last executing test programs:

1m44.018569697s ago: executing program 2 (id=436):
sendto(0xffffffffffffffff, &(0x7f0000000540)="0cc31a4098ddc80dadd3a0aa2bea9050d9f47bcde4cbb8170d3d61aabbdbd869e8a75ab95a3b8e8b960477dbbbbf5cb0fd4a98ea0032d054de676f19c5e1f84def57482d1b3eb94a2a1d3c0af33709610ece6cb54ae7f8c3ed385c3890244d348c9bcfb556ee478845ff23d8a9f2a492531e7c7ce719ef1983bdaf4008386323fc593be590321dbe51aa4ecabebf495efc0f722637337e20cc541399dc617deafa840b68f2b22e5f7c6afb3825871b966ab90a79a4d6d72f29a1e43abdf4d25f6352dfa26c57684224fdb0e14151550796aaa09b4669e71d9f4255f63905467b709f6d7185347a078538e4443f0dad324393274e857979db0a9e3894857aacabc2f2ccd9457fda98a520e2b8c83085a206c8aea9dd18a0b66c87b3b61f95fafed84303436c7ae3782f714dc364c10102788b02d3aed05cb29fe974b75e7bf53dfd2554d7b700dcbf24a6fa021732b747a2c7d6d2a649e1ca523f91ba57da29e6e5050da7ec9466884aea64349e0c65b40bd78fe25622a5f854d351fd3282e85e37989b73e1a3b9fe874ad7131850117f28a930f8fb5afe15040fd20cd9c861c95b2c1f9844ac1f8b3cd0a7f22269e235866414acb5f4d9d0b64301cd5b4e8c2da68caacd3f7dda0f325120ad99c05a55736067c87cceda7b850758e60ab8829b0dbfdc1ca8322e6716e643e00c2f665781461f08282a0aa366d9927036d685c3a721530dafe21e62906c5710c3214621d6374d9f5eef47eca1e5080e21510000009822a3bf99784f7b19e2dfaa7b8ba39dc5212c94585af38e7a50cbf6d619e3f1b8e4c17351203fa037ca4ce7ef32fd8b4387b8583ebd32a0be47c5aeb06ec1c054377d5532c370aba18abe561e2bfcfa6d92c0c3d0419f5f4936772b6a0026a623914f09b04cf5d7c2b3ab010c676e9932f5807240a765b3d92d2bddd63a91bd0f1c795fe0ecdda5e50ec8fd0a68115986168fb8bb67fa020ed3c416a716fb12d5d918b8522931dcf2bfd0c7bf7d9c56c490c9880309240d0c2cf1a3cafb647e1a9e1fde434cdbcae9eeac3f8c652a85d6aea69b3e9a922cb2727ed8f50e6babd152b96ca223be94c4aedf7e6848650026a7e1df48e00f45714233d9ae79f4e5e13ac220d553da26f7e7bd242db5f11acc92d32e6c60106a0934174c7fc587a191dd9939473e17308e5c0a614860c5619378b9efe5b8e7593f5cb0b154e3f7e2964aa44756d7d2e6972c39ef66bfbe15408a4f169b96b305fee9e2b00a1bc4f2610daf6467af908966f0031143f2349e7c406a02935625e8c3a2b2d769b6abfd6737adee81747af3a1f0a9c9f916ef0f8d96d804e75bf01506c338cd48948a8468061480deaf8ff839d8f5055e5c23222e72d2eb9a7aaea83345df132c635f5222717e09f693b8884b0c22dc38fb742dd69b75fc416909919561e7", 0x3fc, 0x4000, &(0x7f0000000180)=@caif=@rfm={0x25, 0x107ff, "6798c48f000000ec00"}, 0x80)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])
read$FUSE(r0, &(0x7f0000003680)={0x2020}, 0x2020)

1m43.922521669s ago: executing program 2 (id=439):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1000001, 0x13, r0, 0x0)

1m43.921984684s ago: executing program 2 (id=440):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000140)=@allocspi={0x104, 0x16, 0x401, 0x0, 0x0, {{{@in6=@private0, @in6=@empty, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0xffffffffffffffff}, {@in=@dev={0xac, 0x14, 0x14, 0x26}, 0x0, 0x33}, @in=@remote, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x100000000}, {0x0, 0x0, 0x3, 0x1}}, 0x8, 0xffffffff}, [@mark={0xc}]}, 0x104}, 0x1, 0x0, 0x0, 0x42001}, 0x0)

1m43.861386966s ago: executing program 2 (id=442):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m43.784155342s ago: executing program 2 (id=445):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x23d7, 0x7f}}]}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x5c}, 0x1, 0x0, 0x0, 0xf00}, 0x0)

1m43.548913384s ago: executing program 2 (id=447):
syz_io_uring_setup(0x83, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0x352}, 0x0, 0x0)
syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x3, 0x2, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x1ff, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xa, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x7, 0x8, 0x4, 0x1, 0x42], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x0, 0x0, 0x81, 0x5, 0x2f, 0xe, 0x311, 0x1, 0x0, 0xfffffffc, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0xfff, 0x4, 0xfb, 0x5, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0x20009, 0x4, 0x9, 0x8, 0x9, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400002], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x40000100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x200, 0x80, 0x2, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x400, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x7f, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x5, 0x0, 0x40003, 0x80ce7, 0x1ff, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1m43.336466148s ago: executing program 32 (id=447):
syz_io_uring_setup(0x83, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0x352}, 0x0, 0x0)
syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x3, 0x2, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x1ff, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xa, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x7, 0x8, 0x4, 0x1, 0x42], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x0, 0x0, 0x81, 0x5, 0x2f, 0xe, 0x311, 0x1, 0x0, 0xfffffffc, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0xfff, 0x4, 0xfb, 0x5, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0x20009, 0x4, 0x9, 0x8, 0x9, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400002], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x40000100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x200, 0x80, 0x2, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x400, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x7f, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x5, 0x0, 0x40003, 0x80ce7, 0x1ff, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1m0.028203983s ago: executing program 0 (id=950):
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000ec0), 0xffffffffffffffff)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01032cbd7000fcdbdf2502000000dfc29f042d6ea42b0219df560c4b0ede6e71eda0950a8066247393027ecbd61753dbb50255483d1df820e722b57ddd6f516a320a61f24cf986eaca01e029a1c2f511399335aec094fd3325d704ad65bad4e836ab801696fdb5509348f893a0d83602698af4aa1e81ee52d814da42bd7be9377764cffae9cd22214d08d2889fec057702738c58338123efb35177a92b2333e682e739a50af234c47350d554396a9b091623e921805140a509cb2a6c862644e5dd66f9cab188901f32cd25c6"], 0x14}, 0x1, 0x0, 0x0, 0x4811}, 0x0)

59.737380446s ago: executing program 0 (id=954):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000000), 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
setxattr$incfs_metadata(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000001dc0)="aede985004106b455d5e28672d7a3a32d08d6405d6cac3f8794fde5246895c04b41d2e2384", 0x25, 0x0)

59.646516445s ago: executing program 0 (id=957):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='yeah\x00', 0x5)
shutdown(r0, 0x2)

59.577097258s ago: executing program 0 (id=959):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x28b501e, 0x0)
mount$bind(0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

59.516609061s ago: executing program 0 (id=961):
r0 = socket(0x1d, 0x2, 0x6)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x1, 0x3}, 0xfe}, 0x18)
sendmmsg$sock(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="1f", 0x206c}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

59.253271038s ago: executing program 0 (id=965):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

58.71973887s ago: executing program 33 (id=965):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3.239641534s ago: executing program 1 (id=1579):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r5 = io_uring_setup(0x6b3, &(0x7f00000000c0)={0x0, 0xf324, 0x800, 0x2, 0xb9})
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000300)={&(0x7f0000002000)={[{0x0, 0x0, 0x2}, {0x0}, {0x0, 0x0, 0x3}, {0x0}]}, 0x4, 0x1}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r5, 0x17, &(0x7f0000000340)={0x0, 0x0, 0x1}, 0x1)
openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)

2.279247129s ago: executing program 1 (id=1586):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x3e, 0x7fff0000}]})
msync(&(0x7f00001df000/0x2000)=nil, 0x2000, 0x4)

2.158281911s ago: executing program 1 (id=1587):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/mdstat\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2024)

2.078694511s ago: executing program 1 (id=1588):
syz_usb_connect(0x2, 0x24, &(0x7f0000001500)={{0x12, 0x1, 0x110, 0xdc, 0x75, 0xcc, 0x8, 0x19ab, 0x1000, 0x101, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xd, 0xa8, 0x60, 0x1, [{{0x9, 0x4, 0x90, 0xe, 0x0, 0xe, 0x1}}]}}]}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, 0x0, 0x4)

1.462826641s ago: executing program 3 (id=1592):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x17ef, 0x6067, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x6, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1, 0x8, 0x1, {0x22, 0xb}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x56, 0xff}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f00000000c0)={0x0, 0xd, 0xb, {0xb, 0x31, "e6045b424409e995fc"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

757.546123ms ago: executing program 3 (id=1594):
syz_usb_connect(0x0, 0x36, &(0x7f0000001b40)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904000000ff4f9b000904b000003a384600090431"], 0x0)

697.842923ms ago: executing program 1 (id=1595):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountstats\x00')
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

626.941754ms ago: executing program 1 (id=1596):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x21, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3b370086d04ae085811f1010301090212000d000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_disconnect(r0)

468.763102ms ago: executing program 4 (id=1598):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000)=0x81, 0x4)

468.416094ms ago: executing program 4 (id=1599):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x3800052, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r0, r0, 0x0, 0x800000009)

348.870912ms ago: executing program 4 (id=1600):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
unshare(0x20000400)
pidfd_getfd(r1, r1, 0x0)

348.638177ms ago: executing program 4 (id=1601):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x11, 0x7fffffff}}, &(0x7f0000000000)='GPL\x00', 0x8, 0x8a, &(0x7f00000001c0)=""/138, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41000, 0x2}, 0x94)

268.943814ms ago: executing program 4 (id=1602):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x30, r1, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)

268.508707ms ago: executing program 4 (id=1603):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, 0x0, 0x0, 0x3000}])

198.375846ms ago: executing program 3 (id=1604):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1, 0x1, &(0x7f0000000640)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f00000002c0)='GPL\x00', 0xf}, 0x94)

98.685713ms ago: executing program 3 (id=1605):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001000000100000800130000000000080012"], 0x44}}, 0x0)

98.39555ms ago: executing program 3 (id=1606):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x200000, &(0x7f0000000880)={[{@noblock_validity}, {@usrquota}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000640)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000300)='./bus\x00')

0s ago: executing program 3 (id=1607):
syz_usb_connect(0x3, 0x7f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000044d6b2099042510f69c0000000109026d0001022440020904c20004a2f8ab000524060000052400f5ff0d240f01080000000700008036042402050524060000052400ec000d240f01030000000600050081052401000309050904100000050f09058203ff03060c0309050a0607"], 0x0)

kernel console output (not intermixed with test programs):

