last executing test programs:

4m14.801086846s ago: executing program 2 (id=774):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x15, 0x17, 0xee, 0x40, 0xaf0, 0x7a05, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x5, 0x49}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000040)=ANY=[@ANYBLOB="20311100000008"], 0x0, 0x0, 0x0, 0x0, 0x0})

4m13.413827158s ago: executing program 2 (id=787):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@map=r1, r0, 0x2f}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002b00)=ANY=[@ANYBLOB="b702000007000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a55b000000c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2d90addedc28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000801989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802c8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a8f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee246d9cf19878dd62c53062d6000c40bde6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b01b823c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b988494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74585cf5e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f222c714870582a8832c2a326c5d1e406c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada47288e41e7e6ee82d66b99ae4b0889fe949e7342ca97c1a64dcc7f6a0c0da07de8c808b4caec54820f856889fc5f1af3d675206e3257f974d6e45ff1e905c2f0fc0173ac6714acaaca2397bee23630ecaa2c1c6ddc3085689a033d6d41a1a7ac59baec299158faa52308856805f2130863f4668e27b8bbef4f4cd43a2fd294b5b0bf2b0e4afbe570c54aa214579ca0caf54231d00a94eda2be6f037e2befdd03bf152f696ca1d1ea86eb7ee1f021062ad71246dae1580c4f959a320912032ed468a8ed9f27a2258ddf465de77a51b4713bc6b789a0e8b203f0f592ddb27aa90989a9e0cb624bc34e7d6ebf156ea251e3a2f83ada9f0b70035e8ed200a52b00"/3910], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r2, 0xe0, &(0x7f0000000a00)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r0, r1, 0x2f, 0x20, 0x4, @void, @void, @void, @value=r3}, 0x20)

4m13.330616621s ago: executing program 2 (id=789):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a70000000000090507"], 0x0)

4m12.0214778s ago: executing program 2 (id=804):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x185093, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x152)

4m11.865347467s ago: executing program 2 (id=808):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x2179, 0x77, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x18, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x9, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

4m11.499403847s ago: executing program 2 (id=813):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x6c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

4m11.364217125s ago: executing program 32 (id=813):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x6c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

3m58.821433989s ago: executing program 1 (id=925):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000140)="02000000", 0x4}, {&(0x7f0000000280)="f697079a16b14784b2c9f0f01e6d6c2e4f678e1ceb4d4d28000000", 0x1b}, {&(0x7f0000000100)="527302587e0a4247ada0", 0xa}], 0x3, 0x0, 0x0)

3m58.729636653s ago: executing program 1 (id=926):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0x5c0a, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000180)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x1d, r1}, 0x10, &(0x7f0000000000)={&(0x7f00000001c0)=@canfd={{}, 0x2e, 0x0, 0x0, 0x0, "4e4e488e419039dda425818c34de45852abd1372621b404219373c9a72cdb611ef256a70bf66c39d7082f2809cbc3da9bb3c86e0c5e53cff15d561c53fe9ae3a"}, 0x48}}, 0x1)

3m58.659584879s ago: executing program 1 (id=928):
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[], 0x6c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_opts(r0, 0x84, 0x1e, 0xfffffffffffffffe, &(0x7f0000000000)=0x4a)

3m58.600954775s ago: executing program 1 (id=930):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x402, &(0x7f00000001c0)=ANY=[], 0x1, 0x242, &(0x7f0000000380)="$eJzsmL+LE0EUx7+zu5kkIqLNFTYKHhjRSy57KNeE8wTBysYTtdLgrceZvYskK5iA4mFjo52FYGPhP2BxxdV2/gOCFioIFqawEEQOVt7O7GbiJpdltfN9iuE7M2/m/ZjNKwKGYf5bPn/68fHJucWVUwD2YxZFvf7VBoRQ2jLsPzy/e/JZ4/yL1+9fvdk8cH/nz/voSBjuhuZCaQ//DoDKso0g8RTGZ3+RmNWTFRQTfRkWTmh9BQJVrW/AKsT3evgZKoDbELim19tkX63eWve96s22v0pinoY6DS4NI/lSfIMtgVU9pxuFsd/t9VtN3/c6hnD03pitXCJx1ppJ1a8AicGyhYaOluKj+K8+frRFK3Ft5mEl9avDQl0nsbCblAmLKMa1USUx8j/sDPO3i4l7etpW0x+brb4V05Is+b5nd3uN7/+kWKY4NJfveIXSOatXHgDQWweRJwwMTy3B6xQw3LLpSx0xPpr55jKADJ9OJBzjdTDeeEm/aI4EL6aymCCeZor570WuLGIxM9h5m976op9SMeZ4KKa7ECPfj9zLuJQ15jik/BUro9+yclZMTv51A++2Vf8IXwocB2TcPxyjf9WCjTu1bq8/t77RXPPWvE3XXTgjgIen3VrUiNSY6nvD/lyO+tM+oz8XJthKS+JeMwg6dTVKIVFGEHTcaO4aP5tL2+1v1/WxABcAHFMTapsyudFO+RBS2ViRLalK2ohhGIZhGIZhGIZhGIZhGCYrI394HoFAOB1XWf8OAAD//5X0aKk=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
link(&(0x7f0000000040)='./file0/file0\x00', 0x0)

3m58.551723856s ago: executing program 1 (id=933):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, 0x0)

3m58.267761416s ago: executing program 1 (id=935):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff00f8b4cc4c38bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f9e5557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a22b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c115000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a55017aac0db6e384500"/280, 0x118)

3m57.995941203s ago: executing program 33 (id=935):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff00f8b4cc4c38bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f9e5557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a22b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c115000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a55017aac0db6e384500"/280, 0x118)

3m12.469536676s ago: executing program 0 (id=1411):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x1f}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)

3m12.401254875s ago: executing program 0 (id=1413):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000002440)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'pimreg0\x00'}}, 0x1e)

3m12.338702505s ago: executing program 0 (id=1414):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a6, &(0x7f0000000980)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorKMxcurSY3nmV4HlbLOE2mLWcnisbP5Z2HMTzR4WA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBd6P8AAAD//9FR4Lw=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x2)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
readahead(r0, 0x0, 0x0)

3m12.167674035s ago: executing program 0 (id=1416):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000140)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x4444, &(0x7f000000cd00)="$eJzs3U1vFOcdAPBnxqbYlBebcqBSpa5UpFZtZdmc2hqpxhiMDS4VLSjKZVnbCzhZe5G9jnJAinNDyilSDlEOKJFy8wn5C5CPkEuO5IyUHHKJFAnF0e7O2jvj3XiBXROi3+/g2Xned//z8sxh/MSJyt2ltdzSWq6wkisv3F47m3unXFpfLob4gLTs/9DB9U9nnvM4CRvdb5Muunbh0v9ung3hi8Wvnm5vb2+Hqv7Q0ljT5++/u7/QvG2IM3Wq7bZurVveDCGc2jOuqr4QwhvJgM4naZPJdjCEcCyEEIUQbt7/4FauS6N59KR4Lv9s7sHW+JnZzYdb7b97FMInpd///c7yN3/qG//6r13qHgAAAAAAAAAAAAAAAACA19z09Ws3/js6Fh5HoX8z2vu+7nSybfd+7HbX/LH3XxYAAAAAAAAAAAAAAAAAAAB+oXbf/89FJ1u8/z+VbCfa1N/+d5uMw90dJ70x859rUxdHx5L136M9+f9Ikr493xeGW6z7nl3//Xymfuv135NG+15+/I3xNfodClE8sv3eTv5QiOORkRA+SxZ+Px0diUvltcrfbpfXVxZfvv/XXTr+9cXyU0dBsn5+p/GfzLTf+/X/fxeyR211/9beQ5kW0vFvf0J+/n7UUfwvZOodRPx5cen499fSBpsLTNQvANX4f9i/f/ynMu33Kv7HQwi5qDrWXOoKUJ3DVNPbzVdIS8f/UC0tdelMfsh25/8PmfhfzLTfLv4nuvYNWl//N7I3IlpKx/83tbSBVInd83843v/8v5Rp/1Xc/6vj33D/70g6/slDW3+qSO2X7PT6P51pv1fxvxEn4zwepY6Azaie3u7/1ZGWjv/Anvzd57+4o/nf5Uz9n33+64LG+Br91p7/mp5D/hLVn/9oLR3/wbblOj3/ZzL1en39n6jN/3hR6fgfqaWl585Dtb+dxn82036v4l+blQw04r97PfnxcD39U/O/jqTj/9t6YtxcYqP2tzb/i/af/1/JtP8q5n/V8W/Eve311yId/6Nty1Xj/2UH9/+rmXq9j38Io+b6Lywd/2Nty9XO/4H94z+Xqdfr+P+5l40DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvAYmk+1QiOKR1H4cj4yEcCHZPx2ORPOFxfx8qbzw9loIU0l6LpyM7pTK84VSfmmlvFjMF0ql8kIIF5P8U2EgWiuVK/nlwr1LO20NRneLhdXKfLFQCSFMJ+l/CMcabc0vVZYL90IIl3fyTsTl1Xt3Cyv5xaXVf42Ojo6GmZ0xDEfFdyvFlUq993puCLM7dYeipsHVsq/sjOVo9FZ5fXWlUKqlX22qUyovFEpNdeaSvI/CcFRZXV9ZKFSK+VL5TqO/V2ki2U7NXP//9atje/JvRfXt5MEOCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDn9Hj8nx+HEPrre3EIYaLxIWpV/tGT4rn8s7kHW+NnZjcfbj1tVw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+YgcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgq7dIwSMRCFAfjNWKidx7AKSWeboIgWRgRPoMfwMPEoXsI7WFjYWohgZkDjLqTZrb6veZCfl/dDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxzeTfe37ZdRIqjr8OIl8fXt9/5dZnTMM+82D/YU0924+pmPL9ou/Ld07/8rDx67/NP+vnx9BAbZvU8/N1f/k+zeud4a69pWNe/9qt3TyLlJiL6kp+mnJtm3bsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvyto+jbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVwAAAP//T/QgLg==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3m11.727725471s ago: executing program 0 (id=1419):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f00000006c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x73}]}}]}, 0x44}}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m11.350837321s ago: executing program 0 (id=1423):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x6e22, 0x2, @empty, 0xb}, 0x1c)
listen(r2, 0x204)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r1, 0x0)

3m11.253988056s ago: executing program 34 (id=1423):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x6e22, 0x2, @empty, 0xb}, 0x1c)
listen(r2, 0x204)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r1, 0x0)

2m8.810695092s ago: executing program 3 (id=2053):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = semget$private(0x0, 0x5, 0x0)
semop(r0, &(0x7f0000002480)=[{}], 0x1)

2m8.738536866s ago: executing program 3 (id=2055):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x88c4, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x60938, 0x3}, [@IFLA_GROUP={0x8}, @IFLA_MTU={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
sendto$inet(r0, 0x0, 0x0, 0x40, 0x0, 0x0)

2m8.490807565s ago: executing program 3 (id=2056):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x533, &(0x7f0000000b00)="$eJzs3e9rI2kdAPDvTJped7dncyqyHnh3uCe7h26yvXp3VeRuBdFXB+r5fi1tWkrTpjTpuS2H9vCFLwURFfwDfCP4Bwhyf4IIB/peVBTRPX2pO5Jkgv2RNKFNN73084Fpnmcm83y/z9BMZiYPMwFcWS9ExP2IKETESxExl89P8ykOOlPrfR88eme5NSWRZW/9I4kkn9dtq1Wfiogb+WozEfHNr0XcSk/GbeztbyzVatWdvF5pbm5XGnv7d9c3l9aqa9WthYX5VxdfW3xl8V6WO1c/SxHx+lf+8pMf/uKrr//mc9/544O/3fluK98vfaKTd0QsnytAH522i+1t0dXaRjsXEWxMWv0pFsadBQAAw2gdmn80Ij7dPv6fi0L7aA4AAACYJNkbs/GfJCIDAAAAJlYaEbORpOV8LMBspGm53BnD+/G4ntbqjeZnV+u7WyutZRGlKKar67XqvXyscCmKSas+n4+x7dZfPlZfiIhnIuLHc9fa9fJyvbYy7osfAAAAcEXceP7o+f+/59J2GQAAAJgwpb4VAAAAYFI45QcAAIDJ5/wfAAAAJtrX33yzNWXd53ivvL23u1F/++5KtbFR3txdLi/Xd7bLa/X6WvuefZuD2qvV69ufj63dh5VmtdGsNPb2H2zWd7eaD9aPPAIbAAAAeIKeef69PyQRcfDFa+0p8vsADjJ94ZkBl8qfx50AMEqFcScAjM3UuBMAxqY48B32EDDpkgHLTw7e6VwrjN9eTD4AAMDo3f7kyd//u7/tD742AHyYDTPWBwCYLH7dg6ureNYRgDdHnQkwLh/pvDzVb3nfm3cM8ft/5xpDlp0pMQAAYGRm21OSlvPj9NlI03I54un2YwGKyep6rXovPz/4/VzxqVZ9vr1mMnDMMAAAAAAAAAAAAAAAAAAAAAAAAADQkWVJZAAAAMBEi0j/mrTv5h9xe+7F2aNXB4499evnb/304VKzuTMfMZ38c641azoimj/L57+ceSQAAAAAXAKd8/T8dX7c2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwaT549M5yd3qScf/+5Ygo9Yo/FTPt15koRsT1fyUxdWi9JCIKI4h/8G5E3OwVP4nHWZaV8ix6xb92wfFL7U0zkyX5ew/HTyPixgjiw1X2Xmv/c7/X5y+NF9qvvT//U8c+j2fV3f9N5/XD8bv7v0Kf/c/Th+tp/xjPvv+rSt/470Y8O9WJez+O7n+68ZNO/CSOxb81ZB+//a39/Z4LDjXZa/93OFalubldaezt313fXFqrrlW3FhbmX118bfGVxXuV1fVaNf/bM8yPPvXrx6f1/3qf+KWj/T+x/V8cqvdZ/Pf9h48+1qkUe8W/c6v39+/NPvHT/LvvM3m5tfx2t3zQKR/23C9/99xp/V/p0/+ZAf2/M1T/4wsvfeP7f+q55MTWAACehMbe/sZSrVbdOaUwM8R7hi4URtLOGyPL57IU4nKkMa5C9r3O/+P52jnn6icKWfUHZ199KkaQxvSJz2khztpgEnHQamvIf0gAAGDC/P+gPxl3KgAAAAAAAAAAAAAAAAAAAHBlnfG2ZDMR0ZlTHHw7seMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU/0vAAD//xluyPE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40086610, &(0x7f0000000140)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

2m8.377333613s ago: executing program 3 (id=2059):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2, &(0x7f0000000740), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)

2m7.947982152s ago: executing program 3 (id=2063):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="40002700060010"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2m7.598826882s ago: executing program 3 (id=2069):
r0 = socket$phonet(0x23, 0x2, 0x1)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000040))

2m7.466365089s ago: executing program 35 (id=2069):
r0 = socket$phonet(0x23, 0x2, 0x1)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000040))

1m40.42928638s ago: executing program 4 (id=2338):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x2c, r0, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, '\x00\x00\x00 \x00'}]}]}, 0x2c}}, 0x40000)

1m40.429090179s ago: executing program 4 (id=2339):
prlimit64(0x0, 0x0, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0)

1m40.428977103s ago: executing program 4 (id=2340):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)={0x54, 0x2, 0x6, 0x301, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x93}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

1m40.359109878s ago: executing program 4 (id=2341):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000001c40)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

1m40.274310422s ago: executing program 4 (id=2344):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000640)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f00000048c0)=[{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002980)="f34e7d68731d45bea01b73b1e724074c0b301730c4a37217f48c98ef5db4d0aa33ca74058c4e2bb489d6389aa59880157324161caa6e4acd9184338d4b89af26e346bef6e48cd2eb40243224c2a45bc9e8b9a3e587604f976c6ffc1f17b615fc882055f3dacf254d641b12bb1d119e603022d2e87a3c96e33d63f3ef58271c6ce51317c5923d92a0f3191d5709627055cb151327ac8129bfdeaa96eb1007db56f0960798a4d56867b03e68a486383329a7f1a5927cd7d04b72038116a21195d58300d7a01eb19c25884076129a76ebb091e58e1b1c0729c5515d4691939b278557017811476f61", 0xe7}, {&(0x7f0000002a80)="aa8aa1a0cc7884808e7f05b66f1e344f36702d5b1b03a91be5c39837df5e06e5bcdab0d6875097b84a8775a46750", 0x2e}, {&(0x7f0000002b00)="88b67c19788d992be3f312755c84e1c28ed845607466a36cd313e988f7dd4c8a6415ed9bfb025918cad8d549f48cde8c83ab04532416c0", 0x37}, {&(0x7f0000000340)="f48f0e8ae8c17438fb05a9cb8d63af2c7ca5442a", 0x14}], 0x4, 0x0, 0x0, 0x20040001}], 0x1, 0x10)

1m40.125984171s ago: executing program 4 (id=2349):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=@ipv4_delrule={0x28, 0x21, 0x1, 0x0, 0x0, {}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x3}]}, 0x28}}, 0x44044)

1m39.928139932s ago: executing program 36 (id=2349):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=@ipv4_delrule={0x28, 0x21, 0x1, 0x0, 0x0, {}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x3}]}, 0x28}}, 0x44044)

39.857032237s ago: executing program 7 (id=2889):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x40, 0xfd, 0x2, 0x100}, {0x6, 0x6, 0x6, 0x3}]}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000affffffffffffff920000070000060900010073797a300000000014000000020a010200000000000000000000000014000000110001"], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x8810)

39.558432861s ago: executing program 7 (id=2890):
syz_emit_ethernet(0x86, &(0x7f0000000300)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x10, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x11, 0x2, @broadcast, @local, {[@rr={0x7, 0x3}, @ssrr={0x89, 0x7, 0x9d, [@multicast1]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa01012f}, {@local}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@local}, {@initdev={0xac, 0x1e, 0x1, 0x0}}, {@dev}, {@private}]}]}}}}}}}, 0x0)

39.490527074s ago: executing program 7 (id=2891):
syslog(0x9, 0x0, 0x0)

39.438295913s ago: executing program 7 (id=2892):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
chdir(&(0x7f00000000c0)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

39.206093983s ago: executing program 7 (id=2894):
r0 = syz_open_dev$sg(&(0x7f00000005c0), 0x0, 0x0)
ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000600))

38.789851113s ago: executing program 7 (id=2895):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b40500002000800061104e0000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

38.433517224s ago: executing program 37 (id=2895):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b40500002000800061104e0000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

6.979984026s ago: executing program 6 (id=3208):
mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000300)='./cgroup\x00', &(0x7f0000000040)='romfs\x00', 0x200440, 0x0)

