[  228.474423][ T1272] usb 4-1: Manufacturer: syz
[  228.481795][ T1272] usb 4-1: SerialNumber: syz
[  228.496117][ T1272] usb 4-1: config 0 descriptor??
[  228.506482][ T1272] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  228.513380][ T1272] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  230.035936][T10192] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  230.853934][T10203] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1585'.
[  230.857473][T10203] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1585'.
[  231.187514][ T1272] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  231.193953][ T1272] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  231.198126][ T1272] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  231.201025][ T1272] em28xx 4-1:0.0: No AC97 audio processor
[  231.497888][ T1272] usb 4-1: USB disconnect, device number 24
[  231.501707][ T1272] em28xx 4-1:0.0: Disconnecting em28xx
[  231.533877][ T1272] em28xx 4-1:0.0: Freeing device
[  231.631209][ T5944] Bluetooth: hci0: ISO packet too small
[  231.772828][T10224] loop3: detected capacity change from 0 to 256
[  231.798959][T10224] FAT-fs (loop3): Directory bread(block 64) failed
[  231.801713][T10224] FAT-fs (loop3): Directory bread(block 65) failed
[  231.806596][T10224] FAT-fs (loop3): Directory bread(block 66) failed
[  231.809344][T10224] FAT-fs (loop3): Directory bread(block 67) failed
[  231.824177][T10224] FAT-fs (loop3): Directory bread(block 68) failed
[  231.828595][T10224] FAT-fs (loop3): Directory bread(block 69) failed
[  231.831315][T10224] FAT-fs (loop3): Directory bread(block 70) failed
[  231.834182][T10224] FAT-fs (loop3): Directory bread(block 71) failed
[  231.839497][T10224] FAT-fs (loop3): Directory bread(block 72) failed
[  231.842126][T10224] FAT-fs (loop3): Directory bread(block 73) failed
[  232.056080][T10234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1600'.
[  232.162818][T10239] loop9: detected capacity change from 0 to 8
[  232.173254][T10239] Dev loop9: unable to read RDB block 8
[  232.175647][T10239]  loop9: unable to read partition table
[  232.177830][T10239] loop9: partition table beyond EOD, truncated
[  232.181209][T10239] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5)
[  232.393064][ T1272] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  232.577529][ T1272] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  232.588129][ T1272] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.602726][ T1272] usb 4-1: config 0 descriptor??
[  232.626979][ T1272] gspca_main: cpia1-2.14.0 probing 0813:0001
[  232.829580][ T1272] gspca_cpia1: usb_control_msg 05, error -71
[  232.833393][ T1272] gspca_cpia1: usb_control_msg 01, error -71
[  232.843524][ T1272] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0)
[  232.852729][ T1272] usb 4-1: USB disconnect, device number 25
[  232.916349][T10270] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  233.644944][T10258] Bluetooth: hci0: Opcode 0x080f failed: -4
[  233.745529][T10301] loop3: detected capacity change from 0 to 2048
[  233.760142][T10301] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  233.766070][ T6271] udevd[6271]: incorrect nilfs2 checksum on /dev/loop3
[  233.777443][ T6271] udevd[6271]: incorrect nilfs2 checksum on /dev/loop3
[  233.781541][T10304] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  233.838923][T10310] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1632'.
[  233.843139][T10310] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1632'.
[  233.936178][T10320] loop3: detected capacity change from 0 to 256
[  234.028603][T10324] tc_dump_action: action bad kind
[  234.113196][T10325] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  234.343734][T10343] syz.3.1646: attempt to access beyond end of device
[  234.343734][T10343] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  234.349839][T10343] vxfs: unable to read disk superblock at 1
[  234.353642][T10343] syz.3.1646: attempt to access beyond end of device
[  234.353642][T10343] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[  234.359417][T10343] vxfs: unable to read disk superblock at 8
[  234.361615][T10343] vxfs: can't find superblock.