5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[   95.375578][   T33] audit: type=1326 audit(1755150473.152:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[   95.391019][   T33] audit: type=1326 audit(1755150473.152:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[   95.398167][   T33] audit: type=1326 audit(1755150473.152:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4999f8ec23 code=0x7ffc0000
[   95.403909][ T6764] loop2: detected capacity change from 0 to 1024
[   95.414418][   T33] audit: type=1326 audit(1755150473.162:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[   95.438153][   T33] audit: type=1326 audit(1755150473.162:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6760 comm="syz.0.324" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[   96.357643][ T6778] netlink: 'syz.1.330': attribute type 11 has an invalid length.
[   96.360584][ T6778] netlink: 36 bytes leftover after parsing attributes in process `syz.1.330'.
[   96.474498][ T6782] loop1: detected capacity change from 0 to 512
[   96.531630][ T6782] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.540321][ T6782] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.692687][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.969090][ T5855] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   97.249356][ T6809] loop0: detected capacity change from 0 to 512
[   97.263364][ T6809] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   97.294085][ T6809] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.343: bg 0: block 4: invalid block bitmap
[   97.310633][ T6809] EXT4-fs (loop0): Remounting filesystem read-only
[   97.313889][ T6809] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   97.319357][ T6809] EXT4-fs (loop0): 1 truncate cleaned up
[   97.323286][ T6809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.692453][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.786188][ T6820] loop0: detected capacity change from 0 to 512
[   97.798781][ T6820] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.344: bad orphan inode 13
[   97.816119][ T6820] ext4_test_bit(bit=12, block=4) = 1
[   97.818288][ T6820] is_bad_inode(inode)=0
[   97.826470][ T6820] NEXT_ORPHAN(inode)=0
[   97.828142][ T6820] max_ino=32
[   97.836583][ T6820] i_nlink=1
[   97.838726][ T6820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.848642][ T6820] EXT4-fs warning (device loop0): dx_probe:801: inode #2: comm syz.0.344: Unrecognised inode hash code 20
[   97.856949][ T6820] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.344: Corrupt directory, running e2fsck is recommended
[   97.866310][ T6820] EXT4-fs warning (device loop0): dx_probe:801: inode #2: comm syz.0.344: Unrecognised inode hash code 20
[   97.871948][ T6820] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.344: Corrupt directory, running e2fsck is recommended
[   97.893516][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.137601][ T6836] loop1: detected capacity change from 0 to 2048
[   98.190076][ T5294]  loop1: p1 p2 < > p3 < p5 >
[   98.191564][ T5294] loop1: partition table partially beyond EOD, truncated
[   98.193790][ T5294] loop1: p1 size 917504 extends beyond EOD, truncated
[   98.196853][ T5294] loop1: p2 start 4278190080 is beyond EOD, truncated
[   98.201016][ T5294] loop1: p5 size 917504 extends beyond EOD, truncated
[   98.235892][ T6836]  loop1: p1 p2 < > p3 < p5 >
[   98.237505][ T6836] loop1: partition table partially beyond EOD, truncated
[   98.240040][ T6836] loop1: p1 size 917504 extends beyond EOD, truncated
[   98.243161][ T6836] loop1: p2 start 4278190080 is beyond EOD, truncated
[   98.246155][ T6836] loop1: p5 size 917504 extends beyond EOD, truncated
[   98.327104][ T5845] udevd[5845]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   98.332127][ T6189] udevd[6189]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   98.337376][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[   98.380780][ T5845] udevd[5845]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   98.382134][ T5857] udevd[5857]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[   98.396731][ T6189] udevd[6189]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   98.688287][ T6839] loop2: detected capacity change from 0 to 40427
[   98.707953][ T6839] F2FS-fs (loop2): invalid crc value
[   98.759839][ T6839] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   98.763235][ T6839] F2FS-fs (loop2): Start checkpoint disabled!
[   98.766899][ T6839] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   98.769731][ T6812] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   98.790210][   T32] kworker/u9:1: attempt to access beyond end of device
[   98.790210][   T32] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   98.794934][   T32] CPU: 0 UID: 0 PID: 32 Comm: kworker/u9:1 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   98.794957][   T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   98.794967][   T32] Workqueue: writeback wb_workfn (flush-7:2)
[   98.794992][   T32] Call Trace:
[   98.794998][   T32]  <TASK>
[   98.795005][   T32]  dump_stack_lvl+0x189/0x250
[   98.795029][   T32]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.795045][   T32]  ? __pfx_queue_work_on+0x10/0x10
[   98.795060][   T32]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.795076][   T32]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.795102][   T32]  f2fs_handle_critical_error+0x37c/0x540
[   98.795129][   T32]  f2fs_write_end_io+0x886/0xb60
[   98.795160][   T32]  __submit_merged_bio+0x27a/0x6a0
[   98.795185][   T32]  __submit_merged_write_cond+0x255/0x530
[   98.795211][   T32]  f2fs_write_data_pages+0x261d/0x3000
[   98.795273][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.795306][   T32]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   98.795349][   T32]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   98.795367][   T32]  ? look_up_lock_class+0x74/0x170
[   98.795396][   T32]  ? trace_f2fs_writepages+0x7f/0x200
[   98.795413][   T32]  ? f2fs_write_node_pages+0x478/0x6e0
[   98.795456][   T32]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   98.795474][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.795486][   T32]  do_writepages+0x32e/0x550
[   98.795501][   T32]  ? reacquire_held_locks+0x127/0x1d0
[   98.795510][   T32]  ? writeback_sb_inodes+0x384/0x1010
[   98.795525][   T32]  __writeback_single_inode+0x145/0xff0
[   98.795535][   T32]  ? do_raw_spin_unlock+0x4d/0x240
[   98.795547][   T32]  writeback_sb_inodes+0x6c7/0x1010
[   98.795571][   T32]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   98.795604][   T32]  ? rcu_is_watching+0x15/0xb0
[   98.795618][   T32]  wb_writeback+0x43b/0xaf0
[   98.795633][   T32]  ? queue_io+0x371/0x590
[   98.795644][   T32]  ? __pfx_wb_writeback+0x10/0x10
[   98.795658][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   98.795671][   T32]  wb_workfn+0x409/0xef0
[   98.795687][   T32]  ? __pfx_wb_workfn+0x10/0x10
[   98.795698][   T32]  ? __lock_acquire+0xab9/0xd20
[   98.795715][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   98.795727][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   98.795735][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   98.795742][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   98.795750][   T32]  process_scheduled_works+0xae1/0x17b0
[   98.795773][   T32]  ? __pfx_process_scheduled_works+0x10/0x10
[   98.795796][   T32]  worker_thread+0x8a0/0xda0
[   98.795819][   T32]  kthread+0x711/0x8a0
[   98.795831][   T32]  ? __pfx_worker_thread+0x10/0x10
[   98.795839][   T32]  ? __pfx_kthread+0x10/0x10
[   98.795849][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   98.795858][   T32]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.795866][   T32]  ? __pfx_kthread+0x10/0x10
[   98.795876][   T32]  ret_from_fork+0x3fc/0x770
[   98.795887][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[   98.795899][   T32]  ? __switch_to_asm+0x39/0x70
[   98.795909][   T32]  ? __switch_to_asm+0x33/0x70
[   98.795917][   T32]  ? __pfx_kthread+0x10/0x10
[   98.795927][   T32]  ret_from_fork_asm+0x1a/0x30
[   98.795945][   T32]  </TASK>
[   98.796617][   T32] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   98.945316][ T6859] loop0: detected capacity change from 0 to 32768
[   99.022765][ T6812] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.026311][ T6812] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.039714][ T6812] usb 2-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00
[   99.042656][ T6812] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.062520][ T6812] usb 2-1: config 0 descriptor??
[   99.069300][ T6859] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc
[   99.069316][ T6859]   allowing incompatible features above 0.0: (unknown version)
[   99.069321][ T6859]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   99.084912][ T6859] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   99.087522][ T6859] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   99.091357][ T6859] bcachefs (loop0): Version upgrade required:
[   99.091357][ T6859] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   99.091357][ T6859] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[   99.091357][ T6859]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[   99.118631][ T6859] bcachefs (loop0): dropping and reconstructing all alloc info
[   99.134550][ T6859] bcachefs (loop0): accounting_read... done
[   99.138221][ T6859] bcachefs (loop0): alloc_read... done
[   99.142713][ T6859] bcachefs (loop0): done starting filesystem
[   99.397437][ T5844] bcachefs (loop0): shutting down
[   99.433838][ T5844] bcachefs (loop0): shutdown complete
[   99.477307][ T6866] netlink: 16 bytes leftover after parsing attributes in process `syz.2.366'.
[   99.805749][ T6875] loop2: detected capacity change from 0 to 4096
[   99.821942][ T5912] usb 2-1: USB disconnect, device number 7
[   99.828478][ T6875] ntfs3(loop2): Failed to load $MFT (-22).
[   99.903372][ T6877] loop2: detected capacity change from 0 to 256
[   99.907757][ T6877] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.912459][ T6877] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   99.923557][ T6877] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  100.006186][ T6879] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  100.223490][ T6889] loop2: detected capacity change from 0 to 4096
[  100.232143][ T6889] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  100.248225][ T6889] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  100.255403][ T6889] ntfs3(loop2): ino=19, mi_enum_attr
[  101.027190][ T6909] loop2: detected capacity change from 0 to 1024
[  101.272383][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  101.272393][   T33] audit: type=1326 audit(1755150479.072:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.300537][   T33] audit: type=1326 audit(1755150479.082:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.307343][   T33] audit: type=1326 audit(1755150479.082:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.316245][   T33] audit: type=1326 audit(1755150479.082:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.325958][   T33] audit: type=1326 audit(1755150479.082:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.346145][   T33] audit: type=1326 audit(1755150479.082:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.367933][   T33] audit: type=1326 audit(1755150479.082:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.400261][   T33] audit: type=1326 audit(1755150479.082:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.419410][   T33] audit: type=1326 audit(1755150479.082:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.436594][   T33] audit: type=1326 audit(1755150479.092:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.1.390" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  101.451537][ T6927] loop0: detected capacity change from 0 to 4096
[  101.684859][ T6943] loop1: detected capacity change from 0 to 1024
[  101.686526][ T6945] loop2: detected capacity change from 0 to 16
[  101.704560][ T6945] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  101.735621][ T6943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.833974][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.675953][ T6956] loop0: detected capacity change from 0 to 256
[  102.705706][ T6956] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d)
[  103.060309][ T6984] loop2: detected capacity change from 0 to 128
[  103.069139][   T10] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  103.082033][ T6984] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  103.131533][ T6984] hpfs: hpfs_map_sector(): read error
[  103.299359][ T6991] loop0: detected capacity change from 0 to 2048
[  103.316927][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.320198][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  103.323542][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 8192, setting to 64
[  103.326859][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  103.332430][   T10] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  103.335492][   T10] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  103.337978][   T10] usb 2-1: Manufacturer: syz
[  103.341131][   T10] usb 2-1: config 0 descriptor??
[  103.352630][ T6991]  loop0: p2 < > p3 < p5 > p4
[  103.354597][ T6991] loop0: partition table partially beyond EOD, truncated
[  103.358229][ T6991] loop0: p2 start 4278190080 is beyond EOD, truncated
[  103.363421][ T6991] loop0: p4 size 8192 extends beyond EOD, truncated
[  103.546421][ T6991] loop0: p5 size 8192 extends beyond EOD, truncated
[  103.769618][   T10] rc_core: IR keymap rc-hauppauge not found
[  103.773941][   T10] Registered IR keymap rc-empty
[  103.778882][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.802228][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.831007][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  103.844510][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input9
[  103.856852][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.883996][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.909687][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.929495][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.949516][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.969389][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  103.992822][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  104.010741][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  104.031311][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  104.053102][   T10] mceusb 2-1:0.0: Error: mce write urb status = -71
[  104.072233][   T10] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  104.075786][   T10] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  104.156653][   T24] usb 2-1: USB disconnect, device number 8
[  104.197065][ T7005] loop2: detected capacity change from 0 to 2048
[  104.220518][ T7005] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  105.344573][ T7023] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  105.910641][ T7055] loop1: detected capacity change from 0 to 32768
[  105.925492][ T7055] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.446 (7055)
[  105.959919][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  105.967836][ T7055] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  105.977526][ T7055] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  105.988689][ T7055] BTRFS info (device loop1): using free-space-tree
[  106.043526][ T5899] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.131421][   T24] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  106.134069][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.142024][   T24] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  106.144796][   T24] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  106.147255][   T24] usb 1-1: Manufacturer: syz
[  106.151733][   T24] usb 1-1: config 0 descriptor??
[  106.185206][ T5899] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.209200][   T24] rc_core: IR keymap rc-hauppauge not found
[  106.211082][   T24] Registered IR keymap rc-empty
[  106.213268][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  106.237123][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input10
[  106.240918][ T5851] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  106.307631][ T5899] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.365316][    C1] igorplugusb 1-1:0.0: Error: urb status = -32
[  106.407662][ T7053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.430664][ T7053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.461089][   T24] usb 1-1: USB disconnect, device number 6
[  106.464431][ T5899] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.534496][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  106.538545][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  106.547267][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  106.551438][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  106.554328][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  106.635415][ T5899] bridge_slave_0: left allmulticast mode
[  106.646851][ T5899] bridge_slave_0: left promiscuous mode
[  106.650129][ T5899] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.701173][ T7077] loop1: detected capacity change from 0 to 32768
[  106.710127][ T7077] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.449 (7077)
[  106.759033][ T7077] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  106.763021][ T7077] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  106.766283][ T7077] BTRFS info (device loop1): using free-space-tree
[  106.851071][  T760] BTRFS warning (device loop1): checksum verify failed on logical 5308416 mirror 1 wanted 0xe1d58233 found 0x05b99823 level 0
[  106.860124][ T7077] BTRFS: error (device loop1) in btrfs_fill_super:986: errno=-5 IO failure
[  106.865965][ T7077] BTRFS error (device loop1 state E): commit super ret -30
[  107.185591][ T7101] loop1: detected capacity change from 0 to 65
[  107.199320][ T7101] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  107.202115][ T7101] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
[  107.292450][ T5899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  107.307977][ T5899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  107.309055][   T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  107.316679][ T5899] bond0 (unregistering): Released all slaves
[  107.507206][   T24] usb 1-1: config 0 has no interfaces?
[  107.521221][   T24] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  107.525005][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.528129][   T24] usb 1-1: Product: syz
[  107.530357][   T24] usb 1-1: Manufacturer: syz
[  107.532596][   T24] usb 1-1: SerialNumber: syz
[  107.550143][   T24] usb 1-1: config 0 descriptor??
[  107.797450][   T24] usb 1-1: USB disconnect, device number 7
[  107.922305][ T7078] chnl_net:caif_netlink_parms(): no params data found
[  108.072831][ T5899] hsr_slave_0: left promiscuous mode
[  108.086699][ T5899] hsr_slave_1: left promiscuous mode
[  108.104270][ T5899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.114001][ T5899] batman_adv: batadv0: Removing interface: batadv_slave_0
[  108.132280][ T5899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.136452][ T5899] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.201516][ T5899] veth1_macvtap: left promiscuous mode
[  108.204119][ T5899] veth0_macvtap: left promiscuous mode
[  108.206846][ T5899] veth1_vlan: left promiscuous mode
[  108.209770][ T5899] veth0_vlan: left promiscuous mode
[  108.584772][ T5847] Bluetooth: hci1: command tx timeout