6.827855272s ago: executing program 6 (id=3209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
recvmmsg(r3, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x2a}, {{&(0x7f00000004c0)=@alg, 0x80, &(0x7f0000000540)=[{&(0x7f0000000380)=""/32, 0x20}], 0x1}, 0x83}], 0x2, 0x10020, 0x0)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000001c0)={0x5fa, 0xfffffeff, 0x2, {0x1, @pix_mp={0xcf6, 0x1c00, 0x47504a4d, 0x5, 0x8, [{0x2a302c, 0x10000}, {0x1, 0xfffffffc}, {0x2, 0xb}, {0x7fff0, 0x10002}, {0x0, 0xfffffffd}, {0x6, 0x5}, {0x9, 0x8}, {0x8, 0x10000}], 0x7e, 0x5, 0x2}}, 0x7f})
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000003c0)={0x3, 0x6, 0x2, {0x1, @pix_mp={0x131c, 0x9, 0x20363159, 0x2, 0x0, [{0x2776463d, 0x7}, {0x0, 0x7f}, {0xffffffff, 0xffff}, {0x1, 0x42}, {0x7, 0x310cb2b8}, {0x7fffffff, 0x80}, {0x614, 0xfffffffc}, {0x81, 0x6}], 0xa0, 0x7f, 0x7, 0x1, 0x7}}, 0x4})
sendto$l2tp(r3, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_COPY(r5, 0xc028aa05, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x220, 0xd0, 0x720d, 0x148, 0x0, 0x148, 0x188, 0x240, 0x240, 0x188, 0x240, 0x7fffffe, 0x0, {[{{@ip={@multicast1, @rand_addr=0x64010100, 0xff, 0xff000000, 'veth1_to_hsr\x00', 'dvmrp1\x00', {0xff}, {}, 0xff, 0x1, 0x30}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x1, 0x1e01, 0x2, 0x3], 0x0, 0x2}, {0xffffffffffffffff, [0x7, 0xb2cc575b459b5b36, 0x4, 0x4], 0x6, 0x7}}}}, {{@ip={@broadcast, @multicast1, 0xff000000, 0xffffffff, 'sit0\x00', 'vlan1\x00', {0xff}, {0xff}, 0x1, 0x3, 0x40}, 0x0, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
setresuid(0x0, 0xee00, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @mcast2, 0x1}}}, 0x30)
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x6, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000})

5.856024271s ago: executing program 6 (id=3213):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ff4ae0086d04dd08f4ff080203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000440)={0x84, &(0x7f0000000800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)

3.851956215s ago: executing program 6 (id=3233):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x34325241, 0x3, [0x2], [0x80ffff], [], [0x400000000000000]})

3.776395899s ago: executing program 6 (id=3236):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x258a, 0x33, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f00000002c0)={0x20, 0x5, 0x28, {0x28, 0x21, "17c36041ab85a18eb08fbbac69e39f74bdd6b0c1a81fe208ff66c47d6c969cbcff55e64fffef"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2.157494082s ago: executing program 6 (id=3255):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4ca31, 0xffffffffffffffff, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

909.846143ms ago: executing program 5 (id=3263):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007100)=[{{0x0, 0x0, &(0x7f0000000300)}}], 0x1, 0x20040080)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0)
unshare(0x24020400)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000040)=0x38)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0xf4240, 0x0, 0x0)
r4 = getpgrp(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000040)={0x1, r4})

837.915957ms ago: executing program 5 (id=3264):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a090400000000000000000200000014000480100001800c0001006e976711aa8198b34c00010073797a3000000000090002004f117a3200000000380000001c0a05000000000000000000020000060c00034000000000000000020900020073797a32000000000900010073797a30"], 0xa0}}, 0x0)

779.872664ms ago: executing program 5 (id=3265):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb173, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x4d, 0x1, 0x2, "020000000000000000000800", 0x33363248})

779.729708ms ago: executing program 5 (id=3266):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$inet6(r0, 0x0, 0x500, 0x8810, &(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback={0xff00000000000000}, 0x2ab8f1b6}, 0x1c)

700.152599ms ago: executing program 5 (id=3267):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)

699.976322ms ago: executing program 5 (id=3268):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x0, 0x0, 0x0, 0x3133245c, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x5, 0xd, 0x1, 0xb8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x401, 0x0, 0x10000, 0xb998, 0x0, "194f2f83c2e798c3584770116cddc8819592b1"})
write$binfmt_aout(r1, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0xa04c, 0x35e8b531, 0x1, 0x8, 0x13, "53af0f0b4ecf6c29bf81c173f4a8f5f73eb62f"})

279.133027ms ago: executing program 8 (id=3275):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x1a4, &(0x7f0000000000)="$eJzs0TFrE2Ecx/Hv/7nLJRWqRMWhgg1YPC9Uk7uqg1NwipADBxfBoiGNbTFR08tgSwtdpCDVvgWd6qiCTiIKzsVBcNBz6SbNUBzEITySu1PwNfh84O53zw/u7uH/LES9KA8M91db1EhYHOQjgg1MStoplebrbP09y600uJStN7N8luVEtLxyu9nptJdKF0sU/ymAH0n3t4pecEwxEGrI5/3VVlNuhlpr3VVzIcUG5UdYs/S8x0zY4xy9gYV2N7ms6InbgEOVfvdeJVpeObPYbc6359t3gmDmQvVctXo+qNxa7LSrrxDvoSiesIYXkg8Z89bIzfJgxz7AtAy11iq2pDzAcdjasU6fnB6gvD00wjt3QP6rvVBSVzlF4fpo83WOCE+xQqYajClskh/VkSvqpfj2J/tnTlFYt6yzrbuduY1rSn452zXZK4i/S871Cco+M6PRcJj3bMRMxdRjtmN2vzEpbyQ5k5S9Pro/z6Z7nBPgcL/Z7y/5DnwQNyQYXUUYTz6nkn0V4W32ThZ8+fNgGIZhGIZhGIZh/Ad+BwAA///VqWlM")

232.87317ms ago: executing program 8 (id=3276):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x34c, 0x30, 0xc96f2b0dc02612b1, 0x71bd23, 0x25dfdbff, {}, [{0x338, 0x1, [@m_csum={0xbc, 0x14, 0x0, 0x0, {{0x9}, {0x90, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x7fff, 0x2, 0x2, 0x1000, 0x8}, 0x52}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x3, 0x8, 0x1, 0xa}, 0x38}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x80, 0xffffffffffffffff, 0x48fe, 0x2}, 0x11}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xfffffffa, 0xffffffffffffffff, 0xd49, 0x100}, 0x78}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x3e5, 0x4, 0x3, 0x1}, 0x21}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_csum={0x30, 0x19, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_nat={0x248, 0x1b, 0x0, 0x0, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x4, 0x0, 0x87}, @multicast1, @dev={0xac, 0x14, 0x14, 0xf}, 0xffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x8, 0xffffffffffffffff, 0x6, 0x7}, @loopback, @broadcast, 0x80, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x6, 0x5, 0x5, 0xa7, 0xffff0001}, @broadcast, @multicast1, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x40, 0x4, 0x0, 0x3, 0x9711}, @multicast1, @multicast1, 0x95c5050eeb275cf0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xffff, 0xfffffffb, 0x736fe187decc650e, 0x101, 0x30000}, @remote, @local, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xd, 0xb111, 0x8, 0x838, 0x2a}, @private=0xa010101, @rand_addr=0x64010102, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x18, 0x5af3, 0x8, 0x9, 0xcd}, @private=0xa010100, @multicast1, 0xff}}]}, {0x105, 0x6, "00dbe2375389f4c61bb80b5c04766adf4c4041ab3363ca93e40c5281d6bb7035fa3fb2838101ae15e668e34175f78ce7df4b1c48d956acfb10ab481c7729eedfcdef8b67015dd90447d814cbb37713b8e2a37054e99152bbb3f0c77e56a1f6ab9da61c7f00958a0aa5108d67f277272c411cba11ef13007927c9c52984e903960081484a46cb74b025800ba99e1792f5df54d1579806ccdc04a743a763aa8c530e6649da4dba035b44647168d335891a70b007027787562d5e0bd85812e1d4b826d84b3e306bae3893e709ed3d45ef4178cb23df20bc47f8c7f96a03f40f4cd83461b2978af1f0c6c67b9d847b6019aa1f8479a9d945df258d0b2a9b92b1d9d36b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x34c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

159.979215ms ago: executing program 8 (id=3277):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x800f00, &(0x7f0000000200)={[{@usrjquota}, {@nolazytime}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x464, &(0x7f0000000880)="$eJzs28tvG8UfAPDvbl6/X18JpTxaCgQqRMQjadICPXABgcShCCQ4lGNI0qpq2qAmSLSqaECoXJBQJTgjjkj8Bdy4IOCE1CvcUaUKemnhFLTr3dR27dRpHTutPx9pkxnPrGfGs+Od3VkH0LNGsz9JxLaI+D0ihivR2gyjlX/Xr56b+efquZkkVlbe+SvJ8127em6mzFrut7WIjKUR6WdJUUitxTNnT0zPz8+dLuITSyc/mFg8c/b54yenj80dmzs1dejQwQOTL7049UJb2pm169qejxf27n7jvYtvzhy5+P4v32f13VakV7ejXUazhv+9kqtPe6rdhXXZ9qpw0t/ybpeGN6Q2tKovIrLuGsjH/3D0xY3OG47XP+1q5YANlZ2bhlZjp+qTl1eAe1gS3a4B0B3liT67/i23Dk4/uu7KK5ULoKzd14utktIfaZFnoO76tp1GI+LI8r/fZFts0H0IAIBqX8x8fTieazT/S+PBqnw7ijWUkYi4LyJ2RsT9EbErIh6IyPM+FBEPr7P8+qWhm+c/6eXbaliLsvnfy8XaVu38r5z9xUhfEduet38gOXp8fm5/8ZmMxcBQFp9co4wfX7v0ZbO06vlftmXll3PBoh6X+4dq95mdXprOJ6VtcOWTiD39jdqfrK4EJBGxOyL2rO+td5SB4898t7dZplu3fw2trzM1tfJtxNOV/l+OuvaXkrXXJyf+F/Nz+yfKo+Jmv/524e1m5d9R+9sg6/8ttcd/fZaRpHq9dnH9ZVz44/Om1zS3e/wPJu/m/TJYvPbR9NLS6cmIweRwHq95ferGvmW8zJ+1f2xf4/G/s9gnK+eRiMgO4kcj4rGIeLyo+xMR8WRE7Fuj/T+/2jxtM/T/bMPvv9Xjv67/1x/oO/HTD83Kb63/D+ahseKV/PvvFlqt4J18dgAAAHC3SPNn4JN0fDWcpuPjlWf4d8WWdH5hcenZowsfnpqtPCs/EgNpeadruOp+6GSyXLxjJT5V3Csu0w8U942/6vt/Hh+fWZif7XLboddtbTL+M3/2dbt2wIZrtI42NdiFigAdVz/+09ro+bc6WRmgo9rwHA1wl7rF+E87VQ+g85z/oXc1Gv/n6+LWAuDe5PwPvcv4h95l/EPvMv6hJ93J7/o3eyAi8h8lbJb63HZgaDN2U6Sboho9GYjY+LK6/c0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8FAAD//99q64A=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x800, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f00000001c0)={@id={0x2, 0x0, @c}})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0xfffffffffffffffd, 0x58)

58.992053ms ago: executing program 8 (id=3278):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x0, 0xa, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x2000, 0x0, 0x8, 0x2f, 0x0, @multicast1, @multicast1, {[@rr={0x7, 0x3, 0xd0}]}}}}})

144.552µs ago: executing program 8 (id=3279):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x18, 0x5, 0x400, 0x9, 0x1}, 0x48)

0s ago: executing program 8 (id=3280):
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000200)="b117c1094e206c98804d43698b727424422169c4f3ef3356c71eea01d438679d29eb27bbb1973f92b2ecd066dca9ddd8e76674590b83c28c74390028a7da8dc1ccc2b24a694cdc6a165f35950d93b6c6ed536db2a2107d36a7f163cb3b1bb3c8cd56e7b17966a8d92227fafc6c6a00c5d6e68e5724eb7be489fd5064a86dd9bb6ae382cd5e97605d27c450145fe7eb683b794df6413a7d94b75306d585fca6496aef35e9fe6384e4375b74711ab94deb3653479e6a5da5529f49f2de550e08d49349dec742fd7f3cce839fa7e637ca35b8e9b02f72268489313e2c18cc06d2ddb165f662d2b0060880ede61691da67b4e101494bc7143fe439664b494faeec6d")
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x80000)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

kernel console output (not intermixed with test programs):