[  234.388874][   T33] kauditd_printk_skb: 48 callbacks suppressed
[  234.388889][   T33] audit: type=1326 audit(1755553478.209:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz.3.1649" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  234.684853][ T5944] Bluetooth: hci0: command 0x0406 tx timeout
[  234.718516][   T33] audit: type=1326 audit(1755553478.219:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz.3.1649" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  234.727656][   T33] audit: type=1326 audit(1755553478.359:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz.3.1649" exe="/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  234.736777][   T33] audit: type=1326 audit(1755553478.359:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz.3.1649" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  234.746388][   T33] audit: type=1326 audit(1755553478.359:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10344 comm="syz.3.1649" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc09098ebe9 code=0x7ffc0000
[  234.747362][   T36] hfsplus: b-tree write err: -5, ino 4
[  235.615779][T10392] 9pnet_fd: Insufficient options for proto=fd
[  235.822685][T10412] netlink: 23 bytes leftover after parsing attributes in process `syz.1.1678'.
[  236.300777][T10431] netlink: 'syz.1.1687': attribute type 3 has an invalid length.
[  236.827390][T10441] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1692'.
[  238.273826][T10486] 9pnet_fd: Insufficient options for proto=fd
[  238.477781][T10494] program syz.3.1717 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.159196][T10504] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1719'.
[  239.377720][T10507] loop3: detected capacity change from 0 to 128
[  239.494122][   T33] audit: type=1800 audit(1755553483.299:152): pid=10507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1722" name="bus" dev="loop3" ino=1048652 res=0 errno=0
[  239.546431][T10508] syz.3.1722: attempt to access beyond end of device
[  239.546431][T10508] loop3: rw=2049, sector=977, nr_sectors = 64 limit=128
[  239.691918][T10521] macvlan0: left allmulticast mode
[  239.821746][T10536] loop3: detected capacity change from 0 to 2048
[  239.842671][T10536] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  240.091785][T10553] loop3: detected capacity change from 0 to 2048
[  240.116400][T10553] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.121310][T10553] ext4 filesystem being mounted at /498/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.162566][T10553] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1744: bg 0: block 345: padding at end of block bitmap is not set
[  240.200432][ T6083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.822429][T10572] loop3: detected capacity change from 0 to 32768
[  240.832835][T10572] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  240.832835][T10572] clean (size 2912):
[  240.832835][T10572] flags:          0
[  240.832835][T10572] journal_seq:    13
[  240.832835][T10572] usage: type=inodes v=8
[  240.832835][T10572] usage: type=key_version v=2
[  240.832835][T10572] usage: type=reserved v=0
[  240.832835][T10572] usage: type=reserved v=0
[  240.832835][T10572] usage: type=reserved v=0
[  240.832835][T10572] usage: type=reserved v=0
[  240.832835][T10572] data_usage: btree: 1/1 [0]=2816
[  240.832835][T10572] data_usage: journal: 1/1 [0]=0
[  240.832835][T10572] data_usage: user: 1/1 [0]=16
[  240.832835][T10572] datetime: 0
[  240.832835][T10572] clock: read=0
[  240.832835][T10572] clock: write=1280
[  240.832835][T10572] dev_usage: dev=1179915  
[  240.832835][T10572] 
[  240.865156][T10572] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  241.217769][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1767'.
[  241.221267][T10606] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  241.326735][T10615] tipc: Cannot configure node identity twice
[  241.744086][T10627] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  242.191988][T10640] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1780'.
[  242.484861][   T51] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  242.722693][   T51] usb 4-1: Using ep0 maxpacket: 32
[  242.726456][   T51] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  242.731823][   T51] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  242.735624][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.738884][   T51] usb 4-1: Product: syz
[  242.740748][   T51] usb 4-1: Manufacturer: syz
[  242.742634][   T51] usb 4-1: SerialNumber: syz
[  242.748397][   T51] usb 4-1: config 0 descriptor??
[  242.751361][T10642] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  242.757979][   T51] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input16
[  243.053584][   T51] usb 4-1: USB disconnect, device number 26
[  243.056302][    C1] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  243.616849][T10677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1795'.