[  108.735959][   T24] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  108.804210][ T7117] netlink: 202368 bytes leftover after parsing attributes in process `syz.1.454'.
[  108.864883][ T5899] team0 (unregistering): Port device team_slave_1 removed
[  108.909034][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  108.912627][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.915787][   T24] usb 1-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  108.919520][ T5899] team0 (unregistering): Port device team_slave_0 removed
[  108.927720][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.930458][   T24] usb 1-1: config 0 descriptor??
[  109.468389][   T24] bigben 0003:146B:0902.0004: unexpected rdesc, please submit for review
[  109.482686][   T24] bigben 0003:146B:0902.0004: hidraw0: USB HID v0.01 Device [HID 146b:0902] on usb-dummy_hcd.0-1/input0
[  109.486556][   T24] bigben 0003:146B:0902.0004: not enough fields in HID_OUTPUT_REPORT 0
[  109.491926][   T24] bigben 0003:146B:0902.0004: no output report found
[  109.534300][ T7078] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.536654][ T7078] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.543711][ T7078] bridge_slave_0: entered allmulticast mode
[  109.547222][ T7078] bridge_slave_0: entered promiscuous mode
[  109.553332][ T7078] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.560387][ T7078] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.571475][ T7078] bridge_slave_1: entered allmulticast mode
[  109.576524][   T10] usb 1-1: USB disconnect, device number 8
[  109.579494][ T7078] bridge_slave_1: entered promiscuous mode
[  109.635421][ T7078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.640627][ T7078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.669544][ T7078] team0: Port device team_slave_0 added
[  109.677515][ T7078] team0: Port device team_slave_1 added
[  109.707107][ T7078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.709525][ T7078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.717618][ T7078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.727180][ T7078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.729908][ T7078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.737699][ T7078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.788543][ T7078] hsr_slave_0: entered promiscuous mode
[  109.791737][ T7078] hsr_slave_1: entered promiscuous mode
[  109.793917][ T7078] debugfs: 'hsr0' already exists in 'hsr'
[  109.795851][ T7078] Cannot create hsr debugfs directory
[  110.068689][ T7078] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  110.075981][ T7078] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  110.081980][ T7078] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  110.086800][ T7078] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  110.127978][ T7078] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.131387][ T7078] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.254139][ T7078] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.294907][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.315797][ T7165] netlink: 60 bytes leftover after parsing attributes in process `syz.0.464'.
[  110.324929][ T7165] netlink: 12 bytes leftover after parsing attributes in process `syz.0.464'.
[  110.328731][ T7165] netlink: 60 bytes leftover after parsing attributes in process `syz.0.464'.
[  110.355501][ T7078] 8021q: adding VLAN 0 to HW filter on device team0
[  110.427633][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.430085][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.441652][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.444054][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.493693][ T7170] loop0: detected capacity change from 0 to 2048
[  110.520601][ T7170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.524514][ T7170] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.539816][ T7170] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.466: bg 0: block 345: padding at end of block bitmap is not set
[  110.546476][ T7170] fs-verity (loop0, inode 13): Error -117 writing Merkle tree block 0
[  110.551905][ T7170] fs-verity (loop0, inode 13): Error -117 building Merkle tree
[  110.584378][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.593626][ T7162] loop1: detected capacity change from 0 to 32768
[  110.648020][ T7162] JBD2: Ignoring recovery information on journal
[  110.660548][ T5847] Bluetooth: hci1: command tx timeout
[  110.701638][ T7162] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  110.786944][ T7078] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.793686][   T33] kauditd_printk_skb: 6 callbacks suppressed
[  110.793699][   T33] audit: type=1800 audit(1755150488.592:41): pid=7162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.463" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  110.854667][ T7078] veth0_vlan: entered promiscuous mode
[  110.863662][ T7078] veth1_vlan: entered promiscuous mode
[  110.884015][ T7078] veth0_macvtap: entered promiscuous mode
[  110.892620][ T7078] veth1_macvtap: entered promiscuous mode
[  110.906180][ T7078] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.924326][ T7078] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.953996][ T5899] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.957423][ T5899] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.974563][ T5899] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.993651][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.106804][ T1181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.114177][ T1181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.155899][ T1181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.160915][ T1181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.273753][ T5851] ocfs2: Unmounting device (7,1) on (node local)
[  111.822213][   T10] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  111.890702][ T7242] netlink: 'syz.0.482': attribute type 1 has an invalid length.
[  111.953591][   T33] audit: type=1326 audit(1755150489.742:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7245 comm="syz.0.483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  111.963462][   T33] audit: type=1326 audit(1755150489.752:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7245 comm="syz.0.483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  111.983150][   T10] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[  111.986380][   T10] usb 2-1: config 0 has no interface number 0
[  111.988819][   T10] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  111.992238][   T33] audit: type=1326 audit(1755150489.772:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7245 comm="syz.0.483" exe="/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  112.002752][   T33] audit: type=1326 audit(1755150489.772:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7245 comm="syz.0.483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  112.007053][   T10] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  112.017402][   T33] audit: type=1326 audit(1755150489.772:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7245 comm="syz.0.483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  112.028779][   T10] usb 2-1: config 0 interface 255 has no altsetting 0
[  112.045675][   T10] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  112.066635][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.082894][   T10] usb 2-1: config 0 descriptor??
[  112.092176][   T10] ums-realtek 2-1:0.255: USB Mass Storage device detected
[  112.155172][ T7258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.486'.
[  112.158094][ T7258] netlink: 8 bytes leftover after parsing attributes in process `syz.3.486'.
[  112.347686][   T24] usb 2-1: USB disconnect, device number 9
[  112.452125][ T7270] kAFS: Can only specify source 'none' with -o dyn
[  112.458563][ T7270] fuse: Unknown parameter 'V~Hȗ'
[  112.729126][ T5847] Bluetooth: hci1: command tx timeout
[  113.411038][ T7292] loop0: detected capacity change from 0 to 32768
[  113.416383][ T7292] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section journal: journal bucket at sector 0
[  113.416383][ T7292] journal (size 2912):
[  113.416383][ T7292] Buckets:  0 10 21474902017 8 21474967553 0 21474836481 0 21491613697 0 21508390913 0 21525168129 0 25769803778 2816 65795 25769803778 0 65794 25769803778 16 65796 34359738401 0 0 0 83 0 0 25 6152 248 8 2048 0 11 2816 0 1 16 240 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 30064771074 0 0 30064771074 1 1280 4294967307 1179915 0 18446744069414584320 18446744073709551615 18446744073709551615 0 14322110933576210885 16 0 0 110593 4295032843 1179915 0 18446744069414584320 18446744073709551615 18446744073709551615 0 8469488994664696954 24 0 0 155649 4295098379 1179915 0 18446744069414584320 18446744073709551615 18446744073709551615 0 11142619451731364831 24 0 0 167937 4295163915 1179915 0 18446744069414584320 18446744073709551615 18446744073709551615 0 2487609100058934834 16 0 0 126977 4295229451 1179915 0 18446744069414584320 18446744073709551615 18446744073709551615 0 12421512847996478049 24 
[  113.416573][ T7292] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  113.929397][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  114.149443][   T24] usb 1-1: Using ep0 maxpacket: 32
[  114.159782][   T24] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  114.163131][   T24] usb 1-1: config 0 has no interface number 0
[  114.184290][   T24] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  114.188016][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.196709][   T24] usb 1-1: Product: syz
[  114.199168][   T24] usb 1-1: Manufacturer: syz
[  114.201131][   T24] usb 1-1: SerialNumber: syz
[  114.210991][   T24] usb 1-1: config 0 descriptor??
[  114.216048][   T24] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  114.381924][ T7318] Zero length message leads to an empty skb
[  114.424512][ T7318] loop3: detected capacity change from 0 to 4096
[  114.588824][ T7327] loop3: detected capacity change from 0 to 128
[  114.632824][   T10] Process accounting resumed
[  114.635435][   T10] FAT-fs (loop3): error, corrupted file size (i_pos 548, 512)
[  114.638342][   T10] FAT-fs (loop3): Filesystem has been set read-only
[  114.786558][   T24] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  114.800553][   T24] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  114.810010][ T5847] Bluetooth: hci1: command tx timeout
[  114.984699][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  114.997831][   T24] usb 1-1: USB disconnect, device number 9
[  115.021951][   T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  115.050158][   T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  115.069630][   T24] quatech2 1-1:0.51: device disconnected
[  115.089198][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  115.643510][    T9] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  115.655792][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.660554][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.664465][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  115.669813][    T9] usb 2-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  115.673442][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.687720][    T9] usb 2-1: config 0 descriptor??
[  117.002210][    T9] kye 0003:0458:0153.0005: hidraw0: USB HID v0.00 Device [HID 0458:0153] on usb-dummy_hcd.1-1/input0
[  117.112736][ T7362] fuse: Bad value for 'fd'
[  117.162580][    T9] usb 2-1: USB disconnect, device number 10
[  117.326266][ T7364] loop0: detected capacity change from 0 to 32768
[  117.336701][ T7374] bridge: RTM_NEWNEIGH with invalid ether address
[  117.360637][ T7364] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  117.384660][ T7364] XFS (loop0): Ending clean mount
[  117.443993][ T5844] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  117.913708][ T7421] binder: 7420:7421 ioctl c018620c 200000000380 returned -22
[  118.117711][ T7441] netlink: 8 bytes leftover after parsing attributes in process `syz.3.557'.
[  118.399041][ T6812] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  118.551729][ T6812] usb 2-1: Using ep0 maxpacket: 8
[  118.556389][ T6812] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  118.561228][ T6812] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  118.565220][ T6812] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  118.571248][ T6812] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  118.575647][ T6812] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  118.581467][ T6812] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  118.585646][ T6812] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.801749][ T6812] usb 2-1: GET_CAPABILITIES returned 0
[  118.804098][ T6812] usbtmc 2-1:16.0: can't read capabilities
[  119.013947][    T9] usb 2-1: USB disconnect, device number 11
[  119.061064][ T6812] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  119.231254][ T6812] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  119.236703][ T6812] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  119.241548][ T6812] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  119.245227][ T6812] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.251568][ T6812] usb 1-1: config 0 descriptor??
[  119.257059][ T7469] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  119.472824][ T6812] usb 1-1: USB disconnect, device number 10
[  119.768741][ T7482] .: renamed from bond0 (while UP)
[  119.897558][ T7491] netlink: 766 bytes leftover after parsing attributes in process `syz.1.578'.
[  119.945231][ T7494] loop1: detected capacity change from 0 to 128
[  119.951452][ T7494] zonefs (loop1) ERROR: Not a zoned block device
[  120.051036][ T7503] netlink: 'syz.0.584': attribute type 3 has an invalid length.
[  120.053525][ T7503] netlink: 188 bytes leftover after parsing attributes in process `syz.0.584'.
[  120.074602][ T7505] loop1: detected capacity change from 0 to 512
[  120.101296][ T7505] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.585: corrupted in-inode xattr: invalid ea_ino
[  120.118216][ T7505] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.585: couldn't read orphan inode 15 (err -117)
[  120.131111][ T7505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.180041][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.352966][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.595'.
[  121.409184][ T5312] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  121.492562][ T7590] netlink: 'syz.3.620': attribute type 5 has an invalid length.
[  121.572865][ T5312] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.576975][ T5312] usb 2-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53
[  121.588446][ T5312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.603534][ T5312] usb 2-1: config 0 descriptor??
[  121.613170][ T5312] option 2-1:0.0: GSM modem (1-port) converter detected
[  121.811355][ T5312] usb 2-1: USB disconnect, device number 12
[  121.814252][ T5312] option 2-1:0.0: device disconnected
[  122.059573][ T7633] netlink: 20 bytes leftover after parsing attributes in process `syz.0.641'.
[  122.096677][ T7635] overlayfs: failed to clone upperpath
[  122.722307][ T7651] loop1: detected capacity change from 0 to 4096
[  122.736148][ T7651] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  122.776899][ T7651] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  123.565022][ T7682] netlink: 71 bytes leftover after parsing attributes in process `syz.3.658'.
[  124.019307][ T5312] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  124.173215][ T5312] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  124.176804][ T5312] usb 2-1: config 0 has no interface number 0
[  124.187049][ T5312] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  124.191579][ T5312] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  124.198013][ T5312] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  124.205194][ T5312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.207831][ T5312] usb 2-1: Product: syz
[  124.209603][ T5312] usb 2-1: Manufacturer: syz
[  124.211353][ T5312] usb 2-1: SerialNumber: syz
[  124.218361][ T5312] usb 2-1: config 0 descriptor??
[  124.224308][ T5312] yurex 2-1:0.50: Could not submitting URB
[  124.226789][ T5312] yurex 2-1:0.50: probe with driver yurex failed with error -5
[  124.425556][    T9] usb 2-1: USB disconnect, device number 13
[  125.649228][   T95] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  125.829528][   T95] usb 2-1: Using ep0 maxpacket: 8
[  125.973929][   T95] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  125.997711][   T95] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.018104][   T95] usb 2-1: Product: syz
[  126.021975][   T95] usb 2-1: Manufacturer: syz
[  126.026375][   T95] usb 2-1: SerialNumber: syz
[  126.035104][   T95] usb 2-1: config 0 descriptor??
[  126.053265][   T95] gspca_main: se401-2.14.0 probing 047d:5003
[  126.427065][ T7795] hugetlbfs: syz.0.694 (7795): Using mlock ulimits for SHM_HUGETLB is obsolete
[  126.489921][   T95] gspca_se401: Too many frame sizes
[  126.790789][ T5898] usb 2-1: USB disconnect, device number 14
[  127.049316][ T5312] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  127.199435][ T5312] usb 1-1: Using ep0 maxpacket: 32
[  127.214825][ T5312] usb 1-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice= 0.02
[  127.219389][ T5312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.222737][ T5312] usb 1-1: Product: syz
[  127.224545][ T5312] usb 1-1: Manufacturer: syz
[  127.226540][ T5312] usb 1-1: SerialNumber: syz
[  127.240954][ T5312] usb 1-1: config 0 descriptor??
[  127.254110][ T5312] ftdi_sio 1-1:0.0: Ignoring interface reserved for JTAG
[  127.363908][ T7807] loop1: detected capacity change from 0 to 764
[  127.458773][   T24] usb 1-1: USB disconnect, device number 11
[  127.752920][ T7813] loop1: detected capacity change from 0 to 32768
[  127.776452][ T7813] JBD2: Unrecognised features on journal
[  127.779116][ T7813] (syz.1.702,7813,1):ocfs2_journal_init:973 ERROR: Linux journal layer error
[  127.783875][ T7813] (syz.1.702,7813,1):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[  127.787851][ T7813] (syz.1.702,7813,1):ocfs2_check_volume:2432 ERROR: status = -22
[  127.793033][ T7813] (syz.1.702,7813,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  127.815833][ T7813] (syz.1.702,7813,1):ocfs2_fill_super:1177 ERROR: status = -22
[  128.267539][ T7824] loop1: detected capacity change from 0 to 40427
[  128.272702][ T7824] F2FS-fs (loop1): Image doesn't support compression
[  128.281420][ T7824] F2FS-fs (loop1): invalid crc value
[  128.683353][ T7824] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  128.712456][ T7824] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  129.943441][ T7858] loop1: detected capacity change from 0 to 512
[  129.951240][ T7858] EXT4-fs: old and new quota format mixing
[  130.084063][ T7862] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  130.094017][ T7862] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  130.189349][ T7864] loop1: detected capacity change from 0 to 2048
[  130.225864][ T7864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.244152][   T33] audit: type=1800 audit(1755150726.039:47): pid=7864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.719" name="bus" dev="loop1" ino=18 res=0 errno=0
[  130.291462][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.954863][ T7876] [U] 
[  132.078773][ T7896] netlink: 32 bytes leftover after parsing attributes in process `syz.0.731'.