n found
[  301.380731][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.384010][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.387796][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.391477][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.394791][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.398096][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.402105][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.405445][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.408735][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.412333][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.415594][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.419801][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.423031][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.426384][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.429759][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.433652][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.436908][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.440427][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.443652][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.446827][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.450767][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.454067][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.457269][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.460762][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.464644][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.467905][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.471127][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.474394][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.477693][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.481780][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.485091][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.488366][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.490199][T12957] loop5: detected capacity change from 0 to 32768
[  301.491721][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.498336][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.501617][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.504790][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.508094][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.512265][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.515492][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.518813][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.522181][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.526073][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.529466][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.532863][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.536248][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.539710][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.543603][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.547020][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.550536][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.554049][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.558021][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.561550][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.564868][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.568214][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.571567][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.575577][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.578628][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.581754][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.585055][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.588954][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.589046][T12957] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  301.592300][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.592395][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.592405][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.592474][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.592484][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.592552][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.592562][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.592632][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.624010][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.627334][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.630749][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.634097][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.638031][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.639643][T12957] XFS (loop5): Ending clean mount
[  301.641472][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.641485][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.641546][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.641554][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.641613][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.660661][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.664000][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.667922][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.671428][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.674746][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.678076][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  301.682129][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  301.793021][ T9769] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  302.466947][T13004] netlink: 'syz.6.2622': attribute type 2 has an invalid length.
[  302.474199][T13004] netlink: 'syz.6.2622': attribute type 1 has an invalid length.
[  303.303542][T13031] loop6: detected capacity change from 0 to 256
[  303.406650][T13033] loop6: detected capacity change from 0 to 512
[  303.412882][T13033] EXT4-fs: Ignoring removed nomblk_io_submit option
[  303.420734][T13033] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  303.426239][T13033] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  303.445079][T13033] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.2633: Allocating blocks 41-42 which overlap fs metadata
[  303.504061][T13033] EXT4-fs (loop6): Remounting filesystem read-only
[  303.506374][T13033] __quota_error: 3 callbacks suppressed
[  303.506381][T13033] Quota error (device loop6): write_blk: dquota write failed
[  303.751133][T13038] loop5: detected capacity change from 0 to 65536
[  303.757610][T13038] XFS (loop5): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  303.766032][T13033] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[  303.769419][T13033] Quota error (device loop6): write_blk: dquota write failed
[  303.771899][T13033] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  303.775670][T13033] EXT4-fs (loop6): 1 truncate cleaned up
[  303.778526][T13033] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.803620][T13038] XFS (loop5): Ending clean mount
[  303.803687][T11508] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.286247][T13049] loop6: detected capacity change from 0 to 32768
[  304.301891][T13049] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  304.340889][T11508] ocfs2: Unmounting device (7,6) on (node local)
[  304.424877][ T9769] XFS (loop5): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  304.877990][T13060] loop7: detected capacity change from 0 to 40427
[  304.885496][T13060] F2FS-fs: heap/no_heap options were deprecated
[  304.887995][T13060] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  304.891081][T13060] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  304.896876][T13060] F2FS-fs (loop7): invalid crc value
[  304.937493][T13060] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  304.949508][T13060] F2FS-fs (loop7): Start checkpoint disabled!
[  304.958766][T13060] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  304.967488][T13060] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  305.007833][   T40] kworker/u10:2: attempt to access beyond end of device
[  305.007833][   T40] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  305.013484][   T40] CPU: 1 UID: 0 PID: 40 Comm: kworker/u10:2 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  305.013501][   T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  305.013509][   T40] Workqueue: writeback wb_workfn (flush-7:7)
[  305.013527][   T40] Call Trace:
[  305.013531][   T40]  <TASK>
[  305.013537][   T40]  dump_stack_lvl+0x189/0x250
[  305.013555][   T40]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.013569][   T40]  ? __pfx_queue_work_on+0x10/0x10
[  305.013581][   T40]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  305.013594][   T40]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  305.013613][   T40]  f2fs_handle_critical_error+0x37c/0x540
[  305.013630][   T40]  f2fs_write_end_io+0x886/0xb60
[  305.013657][   T40]  __submit_merged_bio+0x27a/0x6a0
[  305.013676][   T40]  __submit_merged_write_cond+0x255/0x530
[  305.013694][   T40]  f2fs_write_data_pages+0x261d/0x3000
[  305.013732][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  305.013756][   T40]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  305.013790][   T40]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  305.013812][   T40]  ? trace_f2fs_writepages+0x7f/0x200
[  305.013827][   T40]  ? f2fs_write_node_pages+0x478/0x6e0
[  305.013844][   T40]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  305.013860][   T40]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  305.013875][   T40]  do_writepages+0x32e/0x550
[  305.013894][   T40]  ? reacquire_held_locks+0x127/0x1d0
[  305.013906][   T40]  ? writeback_sb_inodes+0x384/0x1010
[  305.013926][   T40]  __writeback_single_inode+0x145/0xff0
[  305.013946][   T40]  ? do_raw_spin_unlock+0x4d/0x240
[  305.013989][   T40]  writeback_sb_inodes+0x6c7/0x1010
[  305.014022][   T40]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  305.014057][   T40]  ? rcu_is_watching+0x15/0xb0
[  305.014075][   T40]  wb_writeback+0x43b/0xaf0
[  305.014095][   T40]  ? queue_io+0x391/0x590
[  305.014111][   T40]  ? __pfx_wb_writeback+0x10/0x10
[  305.014132][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  305.014144][   T40]  wb_workfn+0x409/0xef0
[  305.014163][   T40]  ? __pfx_wb_workfn+0x10/0x10
[  305.014180][   T40]  ? __lock_acquire+0xab9/0xd20
[  305.014203][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  305.014219][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  305.014229][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  305.014236][   T40]  ? process_scheduled_works+0x9ef/0x17b0
[  305.014247][   T40]  process_scheduled_works+0xae1/0x17b0
[  305.014277][   T40]  ? __pfx_process_scheduled_works+0x10/0x10
[  305.014306][   T40]  worker_thread+0x8a0/0xda0
[  305.014320][   T40]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  305.014338][   T40]  ? __kthread_parkme+0x7b/0x200
[  305.014357][   T40]  kthread+0x711/0x8a0
[  305.014369][   T40]  ? __pfx_worker_thread+0x10/0x10
[  305.014379][   T40]  ? __pfx_kthread+0x10/0x10
[  305.014393][   T40]  ? _raw_spin_unlock_irq+0x23/0x50
[  305.014405][   T40]  ? lockdep_hardirqs_on+0x9c/0x150
[  305.014418][   T40]  ? __pfx_kthread+0x10/0x10
[  305.014452][   T40]  ret_from_fork+0x3fc/0x770
[  305.014464][   T40]  ? __pfx_ret_from_fork+0x10/0x10
[  305.014480][   T40]  ? __switch_to_asm+0x39/0x70
[  305.014493][   T40]  ? __switch_to_asm+0x33/0x70
[  305.014506][   T40]  ? __pfx_kthread+0x10/0x10
[  305.014521][   T40]  ret_from_fork_asm+0x1a/0x30
[  305.014545][   T40]  </TASK>
[  305.014594][   T40] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  305.308395][T13071] loop6: detected capacity change from 0 to 32768
[  305.313154][T13071] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2642 (13071)
[  305.323130][T13071] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.327168][T13071] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  305.330398][T13071] BTRFS info (device loop6): disk space caching is enabled
[  305.333348][T13071] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  305.448540][T13071] BTRFS info (device loop6): rebuilding free space tree
[  305.466491][T13071] BTRFS info (device loop6): disabling free space tree
[  305.469532][T13071] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  305.473397][T13071] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  305.488843][T13073] loop5: detected capacity change from 0 to 32768
[  305.527047][T13073] JBD2: Ignoring recovery information on journal
[  305.581260][T13073] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  305.685840][ T9769] ocfs2: Unmounting device (7,5) on (node local)
[  306.058440][T11508] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.104881][T13106] loop7: detected capacity change from 0 to 32768
[  306.159500][ T5895] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  306.325693][ T5895] usb 6-1: Using ep0 maxpacket: 16
[  306.329242][ T5895] usb 6-1: unable to get BOS descriptor or descriptor too short
[  306.333125][ T5895] usb 6-1: config 13 has an invalid interface number: 50 but max is 0
[  306.339474][ T5895] usb 6-1: config 13 has an invalid descriptor of length 158, skipping remainder of the config
[  306.349338][ T5895] usb 6-1: config 13 has no interface number 0
[  306.359303][ T5895] usb 6-1: config 13 interface 50 altsetting 167 endpoint 0x8 has an invalid bInterval 101, changing to 7
[  306.362997][ T5895] usb 6-1: config 13 interface 50 altsetting 167 endpoint 0x8 has invalid maxpacket 26047, setting to 1024
[  306.387076][ T5895] usb 6-1: config 13 interface 50 has no altsetting 0
[  306.399908][ T5895] usb 6-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  306.403729][ T5895] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.407464][ T5895] usb 6-1: Product: syz
[  306.419529][ T5895] usb 6-1: Manufacturer: syz
[  306.421362][ T5895] usb 6-1: SerialNumber: syz
[  306.647183][ T5895] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  306.658101][ T5895] usb 6-1: MIDIStreaming interface descriptor not found
[  306.671464][T13109] loop6: detected capacity change from 0 to 32768
[  306.676070][T13109] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2649 (13109)
[  306.690215][ T5895] usb 6-1: USB disconnect, device number 25
[  306.949464][T13109] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.952788][T13109] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  306.959089][T13109] BTRFS info (device loop6): using free-space-tree
[  307.013774][T11508] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  307.331405][T13134] loop5: detected capacity change from 0 to 32768
[  307.359375][  T794] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  307.398456][   T33] audit: type=1800 audit(1755090859.286:69): pid=13134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2652" name="file1" dev="loop5" ino=4 res=0 errno=0
[  307.523450][  T794] usb 7-1: Using ep0 maxpacket: 8
[  307.528515][  T794] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[  307.532905][  T794] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  307.537002][  T794] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  307.548065][  T794] usb 7-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  307.557272][  T794] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.564201][  T794] usb 7-1: Product: syz
[  307.565652][  T794] usb 7-1: Manufacturer: syz
[  307.567260][  T794] usb 7-1: SerialNumber: syz
[  307.586574][  T794] usb 7-1: config 0 descriptor??
[  307.592543][T13140] loop5: detected capacity change from 0 to 256
[  307.602481][  T794] usbtouchscreen 7-1:0.0: probe with driver usbtouchscreen failed with error -8
[  307.609092][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.627836][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.637810][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.644723][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.651194][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.655907][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.659043][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.663296][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.665460][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.668561][T13140] FAT-fs (loop5): Directory bread(block 1285) failed
[  307.683909][T13136] loop7: detected capacity change from 0 to 32768
[  307.715828][T13142] loop5: detected capacity change from 0 to 128
[  307.754429][T13142] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  307.778996][T13142] ext4 filesystem being mounted at /410/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.810304][ T5895] usb 7-1: USB disconnect, device number 9
[  307.854046][ T9769] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  308.117972][T13155] loop7: detected capacity change from 0 to 4096
[  308.754815][T13163] binder: 13162:13163 ioctl c0306201 200000000240 returned -14
[  309.488948][T13173] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  309.695380][T13171] loop7: detected capacity change from 0 to 512
[  309.761754][T13173] loop6: detected capacity change from 0 to 32768
[  309.797012][T13173] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  309.824991][T13185] loop7: detected capacity change from 0 to 256
[  309.828356][T13185] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  309.831442][T13173] XFS (loop6): Ending clean mount
[  309.835076][T13173] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  309.835728][T13185] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  309.874745][T13185] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  310.011196][T13187] loop7: detected capacity change from 0 to 512
[  310.013754][T13187] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.024694][T13187] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  310.048229][T13187] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  310.061500][T13175] loop5: detected capacity change from 0 to 32768
[  310.103245][T13187] EXT4-fs (loop7): Remounting filesystem read-only
[  310.106689][T13187] EXT4-fs (loop7): 1 truncate cleaned up
[  310.116838][T13187] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.154799][T12268] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.223030][T13191] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  310.939780][ T2329] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  311.089282][ T2329] usb 7-1: Using ep0 maxpacket: 32
[  311.093259][ T2329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.097155][ T2329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.101041][ T2329] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  311.104987][ T2329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.109332][ T2329] usb 7-1: config 0 descriptor??
[  311.112784][ T2329] hub 7-1:0.0: USB hub found
[  311.322624][ T2329] hub 7-1:0.0: 1 port detected
[  311.342666][T13211] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2682'.
[  311.526293][ T2329] hub 7-1:0.0: hub_hub_status failed (err = -71)
[  311.533635][ T2329] hub 7-1:0.0: config failed, can't get hub status (err -71)
[  311.543286][ T2329] usbhid 7-1:0.0: can't add hid device: -71
[  311.545321][ T2329] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  311.570177][ T2329] usb 7-1: USB disconnect, device number 10
[  311.820364][T13225] loop5: detected capacity change from 0 to 32768
[  311.829453][T13225] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2689 (13225)
[  311.842154][T13225] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  311.846421][T13225] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  311.851543][T13225] BTRFS info (device loop5): using free-space-tree
[  311.913137][ T9769] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  312.196743][T13249] loop5: detected capacity change from 0 to 512
[  312.206578][T13249] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  312.218276][T13249] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  312.223169][T13249] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.2693: Corrupt directory, running e2fsck is recommended
[  312.236263][T13249] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  312.239892][T13249] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.2693: corrupted in-inode xattr: invalid ea_ino
[  312.244555][T13249] EXT4-fs (loop5): Remounting filesystem read-only
[  312.247752][T13249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.261869][T13249] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  312.269268][T13249] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  312.273024][T13249] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.2693: Corrupt directory, running e2fsck is recommended
[  312.310139][ T9769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.532957][T13257] loop6: detected capacity change from 0 to 40427
[  312.546394][T13257] F2FS-fs: heap/no_heap options were deprecated
[  312.552559][T13257] F2FS-fs (loop6): Mismatch start address, segment0(0) cp_blkaddr(512)
[  312.556066][T13257] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  312.565603][T13257] F2FS-fs (loop6): invalid crc value
[  312.642677][T13257] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  312.647153][T13257] F2FS-fs (loop6): Start checkpoint disabled!
[  312.658454][T13257] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  312.661577][T13257] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  312.712152][ T9710] kworker/u9:5: attempt to access beyond end of device
[  312.712152][ T9710] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  312.718765][ T9710] CPU: 0 UID: 0 PID: 9710 Comm: kworker/u9:5 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  312.718784][ T9710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  312.718794][ T9710] Workqueue: writeback wb_workfn (flush-7:6)
[  312.718815][ T9710] Call Trace:
[  312.718821][ T9710]  <TASK>
[  312.718828][ T9710]  dump_stack_lvl+0x189/0x250
[  312.718848][ T9710]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.718864][ T9710]  ? __pfx_queue_work_on+0x10/0x10
[  312.718877][ T9710]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  312.718892][ T9710]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  312.718952][ T9710]  f2fs_handle_critical_error+0x37c/0x540
[  312.718975][ T9710]  f2fs_write_end_io+0x886/0xb60
[  312.719006][ T9710]  __submit_merged_bio+0x27a/0x6a0
[  312.719027][ T9710]  __submit_merged_write_cond+0x255/0x530
[  312.719048][ T9710]  f2fs_write_data_pages+0x261d/0x3000
[  312.719092][ T9710]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  312.719118][ T9710]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  312.719184][ T9710]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  312.719200][ T9710]  ? look_up_lock_class+0x74/0x170
[  312.719223][ T9710]  ? trace_f2fs_writepages+0x7f/0x200
[  312.719238][ T9710]  ? f2fs_write_node_pages+0x478/0x6e0
[  312.719256][ T9710]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  312.719283][ T9710]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  312.719299][ T9710]  do_writepages+0x32e/0x550