[  243.619735][T10677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1795'.
[  244.366859][T10699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1804'.
[  245.152450][T10714] veth0_to_bridge: entered promiscuous mode
[  245.156966][T10713] veth0_to_bridge: left promiscuous mode
[  245.389715][T10718] loop3: detected capacity change from 0 to 32768
[  245.419943][T10718] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  245.466261][T10718] 
[  245.467290][T10718] ======================================================
[  245.470093][T10718] WARNING: possible circular locking dependency detected
[  245.472822][T10718] 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 Not tainted
[  245.477019][T10718] ------------------------------------------------------
[  245.479862][T10718] syz.3.1812/10718 is trying to acquire lock:
[  245.482360][T10718] ffff88802b79a6c0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.487701][T10718] 
[  245.487701][T10718] but task is already holding lock:
[  245.490663][T10718] ffff888032c1cf78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  245.494494][T10718] 
[  245.494494][T10718] which lock already depends on the new lock.
[  245.494494][T10718] 
[  245.498407][T10718] 
[  245.498407][T10718] the existing dependency chain (in reverse order) is:
[  245.501680][T10718] 
[  245.501680][T10718] -> #5 (&oi->ip_xattr_sem){++++}-{4:4}:
[  245.504334][T10718]        lock_acquire+0x120/0x360
[  245.506039][T10718]        down_read+0x46/0x2e0
[  245.507682][T10718]        ocfs2_init_acl+0x2f9/0x720
[  245.509497][T10718]        ocfs2_mknod+0x1321/0x2050
[  245.511244][T10718]        ocfs2_create+0x1a5/0x440
[  245.513008][T10718]        path_openat+0x14f4/0x3830
[  245.514777][T10718]        do_filp_open+0x1fa/0x410
[  245.516530][T10718]        do_sys_openat2+0x121/0x1c0
[  245.518381][T10718]        __x64_sys_openat+0x138/0x170
[  245.520552][T10718]        do_syscall_64+0xfa/0x3b0
[  245.522355][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.524581][T10718] 
[  245.524581][T10718] -> #4 (jbd2_handle){++++}-{0:0}:
[  245.527052][T10718]        lock_acquire+0x120/0x360
[  245.528795][T10718]        start_this_handle+0x1fa7/0x21c0
[  245.530730][T10718]        jbd2__journal_start+0x2c1/0x5b0
[  245.532688][T10718]        jbd2_journal_start+0x2a/0x40
[  245.534719][T10718]        ocfs2_start_trans+0x376/0x6d0
[  245.536598][T10718]        ocfs2_fileattr_set+0x301/0x7e0
[  245.538431][T10718]        vfs_fileattr_set+0x932/0xb90
[  245.540217][T10718]        ioctl_setflags+0x17b/0x200
[  245.541927][T10718]        do_vfs_ioctl+0x8ed/0x1430
[  245.543667][T10718]        __se_sys_ioctl+0x82/0x170
[  245.545478][T10718]        do_syscall_64+0xfa/0x3b0
[  245.547168][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.549319][T10718] 
[  245.549319][T10718] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  245.552162][T10718]        lock_acquire+0x120/0x360
[  245.553818][T10718]        down_read+0x46/0x2e0
[  245.555496][T10718]        ocfs2_start_trans+0x36a/0x6d0
[  245.557275][T10718]        ocfs2_fileattr_set+0x301/0x7e0
[  245.559081][T10718]        vfs_fileattr_set+0x932/0xb90
[  245.560845][T10718]        ioctl_setflags+0x17b/0x200
[  245.562583][T10718]        do_vfs_ioctl+0x8ed/0x1430
[  245.564302][T10718]        __se_sys_ioctl+0x82/0x170
[  245.566118][T10718]        do_syscall_64+0xfa/0x3b0
[  245.568018][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.570383][T10718] 
[  245.570383][T10718] -> #2 (sb_internal#5){.+.+}-{0:0}:
[  245.573039][T10718]        lock_acquire+0x120/0x360
[  245.574732][T10718]        ocfs2_start_trans+0x26b/0x6d0