[  133.649503][ T7980] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  133.653887][ T7980] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  134.543816][ T8043] capability: warning: `syz.3.760' uses deprecated v2 capabilities in a way that may be insecure
[  134.664741][ T8060] 9pnet_fd: Insufficient options for proto=fd
[  134.731655][   T95] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  134.894184][   T95] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.897561][   T95] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.901196][   T95] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.906266][   T95] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.909823][   T95] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.917393][   T95] usb 2-1: config 0 descriptor??
[  135.336379][   T95] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  135.594303][   T24] usb 2-1: USB disconnect, device number 15
[  136.486431][ T8113] loop1: detected capacity change from 0 to 32768
[  136.509842][ T8113] JBD2: Ignoring recovery information on journal
[  136.521961][ T8113] JBD2: Journal too short (blocks 2-2).
[  136.523898][ T8113] JBD2: journal reset failed
[  136.525448][ T8113] (syz.1.784,8113,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[  136.540463][ T8113] (syz.1.784,8113,1):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -22
[  136.543471][ T8113] (syz.1.784,8113,1):ocfs2_check_volume:2432 ERROR: status = -22
[  136.545888][ T8113] (syz.1.784,8113,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  136.561129][ T8113] (syz.1.784,8113,1):ocfs2_fill_super:1177 ERROR: status = -22
[  137.108010][ T8139] netlink: 'syz.1.794': attribute type 10 has an invalid length.
[  137.122238][ T8139] .: (slave wlan1): Enslaving as an active interface with an up link
[  137.626274][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  137.628855][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  137.737506][ T8182] loop1: detected capacity change from 0 to 2048
[  138.326062][ T5312] IPVS: starting estimator thread 0...
[  138.386882][ T8187] loop1: detected capacity change from 0 to 40427
[  138.410849][ T8194] IPVS: using max 63 ests per chain, 151200 per kthread
[  138.422259][ T8187] F2FS-fs (loop1): invalid crc value
[  138.575289][ T8187] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  138.580788][ T8187] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  138.625079][ T5851] syz-executor: attempt to access beyond end of device
[  138.625079][ T5851] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.634163][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  138.634180][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  138.634186][ T5851] Call Trace:
[  138.634190][ T5851]  <TASK>
[  138.634194][ T5851]  dump_stack_lvl+0x189/0x250
[  138.634212][ T5851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.634222][ T5851]  ? __pfx_queue_work_on+0x10/0x10
[  138.634232][ T5851]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  138.634244][ T5851]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  138.634258][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  138.634274][ T5851]  f2fs_write_end_io+0x886/0xb60
[  138.634291][ T5851]  __submit_merged_bio+0x27a/0x6a0
[  138.634304][ T5851]  __submit_merged_write_cond+0x255/0x530
[  138.634318][ T5851]  f2fs_write_data_pages+0x261d/0x3000
[  138.634344][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.634380][ T5851]  ? folios_put_refs+0x559/0x640
[  138.634418][ T5851]  ? __pfx_folios_put_refs+0x10/0x10
[  138.634426][ T5851]  ? rcu_is_watching+0x15/0xb0
[  138.634440][ T5851]  ? __lock_acquire+0xab9/0xd20
[  138.634458][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.634470][ T5851]  do_writepages+0x32e/0x550
[  138.634486][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  138.634499][ T5851]  filemap_fdatawrite+0x199/0x240
[  138.634509][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  138.634540][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  138.634556][ T5851]  f2fs_sync_dirty_inodes+0x31f/0x830
[  138.634571][ T5851]  f2fs_write_checkpoint+0x95a/0x1df0
[  138.634589][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  138.634618][ T5851]  ? kill_f2fs_super+0x298/0x6c0
[  138.634629][ T5851]  kill_f2fs_super+0x2c3/0x6c0
[  138.634639][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  138.634646][ T5851]  ? radix_tree_delete_item+0x2b6/0x400
[  138.634659][ T5851]  ? shrinker_free+0x2ce/0x3e0
[  138.634670][ T5851]  deactivate_locked_super+0xbc/0x130
[  138.634681][ T5851]  cleanup_mnt+0x425/0x4c0
[  138.634690][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.634703][ T5851]  task_work_run+0x1d4/0x260
[  138.634716][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  138.634725][ T5851]  ? __x64_sys_umount+0x122/0x160
[  138.634737][ T5851]  ? exit_to_user_mode_loop+0x40/0x110
[  138.634749][ T5851]  exit_to_user_mode_loop+0xec/0x110
[  138.634760][ T5851]  do_syscall_64+0x2bd/0x3b0
[  138.634770][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.634779][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.634787][ T5851]  ? exc_page_fault+0x9f/0xf0
[  138.634797][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.634804][ T5851] RIP: 0033:0x7f576158ff17
[  138.634813][ T5851] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  138.634821][ T5851] RSP: 002b:00007ffd661b6b68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  138.634830][ T5851] RAX: 0000000000000000 RBX: 00007f5761611c05 RCX: 00007f576158ff17
[  138.634836][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd661b6c20
[  138.634840][ T5851] RBP: 00007ffd661b6c20 R08: 0000000000000000 R09: 0000000000000000
[  138.634846][ T5851] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd661b7cb0
[  138.634851][ T5851] R13: 00007f5761611c05 R14: 0000000000021cf2 R15: 00007ffd661b7cf0
[  138.634864][ T5851]  </TASK>
[  138.634868][ T5851] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  138.892537][ T5312] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  138.917337][ T8210] loop1: detected capacity change from 0 to 2048
[  138.929978][ T8211] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  138.943224][ T8210] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  138.950087][ T8210] Remounting filesystem read-only
[  138.954091][ T8210] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  138.958612][ T8210] NILFS error (device loop1): nilfs_readdir: bad page in #12
[  138.962763][ T8210] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  139.042869][ T5312] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  139.046546][ T5312] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  139.049758][ T5312] usb 1-1: config 1 has no interface number 0
[  139.054302][ T5312] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  139.060525][ T5312] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  139.063635][ T5312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.066253][ T5312] usb 1-1: Product: syz
[  139.067691][ T5312] usb 1-1: Manufacturer: syz
[  139.069245][ T5312] usb 1-1: SerialNumber: syz
[  139.077847][ T5312] usb 1-1: selecting invalid altsetting 1
[  139.230797][   T24] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  139.485314][ T5312] cdc_ncm 1-1:1.1: failed GET_NTB_PARAMETERS
[  139.488811][ T5312] cdc_ncm 1-1:1.1: bind() failure
[  139.687160][ T5312] usb 1-1: USB disconnect, device number 12
[  139.702810][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  139.706028][   T24] usb 2-1: not running at top speed; connect to a high speed hub
[  139.709391][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  139.712672][   T24] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  139.716329][   T24] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  139.723326][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  139.726129][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.728592][   T24] usb 2-1: Product: syz
[  139.729894][   T24] usb 2-1: Manufacturer: syz
[  139.731607][   T24] usb 2-1: SerialNumber: syz
[  139.947135][   T24] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  139.950236][   T24] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  139.954074][   T24] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  139.965443][   T24] usb 2-1: USB disconnect, device number 16
[  139.984630][ T6189] udevd[6189]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  140.692363][ T8260] can0: slcan on ptm0.
[  140.782381][ T8259] can0 (unregistered): slcan off ptm0.
[  140.857566][ T8270] loop1: detected capacity change from 0 to 128
[  140.881592][ T8270] vfat: Bad value for 'codepage'
[  140.910495][ T8270] loop1: detected capacity change from 0 to 128
[  141.142643][ T8287] syz.3.859 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  141.540320][   T33] audit: type=1326 audit(1755150737.328:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.871" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  141.557494][   T33] audit: type=1326 audit(1755150737.338:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.871" exe="/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  141.583326][   T33] audit: type=1326 audit(1755150737.338:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.871" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  141.589829][   T33] audit: type=1326 audit(1755150737.338:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.871" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  141.598115][   T33] audit: type=1326 audit(1755150737.338:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8311 comm="syz.0.871" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4999f8ebe9 code=0x7ffc0000
[  144.297150][ T8370] warning: `syz.0.895' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  145.669387][ T8402] afs: Unknown parameter 'A~|vN'
[  147.226460][ T8423] loop1: detected capacity change from 0 to 32768
[  147.254294][ T8358]  loop1: p1 p3 < p5 p6 >
[  147.271567][ T8423]  loop1: p1 p3 < p5 p6 >
[  147.469466][ T8358] udevd[8358]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  147.520271][ T8437] udevd[8437]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  147.530075][ T8438] udevd[8438]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  147.551198][ T8441] udevd[8441]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  147.625689][ T8358] udevd[8358]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  147.637103][ T8441] udevd[8441]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  147.657985][ T8437] udevd[8437]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  147.665732][ T8438] udevd[8438]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  148.320839][ T8464] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  148.329643][ T8464] netlink: 'syz.0.930': attribute type 4 has an invalid length.
[  148.535972][ T8476] netlink: 96 bytes leftover after parsing attributes in process `syz.0.936'.
[  148.824049][   T26] Bluetooth: hci3: Frame reassembly failed (-84)
[  148.827815][   T26] Bluetooth: hci3: Frame reassembly failed (-84)
[  148.830790][   T26] Bluetooth: hci3: Frame reassembly failed (-84)
[  149.804866][   T33] audit: type=1326 audit(1755150745.597:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.822041][   T33] audit: type=1326 audit(1755150745.597:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.828995][   T33] audit: type=1326 audit(1755150745.617:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.839313][   T33] audit: type=1326 audit(1755150745.617:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.849712][   T33] audit: type=1326 audit(1755150745.617:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.868137][   T33] audit: type=1326 audit(1755150745.617:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.886860][   T33] audit: type=1326 audit(1755150745.617:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  149.894783][   T33] audit: type=1326 audit(1755150745.617:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz.3.955" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7678ebe9 code=0x7ffc0000
[  150.313416][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.658777][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.806274][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.871746][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.892412][ T5855] Bluetooth: hci3: command 0xfc11 tx timeout
[  150.892836][ T5847] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  151.045998][   T13] bridge_slave_1: left allmulticast mode
[  151.048350][   T13] bridge_slave_1: left promiscuous mode
[  151.050777][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.087349][   T13] bridge_slave_0: left allmulticast mode
[  151.089866][   T13] bridge_slave_0: left promiscuous mode
[  151.095507][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.096760][ T5855] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  151.105089][ T5855] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  151.113763][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  151.123627][ T5855] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  151.128472][ T5855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  151.528794][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.535338][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.539767][   T13] bond0 (unregistering): Released all slaves
[  151.635764][   T13] tipc: Left network mode
[  151.916055][   T13] hsr_slave_0: left promiscuous mode
[  151.918985][   T13] hsr_slave_1: left promiscuous mode
[  151.921852][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.929481][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.933772][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.937734][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.955493][   T13] veth1_macvtap: left promiscuous mode
[  151.957824][   T13] veth0_macvtap: left promiscuous mode
[  151.960145][   T13] veth1_vlan: left promiscuous mode
[  151.962741][   T13] veth0_vlan: left promiscuous mode
[  152.002301][   T95] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  152.163186][   T95] usb 2-1: Using ep0 maxpacket: 32
[  152.170330][   T95] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  152.174701][   T95] usb 2-1: config 0 has no interface number 0
[  152.177149][   T95] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.184545][   T95] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.193627][   T95] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  152.196449][   T95] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.207828][   T95] usb 2-1: config 0 descriptor??
[  152.485240][   T13] team0 (unregistering): Port device team_slave_1 removed
[  152.536355][   T13] team0 (unregistering): Port device team_slave_0 removed
[  152.638530][   T95] ft260 0003:0403:6030.0007: item fetching failed at offset 0/2
[  152.646622][   T95] ft260 0003:0403:6030.0007: failed to parse HID
[  152.649152][   T95] ft260 0003:0403:6030.0007: probe with driver ft260 failed with error -22
[  152.830531][ T5912] usb 2-1: USB disconnect, device number 17
[  153.078959][ T8545] chnl_net:caif_netlink_parms(): no params data found
[  153.222540][ T5855] Bluetooth: hci0: command tx timeout
[  153.329482][ T8545] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.341140][ T8545] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.344520][ T8545] bridge_slave_0: entered allmulticast mode
[  153.349141][ T8545] bridge_slave_0: entered promiscuous mode
[  153.378777][ T8545] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.398542][ T8545] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.401075][ T8545] bridge_slave_1: entered allmulticast mode
[  153.405751][ T8545] bridge_slave_1: entered promiscuous mode
[  153.437184][ T8545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.444781][ T8545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.487179][ T8545] team0: Port device team_slave_0 added
[  153.491987][ T8545] team0: Port device team_slave_1 added
[  153.516735][ T8545] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.519555][ T8545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.551081][ T8545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.556861][ T8545] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.559197][ T8545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.567650][ T8545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.611153][ T8545] hsr_slave_0: entered promiscuous mode
[  153.616122][ T8545] hsr_slave_1: entered promiscuous mode
[  153.618871][ T8545] debugfs: 'hsr0' already exists in 'hsr'
[  153.620929][ T8545] Cannot create hsr debugfs directory
[  153.749620][ T8633] atomic_op ffff888123b32998 conn xmit_atomic 0000000000000000
[  153.786999][ T8545] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  153.802146][ T8545] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  153.809726][ T8545] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  153.825715][ T8545] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  153.871428][ T8545] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.873781][ T8545] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.876199][ T8545] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.878742][ T8545] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.956101][ T8545] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.965874][ T1181] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.968856][ T1181] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.980801][ T8545] 8021q: adding VLAN 0 to HW filter on device team0
[  153.999980][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.002249][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.010882][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.013257][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.148521][ T8545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.463610][ T8545] veth0_vlan: entered promiscuous mode
[  154.468631][ T8545] veth1_vlan: entered promiscuous mode
[  154.494316][ T8545] veth0_macvtap: entered promiscuous mode
[  154.506456][ T8545] veth1_macvtap: entered promiscuous mode
[  154.526330][ T8545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.536823][ T8545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.596495][ T5899] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.639069][ T5899] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.647085][ T5899] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.676025][ T5899] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.752203][ T8677] loop1: detected capacity change from 0 to 256
[  155.029271][ T8677] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  155.105474][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.108017][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.131002][  T760] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.134784][  T760] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.292713][ T5855] Bluetooth: hci0: command tx timeout
[  155.562707][   T95] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  155.724171][   T95] usb 2-1: Using ep0 maxpacket: 8
[  155.729047][   T95] usb 2-1: config 0 has an invalid interface number: 148 but max is 0
[  155.731769][   T95] usb 2-1: config 0 has no interface number 0
[  155.747376][   T95] usb 2-1: New USB device found, idVendor=0d46, idProduct=2012, bcdDevice=4d.36
[  155.750351][   T95] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.753197][   T95] usb 2-1: Product: syz
[  155.754518][   T95] usb 2-1: Manufacturer: syz
[  155.755938][   T95] usb 2-1: SerialNumber: syz
[  155.758988][   T95] usb 2-1: config 0 descriptor??
[  155.766914][   T95] kobil_sct 2-1:0.148: KOBIL USB smart card terminal converter detected