[  312.719318][ T9710]  ? reacquire_held_locks+0x127/0x1d0
[  312.719329][ T9710]  ? writeback_sb_inodes+0x384/0x1010
[  312.719351][ T9710]  __writeback_single_inode+0x145/0xff0
[  312.719367][ T9710]  ? do_raw_spin_unlock+0x4d/0x240
[  312.719386][ T9710]  writeback_sb_inodes+0x6c7/0x1010
[  312.719424][ T9710]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  312.719473][ T9710]  ? rcu_is_watching+0x15/0xb0
[  312.719491][ T9710]  wb_writeback+0x43b/0xaf0
[  312.719512][ T9710]  ? queue_io+0x391/0x590
[  312.719529][ T9710]  ? __pfx_wb_writeback+0x10/0x10
[  312.719551][ T9710]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.719568][ T9710]  wb_workfn+0x409/0xef0
[  312.719596][ T9710]  ? __pfx_wb_workfn+0x10/0x10
[  312.719611][ T9710]  ? __lock_acquire+0xab9/0xd20
[  312.719632][ T9710]  ? process_scheduled_works+0x9ef/0x17b0
[  312.719647][ T9710]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.719659][ T9710]  ? process_scheduled_works+0x9ef/0x17b0
[  312.719670][ T9710]  ? process_scheduled_works+0x9ef/0x17b0
[  312.719683][ T9710]  process_scheduled_works+0xae1/0x17b0
[  312.719720][ T9710]  ? __pfx_process_scheduled_works+0x10/0x10
[  312.719756][ T9710]  worker_thread+0x8a0/0xda0
[  312.719770][ T9710]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  312.719788][ T9710]  ? __kthread_parkme+0x7b/0x200
[  312.719808][ T9710]  kthread+0x711/0x8a0
[  312.719825][ T9710]  ? __pfx_worker_thread+0x10/0x10
[  312.719835][ T9710]  ? __pfx_kthread+0x10/0x10
[  312.719850][ T9710]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.719861][ T9710]  ? lockdep_hardirqs_on+0x9c/0x150
[  312.719873][ T9710]  ? __pfx_kthread+0x10/0x10
[  312.719890][ T9710]  ret_from_fork+0x3fc/0x770
[  312.719905][ T9710]  ? __pfx_ret_from_fork+0x10/0x10
[  312.719954][ T9710]  ? __switch_to_asm+0x39/0x70
[  312.719968][ T9710]  ? __switch_to_asm+0x33/0x70
[  312.719981][ T9710]  ? __pfx_kthread+0x10/0x10
[  312.719998][ T9710]  ret_from_fork_asm+0x1a/0x30
[  312.720026][ T9710]  </TASK>
[  312.852715][    C0] hpet: Lost 7 RTC interrupts
[  312.860643][ T9710] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  312.885592][T13274] loop5: detected capacity change from 0 to 32768
[  312.922287][T13274] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  313.017237][ T9769] ocfs2: Unmounting device (7,5) on (node local)
[  313.609830][ T5895] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  313.862478][ T5895] usb 6-1: unable to get BOS descriptor or descriptor too short
[  313.866362][ T5895] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  313.870495][ T5895] usb 6-1: config 1 has no interface number 1
[  313.872670][ T5895] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  313.881446][ T5895] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  313.885403][ T5895] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.888202][ T5895] usb 6-1: Product: syz
[  313.890056][ T5895] usb 6-1: Manufacturer: syz
[  313.892102][ T5895] usb 6-1: SerialNumber: syz
[  314.192264][T13296] loop7: detected capacity change from 0 to 32768
[  314.199181][T13296] OCFS2: ERROR (device loop7): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #70: OCFS2_VALID_FL not set
[  314.204974][T13296] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  314.209083][T13296] OCFS2: File system is now read-only.
[  314.211403][T13296] (syz.7.2711,13296,1):ocfs2_read_locked_inode:597 ERROR: status = -30
[  314.215222][T13296] (syz.7.2711,13296,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  314.219496][T13296] (syz.7.2711,13296,1):ocfs2_init_global_system_inodes:465 ERROR: status = -30
[  314.223386][T13296] (syz.7.2711,13296,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  314.223408][T13296] (syz.7.2711,13296,1):ocfs2_init_global_system_inodes:476 ERROR: status = -30
[  314.228186][ T5895] usb 6-1: found format II with max.bitrate = 26774, frame size=2
[  314.228690][T13296] (syz.7.2711,13296,1):ocfs2_initialize_super:2198 ERROR: status = -30
[  314.228807][T13296] (syz.7.2711,13296,1):ocfs2_fill_super:1177 ERROR: status = -30
[  314.285139][ T5895] usb 6-1: found format II with max.bitrate = 26774, frame size=2
[  314.299826][ T5895] usb 6-1: failed to enable PITCH for EP 0x82
[  314.357415][ T5895] usb 6-1: USB disconnect, device number 26
[  314.394718][ T6160] udevd[6160]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  314.755704][T13311] loop7: detected capacity change from 0 to 512
[  314.762891][T13311] EXT4-fs (loop7): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[  314.773552][T13311] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  314.777778][T13311] EXT4-fs (loop7): Couldn't mount because of unsupported optional features (fffc1829)
[  314.800537][T13311] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
[  314.845945][T13315] mkiss: ax0: crc mode is auto.
[  315.016399][T13325] loop5: detected capacity change from 0 to 128
[  315.030205][T13325] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  315.042453][T13325] ext4 filesystem being mounted at /444/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  315.070254][ T5895] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  315.094425][ T9769] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  315.144127][T13328] loop5: detected capacity change from 0 to 2
[  315.148655][T13328] jffs2: rp_size unrepresentable
[  315.231792][ T5895] usb 7-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  315.235604][ T5895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.241055][ T5895] usb 7-1: config 0 descriptor??
[  315.246362][ T5895] gspca_main: cpia1-2.14.0 probing 0813:0001
[  315.314065][T13334] loop5: detected capacity change from 0 to 764
[  315.650230][T13344] loop5: detected capacity change from 0 to 32768
[  315.653606][ T5895] cpia1 7-1:0.0: unexpected state after lo power cmd: 00
[  315.905422][T13348] loop5: detected capacity change from 0 to 32768
[  315.930863][T13348] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  315.958613][T13348] XFS (loop5): Ending clean mount
[  315.964265][T13348] XFS (loop5): Quotacheck needed: Please wait.
[  316.005233][T13348] XFS (loop5): Quotacheck: Done.
[  316.028512][ T9769] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  316.064819][ T5895] gspca_cpia1: usb_control_msg 02, error -71
[  316.087146][ T5895] gspca_cpia1: usb_control_msg 05, error -71
[  316.094197][ T5895] cpia1 7-1:0.0: unexpected systemstate: 00
[  316.104162][ T5895] usb 7-1: USB disconnect, device number 11
[  316.316261][T13358] loop5: detected capacity change from 0 to 32768
[  316.356858][T13358] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  316.364809][T13358] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  316.372366][ T5880] (kworker/u8:4,5880,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  316.394662][ T9769] ocfs2: Unmounting device (7,5) on (node local)
[  316.689424][T13375] netlink: 'syz.6.2743': attribute type 4 has an invalid length.
[  316.692696][T13375] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.2743'.
[  316.714985][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  316.717717][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  316.988654][T13395] loop5: detected capacity change from 0 to 256
[  316.998558][T13395] exfat: Deprecated parameter 'utf8'
[  317.002182][T13395] exfat: Deprecated parameter 'namecase'
[  317.004730][T13395] exfat: Deprecated parameter 'utf8'
[  317.017356][T13395] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  317.032419][T13395] Invalid source name
[  317.219265][ T5895] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  317.373402][ T5895] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  317.377002][ T5895] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  317.381142][ T5895] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  317.385242][ T5895] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  317.389294][ T5908] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  317.390849][ T5895] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  317.398327][ T5895] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  317.402629][ T5895] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  317.405754][ T5895] usb 7-1: Product: syz
[  317.407417][ T5895] usb 7-1: Manufacturer: syz
[  317.415208][ T5895] cdc_wdm 7-1:1.0: skipping garbage
[  317.417961][ T5895] cdc_wdm 7-1:1.0: skipping garbage
[  317.422530][ T5895] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  317.424827][ T5895] cdc_wdm 7-1:1.0: Unknown control protocol
[  317.539245][ T5908] usb 6-1: Using ep0 maxpacket: 32
[  317.543498][ T5908] usb 6-1: config 0 has an invalid interface number: 219 but max is 0
[  317.547067][ T5908] usb 6-1: config 0 has no interface number 0
[  317.550151][ T5908] usb 6-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  317.556364][ T5908] usb 6-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  317.560477][ T5908] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.563634][ T5908] usb 6-1: Product: syz
[  317.565480][ T5908] usb 6-1: Manufacturer: syz
[  317.567440][ T5908] usb 6-1: SerialNumber: syz
[  317.573942][ T5908] usb 6-1: config 0 descriptor??
[  317.577874][T13401] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  317.787539][ T5908] etas_es58x 6-1:0.219: Starting syz syz (Serial Number syz)
[  317.792763][ T5908] usb 6-1: USB disconnect, device number 27
[  317.974410][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -EPIPE
[  318.175300][  T794] usb 7-1: USB disconnect, device number 12
[  318.366124][T13408] syzkaller1: entered promiscuous mode
[  318.368204][T13408] syzkaller1: entered allmulticast mode
[  319.385245][T13436] loop7: detected capacity change from 0 to 256
[  319.395128][T13436] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  319.407439][T13436] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512
[  319.412628][T13436] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  319.415810][T13436] UDF-fs: Scanning with blocksize 512 failed
[  319.419625][T13423] loop5: detected capacity change from 0 to 40427
[  319.428867][T13423] F2FS-fs (loop5): invalid crc value
[  319.433512][T13436] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  319.445235][T13436] UDF-fs: warning (device loop7): udf_fill_super: No fileset found
[  319.548053][T13423] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  319.553141][T13423] F2FS-fs (loop5): Start checkpoint disabled!
[  319.562040][T13423] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  319.715369][   T28] kworker/u9:1: attempt to access beyond end of device
[  319.715369][   T28] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  319.723512][   T28] kworker/u9:1: attempt to access beyond end of device
[  319.723512][   T28] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  319.742953][   T28] CPU: 0 UID: 0 PID: 28 Comm: kworker/u9:1 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  319.742991][   T28] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  319.743000][   T28] Workqueue: writeback wb_workfn (flush-7:5)
[  319.743035][   T28] Call Trace:
[  319.743041][   T28]  <TASK>
[  319.743046][   T28]  dump_stack_lvl+0x189/0x250
[  319.743063][   T28]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.743075][   T28]  ? __pfx_queue_work_on+0x10/0x10
[  319.743085][   T28]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  319.743097][   T28]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  319.743114][   T28]  f2fs_handle_critical_error+0x37c/0x540
[  319.743131][   T28]  f2fs_write_end_io+0x886/0xb60
[  319.743156][   T28]  __submit_merged_bio+0x27a/0x6a0
[  319.743172][   T28]  __submit_merged_write_cond+0x255/0x530
[  319.743188][   T28]  f2fs_write_data_pages+0x261d/0x3000
[  319.743221][   T28]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.743242][   T28]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  319.743276][   T28]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  319.743295][   T28]  ? trace_f2fs_writepages+0x7f/0x200
[  319.743308][   T28]  ? f2fs_write_node_pages+0x478/0x6e0
[  319.743333][   T28]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.743347][   T28]  do_writepages+0x32e/0x550
[  319.743363][   T28]  ? reacquire_held_locks+0x127/0x1d0
[  319.743373][   T28]  ? writeback_sb_inodes+0x384/0x1010
[  319.743391][   T28]  __writeback_single_inode+0x145/0xff0
[  319.743404][   T28]  ? do_raw_spin_unlock+0x4d/0x240
[  319.743419][   T28]  writeback_sb_inodes+0x6c7/0x1010
[  319.743430][   T28]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.743456][   T28]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  319.743492][   T28]  ? rcu_is_watching+0x15/0xb0
[  319.743508][   T28]  wb_writeback+0x43b/0xaf0
[  319.743525][   T28]  ? queue_io+0x391/0x590
[  319.743539][   T28]  ? __pfx_wb_writeback+0x10/0x10
[  319.743557][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  319.743570][   T28]  wb_workfn+0x409/0xef0
[  319.743589][   T28]  ? __pfx_wb_workfn+0x10/0x10
[  319.743602][   T28]  ? __lock_acquire+0xab9/0xd20
[  319.743622][   T28]  ? process_scheduled_works+0x9ef/0x17b0
[  319.743637][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  319.743646][   T28]  ? process_scheduled_works+0x9ef/0x17b0
[  319.743654][   T28]  ? process_scheduled_works+0x9ef/0x17b0
[  319.743665][   T28]  process_scheduled_works+0xae1/0x17b0
[  319.743692][   T28]  ? __pfx_process_scheduled_works+0x10/0x10
[  319.743718][   T28]  worker_thread+0x8a0/0xda0
[  319.743736][   T28]  ? __kthread_parkme+0x7b/0x200
[  319.743753][   T28]  kthread+0x711/0x8a0
[  319.743767][   T28]  ? __pfx_worker_thread+0x10/0x10
[  319.743777][   T28]  ? __pfx_kthread+0x10/0x10
[  319.743790][   T28]  ? _raw_spin_unlock_irq+0x23/0x50
[  319.743799][   T28]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.743809][   T28]  ? __pfx_kthread+0x10/0x10
[  319.743840][   T28]  ret_from_fork+0x3fc/0x770
[  319.743852][   T28]  ? __pfx_ret_from_fork+0x10/0x10
[  319.743866][   T28]  ? __switch_to_asm+0x39/0x70
[  319.743903][   T28]  ? __switch_to_asm+0x33/0x70
[  319.743915][   T28]  ? __pfx_kthread+0x10/0x10
[  319.743932][   T28]  ret_from_fork_asm+0x1a/0x30
[  319.743957][   T28]  </TASK>
[  319.871594][    C0] hpet: Lost 7 RTC interrupts
[  319.877422][   T28] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  320.031761][T13443] loop6: detected capacity change from 0 to 4096
[  320.043918][T13443] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  320.073757][T13443] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  320.093288][T13443] ntfs3(loop6): Failed to load $MFT.
[  320.224723][T13450] ieee802154 phy0 wpan0: encryption failed: -22
[  320.532844][ T5895] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  320.685108][ T5895] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  320.691201][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  320.707380][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  320.731996][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  320.777994][ T5895] usb 7-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  320.783888][ T5895] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.793593][ T5895] usb 7-1: Product: syz
[  320.797660][ T5895] usb 7-1: Manufacturer: syz
[  320.803178][ T5895] usb 7-1: SerialNumber: syz
[  320.813456][ T5895] usb 7-1: config 0 descriptor??
[  320.830347][ T5895] iguanair 7-1:0.0: failed to get version
[  320.838541][ T5895] iguanair 7-1:0.0: probe with driver iguanair failed with error -90
[  320.875429][T13470] loop5: detected capacity change from 0 to 256
[  320.879889][T13470] FAT-fs (loop5): bogus logical sector size 65535
[  320.882714][T13470] FAT-fs (loop5): Can't find a valid FAT filesystem
[  321.043928][ T5895] usb 7-1: USB disconnect, device number 13
[  321.217892][T13480] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2788'.
[  321.423159][T13493] loop5: detected capacity change from 0 to 1024
[  321.443182][T13493] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.452020][   T33] audit: type=1800 audit(1755090873.386:70): pid=13493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2795" name="file1" dev="loop5" ino=15 res=0 errno=0
[  321.471575][ T9769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.761987][T13514] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.2804'.
[  321.782027][T13516] loop6: detected capacity change from 0 to 128
[  322.640291][T13550] loop5: detected capacity change from 0 to 16
[  322.647026][T13550] erofs (device loop5): algorithm 1 isn't enabled on this kernel
[  322.922612][T13554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  323.273419][T13573] loop7: detected capacity change from 0 to 512
[  323.306118][T13573] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.311939][T13573] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  323.348463][T12268] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.383888][T13597] loop7: detected capacity change from 0 to 512
[  324.388666][T13597] EXT4-fs: Ignoring removed nobh option
[  324.419994][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.2839: corrupted inode contents
[  324.426387][T13597] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #3: comm syz.7.2839: mark_inode_dirty error
[  324.435559][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #3: comm syz.7.2839: corrupted inode contents
[  324.442145][T13597] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #3: comm syz.7.2839: mark_inode_dirty error
[  324.453882][T13597] Quota error (device loop7): write_blk: dquota write failed
[  324.457399][T13597] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  324.462954][T13597] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.2839: Failed to acquire dquot type 0
[  324.477243][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.484340][T13597] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.489749][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.498527][T13597] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.503986][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.511546][T13597] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  324.515824][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.521505][T13597] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.526959][T13597] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  324.532167][T13597] EXT4-fs (loop7): 1 truncate cleaned up
[  324.538526][T13597] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.544269][T13597] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.573910][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.581110][T13597] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.586485][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.592268][T13597] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.597596][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.603335][T13597] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.612221][T13597] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #16: comm syz.7.2839: corrupted inode contents
[  324.621835][T13597] EXT4-fs error (device loop7): ext4_truncate:4666: inode #16: comm syz.7.2839: mark_inode_dirty error
[  324.627128][T13597] EXT4-fs error (device loop7) in ext4_setattr:6071: Corrupt filesystem
[  324.655032][T12268] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.663721][  T741] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  324.668418][  T741] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u9:3: Failed to release dquot type 1
[  326.671743][T13609] loop5: detected capacity change from 0 to 1024
[  326.674315][T13609] EXT4-fs: Ignoring removed orlov option
[  326.694026][T13609] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.705894][   T33] audit: type=1800 audit(1755090878.636:71): pid=13609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2844" name="file1" dev="loop5" ino=15 res=0 errno=0
[  326.720821][ T9769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.736860][T13619] loop6: detected capacity change from 0 to 32768
[  327.741803][T13619] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2847 (13619)
[  327.758891][T13619] BTRFS info (device loop6): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  327.766128][T13619] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  327.776810][T13619] BTRFS info (device loop6): using free-space-tree
[  328.343194][T13653] netlink: 120 bytes leftover after parsing attributes in process `syz.5.2855'.
[  328.438401][T11508] BTRFS info (device loop6): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  328.589991][T13662] netlink: 'syz.7.2860': attribute type 16 has an invalid length.
[  328.593338][T13662] netlink: 'syz.7.2860': attribute type 17 has an invalid length.
[  328.639390][T13662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  328.678692][T13664] loop5: detected capacity change from 0 to 16
[  328.701406][T13664] erofs (device loop5): mounted with root inode @ nid 36.
[  328.720046][T13664] erofs (device loop5): read error -95 @ 8200 of nid 36
[  329.459511][   T24] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  329.470702][T13692] loop5: detected capacity change from 0 to 16
[  329.609280][   T24] usb 7-1: Using ep0 maxpacket: 32
[  329.623284][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  329.637757][   T24] usb 7-1: config 14 has an invalid interface number: 32 but max is 0
[  329.644112][   T24] usb 7-1: config 14 has no interface number 0
[  329.648206][   T24] usb 7-1: config 14 interface 32 has no altsetting 0
[  329.660118][   T24] usb 7-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  329.664598][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.667502][   T24] usb 7-1: Product: syz
[  329.669479][   T24] usb 7-1: Manufacturer: syz
[  329.671732][   T24] usb 7-1: SerialNumber: syz
[  330.046426][T13700] loop5: detected capacity change from 0 to 40427
[  330.060477][T13700] F2FS-fs (loop5): build fault injection rate: 1
[  330.066518][T13700] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  330.080532][T13700] F2FS-fs (loop5): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x6a/0x1b0
[  330.088617][T13700] F2FS-fs (loop5): Failed to read F2FS meta data inode
[  330.258205][T13704] loop7: detected capacity change from 0 to 65536
[  330.271514][   T24] ums-usbat 7-1:14.32: USB Mass Storage device detected
[  330.287136][T13704] XFS (loop7): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  330.295335][   T24] ums-usbat 7-1:14.32: Quirks match for vid 0781 pid 0005: 1
[  330.308869][   T24] ums-usbat 7-1:14.32: This device (0781,0005,0005 S 39 P 80) has an unneeded Protocol entry in unusual_devs.h (kernel 6.16.0-syzkaller-11895-gcca7a0aae895-dirty)
[  330.308869][   T24]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  330.336353][T13704] XFS (loop7): Ending clean mount
[  330.379120][T12268] XFS (loop7): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  330.390107][   T24] usb 7-1: USB disconnect, device number 14