[  245.576541][T10718]        ocfs2_mknod+0xe93/0x2050
[  245.578208][T10718]        ocfs2_create+0x1a5/0x440
[  245.579877][T10718]        path_openat+0x14f4/0x3830
[  245.581604][T10718]        do_filp_open+0x1fa/0x410
[  245.583279][T10718]        do_sys_openat2+0x121/0x1c0
[  245.585165][T10718]        __x64_sys_open+0x11e/0x150
[  245.587091][T10718]        do_syscall_64+0xfa/0x3b0
[  245.588771][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.590881][T10718] 
[  245.590881][T10718] -> #1 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  245.594641][T10718]        lock_acquire+0x120/0x360
[  245.596438][T10718]        down_write+0x96/0x1f0
[  245.598077][T10718]        ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  245.600350][T10718]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  245.602999][T10718]        ocfs2_mknod+0xe32/0x2050
[  245.605017][T10718]        ocfs2_create+0x1a5/0x440
[  245.606676][T10718]        path_openat+0x14f4/0x3830
[  245.608354][T10718]        do_filp_open+0x1fa/0x410
[  245.610038][T10718]        do_sys_openat2+0x121/0x1c0
[  245.611812][T10718]        __x64_sys_open+0x11e/0x150
[  245.613577][T10718]        do_syscall_64+0xfa/0x3b0
[  245.615321][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.617452][T10718] 
[  245.617452][T10718] -> #0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  245.620954][T10718]        validate_chain+0xb9b/0x2140
[  245.622733][T10718]        __lock_acquire+0xab9/0xd20
[  245.624561][T10718]        lock_acquire+0x120/0x360
[  245.626280][T10718]        down_write+0x96/0x1f0
[  245.627937][T10718]        ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.630100][T10718]        ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  245.632367][T10718]        ocfs2_init_xattr_set_ctxt+0x307/0x700
[  245.634449][T10718]        ocfs2_xattr_set+0xb70/0x11f0
[  245.636296][T10718]        __vfs_setxattr+0x43c/0x480
[  245.638031][T10718]        __vfs_setxattr_noperm+0x12d/0x660
[  245.640160][T10718]        vfs_setxattr+0x16b/0x2f0
[  245.641907][T10718]        filename_setxattr+0x274/0x600
[  245.643768][T10718]        path_setxattrat+0x364/0x3a0
[  245.645635][T10718]        __x64_sys_lsetxattr+0xbf/0xe0
[  245.647475][T10718]        do_syscall_64+0xfa/0x3b0
[  245.649336][T10718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.651526][T10718] 
[  245.651526][T10718] other info that might help us debug this:
[  245.651526][T10718] 
[  245.655309][T10718] Chain exists of:
[  245.655309][T10718]   &ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE] --> jbd2_handle --> &oi->ip_xattr_sem
[  245.655309][T10718] 
[  245.660747][T10718]  Possible unsafe locking scenario:
[  245.660747][T10718] 
[  245.663180][T10718]        CPU0                    CPU1
[  245.664896][T10718]        ----                    ----
[  245.666603][T10718]   lock(&oi->ip_xattr_sem);
[  245.668108][T10718]                                lock(jbd2_handle);
[  245.670265][T10718]                                lock(&oi->ip_xattr_sem);
[  245.672558][T10718]   lock(&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]);
[  245.675212][T10718] 
[  245.675212][T10718]  *** DEADLOCK ***
[  245.675212][T10718] 
[  245.677848][T10718] 3 locks held by syz.3.1812/10718:
[  245.679570][T10718]  #0: ffff88802b26e428 (sb_writers#24){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  245.682631][T10718]  #1: ffff888032c1d240 (&sb->s_type->i_mutex_key#33){+.+.}-{4:4}, at: vfs_setxattr+0x144/0x2f0
[  245.686080][T10718]  #2: ffff888032c1cf78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  245.689299][T10718] 
[  245.689299][T10718] stack backtrace:
[  245.691270][T10718] CPU: 0 UID: 0 PID: 10718 Comm: syz.3.1812 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  245.691281][T10718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  245.691287][T10718] Call Trace:
[  245.691292][T10718]  <TASK>
[  245.691296][T10718]  dump_stack_lvl+0x189/0x250
[  245.691308][T10718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.691318][T10718]  ? __pfx__printk+0x10/0x10
[  245.691330][T10718]  ? print_lock_name+0xde/0x100
[  245.691340][T10718]  print_circular_bug+0x2ee/0x310
[  245.691350][T10718]  check_noncircular+0x134/0x160
[  245.691360][T10718]  validate_chain+0xb9b/0x2140
[  245.691368][T10718]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  245.691379][T10718]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  245.691390][T10718]  __lock_acquire+0xab9/0xd20
[  245.691400][T10718]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.691408][T10718]  lock_acquire+0x120/0x360
[  245.691417][T10718]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.691426][T10718]  down_write+0x96/0x1f0
[  245.691432][T10718]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.691440][T10718]  ? __pfx_down_write+0x10/0x10
[  245.691452][T10718]  ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  245.691463][T10718]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  245.691472][T10718]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.691481][T10718]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  245.691488][T10718]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  245.691496][T10718]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  245.691503][T10718]  ? stack_depot_save_flags+0x41b/0x860
[  245.691514][T10718]  ? kasan_save_track+0x4f/0x80
[  245.691523][T10718]  ? kasan_save_track+0x3e/0x80
[  245.691529][T10718]  ? __kasan_kmalloc+0x93/0xb0
[  245.691537][T10718]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  245.691545][T10718]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  245.691552][T10718]  ? ocfs2_init_xattr_set_ctxt+0x307/0x700
[  245.691560][T10718]  ? ocfs2_xattr_set+0xb70/0x11f0
[  245.691567][T10718]  ? __vfs_setxattr+0x43c/0x480
[  245.691576][T10718]  ? __vfs_setxattr_noperm+0x12d/0x660
[  245.691585][T10718]  ? vfs_setxattr+0x16b/0x2f0
[  245.691594][T10718]  ? filename_setxattr+0x274/0x600
[  245.691603][T10718]  ? path_setxattrat+0x364/0x3a0
[  245.691609][T10718]  ? __x64_sys_lsetxattr+0xbf/0xe0
[  245.691615][T10718]  ? do_syscall_64+0xfa/0x3b0
[  245.691623][T10718]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.691636][T10718]  ? __kasan_kmalloc+0x93/0xb0
[  245.691645][T10718]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  245.691652][T10718]  ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  245.691661][T10718]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  245.691668][T10718]  ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10
[  245.691678][T10718]  ? __lock_acquire+0xab9/0xd20
[  245.691688][T10718]  ocfs2_init_xattr_set_ctxt+0x307/0x700
[  245.691698][T10718]  ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10
[  245.691706][T10718]  ? ocfs2_xattr_set+0xb36/0x11f0
[  245.691715][T10718]  ? up_write+0x1c4/0x420
[  245.691721][T10718]  ? ocfs2_xattr_set+0x334/0x11f0
[  245.691729][T10718]  ocfs2_xattr_set+0xb70/0x11f0
[  245.691740][T10718]  ? __pfx_ocfs2_xattr_set+0x10/0x10
[  245.691748][T10718]  ? check_path+0x21/0x40
[  245.691755][T10718]  ? lockdep_unlock+0x89/0x120
[  245.691768][T10718]  ? evm_protected_xattr_common+0x170/0x190
[  245.691777][T10718]  ? evm_protect_xattr+0x71d/0xa90
[  245.691785][T10718]  ? __pfx_evm_protect_xattr+0x10/0x10
[  245.691792][T10718]  ? __pfx_ocfs2_xattr_security_set+0x10/0x10