[  155.779289][   T95] usb 2-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  155.976283][ T5912] usb 2-1: USB disconnect, device number 18
[  155.980532][ T5912] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  155.985044][ T5912] kobil_sct 2-1:0.148: device disconnected
[  156.795246][   T33] audit: type=1800 audit(1755150752.596:61): pid=8758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1026" name="nullb0" dev="tmpfs" ino=423 res=0 errno=0
[  156.932744][ T8749] loop1: detected capacity change from 0 to 32768
[  156.944885][ T8749] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section journal_v2: journal buckets entry with bad nr: 21474967553+0
[  156.944885][ T8749] journal_v2 (size 2912):
[  156.944885][ T8749] Buckets:  0-10 21474902017-21474902025 21474967553-21474967553 21474836481-21474836481 21491613697-21491613697 21508390913-21508390913 21525168129-21525168129 25769803778-25769806594 65795-25769869573 0-65794 25769803778-25769803794 65796-34359804197 0-0 0-83 0-0 25-6177 248-256 2048-2048 11-2827 0-1 16-256 0-0 0-0 0-0 0-0 0-0 0-0 0-0 0-30064771074 0-0 30064771074-30064771075 1280-4294968587 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 14322110933576210885-14322110933576210901 0-0 110593-4295143436 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 8469488994664696954-8469488994664696978 0-0 155649-4295254028 393483-459019 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 11142619451731364831-11142619451731364
[  156.945130][ T8749] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  157.242484][ T8780] loop1: detected capacity change from 0 to 256
[  157.375723][ T5855] Bluetooth: hci0: command tx timeout
[  157.612296][ T8800] loop4: detected capacity change from 0 to 32768
[  157.635056][ T8800] JBD2: Ignoring recovery information on journal
[  157.660159][ T8800] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  157.711117][ T8545] ocfs2: Unmounting device (7,4) on (node local)
[  157.914066][ T8813] loop4: detected capacity change from 0 to 4096
[  157.918274][ T8813] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  157.945882][ T8813] ntfs3(loop4): ino=19, mi_enum_attr
[  158.042549][ T8819] loop4: detected capacity change from 0 to 16
[  158.157541][ T8826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1057'.
[  158.162551][ T8826] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  159.044515][ T8855] loop4: detected capacity change from 0 to 4096
[  159.049565][ T8855] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  159.230760][ T8863] loop1: detected capacity change from 0 to 128
[  159.453412][ T5855] Bluetooth: hci0: command tx timeout
[  159.663227][    T9] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  159.823223][    T9] usb 2-1: Using ep0 maxpacket: 16
[  159.827489][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.831694][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.835589][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  159.839111][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.844983][    T9] usb 2-1: config 0 descriptor??
[  160.265087][    T9] appleir 0003:05AC:8241.0008: unknown main item tag 0x0
[  160.267561][    T9] appleir 0003:05AC:8241.0008: unknown main item tag 0x0
[  160.269867][    T9] appleir 0003:05AC:8241.0008: unknown main item tag 0x0
[  160.272136][    T9] appleir 0003:05AC:8241.0008: unknown main item tag 0x0
[  160.276327][    T9] appleir 0003:05AC:8241.0008: unknown main item tag 0x0
[  160.287025][    T9] appleir 0003:05AC:8241.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  160.417163][ T8896] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1088'.
[  160.532293][   T24] usb 2-1: USB disconnect, device number 19
[  160.541677][ T8906] netlink: 33 bytes leftover after parsing attributes in process `syz.3.1091'.
[  161.279139][ T8928] loop1: detected capacity change from 0 to 256
[  161.305190][ T8928] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  161.782105][ T8949] netlink: 'syz.4.1109': attribute type 10 has an invalid length.
[  161.813966][ T8949] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.818421][ T8949] team0: Port device bond0 added
[  161.848746][ T8952] overlayfs: failed to clone upperpath
[  161.877359][ T8953] loop1: detected capacity change from 0 to 2048
[  161.909173][ T8953] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  161.928782][ T8953] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  161.941730][ T8959] loop4: detected capacity change from 0 to 1024
[  162.019922][ T8965] loop1: detected capacity change from 0 to 512
[  162.045377][ T8965] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  162.055320][ T8965] System zones: 1-12
[  162.059259][ T8965] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1117: Directory hole found for htree index block 0
[  162.094435][ T8965] EXT4-fs (loop1): Remounting filesystem read-only
[  162.100076][ T8965] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117
[  162.108930][ T8965] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  162.117697][ T8965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.143083][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.256720][ T8985] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1121'.
[  162.462336][ T8993] CIFS: iocharset name too long
[  163.084837][ T9004] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1133'.
[  163.454886][ T9011] loop4: detected capacity change from 0 to 4096
[  163.473872][ T9011] ntfs3(loop4): ino=1a, mi_enum_attr
[  163.475600][ T9011] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  163.501424][ T9013] loop1: detected capacity change from 0 to 4096
[  163.603629][   T33] audit: type=1800 audit(1755150759.395:62): pid=9013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1136" name="file1" dev="loop1" ino=30 res=0 errno=0
[  163.704446][ T9020] fuse: Unknown parameter 'grou00000000000000000000'
[  163.909071][ T9031] loop4: detected capacity change from 0 to 256
[  164.245889][ T9051] comedi comedi4: bad chanlist[0]=0x032c0000 chan=0 range length=2
[  164.420031][ T9063] loop1: detected capacity change from 0 to 512
[  164.442179][ T9063] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  164.447515][ T9063] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1160: bad orphan inode 15
[  164.450965][ T9063] ext4_test_bit(bit=14, block=4) = 1
[  164.452735][ T9063] is_bad_inode(inode)=0
[  164.454594][ T9063] NEXT_ORPHAN(inode)=0
[  164.455988][ T9063] max_ino=32
[  164.457188][ T9063] i_nlink=1
[  164.459104][ T9063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.480331][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.969867][ T9091] loop1: detected capacity change from 0 to 1024
[  165.029553][ T9094] loop1: detected capacity change from 0 to 256
[  165.352823][ T9102] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1175'.
[  165.488533][ T9105] loop1: detected capacity change from 0 to 256
[  165.689656][ T9109] loop1: detected capacity change from 0 to 1024
[  165.941676][   T26] hfsplus: b-tree write err: -5, ino 4
[  166.167521][ T9115] loop1: detected capacity change from 0 to 2048
[  166.231450][ T9115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.261697][ T9115] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  166.382218][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.454337][ T9127] loop1: detected capacity change from 0 to 8
[  166.472823][ T9127] overlay: filesystem on ./bus is read-only
[  166.789511][ T9153] loop4: detected capacity change from 0 to 512
[  166.800539][ T9153] EXT4-fs: Ignoring removed orlov option
[  166.811382][ T9153] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  166.825705][ T9153] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  166.836573][ T9153] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1190: corrupted in-inode xattr: e_value size too large
[  166.842576][ T9153] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1190: couldn't read orphan inode 15 (err -117)
[  166.856899][ T9153] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.861160][ T9159] loop1: detected capacity change from 0 to 16
[  166.872036][ T9159] erofs (device loop1): mounted with root inode @ nid 36.
[  166.929095][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.229260][ T9180] loop1: detected capacity change from 0 to 1024
[  167.286731][ T9180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.311736][ T9180] ext4 filesystem being mounted at /299/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.347805][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.379182][ T9188] sctp: [Deprecated]: syz.3.1200 (pid 9188) Use of int in max_burst socket option deprecated.
[  167.379182][ T9188] Use struct sctp_assoc_value instead
[  167.566802][ T9196] loop1: detected capacity change from 0 to 2048
[  167.576780][ T9196] udf: Unknown parameter 'iocharse'
[  167.660424][ T9175] loop4: detected capacity change from 0 to 32768
[  167.691869][ T9175] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1197 (9175)
[  167.874296][ T9175] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.884540][ T9175] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  168.038700][ T9175] BTRFS info (device loop4): rebuilding free space tree
[  168.127901][ T9175] BTRFS info (device loop4): disabling free space tree
[  168.130375][ T9175] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  168.144490][ T9175] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  168.268492][ T9232] vxlan0: entered promiscuous mode
[  168.274877][ T9232] vxlan0: entered allmulticast mode
[  168.277519][ T5877] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  168.292729][ T5877] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  168.305893][ T5877] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  168.319637][ T5877] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  168.426783][ T9234] loop1: detected capacity change from 0 to 164
[  168.453545][ T8545] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  168.980929][ T9247] loop4: detected capacity change from 0 to 32768
[  169.010692][ T9247] JBD2: Ignoring recovery information on journal
[  169.014357][ T5912] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  169.049994][ T9247] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  169.113263][ T8545] ocfs2: Unmounting device (7,4) on (node local)
[  169.166229][ T5912] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.169413][ T5912] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.187025][ T5912] usb 2-1: too many endpoints for config 1 interface 1 altsetting 145: 217, using maximum allowed: 30
[  169.193547][ T5912] usb 2-1: config 1 interface 1 altsetting 145 has 0 endpoint descriptors, different from the interface descriptor's value: 217
[  169.201347][ T5912] usb 2-1: config 1 interface 1 has no altsetting 0
[  169.209435][ T5912] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.212953][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.225095][ T5912] usb 2-1: Product: syz
[  169.226410][ T5912] usb 2-1: Manufacturer: syz
[  169.227837][ T5912] usb 2-1: SerialNumber: syz
[  169.235470][ T5912] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -22
[  169.308737][ T9276] loop4: detected capacity change from 0 to 8
[  169.330938][ T9276] SQUASHFS error: zlib decompression failed, data probably corrupt
[  169.336474][ T9276] SQUASHFS error: Failed to read block 0x9b: -5
[  169.338979][ T9276] SQUASHFS error: Unable to read metadata cache entry [99]
[  169.341624][ T9276] SQUASHFS error: Unable to read inode 0x127
[  169.447851][ T9280] loop4: detected capacity change from 0 to 512
[  169.456812][ T9280] EXT4-fs (loop4): orphan cleanup on readonly fs
[  169.462526][ T9280] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  169.475166][ T9280] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  169.489109][ T5912] usb 2-1: USB disconnect, device number 20
[  169.503446][ T9280] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.1226: attempt to clear invalid blocks 2 len 1
[  169.513695][ T9280] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1226: invalid indirect mapped block 1819239214 (level 0)
[  169.519210][ T9280] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1226: invalid indirect mapped block 1819239214 (level 1)
[  169.545114][ T9280] EXT4-fs (loop4): 1 truncate cleaned up
[  169.548829][ T9280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.563984][ T9280] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  169.569092][ T9280] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.1226: Abort forced by user
[  169.627271][ T9280] EXT4-fs (loop4): Remounting filesystem read-only
[  169.629674][ T9280] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  169.655830][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.850183][ T9285] loop4: detected capacity change from 0 to 4096
[  169.863859][ T9285] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  169.871375][ T9285] ntfs3(loop4): ino=3, mi_enum_attr
[  169.873496][ T9285] ntfs3(loop4): Failed to load $Volume (-22).
[  170.055584][ T9294] loop1: detected capacity change from 0 to 2048
[  170.089127][ T9297] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.485807][ T9315] kAFS: unable to lookup cell ''
[  171.372650][ T9332] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1245'.
[  171.631398][   T33] audit: type=1326 audit(1755150767.424:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9345 comm="syz.1.1252" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f576158ebe9 code=0x0
[  172.074714][ T6812] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  172.226698][ T6812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  172.231171][ T6812] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  172.237270][ T6812] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.243940][ T6812] usb 5-1: config 0 descriptor??
[  172.247738][ T9355] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  172.670924][ T6812] holtek 0003:1241:5015.0009: hidraw0: USB HID v1.01 Device [HID 1241:5015] on usb-dummy_hcd.4-1/input0
[  172.676674][ T6812] holtek 0003:1241:5015.0009: no inputs found
[  172.864762][ T6812] usb 5-1: USB disconnect, device number 2
[  172.871950][ T9364] loop1: detected capacity change from 0 to 32768
[  173.701702][ T9379] loop4: detected capacity change from 0 to 764
[  173.721958][ T9379] Symlink component flag not implemented
[  173.724100][ T9379] Symlink component flag not implemented
[  173.728892][ T9379] Symlink component flag not implemented (128)
[  173.730928][ T9379] Symlink component flag not implemented (122)
[  173.782938][ T9382] syz.4.1267: attempt to access beyond end of device
[  173.782938][ T9382] loop4: rw=0, sector=64, nr_sectors = 8 limit=0
[  173.800367][ T9382] syz.4.1267: attempt to access beyond end of device
[  173.800367][ T9382] loop4: rw=0, sector=120, nr_sectors = 8 limit=0
[  173.812257][ T9382] Mount JFS Failure: -5
[  173.816274][ T9382] jfs_mount failed w/return code = -5
[  173.924079][ T9390] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  174.061668][ T9397] loop1: detected capacity change from 0 to 64
[  174.099978][ T9397] syz.1.1273: attempt to access beyond end of device
[  174.099978][ T9397] loop1: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  174.146013][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  174.189251][ T9399] mmap: syz.1.1274 (9399) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  174.292903][   T33] audit: type=1326 audit(1755150770.084:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.304484][   T33] audit: type=1326 audit(1755150770.084:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.314243][   T24] usb 5-1: Using ep0 maxpacket: 16
[  174.319934][   T33] audit: type=1326 audit(1755150770.094:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.331204][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.337980][   T33] audit: type=1326 audit(1755150770.094:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.346762][   T24] usb 5-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice= 0.00
[  174.356407][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.362485][   T33] audit: type=1326 audit(1755150770.094:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.372641][   T33] audit: type=1326 audit(1755150770.104:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.386392][   T24] usb 5-1: config 0 descriptor??
[  174.390812][   T33] audit: type=1326 audit(1755150770.104:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.404010][   T33] audit: type=1326 audit(1755150770.104:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9402 comm="syz.1.1276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576158ebe9 code=0x7ffc0000
[  174.829493][   T24] apple 0003:05AC:023F.000A: reserved main item tag 0xd
[  174.832456][   T24] apple 0003:05AC:023F.000A: unexpected long global item
[  174.839562][   T24] apple 0003:05AC:023F.000A: parse failed
[  174.842280][   T24] apple 0003:05AC:023F.000A: probe with driver apple failed with error -22
[  175.073171][   T10] usb 5-1: USB disconnect, device number 3
[  175.206194][ T9420] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1284'.
[  175.210070][ T9420] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1284'.
[  175.213401][ T9420] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1284'.
[  175.653300][ T9426] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  175.657296][ T9426] IPv6: NLM_F_CREATE should be set when creating new route
[  175.820456][ T9431] overlayfs: failed to clone upperpath
[  176.019072][ T9438] loop4: detected capacity change from 0 to 256
[  176.057422][ T9441] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  176.060196][ T9441] comedi comedi3: 8255: I/O port conflict (0x10000,4)
[  176.069921][ T9441] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  176.072434][ T9441] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  176.085281][ T9441] comedi comedi3: 8255: I/O port conflict (0x10,4)
[  176.093069][ T9441] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  176.103492][ T9441] comedi comedi3: 8255: I/O port conflict (0x400000a,4)
[  176.115126][ T9441] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff8,4)
[  176.120109][ T9441] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  176.127521][ T9441] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  176.143185][ T9441] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  176.146989][ T9441] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  176.155606][ T9441] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  176.824764][ T9465] loop4: detected capacity change from 0 to 1024
[  176.854080][ T9465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.898373][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.267498][ T5912] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  177.395580][ T5898] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  177.425163][ T5912] usb 5-1: unable to get BOS descriptor or descriptor too short
[  177.429578][ T5855] Bluetooth: hci0: Malformed LE Event: 0x0d
[  177.438881][ T5912] usb 5-1: unable to read config index 0 descriptor/start: -71
[  177.442692][ T5912] usb 5-1: can't read configurations, error -71
[  177.587934][ T9482] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma?
[  177.669290][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  177.674515][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  177.683935][ T5898] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  177.690866][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.766095][ T5898] usb 2-1: config 0 descriptor??
[  177.985831][ T5898] ath6kl: Failed to submit usb control message: -71
[  177.992193][ T5898] ath6kl: unable to send the bmi data to the device: -71