[  330.536981][T13716] loop5: detected capacity change from 0 to 2048
[  330.575181][T13716] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  331.389466][T13724] loop7: detected capacity change from 0 to 32768
[  331.508587][T13726] loop5: detected capacity change from 0 to 32768
[  331.575371][T13726] read_mapping_page failed!
[  331.576884][T13726] ERROR: (device loop5): txCommit: 
[  331.576884][T13726] 
[  331.688744][  T741] read_mapping_page failed!
[  331.690951][  T741] ERROR: (device loop5): txCommit: 
[  331.690951][  T741] 
[  331.693443][  T741] jfs_write_inode: jfs_commit_inode failed!
[  332.553054][T13730] loop7: detected capacity change from 0 to 32768
[  332.577904][T13730] JBD2: Ignoring recovery information on journal
[  332.626324][T13730] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  332.647876][T13730] (syz.7.2885,13730,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  332.682164][T12268] ocfs2: Unmounting device (7,7) on (node local)
[  333.154448][T13745] loop7: detected capacity change from 0 to 512
[  333.163946][T13745] EXT4-fs (loop7): Test dummy encryption mode enabled
[  333.167607][T13745] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  333.199838][T13745] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.2892: bad orphan inode 131083
[  333.206851][T13745] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.299468][T13745] overlayfs: upper fs needs to support d_type.
[  333.303191][T13745] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  333.386642][T12268] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /122/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  333.722885][T13749] loop6: detected capacity change from 0 to 40427
[  333.733407][T12964] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.766021][T13749] F2FS-fs (loop6): Image doesn't support compression
[  333.795833][T13749] F2FS-fs (loop6): build fault injection rate: 3
[  333.807198][T13749] F2FS-fs (loop6): build fault injection type: 0x35f7
[  333.813012][T13749] F2FS-fs (loop6): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x2e45/0x6ff0
[  334.391017][T13752] loop5: detected capacity change from 0 to 8192
[  334.417567][T13754] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2898'.
[  334.594950][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  334.605519][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  334.611525][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  334.617622][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  334.621875][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  335.028972][T13758] chnl_net:caif_netlink_parms(): no params data found
[  335.101472][T13758] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.105304][T13758] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.108526][T13758] bridge_slave_0: entered allmulticast mode
[  335.113113][T13758] bridge_slave_0: entered promiscuous mode
[  335.118088][T13758] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.122296][T13758] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.126586][T13758] bridge_slave_1: entered allmulticast mode
[  335.131422][T13758] bridge_slave_1: entered promiscuous mode
[  335.163932][T13758] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.171307][T13758] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.205368][T13758] team0: Port device team_slave_0 added
[  335.210566][T13758] team0: Port device team_slave_1 added
[  335.243310][T13758] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.246319][T13758] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.258492][T13758] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.264503][T13758] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.266929][T13758] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.277486][T13758] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.314936][T13758] hsr_slave_0: entered promiscuous mode
[  335.318107][T13758] hsr_slave_1: entered promiscuous mode
[  335.321103][T13758] debugfs: 'hsr0' already exists in 'hsr'
[  335.323246][T13758] Cannot create hsr debugfs directory
[  335.547299][T13782] loop5: detected capacity change from 0 to 512
[  335.554320][T13782] EXT4-fs: Ignoring removed orlov option
[  335.572446][T13782] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  335.584213][T13758] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  335.590268][T13782] EXT4-fs (loop5): orphan cleanup on readonly fs
[  335.594268][T13758] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  335.606127][T13758] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  335.606888][T13782] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2906: bg 0: block 248: padding at end of block bitmap is not set
[  335.616677][T13782] Quota error (device loop5): write_blk: dquota write failed
[  335.617248][T13758] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  335.621587][T13782] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  335.627944][T13782] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2906: Failed to acquire dquot type 1
[  335.636094][T13782] EXT4-fs (loop5): 1 truncate cleaned up
[  335.648252][T13758] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.651641][T13758] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.654330][T13758] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.656933][T13758] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.663206][T13782] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  335.708194][T13758] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.721527][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.724516][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.736193][ T9769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.761278][T13758] 8021q: adding VLAN 0 to HW filter on device team0
[  335.767050][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.769497][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.784851][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.787206][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.027951][T13758] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.137895][T13791] loop5: detected capacity change from 0 to 40427
[  336.143097][T13791] F2FS-fs: heap/no_heap options were deprecated
[  336.148471][T13791] F2FS-fs (loop5): invalid crc value
[  336.184759][T13809] tmpfs: Cannot change global quota limit on remount
[  336.220526][T13791] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  336.224014][T13791] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  336.266277][T13758] veth0_vlan: entered promiscuous mode
[  336.273232][T13758] veth1_vlan: entered promiscuous mode
[  336.287457][ T9769] syz-executor: attempt to access beyond end of device
[  336.287457][ T9769] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  336.295348][ T9769] CPU: 1 UID: 0 PID: 9769 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  336.295362][ T9769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  336.295367][ T9769] Call Trace:
[  336.295370][ T9769]  <TASK>
[  336.295374][ T9769]  dump_stack_lvl+0x189/0x250
[  336.295389][ T9769]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.295398][ T9769]  ? __pfx_queue_work_on+0x10/0x10
[  336.295406][ T9769]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  336.295415][ T9769]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  336.295429][ T9769]  f2fs_handle_critical_error+0x37c/0x540
[  336.295443][ T9769]  f2fs_write_end_io+0x886/0xb60
[  336.295461][ T9769]  __submit_merged_bio+0x27a/0x6a0
[  336.295474][ T9769]  __submit_merged_write_cond+0x255/0x530
[  336.295487][ T9769]  f2fs_write_data_pages+0x261d/0x3000
[  336.295513][ T9769]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  336.295530][ T9769]  ? arch_stack_walk+0xfc/0x150
[  336.295552][ T9769]  ? __mod_zone_page_state+0xd7/0x140
[  336.295566][ T9769]  ? folios_put_refs+0x560/0x640
[  336.295580][ T9769]  ? __pfx_folios_put_refs+0x10/0x10
[  336.295587][ T9769]  ? rcu_is_watching+0x15/0xb0
[  336.295599][ T9769]  ? __lock_acquire+0xab9/0xd20
[  336.295617][ T9769]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  336.295628][ T9769]  do_writepages+0x32e/0x550
[  336.295643][ T9769]  ? do_raw_spin_unlock+0x4d/0x240
[  336.295655][ T9769]  filemap_fdatawrite+0x199/0x240
[  336.295665][ T9769]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  336.295696][ T9769]  ? do_raw_spin_unlock+0x4d/0x240
[  336.295707][ T9769]  f2fs_sync_dirty_inodes+0x31f/0x830
[  336.295725][ T9769]  f2fs_write_checkpoint+0x95a/0x1df0
[  336.295747][ T9769]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  336.295811][ T9769]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  336.295828][ T9769]  ? kfree+0x18e/0x440
[  336.295843][ T9769]  ? kill_f2fs_super+0x298/0x6c0
[  336.295864][ T9769]  kill_f2fs_super+0x2c3/0x6c0
[  336.295883][ T9769]  ? __pfx_kill_f2fs_super+0x10/0x10
[  336.295895][ T9769]  ? radix_tree_delete_item+0x2b6/0x400
[  336.295913][ T9769]  ? shrinker_free+0x2ce/0x3e0
[  336.295927][ T9769]  deactivate_locked_super+0xbc/0x130
[  336.295943][ T9769]  cleanup_mnt+0x425/0x4c0
[  336.295952][ T9769]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.295962][ T9769]  task_work_run+0x1d4/0x260
[  336.295975][ T9769]  ? __pfx_task_work_run+0x10/0x10
[  336.295986][ T9769]  ? __x64_sys_umount+0x122/0x160
[  336.296006][ T9769]  ? exit_to_user_mode_loop+0x40/0x110
[  336.296045][ T9769]  exit_to_user_mode_loop+0xec/0x110
[  336.296058][ T9769]  do_syscall_64+0x2bd/0x3b0
[  336.296067][ T9769]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.296075][ T9769]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.296082][ T9769]  ? exc_page_fault+0x9f/0xf0
[  336.296092][ T9769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.296099][ T9769] RIP: 0033:0x7f2d0198ff17
[  336.296108][ T9769] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  336.296115][ T9769] RSP: 002b:00007ffe9a629a48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  336.296124][ T9769] RAX: 0000000000000000 RBX: 00007f2d01a11c05 RCX: 00007f2d0198ff17
[  336.296129][ T9769] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe9a629b00
[  336.296134][ T9769] RBP: 00007ffe9a629b00 R08: 0000000000000000 R09: 0000000000000000
[  336.296138][ T9769] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe9a62ab90
[  336.296143][ T9769] R13: 00007f2d01a11c05 R14: 0000000000052117 R15: 00007ffe9a62abd0
[  336.296157][ T9769]  </TASK>
[  336.298768][ T9769] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  336.300988][T13758] veth0_macvtap: entered promiscuous mode
[  336.465455][T13758] veth1_macvtap: entered promiscuous mode
[  336.482201][T13758] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.492520][T13758] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.503091][   T12] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.511109][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.517523][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.526903][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.624457][ T9710] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.627647][ T9710] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.654914][   T28] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.658013][   T28] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.700223][ T5849] Bluetooth: hci2: command tx timeout
[  337.279514][T13822] loop5: detected capacity change from 0 to 131072
[  337.309343][T13822] F2FS-fs (loop5): Test dummy encryption mode enabled
[  337.321106][T13822] F2FS-fs (loop5): invalid crc value
[  337.380058][T13822] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  337.384272][T13822] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  337.421323][   T33] audit: type=1800 audit(1755090889.326:72): pid=13822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2915" name="file1" dev="loop5" ino=10 res=0 errno=0
[  337.487732][   T33] audit: type=1804 audit(1755090889.346:73): pid=13822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2915" name="/newroot/548/bus/file1" dev="loop5" ino=10 res=1 errno=0
[  337.832470][T13838] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2921'.
[  338.031690][T13840] loop8: detected capacity change from 0 to 32768
[  338.059810][ T5895] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  338.063220][T13840] ea_get: invalid extended attribute
[  338.215627][T13848] netlink: 'syz.8.2923': attribute type 2 has an invalid length.
[  338.220149][ T5895] usb 7-1: Using ep0 maxpacket: 16
[  338.224915][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.229060][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.232792][ T5895] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  338.239081][ T5895] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  338.244452][ T5895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.248487][ T5895] usb 7-1: config 0 descriptor??
[  338.320977][T13852] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2926'.
[  338.661096][T13854] loop8: detected capacity change from 0 to 32768
[  338.664563][T13854] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2927 (13854)
[  338.671399][T13854] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  338.675569][T13854] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[  338.678453][T13854] BTRFS info (device loop8): using free-space-tree
[  338.691474][T13854] BTRFS info (device loop8): rebuilding free space tree
[  338.730035][ T5895] shield 0003:0955:7214.0015: unknown main item tag 0x0
[  338.732478][ T5895] shield 0003:0955:7214.0015: unknown main item tag 0x0
[  338.734680][ T5895] shield 0003:0955:7214.0015: unknown main item tag 0x0
[  338.737016][ T5895] shield 0003:0955:7214.0015: unknown main item tag 0x0
[  338.741055][ T5895] shield 0003:0955:7214.0015: unknown main item tag 0x0
[  338.752403][ T5895] input: HID 0955:7214 Haptics as /devices/virtual/input/input29
[  338.783320][ T5849] Bluetooth: hci2: command tx timeout
[  338.810992][ T5895] shield 0003:0955:7214.0015: Registered Thunderstrike controller
[  338.828989][ T5895] shield 0003:0955:7214.0015: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.6-1/input0
[  338.842955][T13758] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  338.918385][T13836] random: crng reseeded on system resumption
[  339.026403][  T794] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  339.042179][  T794] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  339.059688][  T794] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  339.063396][ T2329] usb 7-1: USB disconnect, device number 15
[  339.071442][  T794] shield 0003:0955:7214.0015: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  339.127534][T13872] loop8: detected capacity change from 0 to 512
[  339.131904][T13872] EXT4-fs: Ignoring removed orlov option
[  339.134850][T13872] EXT4-fs (loop8): Test dummy encryption mode enabled
[  339.137138][T13872] EXT4-fs (loop8): bad geometry: first data block is 0 with a 1k block and cluster size
[  339.180676][T13876] loop8: detected capacity change from 0 to 512
[  339.207070][T13876] EXT4-fs (loop8): orphan cleanup on readonly fs
[  339.212215][T13876] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.2930: corrupted in-inode xattr: overlapping e_value 
[  339.218448][T13876] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2930: couldn't read orphan inode 15 (err -117)
[  339.235078][T13876] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  339.252555][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.609481][   T24] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[  339.620339][T13897] loop8: detected capacity change from 0 to 512
[  339.629685][T13897] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.2939: casefold flag without casefold feature
[  339.639410][T13897] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2939: couldn't read orphan inode 15 (err -117)
[  339.659920][T13897] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.691086][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.762870][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  339.767325][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  339.781018][   T24] usb 6-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  339.783982][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.788251][   T24] usb 6-1: config 0 descriptor??
[  339.799728][T13888] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  339.857432][T13895] loop6: detected capacity change from 0 to 32768
[  339.872156][T13895] bcachefs: bch2_fs_parse_param() Error parsing option gc_reserve_bytes: option_value
[  339.982388][T13915] loop8: detected capacity change from 0 to 8
[  340.213391][   T24] hid-rmi 0003:0461:4E72.0016: item fetching failed at offset 2/5
[  340.217155][   T24] hid-rmi 0003:0461:4E72.0016: parse failed
[  340.220812][   T24] hid-rmi 0003:0461:4E72.0016: probe with driver hid-rmi failed with error -22
[  340.229340][  T794] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  340.390008][  T794] usb 7-1: Using ep0 maxpacket: 32
[  340.394263][  T794] usb 7-1: unable to get BOS descriptor or descriptor too short
[  340.398362][  T794] usb 7-1: config 11 has an invalid interface number: 4 but max is 0
[  340.402194][  T794] usb 7-1: config 11 has no interface number 0
[  340.404612][  T794] usb 7-1: config 11 interface 4 altsetting 4 endpoint 0x4 has invalid maxpacket 1088, setting to 64
[  340.408889][  T794] usb 7-1: config 11 interface 4 has no altsetting 0
[  340.417808][ T5895] usb 6-1: USB disconnect, device number 28
[  340.421798][  T794] usb 7-1: New USB device found, idVendor=0e8d, idProduct=0043, bcdDevice=63.58
[  340.427067][  T794] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.433205][ T2329] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  340.436169][  T794] usb 7-1: Product: syz
[  340.437779][  T794] usb 7-1: Manufacturer: syz
[  340.444496][  T794] usb 7-1: SerialNumber: syz
[  340.591714][ T2329] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  340.595674][ T2329] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  340.599041][ T2329] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.603690][ T2329] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  340.610684][ T2329] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  340.614079][ T2329] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.616835][ T2329] usb 9-1: Product: syz
[  340.618553][ T2329] usb 9-1: Manufacturer: syz
[  340.621152][ T2329] usb 9-1: SerialNumber: syz
[  340.628199][ T2329] cdc_ncm 9-1:1.0: CDC Union missing and no IAD found
[  340.630788][ T2329] cdc_ncm 9-1:1.0: bind() failure
[  340.634085][ T2329] usbtest 9-1:1.0: couldn't get endpoints, -22
[  340.636951][ T2329] usbtest 9-1:1.0: probe with driver usbtest failed with error -22
[  340.662486][  T794] option 7-1:11.4: GSM modem (1-port) converter detected
[  340.669599][  T794] usb 7-1: USB disconnect, device number 16
[  340.673943][  T794] option 7-1:11.4: device disconnected
[  340.832134][ T2329] usb 9-1: USB disconnect, device number 2
[  340.859401][ T5849] Bluetooth: hci2: command tx timeout
[  341.087232][T13931] loop5: detected capacity change from 0 to 256
[  341.091390][T13931] exfat: Deprecated parameter 'utf8'
[  341.100268][T13931] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  341.398471][T13946] loop8: detected capacity change from 0 to 256
[  341.408672][T13946] vfat: Bad value for 'nonumtail'
[  341.464046][T13948] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  341.571777][T13944] loop5: detected capacity change from 0 to 40427
[  341.590170][T13944] F2FS-fs: heap/no_heap options were deprecated
[  341.592341][T13944] F2FS-fs: heap/no_heap options were deprecated
[  341.607415][T13944] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  341.615549][T13944] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  341.618967][T13944] F2FS-fs (loop5): build fault injection rate: 1
[  341.628938][T13944] F2FS-fs (loop5): build fault injection type: 0x1
[  341.633816][T13944] F2FS-fs (loop5): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x2e45/0x6ff0
[  341.659511][ T2329] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  341.819466][ T2329] usb 9-1: Using ep0 maxpacket: 8
[  341.826520][ T2329] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD9, changing to 0x89
[  341.831960][ T2329] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 99, changing to 10
[  341.837329][ T2329] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 34391, setting to 1024
[  341.845829][ T2329] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  341.851845][ T2329] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.863271][ T2329] usb 9-1: config 0 descriptor??
[  341.874567][T13946] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  341.913647][T13956] netlink: 'syz.5.2966': attribute type 3 has an invalid length.
[  342.090879][ T2329] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  342.108652][ T2329] usb 9-1: USB disconnect, device number 3
[  342.172930][T13962] loop5: detected capacity change from 0 to 1024
[  342.622001][T13967] loop6: detected capacity change from 0 to 128
[  342.625011][T13967] affs: No valid root block on device loop6
[  342.939687][ T5849] Bluetooth: hci2: command tx timeout
[  343.125326][T13977] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  343.526347][   T40] hfsplus: b-tree write err: -5, ino 4
[  343.716179][   T33] audit: type=1326 audit(1755090895.646:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13986 comm="syz.6.2979" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3ec158ebe9 code=0x0
[  343.879275][   T95] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  344.029268][   T95] usb 6-1: Using ep0 maxpacket: 16
[  344.036805][   T95] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.071213][   T95] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  344.074900][   T95] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  344.083245][   T95] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  344.086356][   T95] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  344.088989][   T95] usb 6-1: Manufacturer: syz
[  344.092547][   T95] usb 6-1: config 0 descriptor??
[  344.360338][   T95] rc_core: IR keymap rc-hauppauge not found
[  344.367250][   T95] Registered IR keymap rc-empty
[  344.372950][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.392572][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.412979][   T95] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  344.418408][   T95] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input30
[  344.431456][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.450626][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.469632][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.489452][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.509556][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.529431][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.554632][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.574881][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.589973][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.614399][   T95] mceusb 6-1:0.0: Error: mce write urb status = -71