[  245.691800][T10718]  __vfs_setxattr+0x43c/0x480
[  245.691812][T10718]  __vfs_setxattr_noperm+0x12d/0x660
[  245.691822][T10718]  vfs_setxattr+0x16b/0x2f0
[  245.691832][T10718]  ? __pfx_vfs_setxattr+0x10/0x10
[  245.691841][T10718]  ? mnt_get_write_access+0x223/0x2a0
[  245.691849][T10718]  filename_setxattr+0x274/0x600
[  245.691860][T10718]  ? __pfx_filename_setxattr+0x10/0x10
[  245.691870][T10718]  ? getname_flags+0x1e5/0x540
[  245.691877][T10718]  path_setxattrat+0x364/0x3a0
[  245.691885][T10718]  ? __pfx_path_setxattrat+0x10/0x10
[  245.691892][T10718]  ? do_futex+0x333/0x420
[  245.691904][T10718]  ? __fget_files+0x2a/0x420
[  245.691909][T10718]  ? rcu_is_watching+0x15/0xb0
[  245.691917][T10718]  __x64_sys_lsetxattr+0xbf/0xe0
[  245.691924][T10718]  do_syscall_64+0xfa/0x3b0
[  245.691932][T10718]  ? lockdep_hardirqs_on+0x9c/0x150
[  245.691940][T10718]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.691946][T10718]  ? exc_page_fault+0x9f/0xf0
[  245.691955][T10718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.691961][T10718] RIP: 0033:0x7fc09098ebe9
[  245.691970][T10718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.691976][T10718] RSP: 002b:00007fc09180f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  245.691984][T10718] RAX: ffffffffffffffda RBX: 00007fc090bb5fa0 RCX: 00007fc09098ebe9
[  245.691989][T10718] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000040
[  245.691993][T10718] RBP: 00007fc090a11e19 R08: 0000000000000001 R09: 0000000000000000
[  245.691997][T10718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  245.692001][T10718] R13: 00007fc090bb6038 R14: 00007fc090bb5fa0 R15: 00007ffecc714d78
[  245.692009][T10718]  </TASK>
[  245.881313][ T6083] ocfs2: Unmounting device (7,3) on (node local)

VM DIAGNOSIS:
21:44:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000033 RBX=0000000000000033 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000fa8 RDI=0000000000000fa9 RBP=00000000000003f8 RSP=ffffc900031064b0
R8 =ffff8881073c0237 R9 =1ffff11020e78046 R10=dffffc0000000000 R11=ffffffff854eff30
R12=dffffc0000000000 R13=ffffffff99af98fa R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854effac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc09180f6c0 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b3071aff8 CR3=000000002891e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffff0000000000 XMM01=0101010101010101 0101010000000000
XMM02=695f746e756f6d5f 7a79730032736667 XMM03=00ff0000000000ff 000000000000ff00
XMM04=aa00588d6b9fa800 2c30303030303030 XMM05=7cceb42f4608ce21 29d5dc35876c4e95
XMM06=6798d2777bd1f432 c33a445132880016 XMM07=2ec932a059fbe963 59bc6d93101632e4
XMM08=0000000000000000 0000006df451d6fe XMM09=0000000000000000 00007fc090a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=fffffffffffffff0 RBX=ffffffff906a52d2 RCX=0000000000000000 RDX=ffffc900030d7568
RSI=ffffc900030d7ee0 RDI=ffffc900030d7528 RBP=dffffc0000000000 RSP=ffffc900030d7458
R8 =ffffc900030d7587 R9 =0000000000000000 R10=ffffc900030d7578 R11=fffff5200061aeb1
R12=ffffc900030d7ee0 R13=ffffc900030d7578 R14=ffffc900030d7528 R15=1ffffffff20d4a5a
RIP=ffffffff8172d8af RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f04782c36c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055abe62137e8 CR3=000000002868e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=ffffffff812b7a75 ffffffff812b7910 XMM03=ffffffff812b777e ffffffff812b770b
XMM04=00007f04780ed100 00007f0477587460 XMM05=00007f0477587478 00007f04775874c0
XMM06=00007f04775874b8 00007f04775874b0 XMM07=00007f04775874a8 00007f04775874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f0477412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