[  177.998934][ T5898] ath6kl: Unable to send get target info: -71
[  178.018696][ T5898] ath6kl: Failed to init ath6kl core: -71
[  178.026844][ T5898] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  178.043610][ T5898] usb 2-1: USB disconnect, device number 21
[  178.328180][ T9485] loop4: detected capacity change from 0 to 40427
[  178.342996][ T9485] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  178.346645][ T9485] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  178.353873][ T9485] F2FS-fs (loop4): invalid crc value
[  178.430155][ T9485] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  178.436495][ T9485] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  178.439300][ T9485] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  178.564063][ T9498] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1315'.
[  178.572170][ T9498] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1315'.
[  178.587770][ T9498] bridge0: port 3(vlan0) entered blocking state
[  178.590471][ T9498] bridge0: port 3(vlan0) entered disabled state
[  178.592865][ T9498] vlan0: entered allmulticast mode
[  178.594770][ T9498] bridge0: entered allmulticast mode
[  178.606964][ T9498] vlan0: left allmulticast mode
[  178.608602][ T9498] bridge0: left allmulticast mode
[  178.981022][ T9505] loop4: detected capacity change from 0 to 32768
[  178.990112][ T9505] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1317 (9505)
[  179.008442][ T9505] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  179.013501][ T9505] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  179.017403][ T9505] BTRFS info (device loop4): using free-space-tree
[  179.744004][ T8545] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  180.206085][ T9543] loop4: detected capacity change from 0 to 32768
[  180.213209][ T9543] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1322 (9543)
[  180.221755][ T9543] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.225426][ T9543] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  180.228489][ T9543] BTRFS info (device loop4): using free-space-tree
[  180.257624][ T9539] loop1: detected capacity change from 0 to 32768
[  180.275420][ T9539] XFS: ikeep mount option is deprecated.
[  180.294467][ T9539] XFS (loop1): sunit and swidth must be specified together
[  180.444979][ T8545] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.932854][ T9581] ip6gretap0: entered promiscuous mode
[  181.936006][ T9581] vlan2: entered promiscuous mode
[  181.940156][ T9577] loop4: detected capacity change from 0 to 40427
[  181.953724][ T9577] F2FS-fs (loop4): build fault injection rate: 771
[  181.962878][ T9577] F2FS-fs (loop4): invalid crc value
[  182.199596][ T9577] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  182.212806][ T9577] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  182.281902][ T8545] syz-executor: attempt to access beyond end of device
[  182.281902][ T8545] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  182.286992][ T8545] CPU: 1 UID: 0 PID: 8545 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  182.287020][ T8545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  182.287026][ T8545] Call Trace:
[  182.287031][ T8545]  <TASK>
[  182.287035][ T8545]  dump_stack_lvl+0x189/0x250
[  182.287056][ T8545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.287100][ T8545]  ? __pfx_queue_work_on+0x10/0x10
[  182.287114][ T8545]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.287134][ T8545]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  182.287166][ T8545]  f2fs_handle_critical_error+0x37c/0x540
[  182.287190][ T8545]  f2fs_write_end_io+0x886/0xb60
[  182.287221][ T8545]  __submit_merged_bio+0x27a/0x6a0
[  182.287248][ T8545]  __submit_merged_write_cond+0x255/0x530
[  182.287269][ T8545]  f2fs_write_data_pages+0x261d/0x3000
[  182.287287][ T8545]  ? __pfx_usage_match+0x10/0x10
[  182.287299][ T8545]  ? __bfs+0x154/0x2a0
[  182.287341][ T8545]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.287358][ T8545]  ? __switch_to+0xdae/0x1670
[  182.287416][ T8545]  ? rcu_is_watching+0x15/0xb0
[  182.287432][ T8545]  ? trace_sched_exit_tp+0x36/0x110
[  182.287451][ T8545]  ? __schedule+0x17ae/0x4cc0
[  182.287470][ T8545]  ? folios_put_refs+0x560/0x640
[  182.287498][ T8545]  ? __lock_acquire+0xab9/0xd20
[  182.287526][ T8545]  ? do_raw_spin_lock+0x121/0x290
[  182.287554][ T8545]  ? do_raw_spin_unlock+0x4d/0x240
[  182.287568][ T8545]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.287588][ T8545]  do_writepages+0x32e/0x550
[  182.287616][ T8545]  ? do_raw_spin_unlock+0x4d/0x240
[  182.287637][ T8545]  filemap_fdatawrite+0x199/0x240
[  182.287657][ T8545]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  182.287715][ T8545]  ? do_raw_spin_unlock+0x4d/0x240
[  182.287736][ T8545]  f2fs_sync_dirty_inodes+0x31f/0x830
[  182.287765][ T8545]  f2fs_write_checkpoint+0x95a/0x1df0
[  182.287801][ T8545]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  182.287854][ T8545]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  182.287867][ T8545]  ? kfree+0x18e/0x440
[  182.287887][ T8545]  ? kill_f2fs_super+0x298/0x6c0
[  182.287906][ T8545]  kill_f2fs_super+0x2c3/0x6c0
[  182.287920][ T8545]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.287942][ T8545]  ? __pfx_kill_f2fs_super+0x10/0x10
[  182.287968][ T8545]  deactivate_locked_super+0xbc/0x130
[  182.287988][ T8545]  cleanup_mnt+0x425/0x4c0
[  182.288005][ T8545]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.288025][ T8545]  task_work_run+0x1d4/0x260
[  182.288047][ T8545]  ? __pfx_task_work_run+0x10/0x10
[  182.288092][ T8545]  ? __x64_sys_umount+0x122/0x160
[  182.288117][ T8545]  ? exit_to_user_mode_loop+0x40/0x110
[  182.288142][ T8545]  exit_to_user_mode_loop+0xec/0x110
[  182.288169][ T8545]  do_syscall_64+0x2bd/0x3b0
[  182.288188][ T8545]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.288205][ T8545]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.288219][ T8545]  ? exc_page_fault+0x9f/0xf0
[  182.288239][ T8545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.288252][ T8545] RIP: 0033:0x7f759698ff17
[  182.288267][ T8545] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  182.288279][ T8545] RSP: 002b:00007ffdc91a3208 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  182.288295][ T8545] RAX: 0000000000000000 RBX: 00007f7596a11c05 RCX: 00007f759698ff17
[  182.288304][ T8545] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc91a32c0
[  182.288312][ T8545] RBP: 00007ffdc91a32c0 R08: 0000000000000000 R09: 0000000000000000
[  182.288321][ T8545] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdc91a4350
[  182.288329][ T8545] R13: 00007f7596a11c05 R14: 000000000002c76b R15: 00007ffdc91a4390
[  182.288356][ T8545]  </TASK>
[  182.289452][ T8545] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  182.725467][ T9592] Bluetooth: MGMT ver 1.23
[  183.986021][ T5898] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  184.139248][ T5898] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  184.142355][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.150179][ T5898] usb 2-1: Product: syz
[  184.151483][ T5898] usb 2-1: Manufacturer: syz
[  184.156818][ T5898] usb 2-1: SerialNumber: syz
[  184.389653][ T5898] usb 2-1: config 0 descriptor??
[  184.401548][ T5898] usb 2-1: Waiting for MOTU Microbook II to boot up...
[  184.403814][ T5898] usb 2-1: failed setting the sample rate for Motu MicroBook II: -22
[  184.407468][ T5898] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  184.602804][ T5898] usb 2-1: USB disconnect, device number 22
[  184.736311][ T5855] Bluetooth: hci0: command 0x0405 tx timeout
[  184.970983][ T9634] loop4: detected capacity change from 0 to 4096
[  185.070814][   T33] audit: type=1800 audit(2000000004.119:72): pid=9634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1358" name="file1" dev="loop4" ino=33 res=0 errno=0
[  185.792755][ T9650] loop1: detected capacity change from 0 to 512
[  185.816684][ T9650] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[  185.820137][ T9650] System zones: 1-12
[  185.827007][ T9650] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #2: block 3: comm syz.1.1364: lblock 0 mapped to illegal pblock 3 (length 1)
[  185.844294][ T9650] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.1364: error -117 reading directory block
[  185.852956][ T9650] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  185.864411][ T9650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.880991][ T9650] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #2: comm syz.1.1364: corrupted xattr block 255: invalid header
[  185.931811][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.696025][ T6812] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  186.850612][ T6812] usb 5-1: New USB device found, idVendor=0644, idProduct=800f, bcdDevice=c5.77
[  186.854518][ T6812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.858214][ T6812] usb 5-1: Product: syz
[  186.860326][ T6812] usb 5-1: Manufacturer: syz
[  186.862261][ T6812] usb 5-1: SerialNumber: syz
[  186.869165][ T6812] usb 5-1: config 0 descriptor??
[  186.885222][ T6812] usb 5-1: disable ehci-hcd to run US-144
[  187.101979][ T6812] usb 5-1: USB disconnect, device number 6
[  187.289914][ T9681] loop1: detected capacity change from 0 to 1024
[  187.331963][ T9681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.356167][ T9681] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.423794][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.547841][ T9692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1380'.
[  187.551622][ T9692] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1380'.
[  187.769287][ T9701] loop1: detected capacity change from 0 to 1024
[  187.778778][ T9703] ubi0: attaching mtd0
[  187.846544][ T9705] overlayfs: failed to clone upperpath
[  188.195875][    T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  188.345159][ T9714] loop4: detected capacity change from 0 to 32768
[  188.356383][    T9] usb 2-1: config 128 has an invalid interface number: 138 but max is 0
[  188.359766][    T9] usb 2-1: config 128 has no interface number 0
[  188.362306][    T9] usb 2-1: config 128 interface 138 has no altsetting 0
[  188.386437][ T9714] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1391 (9714)
[  188.398859][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice=c1.78
[  188.402949][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.411081][    T9] usb 2-1: Product: syz
[  188.412876][    T9] usb 2-1: Manufacturer: syz
[  188.414840][    T9] usb 2-1: SerialNumber: syz
[  188.419210][ T9714] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  188.423639][ T9714] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  188.440089][ T9714] BTRFS info (device loop4): using free-space-tree
[  188.664157][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:128.138/input/input11
[  188.679702][ T5279] bcm5974 2-1:128.138: could not read from device
[  188.735173][    T9] usb 2-1: USB disconnect, device number 23
[  188.740921][ T5279] bcm5974 2-1:128.138: could not read from device
[  188.751903][ T5279] bcm5974 2-1:128.138: could not read from device
[  188.764271][ T5279] bcm5974 2-1:128.138: could not read from device
[  188.788467][ T8545] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  189.355646][ T9739] loop4: detected capacity change from 0 to 32768
[  189.406479][ T9739] 
[  189.406479][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.406479][ T9739] 
[  189.445362][ T9739] 
[  189.445362][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.445362][ T9739] 
[  189.549096][ T9739] 
[  189.549096][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.549096][ T9739] 
[  189.599253][ T9739] 
[  189.599253][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.599253][ T9739] 
[  189.641015][ T9739] 
[  189.641015][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.641015][ T9739] 
[  189.705223][ T9739] 
[  189.705223][ T9739]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.705223][ T9739] 
[  189.778784][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1400'.
[  189.797679][  T116] 
[  189.797679][  T116]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.797679][  T116] 
[  189.816931][ T8545] 
[  189.816931][ T8545]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.816931][ T8545] 
[  189.821317][ T8545] 
[  189.821317][ T8545]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  189.821317][ T8545] 
[  189.880182][ T9753] Malformed UNC in devname
[  189.880182][ T9753] 
[  189.892220][ T9753] CIFS: VFS: Malformed UNC in devname
[  189.960901][ T9755] loop1: detected capacity change from 0 to 1024
[  190.016650][ T1398] hfsplus: b-tree write err: -5, ino 4
[  190.090451][ T9759] loop4: detected capacity change from 0 to 4096
[  190.139338][ T9759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.172926][ T5847] Bluetooth: hci1: adv larger than maximum supported
[  190.172994][ T5847] Bluetooth: hci1: Malformed LE Event: 0x0d
[  190.268984][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.897082][ T5847] Bluetooth: hci2: command 0x0419 tx timeout
[  190.982287][ T9783] loop4: detected capacity change from 0 to 1024
[  191.007610][ T9783] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.011930][ T9783] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.020436][ T9783] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1414: bg 0: block 480: padding at end of block bitmap is not set
[  191.036691][ T9783] EXT4-fs (loop4): Remounting filesystem read-only
[  191.067593][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.118871][ T9791] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  191.200084][ T9789] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1416'.
[  191.239868][ T9797] loop1: detected capacity change from 0 to 512
[  191.254916][ T9797] EXT4-fs: Ignoring removed nobh option
[  191.268889][ T9797] EXT4-fs (loop1): Test dummy encryption mode enabled
[  191.281052][ T9797] EXT4-fs error (device loop1): __ext4_iget:5464: inode #11: block 1: comm syz.1.1420: invalid block
[  191.302687][ T9797] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1420: couldn't read orphan inode 11 (err -117)
[  191.322353][ T9797] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.332286][ T9801] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  191.356297][ T5847] Bluetooth: hci2: unexpected event for opcode 0x080d
[  191.383314][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.216173][ T9827] loop1: detected capacity change from 0 to 512
[  192.238683][ T9827] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  192.253543][ T9827] EXT4-fs (loop1): 1 orphan inode deleted
[  192.256252][ T9827] EXT4-fs (loop1): 1 truncate cleaned up
[  192.260025][ T9827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.302193][ T5851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.376076][ T5847] Bluetooth: hci3: command 0x1003 tx timeout
[  193.378663][ T5855] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  193.513110][ T9857] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1447'.
[  193.525615][ T9858] loop4: detected capacity change from 0 to 256
[  193.549896][ T9858] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  193.567714][ T9858] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  193.589770][ T9858] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  193.935585][ T9869] loop1: detected capacity change from 0 to 2048
[  193.953896][ T9869] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=18576, location=18576
[  193.999241][ T9869] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.183555][ T9871] loop4: detected capacity change from 0 to 1764
[  194.201931][ T9871] iso9660: Corrupted directory entry in block 14 of inode 1920
[  194.589818][ T9886] ieee802154 phy0 wpan0: encryption failed: -22
[  194.726716][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  194.735860][ T5855] Bluetooth: hci1: command tx timeout
[  194.841709][ T9892] kAFS: Can only specify source 'none' with -o dyn
[  194.906030][ T5312] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  195.102968][ T5312] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  195.110538][ T5312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.113812][ T5312] usb 2-1: Product: syz
[  195.116144][ T5312] usb 2-1: Manufacturer: syz
[  195.124972][ T5312] usb 2-1: SerialNumber: syz
[  195.177590][ T5312] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  195.207609][ T5898] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  195.241250][    T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[  195.245927][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.249972][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[  195.257623][    T9] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  195.261358][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.274216][    T9] usb 5-1: config 0 descriptor??
[  195.386221][ T5855] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  195.391896][ T5855] Bluetooth: hci2: Injecting HCI hardware error event
[  195.399759][ T5847] Bluetooth: hci2: hardware error 0x00
[  195.689134][ T5912] usb 2-1: USB disconnect, device number 24
[  195.707977][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.718427][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.721753][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.724849][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.730145][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.733359][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.736640][    T9] holtek_kbd 0003:04D9:A055.000B: unknown main item tag 0x0
[  195.755325][    T9] holtek_kbd 0003:04D9:A055.000B: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.4-1/input0
[  195.903970][ T5312] usb 5-1: USB disconnect, device number 7
[  196.261653][ T5898] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  196.269846][ T5898] ath9k_htc: Failed to initialize the device
[  196.286800][ T5912] usb 2-1: ath9k_htc: USB layer deinitialized
[  196.667160][ T9908] binder: 9907:9908 unknown command 0
[  196.668908][ T9908] binder: 9907:9908 ioctl c0306201 200000000080 returned -22
[  196.845308][ T9910] loop4: detected capacity change from 0 to 32768
[  196.864306][ T9910] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  196.997387][ T8545] ocfs2: Unmounting device (7,4) on (node local)
[  197.391551][ T9939] loop4: detected capacity change from 0 to 1024
[  197.427280][ T9939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.456792][ T5847] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  197.480374][ T8545] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.540952][ T9944] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1482'.
[  198.305833][   T10] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  198.473541][   T10] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  198.477654][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.558972][   T10] usb 2-1: Product: syz
[  198.560854][   T10] usb 2-1: Manufacturer: syz
[  198.565921][   T10] usb 2-1: SerialNumber: syz
[  198.581423][   T10] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  198.659756][   T10] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  198.894699][    C0] usb 2-1: ath9k_htc: invalid pkt_len (ffd7)
[  199.063166][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  199.066140][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  199.108512][   T95] usb 2-1: USB disconnect, device number 25
[  199.164202][ T9985] loop4: detected capacity change from 0 to 32768
[  199.261393][ T9985] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  199.261422][ T9985]   allowing incompatible features above 0.0: (unknown version)