[  344.634425][   T95] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  344.637633][   T95] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  344.784055][T13985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.789057][T13985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.800954][ T5909] usb 6-1: USB disconnect, device number 29
[  345.762340][T14017] loop5: detected capacity change from 0 to 2048
[  345.769824][T14017] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  345.777996][ T5846] udevd[5846]: incorrect nilfs2 checksum on /dev/loop5
[  345.869353][T14018] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  345.888925][T14017] NILFS error (device loop5): __nilfs_read_inode: invalid file type bits in mode 0177777 for inode 12
[  345.937412][T14017] Remounting filesystem read-only
[  345.943747][T13983] Set syz1 is full, maxelem 65536 reached
[  346.172487][T14034] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input31
[  346.334539][T14048] loop8: detected capacity change from 0 to 512
[  346.376837][T14048] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #11: comm syz.8.3004: invalid indirect mapped block 4294967295 (level 1)
[  346.382681][T14048] EXT4-fs (loop8): Remounting filesystem read-only
[  346.386110][T14048] EXT4-fs (loop8): 2 truncates cleaned up
[  346.393683][T14048] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.417133][T14054] loop6: detected capacity change from 0 to 512
[  346.428816][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.455004][T14054] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.479676][T14054] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.509485][ T5908] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  346.536477][T14054] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #12: comm syz.6.3006: corrupted xattr block 6: invalid header
[  346.548656][T14054] overlayfs: failed to get uuid (/file0, err=-117); falling back to uuid=null.
[  346.554770][T14054] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #12: comm syz.6.3006: corrupted xattr block 6: invalid header
[  346.574104][T14054] overlayfs: failed to get origin (-117)
[  346.576523][T14054] EXT4-fs error (device loop6): ext4_xattr_block_find:1869: inode #12: comm syz.6.3006: corrupted xattr block 6: invalid header
[  346.597342][T14054] overlayfs: failed to verify upper root origin
[  346.621636][T11508] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.673321][ T5908] usb 6-1: unable to get BOS descriptor or descriptor too short
[  346.676740][ T5908] usb 6-1: config 6 has an invalid interface number: 2 but max is 0
[  346.681145][ T5908] usb 6-1: config 6 has no interface number 0
[  346.686307][ T5908] usb 6-1: config 6 interface 2 altsetting 5 bulk endpoint 0x5 has invalid maxpacket 32
[  346.693461][ T5908] usb 6-1: config 6 interface 2 has no altsetting 0
[  346.704114][ T5908] usb 6-1: New USB device found, idVendor=110a, idProduct=1151, bcdDevice=ce.71
[  346.707138][ T5908] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.710947][ T5908] usb 6-1: Product: syz
[  346.712326][ T5908] usb 6-1: Manufacturer: syz
[  346.715423][ T5908] usb 6-1: SerialNumber: syz
[  346.723850][T14042] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  346.940797][ T5908] ti_usb_3410_5052 6-1:6.2: TI USB 3410 1 port adapter converter detected
[  346.943705][ T5908] ti_usb_3410_5052 6-1:6.2: missing endpoints
[  346.951092][ T5908] usb 6-1: USB disconnect, device number 30
[  347.256091][T14093] loop8: detected capacity change from 0 to 32768
[  347.267206][T14093] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  347.296977][T14093] XFS (loop8): Ending clean mount
[  347.314790][T14093] XFS (loop8): Quotacheck needed: Please wait.
[  347.351525][T14093] XFS (loop8): Quotacheck: Done.
[  347.386494][T13758] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  347.772497][T14121] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3032'.
[  347.777547][T14121] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3032'.
[  347.999449][ T5908] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  348.066123][T14129] loop6: detected capacity change from 0 to 32768
[  348.070632][T14129] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3035 (14129)
[  348.087196][T14129] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  348.093390][T14129] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  348.096095][T14129] BTRFS info (device loop6): using free-space-tree
[  348.150008][ T5908] usb 9-1: Using ep0 maxpacket: 16
[  348.154790][ T5908] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  348.161783][ T5908] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  348.168179][ T5908] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  348.173499][ T5908] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.177079][ T5908] usb 9-1: Product: syz
[  348.178981][ T5908] usb 9-1: Manufacturer: syz
[  348.183278][ T5908] usb 9-1: SerialNumber: syz
[  348.204118][T14129] BTRFS info (device loop6): rebuilding free space tree
[  348.304321][T11508] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  348.407743][ T5908] usb 9-1: 0:2 : does not exist
[  348.452598][ T5908] usb 9-1: USB disconnect, device number 4
[  348.544842][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  348.779400][ T5312] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  348.859414][  T794] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  348.939341][ T5312] usb 6-1: Using ep0 maxpacket: 16
[  348.945342][ T5312] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  348.951363][ T5312] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.955393][ T5312] usb 6-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  348.974107][ T5312] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.979940][ T5312] usb 6-1: config 0 descriptor??
[  349.012938][  T794] usb 7-1: Using ep0 maxpacket: 8
[  349.029579][  T794] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  349.033621][  T794] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.057911][  T794] pvrusb2: Hardware description: Terratec Grabster AV400
[  349.064179][  T794] pvrusb2: **********
[  349.065947][  T794] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  349.076032][  T794] pvrusb2: Important functionality might not be entirely working.
[  349.079374][  T794] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  349.083937][  T794] pvrusb2: **********
[  349.237443][T14156] loop8: detected capacity change from 0 to 40427
[  349.246319][T14156] F2FS-fs (loop8): invalid crc value
[  349.267304][ T2397] pvrusb2: Invalid write control endpoint
[  349.325087][T14156] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  349.327380][ T2397] pvrusb2: Invalid write control endpoint
[  349.331830][T14156] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  349.333318][ T2397] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  349.347594][ T2397] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  349.356963][ T2397] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  349.362268][ T2397] pvrusb2: Device being rendered inoperable
[  349.364587][ T2397] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  349.367135][ T2397] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  349.377350][ T2397] pvrusb2: Attached sub-driver cx25840
[  349.380622][ T2397] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  349.384189][ T2397] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  349.466978][ T5909] usb 7-1: USB disconnect, device number 17
[  349.473936][ T5312] apple 0003:05AC:024B.0017: unknown main item tag 0x6
[  349.477620][ T5312] apple 0003:05AC:024B.0017: ignoring exceeding usage max
[  349.480917][ T5312] apple 0003:05AC:024B.0017: invalid report_size 16640
[  349.483729][ T5312] apple 0003:05AC:024B.0017: item 0 2 1 7 parsing failed
[  349.486328][ T5312] apple 0003:05AC:024B.0017: parse failed
[  349.488217][ T5312] apple 0003:05AC:024B.0017: probe with driver apple failed with error -22
[  349.786818][ T5312] usb 6-1: USB disconnect, device number 31
[  349.958163][T13758] syz-executor: attempt to access beyond end of device
[  349.958163][T13758] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  349.963902][T13758] CPU: 0 UID: 0 PID: 13758 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  349.963915][T13758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  349.963920][T13758] Call Trace:
[  349.963924][T13758]  <TASK>
[  349.963927][T13758]  dump_stack_lvl+0x189/0x250
[  349.963942][T13758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.963952][T13758]  ? __pfx_queue_work_on+0x10/0x10
[  349.963960][T13758]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  349.963969][T13758]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  349.963983][T13758]  f2fs_handle_critical_error+0x37c/0x540
[  349.963996][T13758]  f2fs_write_end_io+0x886/0xb60
[  349.964015][T13758]  __submit_merged_bio+0x27a/0x6a0
[  349.964027][T13758]  __submit_merged_write_cond+0x255/0x530
[  349.964040][T13758]  f2fs_write_data_pages+0x261d/0x3000
[  349.964065][T13758]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  349.964096][T13758]  ? __kernel_text_address+0xd/0x40
[  349.964106][T13758]  ? unwind_get_return_address+0x4d/0x90
[  349.964114][T13758]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  349.964134][T13758]  ? __lock_acquire+0xab9/0xd20
[  349.964149][T13758]  ? do_raw_spin_lock+0x121/0x290
[  349.964163][T13758]  ? do_raw_spin_unlock+0x4d/0x240
[  349.964172][T13758]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  349.964182][T13758]  do_writepages+0x32e/0x550
[  349.964198][T13758]  ? do_raw_spin_unlock+0x4d/0x240
[  349.964209][T13758]  filemap_fdatawrite+0x199/0x240
[  349.964220][T13758]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  349.964251][T13758]  ? do_raw_spin_unlock+0x4d/0x240
[  349.964262][T13758]  f2fs_sync_dirty_inodes+0x31f/0x830
[  349.964279][T13758]  f2fs_write_checkpoint+0x95a/0x1df0
[  349.964301][T13758]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  349.964330][T13758]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  349.964341][T13758]  ? kfree+0x18e/0x440
[  349.964350][T13758]  ? kill_f2fs_super+0x298/0x6c0
[  349.964363][T13758]  kill_f2fs_super+0x2c3/0x6c0
[  349.964376][T13758]  ? __pfx_kill_f2fs_super+0x10/0x10
[  349.964385][T13758]  ? radix_tree_delete_item+0x2b6/0x400
[  349.964397][T13758]  ? shrinker_free+0x2ce/0x3e0
[  349.964407][T13758]  deactivate_locked_super+0xbc/0x130
[  349.964418][T13758]  cleanup_mnt+0x425/0x4c0
[  349.964426][T13758]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.964436][T13758]  task_work_run+0x1d4/0x260
[  349.964448][T13758]  ? __pfx_task_work_run+0x10/0x10
[  349.964456][T13758]  ? __x64_sys_umount+0x122/0x160
[  349.964468][T13758]  ? exit_to_user_mode_loop+0x40/0x110
[  349.964480][T13758]  exit_to_user_mode_loop+0xec/0x110
[  349.964491][T13758]  do_syscall_64+0x2bd/0x3b0
[  349.964499][T13758]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.964508][T13758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964516][T13758]  ? exc_page_fault+0x9f/0xf0
[  349.964525][T13758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.964532][T13758] RIP: 0033:0x7f57c4d8ff17
[  349.964541][T13758] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  349.964548][T13758] RSP: 002b:00007ffc3222cc88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  349.964557][T13758] RAX: 0000000000000000 RBX: 00007f57c4e11c05 RCX: 00007f57c4d8ff17
[  349.964562][T13758] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3222cd40
[  349.964567][T13758] RBP: 00007ffc3222cd40 R08: 0000000000000000 R09: 0000000000000000
[  349.964572][T13758] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc3222ddd0
[  349.964576][T13758] R13: 00007f57c4e11c05 R14: 0000000000055656 R15: 00007ffc3222de10
[  349.964589][T13758]  </TASK>
[  349.964593][T13758] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  350.198155][T14166] loop6: detected capacity change from 0 to 164
[  350.208408][T14166] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  350.647394][   T95] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  350.860246][   T95] usb 7-1: New USB device found, idVendor=0c70, idProduct=f010, bcdDevice= 0.00
[  350.869905][   T95] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.888816][   T95] usb 7-1: config 0 descriptor??
[  351.311995][   T95] aquacomputer_d5next 0003:0C70:F010.0018: item fetching failed at offset 1/5
[  351.317330][   T95] aquacomputer_d5next 0003:0C70:F010.0018: probe with driver aquacomputer_d5next failed with error -22
[  351.461224][T14188] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  351.522764][ T5312] usb 7-1: USB disconnect, device number 18
[  351.687419][T14191] loop5: detected capacity change from 0 to 32768
[  351.697436][T14191] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3052 (14191)
[  351.714575][T14191] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  351.717841][T14191] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  351.741542][T14191] BTRFS info (device loop5): using free-space-tree
[  351.836346][ T9769] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  352.074055][T14222] netlink: 'syz.5.3059': attribute type 1 has an invalid length.
[  352.077052][T14222] netlink: 'syz.5.3059': attribute type 4 has an invalid length.
[  352.098129][T14222] netlink: 208 bytes leftover after parsing attributes in process `syz.5.3059'.
[  352.104856][T14222] NCSI netlink: No device for ifindex 3088861696
[  352.200087][T14228] loop5: detected capacity change from 0 to 2048
[  352.254729][T14228] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  352.406531][T14235] new mount options do not match the existing superblock, will be ignored
[  352.731570][T14233] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  352.767510][T14228] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  352.772827][T14228] EXT4-fs (loop5): This should not happen!! Data will be lost
[  352.772827][T14228] 
[  352.777021][T14228] EXT4-fs (loop5): Total free blocks count 0
[  352.779762][T14228] EXT4-fs (loop5): Free/Dirty block details
[  352.782203][T14228] EXT4-fs (loop5): free_blocks=2415919104
[  352.784654][T14228] EXT4-fs (loop5): dirty_blocks=4720
[  352.786913][T14228] EXT4-fs (loop5): Block reservation details
[  352.789577][T14228] EXT4-fs (loop5): i_reserved_data_blocks=295
[  352.802242][T14239] loop8: detected capacity change from 0 to 8
[  352.826899][T14239] SQUASHFS error: Failed to read block 0x2fc: -5
[  352.836211][T14239] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  352.842294][T14239] SQUASHFS error: Unable to read inode 0x11f
[  352.927179][T14241] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3065'.
[  352.933646][T14241] bridge_slave_1: left allmulticast mode
[  352.935636][T14241] bridge_slave_1: left promiscuous mode
[  352.937747][T14241] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.944729][T14241] bridge_slave_0: left allmulticast mode
[  352.950020][T14241] bridge_slave_0: left promiscuous mode
[  352.952048][T14241] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.971284][   T40] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  353.293185][T14253] netlink: 'syz.5.3072': attribute type 1 has an invalid length.
[  353.295918][T14253] netlink: 'syz.5.3072': attribute type 2 has an invalid length.
[  353.303956][T14253] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3072'.
[  353.333522][T14257] binder: 14256:14257 ioctl 40046210 0 returned -14
[  353.525028][T14275] netlink: 'syz.5.3082': attribute type 1 has an invalid length.
[  354.839260][   T95] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  354.992213][   T95] usb 7-1: config 1 has an invalid descriptor of length 68, skipping remainder of the config
[  354.996424][   T95] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  355.000300][   T95] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  355.007571][   T95] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  355.011627][   T95] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.014938][   T95] usb 7-1: Product: syz
[  355.016565][   T95] usb 7-1: Manufacturer: syz
[  355.018443][   T95] usb 7-1: SerialNumber: syz
[  355.238131][   T95] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found
[  355.242380][   T95] cdc_ncm 7-1:1.0: bind() failure
[  355.248302][   T95] usb 7-1: USB disconnect, device number 19
[  355.613578][T14318] loop5: detected capacity change from 0 to 256
[  355.622327][T14318] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  355.989737][T14331] loop5: detected capacity change from 0 to 32768
[  355.993431][T14331] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3108 (14331)
[  356.016643][T14331] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  356.033113][T14331] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  356.036780][T14331] BTRFS info (device loop5): using free-space-tree
[  356.041267][T14336] netlink: 'syz.6.3109': attribute type 1 has an invalid length.
[  356.047077][T14336] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3109'.
[  356.177755][T14355] Bluetooth: hci0: invalid length 0, exp 2 for type 17
[  356.196424][ T9769] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  356.449974][T14362] loop5: detected capacity change from 0 to 4096
[  356.467329][T14364] loop6: detected capacity change from 0 to 128
[  356.476338][T14362] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  356.500988][T14364] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  356.507766][T14362] ntfs3(loop5): Failed to load $Extend (-22).
[  356.511233][T14362] ntfs3(loop5): Failed to initialize $Extend.
[  356.514260][T14364] ext4 filesystem being mounted at /343/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  356.601950][T11508] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  356.919458][ T2329] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  356.971592][T14382] loop5: detected capacity change from 0 to 512
[  356.975800][T14382] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  357.004614][T14382] block device autoloading is deprecated and will be removed.
[  357.008192][T14382] EXT4-fs (loop5): external journal has bad superblock
[  357.069355][ T2329] usb 7-1: Using ep0 maxpacket: 8
[  357.073753][ T2329] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  357.077053][ T2329] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  357.082412][ T2329] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  357.086440][ T2329] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  357.091707][ T2329] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  357.097044][ T2329] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  357.102700][ T2329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.236530][T14390] netlink: 'syz.5.3127': attribute type 1 has an invalid length.
[  357.242830][T14390] netlink: 16150 bytes leftover after parsing attributes in process `syz.5.3127'.
[  357.353867][ T2329] usb 7-1: usb_control_msg returned -32
[  357.356238][ T2329] usbtmc 7-1:16.0: can't read capabilities
[  357.421306][T14396] loop5: detected capacity change from 0 to 4096
[  357.460138][T14396] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  357.492114][T14396] ntfs3(loop5): Failed to load $Extend (-22).
[  357.495347][T14396] ntfs3(loop5): Failed to initialize $Extend.
[  357.863350][T14404] loop8: detected capacity change from 0 to 32768
[  357.873816][T14404] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  357.907629][T14404] XFS (loop8): Ending clean mount
[  357.933545][T13758] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  358.079317][ T5909] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  358.130457][T14427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.135559][T14424] usbtmc 7-1:16.0: usb_control_msg returned -32
[  358.150837][T14427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  358.173463][T14429] loop8: detected capacity change from 0 to 1024
[  358.213500][T14429] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.225970][T14429] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.231359][ T5909] usb 6-1: Using ep0 maxpacket: 32
[  358.235235][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.244918][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.246865][   T33] audit: type=1800 audit(1755090910.176:75): pid=14429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3141" name="file1" dev="loop8" ino=15 res=0 errno=0
[  358.249032][ T5909] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  358.263033][ T5909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.270691][ T5909] usb 6-1: config 0 descriptor??
[  358.281064][ T5909] hub 6-1:0.0: USB hub found
[  358.300686][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.374713][T14434] loop8: detected capacity change from 0 to 512
[  358.387583][T14434] fscrypt (loop8, inode 2): Error -61 getting encryption context
[  358.391341][T14434] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -61
[  358.394863][T14434] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #13: comm syz.8.3142: iget: bad i_size value: 12154757448730
[  358.403000][T14434] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.3142: couldn't read orphan inode 13 (err -117)
[  358.410756][T14434] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.445484][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.479061][ T5909] hub 6-1:0.0: 9 ports detected
[  358.481790][ T5909] hub 6-1:0.0: insufficient power available to use all downstream ports
[  358.813095][T14445] loop8: detected capacity change from 0 to 40427
[  358.816244][T14445] F2FS-fs (loop8): Image doesn't support compression
[  358.818496][T14445] F2FS-fs (loop8): build fault injection rate: 690
[  358.822429][T14445] F2FS-fs (loop8): invalid crc value
[  358.850503][T14445] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  358.854219][T14445] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  358.857000][ T5909] hub 6-1:0.0: hub_hub_status failed (err = -71)
[  358.859571][ T5909] hub 6-1:0.0: config failed, can't get hub status (err -71)
[  358.864251][ T5909] usbhid 6-1:0.0: can't add hid device: -71
[  358.871021][   T95] usb 7-1: USB disconnect, device number 20
[  358.874575][ T5909] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  358.903091][ T5909] usb 6-1: USB disconnect, device number 32
[  359.260137][   T95] usb 7-1: new full-speed USB device number 21 using dummy_hcd
[  359.275171][T14458] netlink: 129704 bytes leftover after parsing attributes in process `syz.5.3153'.
[  359.376916][T14461] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3154'.