[  199.261432][ T9985]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  199.279851][ T9985] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  199.283059][ T9985] bcachefs (loop4): initializing new filesystem
[  199.294218][ T9985] bcachefs (loop4): going read-write
[  199.309712][ T9985] bcachefs (loop4): marking superblocks
[  199.343998][ T9985] bcachefs (loop4): initializing freespace
[  199.361662][ T9985] bcachefs (loop4): done initializing freespace
[  199.372602][ T9985] bcachefs (loop4): reading snapshots table
[  199.375172][ T9985] bcachefs (loop4): reading snapshots done
[  199.422629][ T9985] bcachefs (loop4): done starting filesystem
[  199.493485][ T9985] syz.4.1501 (9985) used greatest stack depth: 15768 bytes left
[  199.512919][ T8545] bcachefs (loop4): shutting down
[  199.515078][ T8545] bcachefs (loop4): going read-only
[  199.519250][ T8545] bcachefs (loop4): finished waiting for writes to stop
[  199.523609][ T8545] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  199.579333][ T8545] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  199.588320][ T8545] bcachefs (loop4): clean shutdown complete, journal seq 4
[  199.591969][ T8545] bcachefs (loop4): marking filesystem clean
[  199.624080][ T8545] bcachefs (loop4): shutdown complete
[  199.696090][   T10] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  199.702148][   T10] ath9k_htc: Failed to initialize the device
[  199.710671][   T95] usb 2-1: ath9k_htc: USB layer deinitialized
[  199.971327][T10009] loop1: detected capacity change from 0 to 32768
[  200.325565][T10009] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  200.325595][T10009]   allowing incompatible features above 0.0: (unknown version)
[  200.325605][T10009]   features: 
[  200.358107][T10009] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  200.361494][T10009] bcachefs (loop1): initializing new filesystem
[  200.389514][T10009] bcachefs (loop1): going read-write
[  200.436482][T10009] bcachefs (loop1): marking superblocks
[  200.524741][T10009] bcachefs (loop1): initializing freespace
[  200.550641][T10009] bcachefs (loop1): done initializing freespace
[  200.574379][T10009] bcachefs (loop1): reading snapshots table
[  200.578182][T10009] bcachefs (loop1): reading snapshots done
[  200.614629][T10009] bcachefs (loop1): done starting filesystem
[  200.647999][   T33] audit: type=1800 audit(2000000019.689:73): pid=10009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1507" name="file1" dev="loop1" ino=4098 res=0 errno=0
[  200.731879][ T5851] bcachefs (loop1): shutting down
[  200.734031][ T5851] bcachefs (loop1): going read-only
[  200.737482][ T5851] bcachefs (loop1): finished waiting for writes to stop
[  200.743430][ T5851] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  200.794706][ T5851] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  200.808639][ T5851] bcachefs (loop1): clean shutdown complete, journal seq 4
[  200.820971][ T5851] bcachefs (loop1): marking filesystem clean
[  200.860769][ T5851] bcachefs (loop1): shutdown complete
[  201.839181][T10047] loop4: detected capacity change from 0 to 64
[  202.237291][T10049] loop4: detected capacity change from 0 to 32768
[  202.304988][T10049] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  202.359583][   T33] audit: type=1804 audit(2000000021.409:74): pid=10049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1520" name="/newroot/153/file1/bus" dev="loop4" ino=17058 res=1 errno=0
[  202.429103][   T33] audit: type=1800 audit(2000000021.479:75): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1520" name="file1" dev="loop4" ino=17059 res=0 errno=0
[  202.452781][   T33] audit: type=1804 audit(2000000021.499:76): pid=10064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1520" name="/newroot/153/file1/bus" dev="loop4" ino=17058 res=1 errno=0
[  202.614342][ T8545] ocfs2: Unmounting device (7,4) on (node local)
[  203.150230][T10088] loop1: detected capacity change from 0 to 40427
[  203.156027][T10088] F2FS-fs (loop1): Wrong segment_count / block_count (31 > 0)
[  203.158516][T10088] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  203.164323][T10088] F2FS-fs (loop1): invalid crc value
[  203.224381][T10088] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  203.231101][T10088] F2FS-fs (loop1): Try to recover 2th superblock, ret: -30
[  203.234203][T10088] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  203.470631][T10091] loop1: detected capacity change from 0 to 256
[  203.511781][T10091] FAT-fs (loop1): Directory bread(block 64) failed
[  203.518428][T10091] FAT-fs (loop1): Directory bread(block 65) failed
[  203.522727][T10091] FAT-fs (loop1): Directory bread(block 66) failed
[  203.525595][T10091] FAT-fs (loop1): Directory bread(block 67) failed
[  203.529869][T10091] FAT-fs (loop1): Directory bread(block 68) failed
[  203.532603][T10091] FAT-fs (loop1): Directory bread(block 69) failed
[  203.535493][T10091] FAT-fs (loop1): Directory bread(block 70) failed
[  203.539226][T10091] FAT-fs (loop1): Directory bread(block 71) failed
[  203.542225][T10091] FAT-fs (loop1): Directory bread(block 72) failed
[  203.545014][T10091] FAT-fs (loop1): Directory bread(block 73) failed
[  203.919081][T10111] loop1: detected capacity change from 0 to 256
[  203.926068][T10111] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  204.028776][T10113] MPI: mpi too large (107144 bits)
[  204.645867][   T95] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  204.817665][   T95] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  204.821270][   T95] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  204.825141][   T95] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  204.828878][   T95] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  204.831533][   T95] usb 5-1: SerialNumber: syz
[  205.043197][   T95] usb 5-1: 0:2 : does not exist
[  205.058082][   T95] usb 5-1: USB disconnect, device number 8
[  205.076663][ T8438] udevd[8438]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  205.764567][T10182] loop4: detected capacity change from 0 to 1024
[  205.815495][   T33] audit: type=1800 audit(2000000024.859:77): pid=10182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1574" name="bus" dev="loop4" ino=25 res=0 errno=0
[  205.919769][T10188] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1577'.
[  206.375907][T10195] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1580'.
[  207.708889][   T95] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[  207.868617][   T95] usb 2-1: config 13 has an invalid interface number: 144 but max is 0
[  207.876544][   T95] usb 2-1: config 13 has no interface number 0
[  207.878545][   T95] usb 2-1: config 13 interface 144 has no altsetting 0
[  207.985572][   T95] usb 2-1: New USB device found, idVendor=19ab, idProduct=1000, bcdDevice= 1.01
[  207.989368][   T95] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.991828][   T95] usb 2-1: Product: syz
[  207.993070][   T95] usb 2-1: Manufacturer: syz
[  207.994511][   T95] usb 2-1: SerialNumber: syz
[  208.558246][   T95] usb 2-1: Found UVC 0.00 device syz (19ab:1000)
[  208.560404][   T95] usb 2-1: No valid video chain found.
[  208.931944][   T95] usb 2-1: USB disconnect, device number 26
[  209.076563][T10236] loop4: detected capacity change from 0 to 256
[  209.084079][T10236] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  209.089657][T10236] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  209.095299][T10236] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  209.104911][   T33] audit: type=1800 audit(2000000028.149:78): pid=10236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1599" name="file1" dev="loop4" ino=1048639 res=0 errno=0
[  209.256104][   T95] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  209.416647][   T95] usb 2-1: Using ep0 maxpacket: 8
[  209.422509][   T95] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13
[  209.430272][   T95] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  209.437644][   T95] usb 2-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  209.445986][   T95] usb 2-1: Product: syz
[  209.447745][   T95] usb 2-1: Manufacturer: syz
[  209.449637][   T95] usb 2-1: SerialNumber: syz
[  209.467251][   T95] usb 2-1: config 0 descriptor??
[  209.472435][   T95] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  209.594027][T10244] loop4: detected capacity change from 0 to 32768
[  209.609302][T10244] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  209.621583][T10244] 
[  209.622410][T10244] ======================================================
[  209.624689][T10244] WARNING: possible circular locking dependency detected
[  209.626948][T10244] 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 Not tainted
[  209.629768][T10244] ------------------------------------------------------
[  209.632915][T10244] syz.4.1603/10244 is trying to acquire lock:
[  209.635072][T10244] ffff888114281578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_init_acl+0x2f9/0x720
[  209.638880][T10244] 
[  209.638880][T10244] but task is already holding lock:
[  209.641826][T10244] ffff88803103c950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  209.644787][T10244] 
[  209.644787][T10244] which lock already depends on the new lock.
[  209.644787][T10244] 
[  209.648008][T10244] 
[  209.648008][T10244] the existing dependency chain (in reverse order) is:
[  209.650711][T10244] 
[  209.650711][T10244] -> #4 (jbd2_handle){++++}-{0:0}:
[  209.652999][T10244]        lock_acquire+0x120/0x360
[  209.654742][T10244]        start_this_handle+0x1fa7/0x21c0
[  209.656925][T10244]        jbd2__journal_start+0x2c1/0x5b0
[  209.658902][T10244]        jbd2_journal_start+0x2a/0x40
[  209.660585][T10244]        ocfs2_start_trans+0x376/0x6d0
[  209.662257][T10244]        ocfs2_fileattr_set+0x301/0x7e0
[  209.663964][T10244]        vfs_fileattr_set+0x932/0xb90
[  209.666058][T10244]        ioctl_setflags+0x17b/0x200
[  209.667817][T10244]        do_vfs_ioctl+0x8ed/0x1430
[  209.669568][T10244]        __se_sys_ioctl+0x82/0x170
[  209.671246][T10244]        do_syscall_64+0xfa/0x3b0
[  209.672867][T10244]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.675081][T10244] 
[  209.675081][T10244] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  209.678554][T10244]        lock_acquire+0x120/0x360
[  209.680186][T10244]        down_read+0x46/0x2e0
[  209.681709][T10244]        ocfs2_start_trans+0x36a/0x6d0
[  209.683449][T10244]        ocfs2_fileattr_set+0x301/0x7e0
[  209.685176][T10244]        vfs_fileattr_set+0x932/0xb90
[  209.686828][T10244]        ioctl_setflags+0x17b/0x200
[  209.688379][T10244]        do_vfs_ioctl+0x8ed/0x1430
[  209.689943][T10244]        __se_sys_ioctl+0x82/0x170
[  209.691601][T10244]        do_syscall_64+0xfa/0x3b0
[  209.693557][T10244]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.696119][T10244] 
[  209.696119][T10244] -> #2 (sb_internal#4){.+.+}-{0:0}:
[  209.699009][T10244]        reacquire_held_locks+0x127/0x1d0
[  209.701258][T10244]        lock_release+0x1b4/0x3e0
[  209.703208][T10244]        up_write+0x2d/0x420
[  209.705181][T10244]        ocfs2_free_alloc_context+0x97/0x1a0
[  209.707632][T10244]        ocfs2_write_begin_nolock+0x4296/0x4340
[  209.710235][T10244]        ocfs2_write_begin+0x1bb/0x310
[  209.712401][T10244]        generic_perform_write+0x2c5/0x900
[  209.714685][T10244]        ocfs2_file_write_iter+0x157a/0x1d10
[  209.717061][T10244]        do_iter_readv_writev+0x61c/0x8b0
[  209.719329][T10244]        vfs_writev+0x31a/0x960
[  209.721243][T10244]        __se_sys_pwritev2+0x179/0x290
[  209.723401][T10244]        do_syscall_64+0xfa/0x3b0
[  209.725410][T10244]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.727857][T10244] 
[  209.727857][T10244] -> #1 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  209.731205][T10244]        lock_acquire+0x120/0x360
[  209.733173][T10244]        down_write+0x96/0x1f0
[  209.735074][T10244]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  209.737578][T10244]        ocfs2_truncate_file+0xda0/0x1420
[  209.739844][T10244]        ocfs2_setattr+0x1520/0x1b40
[  209.742017][T10244]        notify_change+0xb36/0xe40
[  209.744083][T10244]        do_truncate+0x1a4/0x220
[  209.746051][T10244]        path_openat+0x306c/0x3830
[  209.748066][T10244]        do_filp_open+0x1fa/0x410
[  209.749721][T10244]        do_sys_openat2+0x121/0x1c0
[  209.751393][T10244]        __x64_sys_creat+0x8f/0xc0
[  209.753002][T10244]        do_syscall_64+0xfa/0x3b0
[  209.754731][T10244]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.757331][T10244] 
[  209.757331][T10244] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}:
[  209.759848][T10244]        validate_chain+0xb9b/0x2140
[  209.761761][T10244]        __lock_acquire+0xab9/0xd20
[  209.763809][T10244]        lock_acquire+0x120/0x360
[  209.765873][T10244]        down_read+0x46/0x2e0
[  209.767802][T10244]        ocfs2_init_acl+0x2f9/0x720
[  209.769868][T10244]        ocfs2_mknod+0x1321/0x2050
[  209.771819][T10244]        ocfs2_create+0x1a5/0x440
[  209.773753][T10244]        path_openat+0x14f4/0x3830
[  209.775713][T10244]        do_filp_open+0x1fa/0x410
[  209.777292][T10244]        do_sys_openat2+0x121/0x1c0
[  209.778887][T10244]        __x64_sys_creat+0x8f/0xc0
[  209.780484][T10244]        do_syscall_64+0xfa/0x3b0
[  209.782060][T10244]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.784034][T10244] 
[  209.784034][T10244] other info that might help us debug this:
[  209.784034][T10244] 
[  209.787078][T10244] Chain exists of:
[  209.787078][T10244]   &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle
[  209.787078][T10244] 
[  209.791202][T10244]  Possible unsafe locking scenario:
[  209.791202][T10244] 
[  209.793469][T10244]        CPU0                    CPU1
[  209.795203][T10244]        ----                    ----
[  209.796878][T10244]   rlock(jbd2_handle);
[  209.798220][T10244]                                lock(&journal->j_trans_barrier);
[  209.800635][T10244]                                lock(jbd2_handle);
[  209.802631][T10244]   rlock(&oi->ip_xattr_sem);
[  209.804071][T10244] 
[  209.804071][T10244]  *** DEADLOCK ***
[  209.804071][T10244] 
[  209.806444][T10244] 8 locks held by syz.4.1603/10244:
[  209.808031][T10244]  #0: ffff8880340ac428 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  209.810785][T10244]  #1: ffff888114281840 (&type->i_mutex_dir_key#18){++++}-{4:4}, at: path_openat+0x8da/0x3830
[  209.813921][T10244]  #2: ffff88811426ef40 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  209.818236][T10244]  #3: ffff888114285240 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  209.822426][T10244]  #4: ffff88811426e0c0 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  209.827234][T10244]  #5: ffff8880340ac618 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_mknod+0xe93/0x2050
[  209.829993][T10244]  #6: ffff888122fec8e8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x36a/0x6d0
[  209.833185][T10244]  #7: ffff88803103c950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  209.836159][T10244] 
[  209.836159][T10244] stack backtrace:
[  209.838018][T10244] CPU: 1 UID: 0 PID: 10244 Comm: syz.4.1603 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  209.838031][T10244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.838038][T10244] Call Trace:
[  209.838044][T10244]  <TASK>
[  209.838050][T10244]  dump_stack_lvl+0x189/0x250
[  209.838064][T10244]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.838074][T10244]  ? __pfx__printk+0x10/0x10
[  209.838086][T10244]  ? stack_trace_save+0x9c/0xe0
[  209.838100][T10244]  print_circular_bug+0x2ee/0x310
[  209.838110][T10244]  check_noncircular+0x134/0x160
[  209.838119][T10244]  validate_chain+0xb9b/0x2140
[  209.838131][T10244]  __lock_acquire+0xab9/0xd20
[  209.838144][T10244]  ? ocfs2_init_acl+0x2f9/0x720
[  209.838153][T10244]  lock_acquire+0x120/0x360
[  209.838163][T10244]  ? ocfs2_init_acl+0x2f9/0x720
[  209.838173][T10244]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  209.838184][T10244]  down_read+0x46/0x2e0
[  209.838196][T10244]  ? ocfs2_init_acl+0x2f9/0x720
[  209.838205][T10244]  ocfs2_init_acl+0x2f9/0x720
[  209.838213][T10244]  ? ocfs2_mknod_locked+0x148/0x250
[  209.838222][T10244]  ? __pfx_ocfs2_init_acl+0x10/0x10
[  209.838230][T10244]  ? dquot_alloc_inode+0x216/0xa50
[  209.838239][T10244]  ? ocfs2_block_signals+0x94/0xe0
[  209.838250][T10244]  ? __pfx_ocfs2_block_signals+0x10/0x10
[  209.838262][T10244]  ? ocfs2_init_security_get+0x139/0x1a0
[  209.838272][T10244]  ocfs2_mknod+0x1321/0x2050
[  209.838283][T10244]  ? __pfx_ocfs2_mknod+0x10/0x10
[  209.838290][T10244]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  209.838300][T10244]  ? __lock_acquire+0xab9/0xd20
[  209.838314][T10244]  ? look_up_lock_class+0x74/0x170
[  209.838325][T10244]  ? register_lock_class+0x51/0x320
[  209.838336][T10244]  ? __lock_acquire+0xab9/0xd20
[  209.838353][T10244]  ? __lock_acquire+0xab9/0xd20
[  209.838366][T10244]  ? do_raw_spin_lock+0x121/0x290
[  209.838378][T10244]  ? do_raw_spin_unlock+0x4d/0x240
[  209.838388][T10244]  ? rcu_is_watching+0x15/0xb0
[  209.838397][T10244]  ? ocfs2_lookup+0x5b9/0x9b0
[  209.838405][T10244]  ocfs2_create+0x1a5/0x440
[  209.838413][T10244]  ? __pfx_ocfs2_lookup+0x10/0x10
[  209.838420][T10244]  ? from_kgid+0x1b0/0x650
[  209.838432][T10244]  ? __pfx_ocfs2_create+0x10/0x10
[  209.838439][T10244]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  209.838447][T10244]  ? inode_permission+0x149/0x470
[  209.838454][T10244]  ? __pfx_ocfs2_permission+0x10/0x10
[  209.838465][T10244]  ? bpf_lsm_inode_create+0x9/0x20
[  209.838473][T10244]  ? __pfx_ocfs2_create+0x10/0x10
[  209.838480][T10244]  path_openat+0x14f4/0x3830
[  209.838489][T10244]  ? arch_stack_walk+0xfc/0x150
[  209.838504][T10244]  ? __pfx_path_openat+0x10/0x10
[  209.838512][T10244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.838523][T10244]  do_filp_open+0x1fa/0x410
[  209.838531][T10244]  ? __lock_acquire+0xab9/0xd20
[  209.838542][T10244]  ? __pfx_do_filp_open+0x10/0x10
[  209.838554][T10244]  ? _raw_spin_unlock+0x28/0x50
[  209.838562][T10244]  ? alloc_fd+0x64c/0x6c0
[  209.838575][T10244]  do_sys_openat2+0x121/0x1c0
[  209.838585][T10244]  ? __se_sys_futex+0x36f/0x400
[  209.838595][T10244]  ? __pfx_do_sys_openat2+0x10/0x10
[  209.838604][T10244]  ? rcu_is_watching+0x15/0xb0
[  209.838612][T10244]  __x64_sys_creat+0x8f/0xc0
[  209.838621][T10244]  do_syscall_64+0xfa/0x3b0
[  209.838631][T10244]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.838641][T10244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.838648][T10244]  ? exc_page_fault+0x9f/0xf0
[  209.838657][T10244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.838665][T10244] RIP: 0033:0x7f759698ebe9
[  209.838675][T10244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.838683][T10244] RSP: 002b:00007f7597829038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  209.838692][T10244] RAX: ffffffffffffffda RBX: 00007f7596bb5fa0 RCX: 00007f759698ebe9
[  209.838698][T10244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  209.838704][T10244] RBP: 00007f7596a11e19 R08: 0000000000000000 R09: 0000000000000000
[  209.838709][T10244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.838714][T10244] R13: 00007f7596bb6038 R14: 00007f7596bb5fa0 R15: 00007ffdc91a3f78
[  209.838723][T10244]  </TASK>
[  210.088042][ T8545] ocfs2: Unmounting device (7,4) on (node local)
[  210.369874][   T95] gspca_zc3xx: reg_w_i err -71
[  210.955847][   T95] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  210.959827][   T95] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  210.967561][   T95] usb 2-1: USB disconnect, device number 27

VM DIAGNOSIS:
05:49:47  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=00000000000036b2 RCX=b0690469abc04f00 RDX=000000000000008a
RSI=ffffffff8be33460 RDI=ffffffff8be33420 RBP=0000000000000000 RSP=ffffc900069978c0
R8 =ffff888136641b47 R9 =1ffff11026cc8368 R10=dffffc0000000000 R11=ffffffff8b7824a0
R12=000000000000b72e R13=0000000000000002 R14=0000008a4799d050 R15=0000000000001e2e
RIP=ffffffff8b782511 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0d7684f523 CR3=000000011e4e2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ff00000000ff0000 0000000000000000 XMM05=0000000000000051 0000000000000031
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffffffff00 XMM09=2e6364755f796d6d 75642f6364752f31
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000257d RDI=000000000000257e RBP=00000000000003f8 RSP=ffffc90002a7e8f0
R8 =ffff888020068237 R9 =1ffff1100400d046 R10=dffffc0000000000 R11=ffffffff854f0330
R12=dffffc0000000000 R13=ffffffff99af98dc R14=ffffffff99dee3e0 R15=0000000000000000
RIP=ffffffff854f03ac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f75978296c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32d1eff8 CR3=0000000022b54000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8133c57e ffffffff8133c57e
XMM02=aaaaaaaaaaaaaaaa ffffffff8133c57e XMM03=be8a3adfcc200000 00002c703b0aaaaa
XMM04=0000000000000000 000000000000000d XMM05=652012bfffff0000 0057e00000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000dbe XMM09=0000000000000000 00007f7596a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