[  359.399313][ T5909] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  359.422808][   T95] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  359.427722][   T95] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  359.433829][   T95] usb 7-1: config 0 interface 0 has no altsetting 0
[  359.437136][   T95] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  359.441213][   T95] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.453807][   T95] usb 7-1: config 0 descriptor??
[  359.459318][T14448] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  359.559342][ T5909] usb 9-1: Using ep0 maxpacket: 16
[  359.566213][ T5909] usb 9-1: too many configurations: 60, using maximum allowed: 8
[  359.606394][ T5909] usb 9-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9
[  359.610856][ T5909] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204
[  359.614037][ T5909] usb 9-1: Product: syz
[  359.615791][ T5909] usb 9-1: Manufacturer: syz
[  359.617475][ T5909] usb 9-1: SerialNumber: syz
[  359.629936][ T5909] usb 9-1: config 0 descriptor??
[  359.637473][ T5909] pwc: Philips SPC 880NC USB webcam detected.
[  359.849526][ T5909] pwc: Warning: more than 1 configuration available.
[  359.857863][ T5909] pwc: Failed to set LED on/off time (-71)
[  359.860771][ T5909] pwc: send_video_command error -71
[  359.862613][ T5909] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  359.865572][ T5909] Philips webcam 9-1:0.0: probe with driver Philips webcam failed with error -71
[  359.878806][ T5909] usb 9-1: USB disconnect, device number 5
[  359.880755][   T95] sony 0003:054C:024B.0019: item fetching failed at offset 0/2
[  359.886155][   T95] sony 0003:054C:024B.0019: parse failed
[  359.898436][   T95] sony 0003:054C:024B.0019: probe with driver sony failed with error -22
[  360.098738][ T5909] usb 7-1: USB disconnect, device number 21
[  360.732489][T14467] ip6gre1: entered allmulticast mode
[  360.741677][T14469] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.752150][T14469] bridge_slave_1: left promiscuous mode
[  360.762238][T14469] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.783830][T14469] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  361.166043][T14487] loop6: detected capacity change from 0 to 512
[  361.177150][T14487] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  361.192538][T14487] EXT4-fs (loop6): 1 truncate cleaned up
[  361.197983][T14487] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.338563][T11508] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.744991][T14500] loop5: detected capacity change from 0 to 8
[  361.817483][T14500] SQUASHFS error: xz decompression failed, data probably corrupt
[  361.820810][T14500] SQUASHFS error: Failed to read block 0x108: -5
[  361.823525][T14500] SQUASHFS error: Unable to read metadata cache entry [106]
[  361.826072][T14500] SQUASHFS error: Unable to read inode 0x0
[  361.987339][T14504] batman_adv: batadv0: Adding interface: gretap1
[  361.995289][T14504] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  362.022764][T14504] batman_adv: batadv0: Interface activated: gretap1
[  362.593294][T14540] loop6: detected capacity change from 0 to 256
[  362.654337][T14543] loop8: detected capacity change from 0 to 256
[  362.674187][T14543] MINIX-fs: mounting file system with errors, running fsck is recommended
[  362.709376][T14543] MINIX-fs warning: remounting fs with errors, running fsck is recommended
[  363.133101][ T5895] IPVS: starting estimator thread 0...
[  363.224460][T14562] IPVS: using max 44 ests per chain, 105600 per kthread
[  363.283937][T14564] loop8: detected capacity change from 0 to 512
[  363.288623][T14564] EXT4-fs: Ignoring removed nomblk_io_submit option
[  363.295712][T14564] EXT4-fs (loop8): filesystem is read-only
[  363.298169][T14564] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  363.307457][T14564] EXT4-fs (loop8): filesystem is read-only
[  363.310406][T14564] EXT4-fs (loop8): orphan cleanup on readonly fs
[  363.313292][T14564] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #16: comm syz.8.3196: iget: bad i_size value: 648518346341360424
[  363.318798][T14564] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.3196: couldn't read orphan inode 16 (err -117)
[  363.328134][T14564] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  363.359669][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.829336][ T2329] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  363.980957][ T2329] usb 6-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da
[  363.984205][ T2329] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.988964][ T2329] usb 6-1: config 0 descriptor??
[  363.998749][ T2329] pwc: Philips SPC 900NC USB webcam detected.
[  364.200906][ T2329] pwc: Failed to set LED on/off time (-71)
[  364.203602][ T2329] pwc: send_video_command error -71
[  364.206336][ T2329] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  364.210222][ T2329] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  364.215591][ T2329] usb 6-1: USB disconnect, device number 33
[  364.278848][T14576] loop8: detected capacity change from 0 to 512
[  364.289858][T14576] EXT4-fs: Ignoring removed mblk_io_submit option
[  364.292606][T14576] ext4: Unknown parameter 'seclabel'
[  364.301810][T14576] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3200'.
[  364.307016][T14576] netlink: 60 bytes leftover after parsing attributes in process `syz.8.3200'.
[  364.587457][T14580] netlink: 'syz.8.3201': attribute type 9 has an invalid length.
[  364.590912][T14580] netlink: 'syz.8.3201': attribute type 7 has an invalid length.
[  364.594214][T14580] netlink: 'syz.8.3201': attribute type 8 has an invalid length.
[  364.789573][T14582] policy can only be matched on NF_INET_PRE_ROUTING
[  364.789585][T14582] unable to load match
[  364.793736][T14584] loop5: detected capacity change from 0 to 128
[  364.813490][T14584] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  364.817795][T14584] ext4 filesystem being mounted at /655/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  364.838436][ T9769] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  365.419325][   T54] Bluetooth: hci2: command 0x0405 tx timeout
[  365.450598][T14594] loop6: detected capacity change from 0 to 32768
[  365.464842][T14594] JBD2: Ignoring recovery information on journal
[  365.512128][T14594] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  365.536295][   T33] audit: type=1800 audit(1755090917.466:76): pid=14594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3206" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  365.569575][T11508] ocfs2: Unmounting device (7,6) on (node local)
[  365.685967][T14601] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  365.693734][T14601] syz.6.3208: attempt to access beyond end of device
[  365.693734][T14601] loop6: rw=0, sector=0, nr_sectors = 2 limit=0
[  366.308599][ T2329] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  366.384108][T14610] program syz.8.3211 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  366.509874][ T2329] usb 6-1: Using ep0 maxpacket: 8
[  366.517479][ T2329] usb 6-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  366.521098][ T2329] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.524106][ T2329] usb 6-1: Product: syz
[  366.526219][ T2329] usb 6-1: Manufacturer: syz
[  366.527814][ T2329] usb 6-1: SerialNumber: syz
[  366.536654][ T2329] usb 6-1: config 0 descriptor??
[  366.543594][ T2329] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  366.710855][T14612] loop8: detected capacity change from 0 to 40427
[  366.714781][T14612] F2FS-fs (loop8): Small segment_count (9 < 1 * 24)
[  366.717425][T14612] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  366.748442][ T2329] gspca_sonixj: reg_w1 err -71
[  366.752057][ T2329] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[  366.758368][T14612] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  366.761227][ T2329] usb 6-1: USB disconnect, device number 34
[  366.765784][T14612] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  366.769972][T14612] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  366.792420][T14612] syz.8.3212: attempt to access beyond end of device
[  366.792420][T14612] loop8: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  366.821277][T13758] syz-executor: attempt to access beyond end of device
[  366.821277][T13758] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  366.826972][T13758] CPU: 0 UID: 0 PID: 13758 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  366.826985][T13758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  366.826990][T13758] Call Trace:
[  366.826993][T13758]  <TASK>
[  366.826997][T13758]  dump_stack_lvl+0x189/0x250
[  366.827012][T13758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.827022][T13758]  ? __pfx_queue_work_on+0x10/0x10
[  366.827030][T13758]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  366.827039][T13758]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  366.827053][T13758]  f2fs_handle_critical_error+0x37c/0x540
[  366.827066][T13758]  f2fs_write_end_io+0x886/0xb60
[  366.827085][T13758]  __submit_merged_bio+0x27a/0x6a0
[  366.827098][T13758]  __submit_merged_write_cond+0x255/0x530
[  366.827110][T13758]  f2fs_write_data_pages+0x261d/0x3000
[  366.827136][T13758]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  366.827151][T13758]  ? arch_stack_walk+0xfc/0x150
[  366.827173][T13758]  ? __mod_zone_page_state+0xd7/0x140
[  366.827188][T13758]  ? folios_put_refs+0x560/0x640
[  366.827202][T13758]  ? __pfx_folios_put_refs+0x10/0x10
[  366.827209][T13758]  ? rcu_is_watching+0x15/0xb0
[  366.827221][T13758]  ? __lock_acquire+0xab9/0xd20
[  366.827240][T13758]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  366.827250][T13758]  do_writepages+0x32e/0x550
[  366.827266][T13758]  ? do_raw_spin_unlock+0x4d/0x240
[  366.827277][T13758]  filemap_fdatawrite+0x199/0x240
[  366.827287][T13758]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  366.827319][T13758]  ? do_raw_spin_unlock+0x4d/0x240
[  366.827330][T13758]  f2fs_sync_dirty_inodes+0x31f/0x830
[  366.827348][T13758]  f2fs_write_checkpoint+0x95a/0x1df0
[  366.827369][T13758]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  366.827399][T13758]  ? call_rcu+0x6ff/0x9c0
[  366.827406][T13758]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.827415][T13758]  ? kill_f2fs_super+0x298/0x6c0
[  366.827428][T13758]  kill_f2fs_super+0x2c3/0x6c0
[  366.827441][T13758]  ? __pfx_kill_f2fs_super+0x10/0x10
[  366.827450][T13758]  ? radix_tree_delete_item+0x2b6/0x400
[  366.827462][T13758]  ? shrinker_free+0x2ce/0x3e0
[  366.827472][T13758]  deactivate_locked_super+0xbc/0x130
[  366.827482][T13758]  cleanup_mnt+0x425/0x4c0
[  366.827491][T13758]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.827501][T13758]  task_work_run+0x1d4/0x260
[  366.827512][T13758]  ? __pfx_task_work_run+0x10/0x10
[  366.827521][T13758]  ? __x64_sys_umount+0x122/0x160
[  366.827533][T13758]  ? exit_to_user_mode_loop+0x40/0x110
[  366.827545][T13758]  exit_to_user_mode_loop+0xec/0x110
[  366.827556][T13758]  do_syscall_64+0x2bd/0x3b0
[  366.827564][T13758]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.827573][T13758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.827580][T13758]  ? exc_page_fault+0x9f/0xf0
[  366.827590][T13758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.827597][T13758] RIP: 0033:0x7f57c4d8ff17
[  366.827605][T13758] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  366.827635][T13758] RSP: 002b:00007ffc3222cc88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  366.827645][T13758] RAX: 0000000000000000 RBX: 00007f57c4e11c05 RCX: 00007f57c4d8ff17
[  366.827650][T13758] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3222cd40
[  366.827655][T13758] RBP: 00007ffc3222cd40 R08: 0000000000000000 R09: 0000000000000000
[  366.827660][T13758] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc3222ddd0
[  366.827665][T13758] R13: 00007f57c4e11c05 R14: 0000000000059860 R15: 00007ffc3222de10
[  366.827683][T13758]  </TASK>
[  366.827688][T13758] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  367.039520][ T5895] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  367.181042][T14620] loop8: detected capacity change from 0 to 16
[  367.186149][T14620] erofs (device loop8): mounted with root inode @ nid 36.
[  367.200011][ T5895] usb 7-1: Using ep0 maxpacket: 8
[  367.214776][ T5895] usb 7-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  367.218733][ T5895] usb 7-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  367.224530][ T5895] usb 7-1: Product: syz
[  367.235174][ T5895] usb 7-1: Manufacturer: syz
[  367.237273][ T5895] usb 7-1: SerialNumber: syz
[  367.242012][ T5895] usb 7-1: config 0 descriptor??
[  367.251879][ T5895] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  367.459308][   T95] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  367.611044][   T95] usb 9-1: Using ep0 maxpacket: 32
[  367.620431][   T54] Bluetooth: hci2: Dropping invalid advertising data
[  367.626480][   T95] usb 9-1: unable to get BOS descriptor or descriptor too short
[  367.633137][   T95] usb 9-1: no configurations
[  367.635047][   T95] usb 9-1: can't read configurations, error -22
[  367.983910][ T5895] input: gspca_zc3xx as /devices/platform/dummy_hcd.6/usb7/7-1/input/input32
[  368.163528][T14641] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3224'.
[  368.180817][ T5895] usb 7-1: USB disconnect, device number 22
[  368.243415][T14649] loop5: detected capacity change from 0 to 16
[  368.462432][T14657] loop5: detected capacity change from 0 to 32768
[  368.468094][T14657] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3231 (14657)
[  368.479922][T14657] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  368.483143][T14657] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  368.486144][T14657] BTRFS info (device loop5): using free-space-tree
[  368.581225][ T9769] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  368.918801][T14686] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  369.079892][   T95] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  369.229205][   T95] usb 7-1: Using ep0 maxpacket: 32
[  369.242011][   T95] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  369.245740][   T95] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  369.248916][   T95] usb 7-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  369.256638][   T95] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.273399][   T95] usb 7-1: config 0 descriptor??
[  369.314901][T14706] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3246'.
[  369.583940][T14718] ip6tnl1: entered promiscuous mode
[  369.699044][   T95] glorious 0003:258A:0033.001A: unknown main item tag 0x2
[  369.705334][   T95] glorious 0003:258A:0033.001A: hidraw0: USB HID v0.00 Device [Glorious Model D] on usb-dummy_hcd.6-1/input0
[  369.793260][T14723] loop5: detected capacity change from 0 to 32768
[  369.804936][T14723] find_entry called with index >= next_index
[  369.808022][T14723] find_entry called with index >= next_index
[  369.810670][T14723] find_entry called with index >= next_index
[  369.818261][T14723] ERROR: (device loop5): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 1
[  369.818261][T14723] 
[  369.824858][T14723] ERROR: (device loop5): remounting filesystem as read-only
[  369.828068][T14723] ERROR: (device loop5): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 3
[  369.828068][T14723] 
[  369.835575][T14723] ERROR: (device loop5): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 4
[  369.835575][T14723] 
[  369.870317][   T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  369.896836][   T95] usb 7-1: USB disconnect, device number 23
[  370.019354][   T24] usb 9-1: Using ep0 maxpacket: 32
[  370.023624][   T24] usb 9-1: config 0 has an invalid interface number: 247 but max is 0
[  370.026704][   T24] usb 9-1: config 0 has no interface number 0
[  370.028826][   T24] usb 9-1: config 0 interface 247 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  370.033042][   T24] usb 9-1: config 0 interface 247 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  370.038195][   T24] usb 9-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  370.041912][   T24] usb 9-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  370.045971][   T24] usb 9-1: Product: syz
[  370.047813][   T24] usb 9-1: Manufacturer: syz
[  370.052126][   T24] usb 9-1: config 0 descriptor??
[  370.265425][   T95] usb 9-1: USB disconnect, device number 8
[  370.449225][ T5909] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  370.599311][ T5909] usb 6-1: Using ep0 maxpacket: 8
[  370.604209][ T5909] usb 6-1: config 0 has an invalid interface number: 130 but max is 0
[  370.606928][ T5909] usb 6-1: config 0 has no interface number 0
[  370.611868][ T5909] usb 6-1: New USB device found, idVendor=2013, idProduct=0246, bcdDevice=e6.56
[  370.614962][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.617611][ T5909] usb 6-1: Product: syz
[  370.622788][ T5909] usb 6-1: Manufacturer: syz
[  370.624294][ T5909] usb 6-1: SerialNumber: syz
[  370.627390][ T5909] usb 6-1: config 0 descriptor??
[  370.636920][ T5909] as10x_usb: device has been detected
[  370.638996][ T5909] dvbdev: DVB: registering new adapter (PCTV Systems picoStick (74e))
[  370.648542][ T5909] usb 6-1: DVB: registering adapter 1 frontend 0 (PCTV Systems picoStick (74e))...
[  370.654250][ T5909] as10x_usb: error during firmware upload part1
[  370.656471][ T5909] Registered device PCTV Systems picoStick (74e)
[  370.669352][ T5895] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  370.830487][ T5895] usb 7-1: Using ep0 maxpacket: 32
[  370.839875][   T24] usb 6-1: USB disconnect, device number 35
[  370.848544][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  370.856651][   T24] Unregistered device PCTV Systems picoStick (74e)
[  370.858633][ T5895] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  370.859562][   T24] as10x_usb: device has been disconnected
[  370.864366][ T5895] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  370.874464][ T5895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.881046][ T5895] usb 7-1: config 0 descriptor??
[  370.886785][ T5895] hub 7-1:0.0: USB hub found
[  371.099540][ T5895] hub 7-1:0.0: 1 port detected
[  371.382548][T14739] loop5: detected capacity change from 0 to 24
[  371.388174][T14739] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  371.399080][T14739] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  371.418918][T14739] VFS: Lookup of 'file0' in romfs loop5 would have caused loop
[  371.468819][T14741] Non-string source
[  371.584843][T14745] loop5: detected capacity change from 0 to 4096
[  371.603632][T14745] ntfs3(loop5): ino=1a, mi_enum_attr
[  371.606023][T14745] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  371.734149][T14749] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3264'.
[  372.281137][T14773] loop8: detected capacity change from 0 to 8
[  372.291943][T14773] squashfs image failed sanity check
[  372.300444][ T5895] hub 7-1:0.0: hub_hub_status failed (err = -32)
[  372.302680][ T5895] hub 7-1:0.0: config failed, can't get hub status (err -32)
[  372.311777][ T5895] usbhid 7-1:0.0: can't add hid device: -32
[  372.315639][ T5895] usbhid 7-1:0.0: probe with driver usbhid failed with error -32
[  372.352711][ T5895] usb 7-1: USB disconnect, device number 24
[  372.416777][T14777] loop8: detected capacity change from 0 to 512
[  372.434683][T14777] EXT4-fs error (device loop8): ext4_orphan_get:1392: comm syz.8.3277: inode #15: comm syz.8.3277: iget: illegal inode #
[  372.450085][T14777] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.3277: couldn't read orphan inode 15 (err -117)
[  372.456435][T14777] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.466085][T14777] EXT4-fs (loop8): shut down requested (2)
[  372.483413][T13758] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.608788][T14785] 
[  372.609857][T14785] =====================================================
[  372.612747][T14785] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  372.615844][T14785] 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 Not tainted
[  372.619065][T14785] -----------------------------------------------------
[  372.622393][T14785] syz.8.3280/14785 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  372.625357][T14785] ffff88803756c2b8 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0
[  372.628771][T14785] 
[  372.628771][T14785] and this task is already holding:
[  372.631758][T14785] ffff888118ecd028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0xb9/0xbd0
[  372.635760][T14785] which would create a new lock dependency:
[  372.638160][T14785]  (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3}
[  372.641480][T14785] 
[  372.641480][T14785] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  372.645432][T14785]  (&dev->event_lock#2){..-.}-{3:3}
[  372.645458][T14785] 
[  372.645458][T14785] ... which became SOFTIRQ-irq-safe at:
[  372.650845][T14785]   lock_acquire+0x120/0x360
[  372.652763][T14785]   _raw_spin_lock_irqsave+0xa7/0xf0
[  372.655008][T14785]   input_event+0x76/0xe0
[  372.656917][T14785]   hidinput_report_event+0xa1/0x100
[  372.659169][T14785]   hid_report_raw_event+0x148b/0x16d0
[  372.661488][T14785]   hid_input_report+0x43e/0x520
[  372.663505][T14785]   hid_irq_in+0x47e/0x6d0
[  372.665335][T14785]   __usb_hcd_giveback_urb+0x41a/0x690
[  372.667660][T14785]   dummy_timer+0x862/0x4550
[  372.669563][T14785]   __hrtimer_run_queues+0x52c/0xc60
[  372.671825][T14785]   hrtimer_run_softirq+0x187/0x2b0
[  372.674052][T14785]   handle_softirqs+0x286/0x870
[  372.676095][T14785]   __irq_exit_rcu+0xca/0x1f0
[  372.677995][T14785]   irq_exit_rcu+0x9/0x30
[  372.679787][T14785]   sysvec_apic_timer_interrupt+0xa6/0xc0
[  372.682219][T14785]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  372.684816][T14785]   lock_acquire+0x175/0x360
[  372.686809][T14785]   pfn_valid+0xd6/0x490
[  372.688683][T14785]   page_table_check_clear+0x21/0x700
[  372.690972][T14785]   unmap_page_range+0x3445/0x4370
[  372.693054][T14785]   unmap_vmas+0x399/0x580
[  372.694896][T14785]   exit_mmap+0x248/0xb50
[  372.696761][T14785]   __mmput+0x118/0x430
[  372.698606][T14785]   exit_mm+0x1da/0x2c0
[  372.700394][T14785]   do_exit+0x648/0x2300
[  372.702181][T14785]   do_group_exit+0x21c/0x2d0
[  372.704200][T14785]   get_signal+0x1286/0x1340
[  372.706159][T14785]   arch_do_signal_or_restart+0x9a/0x750
[  372.708513][T14785]   exit_to_user_mode_loop+0x75/0x110
[  372.710728][T14785]   do_syscall_64+0x2bd/0x3b0
[  372.712683][T14785]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.715136][T14785] 
[  372.715136][T14785] to a SOFTIRQ-irq-unsafe lock:
[  372.718007][T14785]  (tasklist_lock){.+.+}-{3:3}
[  372.718028][T14785] 
[  372.718028][T14785] ... which became SOFTIRQ-irq-unsafe at:
[  372.723197][T14785] ...
[  372.723206][T14785]   lock_acquire+0x120/0x360
[  372.726316][T14785]   _raw_read_lock+0x36/0x50
[  372.728325][T14785]   __do_wait+0xde/0x740
[  372.730115][T14785]   do_wait+0x1f8/0x520
[  372.731907][T14785]   kernel_wait+0xab/0x170
[  372.733643][T14785]   call_usermodehelper_exec_work+0xbe/0x230
[  372.736128][T14785]   process_scheduled_works+0xae1/0x17b0
[  372.738398][T14785]   worker_thread+0x8a0/0xda0
[  372.740249][T14785]   kthread+0x711/0x8a0
[  372.742025][T14785]   ret_from_fork+0x3fc/0x770
[  372.744030][T14785]   ret_from_fork_asm+0x1a/0x30
[  372.746063][T14785] 
[  372.746063][T14785] other info that might help us debug this:
[  372.746063][T14785] 
[  372.749965][T14785] Chain exists of:
[  372.749965][T14785]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[  372.749965][T14785] 
[  372.755058][T14785]  Possible interrupt unsafe locking scenario:
[  372.755058][T14785] 
[  372.758457][T14785]        CPU0                    CPU1
[  372.760710][T14785]        ----                    ----
[  372.762966][T14785]   lock(tasklist_lock);
[  372.764720][T14785]                                local_irq_disable();
[  372.767456][T14785]                                lock(&dev->event_lock#2);
[  372.770462][T14785]                                lock(&client->buffer_lock);
[  372.773545][T14785]   <Interrupt>
[  372.775038][T14785]     lock(&dev->event_lock#2);
[  372.777025][T14785] 
[  372.777025][T14785]  *** DEADLOCK ***
[  372.777025][T14785] 
[  372.780296][T14785] 7 locks held by syz.8.3280/14785:
[  372.782465][T14785]  #0: ffff88801ea33118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x1a1/0x480
[  372.786113][T14785]  #1: ffff888106056230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0xa5/0x340
[  372.790226][T14785]  #2: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xb6/0x340
[  372.794175][T14785]  #3: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x8d/0x890
[  372.798203][T14785]  #4: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x79/0x340
[  372.801961][T14785]  #5: ffff888118ecd028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0xb9/0xbd0
[  372.806153][T14785]  #6: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0
[  372.809771][T14785] 
[  372.809771][T14785] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  372.813900][T14785]  -> (&dev->event_lock#2){..-.}-{3:3} {
[  372.816227][T14785]     IN-SOFTIRQ-W at:
[  372.817954][T14785]                       lock_acquire+0x120/0x360
[  372.820479][T14785]                       _raw_spin_lock_irqsave+0xa7/0xf0
[  372.823308][T14785]                       input_event+0x76/0xe0
[  372.825832][T14785]                       hidinput_report_event+0xa1/0x100
[  372.828812][T14785]                       hid_report_raw_event+0x148b/0x16d0
[  372.831807][T14785]                       hid_input_report+0x43e/0x520
[  372.834507][T14785]                       hid_irq_in+0x47e/0x6d0
[  372.837017][T14785]                       __usb_hcd_giveback_urb+0x41a/0x690
[  372.840001][T14785]                       dummy_timer+0x862/0x4550
[  372.842660][T14785]                       __hrtimer_run_queues+0x52c/0xc60
[  372.845500][T14785]                       hrtimer_run_softirq+0x187/0x2b0
[  372.848367][T14785]                       handle_softirqs+0x286/0x870
[  372.851182][T14785]                       __irq_exit_rcu+0xca/0x1f0
[  372.853745][T14785]                       irq_exit_rcu+0x9/0x30
[  372.856170][T14785]                       sysvec_apic_timer_interrupt+0xa6/0xc0
[  372.859223][T14785]                       asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  372.862376][T14785]                       lock_acquire+0x175/0x360
[  372.864941][T14785]                       pfn_valid+0xd6/0x490
[  372.867171][T14785]                       page_table_check_clear+0x21/0x700
[  372.869497][T14785]                       unmap_page_range+0x3445/0x4370
[  372.872138][T14785]                       unmap_vmas+0x399/0x580
[  372.874661][T14785]                       exit_mmap+0x248/0xb50
[  372.877231][T14785]                       __mmput+0x118/0x430
[  372.879808][T14785]                       exit_mm+0x1da/0x2c0
[  372.882209][T14785]                       do_exit+0x648/0x2300
[  372.884715][T14785]                       do_group_exit+0x21c/0x2d0
[  372.887405][T14785]                       get_signal+0x1286/0x1340
[  372.889952][T14785]                       arch_do_signal_or_restart+0x9a/0x750
[  372.893031][T14785]                       exit_to_user_mode_loop+0x75/0x110
[  372.896003][T14785]                       do_syscall_64+0x2bd/0x3b0
[  372.898764][T14785]                       entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.902030][T14785]     INITIAL USE at:
[  372.903691][T14785]                      lock_acquire+0x120/0x360
[  372.906280][T14785]                      _raw_spin_lock_irqsave+0xa7/0xf0
[  372.909140][T14785]                      input_inject_event+0xa5/0x340
[  372.911819][T14785]                      kbd_led_trigger_activate+0xbc/0x100
[  372.914830][T14785]                      led_trigger_set+0x52d/0x950
[  372.917481][T14785]                      led_trigger_set_default+0x260/0x2a0
[  372.920497][T14785]                      led_classdev_register_ext+0x73d/0x930
[  372.923459][T14785]                      input_leds_connect+0x517/0x790
[  372.926153][T14785]                      input_register_device+0xd0e/0x1140
[  372.929058][T14785]                      atkbd_connect+0x72e/0xa00
[  372.931535][T14785]                      serio_driver_probe+0x82/0xd0
[  372.934182][T14785]                      really_probe+0x26d/0x9e0
[  372.936758][T14785]                      __driver_probe_device+0x18c/0x2f0
[  372.939547][T14785]                      driver_probe_device+0x4f/0x430
[  372.942312][T14785]                      __driver_attach+0x452/0x700
[  372.945041][T14785]                      bus_for_each_dev+0x233/0x2b0
[  372.947682][T14785]                      serio_handle_event+0x1f9/0x8d0
[  372.950383][T14785]                      process_scheduled_works+0xae1/0x17b0
[  372.953357][T14785]                      worker_thread+0x8a0/0xda0
[  372.955981][T14785]                      kthread+0x711/0x8a0
[  372.958450][T14785]                      ret_from_fork+0x3fc/0x770
[  372.961091][T14785]                      ret_from_fork_asm+0x1a/0x30
[  372.963661][T14785]   }
[  372.964772][T14785]   ... key      at: [<ffffffff99e22060>] input_allocate_device.__key.5+0x0/0x20
[  372.968356][T14785] -> (&client->buffer_lock){....}-{3:3} {
[  372.970706][T14785]    INITIAL USE at:
[  372.972322][T14785]                    lock_acquire+0x120/0x360
[  372.974872][T14785]                    _raw_spin_lock+0x2e/0x40
[  372.977322][T14785]                    evdev_pass_values+0xb9/0xbd0
[  372.979970][T14785]                    evdev_events+0x1aa/0x340
[  372.982478][T14785]                    input_pass_values+0x1c2/0x890
[  372.985194][T14785]                    input_event_dispose+0x330/0x6b0
[  372.987910][T14785]                    input_inject_event+0x1dd/0x340
[  372.990600][T14785]                    evdev_write+0x2fc/0x480
[  372.993111][T14785]                    vfs_write+0x27e/0xa90
[  372.995525][T14785]                    ksys_write+0x145/0x250
[  372.997936][T14785]                    do_syscall_64+0xfa/0x3b0
[  373.000494][T14785]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.003550][T14785]  }
[  373.004658][T14785]  ... key      at: [<ffffffff99e22300>] evdev_open.__key.25+0x0/0x20
[  373.008031][T14785]  ... acquired at:
[  373.009628][T14785]    lock_acquire+0x120/0x360
[  373.011594][T14785]    _raw_spin_lock+0x2e/0x40
[  373.013605][T14785]    evdev_pass_values+0xb9/0xbd0
[  373.015713][T14785]    evdev_events+0x1aa/0x340
[  373.017744][T14785]    input_pass_values+0x1c2/0x890
[  373.019955][T14785]    input_event_dispose+0x330/0x6b0
[  373.022097][T14785]    input_inject_event+0x1dd/0x340
[  373.024234][T14785]    evdev_write+0x2fc/0x480
[  373.026167][T14785]    vfs_write+0x27e/0xa90
[  373.028006][T14785]    ksys_write+0x145/0x250
[  373.029865][T14785]    do_syscall_64+0xfa/0x3b0
[  373.031777][T14785]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.034294][T14785] 
[  373.035322][T14785] 
[  373.035322][T14785] the dependencies between the lock to be acquired
[  373.035330][T14785]  and SOFTIRQ-irq-unsafe lock:
[  373.040942][T14785]   -> (tasklist_lock){.+.+}-{3:3} {
[  373.043152][T14785]      HARDIRQ-ON-R at:
[  373.044912][T14785]                         lock_acquire+0x120/0x360
[  373.047537][T14785]                         _raw_read_lock+0x36/0x50
[  373.050218][T14785]                         __do_wait+0xde/0x740
[  373.052775][T14785]                         do_wait+0x1f8/0x520
[  373.055327][T14785]                         kernel_wait+0xab/0x170
[  373.057996][T14785]                         call_usermodehelper_exec_work+0xbe/0x230
[  373.061320][T14785]                         process_scheduled_works+0xae1/0x17b0
[  373.064517][T14785]                         worker_thread+0x8a0/0xda0
[  373.067282][T14785]                         kthread+0x711/0x8a0
[  373.069860][T14785]                         ret_from_fork+0x3fc/0x770
[  373.072657][T14785]                         ret_from_fork_asm+0x1a/0x30
[  373.075428][T14785]      SOFTIRQ-ON-R at:
[  373.077161][T14785]                         lock_acquire+0x120/0x360
[  373.079779][T14785]                         _raw_read_lock+0x36/0x50
[  373.082360][T14785]                         __do_wait+0xde/0x740
[  373.084882][T14785]                         do_wait+0x1f8/0x520
[  373.087407][T14785]                         kernel_wait+0xab/0x170
[  373.090036][T14785]                         call_usermodehelper_exec_work+0xbe/0x230
[  373.093229][T14785]                         process_scheduled_works+0xae1/0x17b0
[  373.096154][T14785]                         worker_thread+0x8a0/0xda0
[  373.098800][T14785]                         kthread+0x711/0x8a0
[  373.101286][T14785]                         ret_from_fork+0x3fc/0x770
[  373.103981][T14785]                         ret_from_fork_asm+0x1a/0x30
[  373.106851][T14785]      INITIAL USE at:
[  373.108602][T14785]                        lock_acquire+0x120/0x360
[  373.111271][T14785]                        _raw_write_lock_irq+0xa2/0xf0
[  373.114139][T14785]                        copy_process+0x224f/0x3c00
[  373.116872][T14785]                        kernel_clone+0x21e/0x840
[  373.119556][T14785]                        user_mode_thread+0xdd/0x140
[  373.122311][T14785]                        rest_init+0x23/0x300
[  373.124809][T14785]                        start_kernel+0x3a9/0x410
[  373.127492][T14785]                        x86_64_start_reservations+0x24/0x30
[  373.130162][T14785]                        x86_64_start_kernel+0x143/0x1c0
[  373.133013][T14785]                        common_startup_64+0x13e/0x147
[  373.135315][T14785]      INITIAL READ USE at:
[  373.136907][T14785]                             lock_acquire+0x120/0x360
[  373.139269][T14785]                             _raw_read_lock+0x36/0x50
[  373.141554][T14785]                             __do_wait+0xde/0x740
[  373.143824][T14785]                             do_wait+0x1f8/0x520
[  373.146019][T14785]                             kernel_wait+0xab/0x170
[  373.148811][T14785]                             call_usermodehelper_exec_work+0xbe/0x230
[  373.152297][T14785]                             process_scheduled_works+0xae1/0x17b0
[  373.155564][T14785]                             worker_thread+0x8a0/0xda0
[  373.158344][T14785]                             kthread+0x711/0x8a0
[  373.161027][T14785]                             ret_from_fork+0x3fc/0x770
[  373.163917][T14785]                             ret_from_fork_asm+0x1a/0x30
[  373.166877][T14785]    }
[  373.168023][T14785]    ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[  373.171388][T14785]    ... acquired at:
[  373.173114][T14785]    lock_acquire+0x120/0x360
[  373.175129][T14785]    _raw_read_lock+0x36/0x50
[  373.177055][T14785]    send_sigurg+0x12b/0x420
[  373.178963][T14785]    sk_send_sigurg+0x6c/0x2e0
[  373.180991][T14785]    queue_oob+0x420/0x4f0
[  373.182825][T14785]    unix_stream_sendmsg+0xc3f/0xdf0
[  373.184999][T14785]    __sock_sendmsg+0x21c/0x270
[  373.186989][T14785]    ____sys_sendmsg+0x505/0x830
[  373.188989][T14785]    ___sys_sendmsg+0x21f/0x2a0
[  373.190996][T14785]    __x64_sys_sendmsg+0x19b/0x260
[  373.193153][T14785]    do_syscall_64+0xfa/0x3b0
[  373.195091][T14785]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.197190][T14785] 
[  373.198030][T14785]  -> (&f_owner->lock){....}-{3:3} {
[  373.200211][T14785]     INITIAL USE at:
[  373.201898][T14785]                      lock_acquire+0x120/0x360
[  373.204409][T14785]                      _raw_write_lock_irq+0xa2/0xf0
[  373.207117][T14785]                      __f_setown+0x67/0x370
[  373.209600][T14785]                      fcntl_dirnotify+0x3fa/0x6a0
[  373.212229][T14785]                      do_fcntl+0x6d0/0x1910
[  373.214675][T14785]                      __se_sys_fcntl+0xc8/0x150
[  373.217124][T14785]                      do_syscall_64+0xfa/0x3b0
[  373.219699][T14785]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.222780][T14785]     INITIAL READ USE at:
[  373.224626][T14785]                           lock_acquire+0x120/0x360
[  373.227311][T14785]                           _raw_read_lock_irqsave+0xaf/0x100
[  373.230315][T14785]                           send_sigio+0x38/0x370
[  373.232843][T14785]                           dnotify_handle_event+0x169/0x440
[  373.235834][T14785]                           fsnotify+0x1814/0x1a80
[  373.238444][T14785]                           vfs_readv+0x703/0x850
[  373.241015][T14785]                           __x64_sys_preadv+0x197/0x2a0
[  373.243874][T14785]                           do_syscall_64+0xfa/0x3b0
[  373.246602][T14785]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.249779][T14785]   }
[  373.250905][T14785]   ... key      at: [<ffffffff99b22f60>] file_f_owner_allocate.__key+0x0/0x20
[  373.254428][T14785]   ... acquired at:
[  373.256062][T14785]    lock_acquire+0x120/0x360
[  373.258021][T14785]    _raw_read_lock_irqsave+0xaf/0x100
[  373.260178][T14785]    send_sigio+0x38/0x370
[  373.262004][T14785]    kill_fasync+0x24d/0x4d0
[  373.263937][T14785]    sock_wake_async+0x137/0x160
[  373.265999][T14785]    sk_wake_async+0x184/0x280
[  373.268001][T14785]    unix_release_sock+0x768/0xd30
[  373.270101][T14785]    unix_release+0x92/0xd0
[  373.272011][T14785]    sock_close+0xc3/0x240
[  373.273831][T14785]    __fput+0x44c/0xa70
[  373.275563][T14785]    task_work_run+0x1d4/0x260
[  373.277559][T14785]    get_signal+0x11ed/0x1340
[  373.279535][T14785]    arch_do_signal_or_restart+0x9a/0x750
[  373.281871][T14785]    exit_to_user_mode_loop+0x75/0x110
[  373.284097][T14785]    do_syscall_64+0x2bd/0x3b0
[  373.286031][T14785]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.288523][T14785] 
[  373.289535][T14785] -> (&new->fa_lock){....}-{3:3} {
[  373.291690][T14785]    INITIAL USE at:
[  373.293341][T14785]                    lock_acquire+0x120/0x360
[  373.295804][T14785]                    _raw_write_lock_irq+0xa2/0xf0
[  373.298411][T14785]                    fasync_remove_entry+0xf1/0x1c0
[  373.301060][T14785]                    sock_fasync+0x85/0xf0
[  373.303442][T14785]                    __fput+0x8a2/0xa70
[  373.305716][T14785]                    task_work_run+0x1d4/0x260
[  373.308227][T14785]                    exit_to_user_mode_loop+0xec/0x110
[  373.311093][T14785]                    do_syscall_64+0x2bd/0x3b0
[  373.313716][T14785]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.316887][T14785]    INITIAL READ USE at:
[  373.318711][T14785]                         lock_acquire+0x120/0x360
[  373.321327][T14785]                         _raw_read_lock_irqsave+0xaf/0x100
[  373.324318][T14785]                         kill_fasync+0x199/0x4d0
[  373.326981][T14785]                         sock_wake_async+0x137/0x160
[  373.329751][T14785]                         sk_wake_async+0x184/0x280
[  373.332542][T14785]                         unix_release_sock+0x768/0xd30
[  373.335458][T14785]                         unix_release+0x92/0xd0
[  373.338080][T14785]                         sock_close+0xc3/0x240
[  373.340778][T14785]                         __fput+0x44c/0xa70
[  373.343341][T14785]                         task_work_run+0x1d4/0x260
[  373.346140][T14785]                         get_signal+0x11ed/0x1340
[  373.348898][T14785]                         arch_do_signal_or_restart+0x9a/0x750
[  373.352084][T14785]                         exit_to_user_mode_loop+0x75/0x110
[  373.355142][T14785]                         do_syscall_64+0x2bd/0x3b0
[  373.357918][T14785]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.361225][T14785]  }
[  373.362331][T14785]  ... key      at: [<ffffffff99b22f80>] fasync_insert_entry.__key+0x0/0x20
[  373.365965][T14785]  ... acquired at:
[  373.367597][T14785]    lock_acquire+0x120/0x360
[  373.369626][T14785]    _raw_read_lock_irqsave+0xaf/0x100
[  373.371945][T14785]    kill_fasync+0x199/0x4d0
[  373.373944][T14785]    evdev_pass_values+0x627/0xbd0
[  373.376090][T14785]    evdev_events+0x1e6/0x340
[  373.378070][T14785]    input_pass_values+0x288/0x890
[  373.380304][T14785]    input_event_dispose+0x330/0x6b0
[  373.382605][T14785]    input_inject_event+0x1dd/0x340
[  373.384865][T14785]    evdev_write+0x2fc/0x480
[  373.386904][T14785]    vfs_write+0x27e/0xa90
[  373.388872][T14785]    ksys_write+0x145/0x250
[  373.390849][T14785]    do_syscall_64+0xfa/0x3b0
[  373.392883][T14785]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.395514][T14785] 
[  373.396594][T14785] 
[  373.396594][T14785] stack backtrace:
[  373.399152][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.8.3280 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  373.399170][T14785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  373.399179][T14785] Call Trace:
[  373.399186][T14785]  <TASK>
[  373.399193][T14785]  dump_stack_lvl+0x189/0x250
[  373.399211][T14785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.399226][T14785]  ? __pfx__printk+0x10/0x10
[  373.399246][T14785]  validate_chain+0x1f05/0x2140
[  373.399266][T14785]  __lock_acquire+0xab9/0xd20
[  373.399286][T14785]  ? kill_fasync+0x199/0x4d0
[  373.399299][T14785]  lock_acquire+0x120/0x360
[  373.399316][T14785]  ? kill_fasync+0x199/0x4d0
[  373.399333][T14785]  _raw_read_lock_irqsave+0xaf/0x100
[  373.399347][T14785]  ? kill_fasync+0x199/0x4d0
[  373.399360][T14785]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  373.399372][T14785]  ? do_raw_spin_lock+0x121/0x290
[  373.399389][T14785]  kill_fasync+0x199/0x4d0
[  373.399408][T14785]  ? kill_fasync+0x53/0x4d0
[  373.399422][T14785]  evdev_pass_values+0x627/0xbd0
[  373.399440][T14785]  ? evdev_pass_values+0x5a1/0xbd0
[  373.399456][T14785]  evdev_events+0x1e6/0x340
[  373.399471][T14785]  ? evdev_events+0x79/0x340
[  373.399485][T14785]  ? input_pass_values+0x8d/0x890
[  373.399497][T14785]  input_pass_values+0x288/0x890
[  373.399514][T14785]  ? input_handle_event+0x70c/0xf30
[  373.399526][T14785]  input_event_dispose+0x330/0x6b0
[  373.399538][T14785]  input_inject_event+0x1dd/0x340
[  373.399550][T14785]  ? input_inject_event+0xb6/0x340
[  373.399562][T14785]  evdev_write+0x2fc/0x480
[  373.399604][T14785]  ? __pfx_evdev_write+0x10/0x10
[  373.399620][T14785]  ? bpf_lsm_file_permission+0x9/0x20
[  373.399636][T14785]  ? security_file_permission+0x75/0x290
[  373.399650][T14785]  ? rw_verify_area+0x255/0x4d0
[  373.399665][T14785]  ? __lock_acquire+0xab9/0xd20
[  373.399681][T14785]  ? __pfx_evdev_write+0x10/0x10
[  373.399696][T14785]  vfs_write+0x27e/0xa90
[  373.399714][T14785]  ? __pfx_vfs_write+0x10/0x10
[  373.399730][T14785]  ? __fget_files+0x2a/0x420
[  373.399749][T14785]  ? __fget_files+0x2a/0x420
[  373.399766][T14785]  ? __fget_files+0x3a0/0x420
[  373.399783][T14785]  ? __fget_files+0x2a/0x420
[  373.399802][T14785]  ksys_write+0x145/0x250
[  373.399819][T14785]  ? __pfx_ksys_write+0x10/0x10
[  373.399836][T14785]  ? do_syscall_64+0xbe/0x3b0
[  373.399853][T14785]  do_syscall_64+0xfa/0x3b0
[  373.399866][T14785]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.399878][T14785]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.399890][T14785]  ? exc_page_fault+0x9f/0xf0
[  373.399905][T14785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.399917][T14785] RIP: 0033:0x7f57c4d8ebe9
[  373.399928][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.399939][T14785] RSP: 002b:00007f57c5ba8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  373.399954][T14785] RAX: ffffffffffffffda RBX: 00007f57c4fb5fa0 RCX: 00007f57c4d8ebe9
[  373.399963][T14785] RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000004
[  373.399972][T14785] RBP: 00007f57c4e11e19 R08: 0000000000000000 R09: 0000000000000000
[  373.399980][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.399987][T14785] R13: 00007f57c4fb6038 R14: 00007f57c4fb5fa0 R15: 00007ffc3222d9f8
[  373.400001][T14785]  </TASK>
[  373.540538][    C0] hpet: Lost 60 RTC interrupts
[  378.141994][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  378.144473][ T1363] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
13:15:24  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000139a RDI=000000000000139b RBP=00000000000003f8 RSP=ffffc900068ef010
R8 =ffff888020410237 R9 =1ffff11004082046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af18c2 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f57c5ba86c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f57c4d733e0 CR3=000000003f78c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffffffffffffff XMM01=2323232323232323 2323232323232323
XMM02=0000000000000000 0000000000000023 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=ffffffffffffffff ffffffffffffffff XMM05=00007f57c4f87478 00007f57c4f874c0
XMM06=00007f57c4f874b8 00007f57c4f874b0 XMM07=00007f57c4f874a8 00007f57c4f874a0
XMM08=35ca37e6a79f83ce 3c7ffd42c7de4993 XMM09=0000000000000000 00007f57c4e12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=2db9709199885c00 RBX=0000000000000a02 RCX=2db9709199885c00 RDX=0000000000000000
RSI=ffffffff8be325e0 RDI=ffffffff8be325a0 RBP=ffffc900067d7cf0 RSP=ffffc900067d7c20
R8 =ffffffff8fa34237 R9 =1ffffffff1f46846 R10=dffffc0000000000 R11=fffffbfff1f46847
R12=dffffc0000000000 R13=ffffc900067d7d40 R14=ffffffff99d415a0 R15=1ffff92000cfaf8c
RIP=ffffffff819d4566 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555584aed500 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055fc646f7000 CR3=0000000111258000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f2d01b87498 00007f2d01b87470 XMM03=00007f2d01b874a8 00007f2d01b874a0
XMM04=00007f2d026ed100 00007f2d01b87460 XMM05=00007f2d01b87478 00007f2d01b874c0
XMM06=00007f2d01b874b8 00007f2d01b874b0 XMM07=00007f2d01b874a8 00007f2d01b874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f2d01a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
