last executing test programs:

2m18.951487299s ago: executing program 2 (id=366):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x68)
fallocate(r0, 0x0, 0x0, 0x1001f0)
fallocate(r0, 0x0, 0xefc, 0x10000)

2m18.292676171s ago: executing program 2 (id=370):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@getnexthop={0x1c, 0x76, 0xb0d, 0x4000, 0x0, {0x3}, [@NHA_FDB={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m18.075454146s ago: executing program 2 (id=376):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000140)="d2ffb49ede31518d65a476b76e4a4e0b75db47c327ab597233001000006db41df04709094056af33a6db1e301a74db81f27f6aa6a8ca9d22a565ff96d46e88fa99b284c26c46494072fc2e47da240c71"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x40086315}], 0x0, 0x0, 0x0})

2m18.007977567s ago: executing program 2 (id=377):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
open(0x0, 0x100000, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
flock(0xffffffffffffffff, 0x5)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000080)={0x2e, 0x6, 0x0, {0x0, 0x6, 0x5, 0x0, 'ext4\x00'}}, 0x2e)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000340)={0xa0, 0x0, 0x0, {{0x6, 0x3, 0x8000000000000001, 0x0, 0xffff5310, 0x8001, {0x5, 0x4, 0x80000000, 0x286ad0f7, 0xdf, 0x4, 0xdf5, 0xae, 0x6, 0x5000, 0x0, 0x0, 0x0, 0x8, 0x6}}, {0x0, 0x4}}}, 0xa0)

2m17.731450294s ago: executing program 2 (id=383):
r0 = socket(0x2b, 0x1, 0x1)
timer_create(0x1, &(0x7f0000000080)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e1f, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)

2m16.088066852s ago: executing program 2 (id=396):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000400)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x54f, &(0x7f0000000480)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4")
mount$tmpfs(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='size='])

2m15.741872449s ago: executing program 32 (id=396):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000400)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x54f, &(0x7f0000000480)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4")
mount$tmpfs(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='size='])

6.152574568s ago: executing program 1 (id=1915):
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
r0 = syz_usbip_server_init(0x1)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed000000010902"], 0x0)
write$usbip_server(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000300000001"], 0x35)

4.78331086s ago: executing program 1 (id=1921):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={&(0x7f0000000200)=@name, 0x10, 0x0}, 0x4)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

4.639940287s ago: executing program 1 (id=1923):
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x101})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x5})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000240)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff7000/0x3000)=nil, 0x3000})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff6000/0x1000)=nil, 0x4000, 0x1})

4.569853603s ago: executing program 1 (id=1925):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000001200)='./bus\x00', 0x2000002, &(0x7f00000001c0)=ANY=[@ANYBLOB='novrs,gid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB=',rootdir=00000000000000000232,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000063610,iocharset=cp864,\x00'], 0x1, 0xc46, &(0x7f0000000580)="$eJzs3U9sHNd9B/DfG5LiSm4iJnYUJ42LTVuksmK5+hdTsQp3VdNsA8iyEIq5BeCKXKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcjIYzOxbcUmTEi2K+mN9Pgn13Z15b/a9easZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cv7EyfSgWwEA3E8Xx75+4pT7PwA8Vi77738AAAAAAAAAAAAAAHjYpSjiyUgxd3EtTVTvO2oX2gM3bo6PjG5f7WCqavZV5cuf2slTp8985YXhs9280J65Tf177fPx2tjl8/WXZ6/PzbcWFlpT9fGZ9uTsVGvXR9hr/a2OVSegfv31G1NXry7UTz1/etPum0PvDz5xZOjc8LPHn+mWHR8ZHR3bKFLrLd9/1w3p2GmGx4Eo4nikeO4HP0/NiChi7+eidn/HfquDVSeOVZ0YHxmtOjLdbs4sljsvdU9EEVHvqdTonqPtxyL6B+5rH3bWiFgqm182+FjZvbG55nzzynSrfqk5v9hebM/OXEqd1pb9qUcRZ1PEckSsDn74cANRRH+k+N7htXQlIvq65+HL1cTgndtR7GMfd6FsZ30gYrl4BMbsITYYRbwaKX7xztGYzNeZ6lrzpYhXy/xRxFtlvhSRyi/GmYj3tvke8WjqjyL+shz/c2tpqroedK8rF75R/9rM1dmest3ryke8P3zoSvGA7g8Ht+T98ZBfm2pRRLO64q+lu//DDgAAAAAAAAAAAAAAAAD32sEo4nOR4pX/+JNqXnFU89IPnxv+w6FP9M4Zf/oOxynLPh8RS8Xu5uQeyBMDL6VLKT3gucSPs1oU8ad5/t93HnRjAAAAAAAAAAAAAAAAAAAAHmtF/CxSvPju0bQcvWuKt2eu1S83r0x3VoXtrv3bXTN9fX19vZ462cg5kaqlo9eX8vvlnCs5V3NGkevnbOScyLmUcznnSs7VnNGX6+ds5JzIuZRzOedKztWcZSur+jkbOSdyLuVczrmSczVnPCRr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfJwUUcQHkeK731pLkSKiETERnVwZfNCtAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKg6mIH0aK+h81bm3rj4hU/b/jaPnLmWgcKPPT0Rgu86VonM/ZrLK/8Z0H0H72ZiAV8dNIMVh7+9aA5/Ef6Ly79TWIt7698e7z/Z3s6+4cen/wiSOHzw2P/sbTO71O2zXg2IX2zI2b9fGR0dGxns39+dM/3bNtKH9ucW+6TkQsvPHm683p6db83b8ovwJ7qP4IvUj9j0tPvaheRP8ej1NexR54L+6y7zwGyvv/e5Hid9/9z+4Nv3P/r8Wvdd7dusPHL/9s4/7/4tYD7fL+37+1Xr7/l/f07e7/T/ZsezH/aWSgP6K2eH1u4EhEbeGNN4+3rzevta61Zs6cOPHV4eGvnj4xcCCidrU93ep5dU9OFwAAAAAAAAAAAAAAAMD9k4r4/UjR/OlaqkfEzWq+1tC54WePP9MXfdV8q03ztl8bu3y+/vLs9bn51sJCa6o+PtOenJ1q7fbjatV0r/GR0X3pzB0d3Of2H6y9PDv3xnz72h8vbrv/UO38lYXF+ebk9rvjYBQRjd4tx6oGj4+MVo2ebjdnqqqXtp1M/9ENpCL+K1JMnqmnL+Ztef7/1hn+m+b/L2090D7N//9Uz7byM1Mq4peR4nf+6un4YtXOQ/Ghc5bL/V2kOHb2C7lcHCjLddvQea5AZ2ZgWfb/IsU/fbC5bHc+5JMbZU/u+sQ+IsrxPxwpfvgX34/fzNs2P/9h+/E/tPVA+zT+T/VsO7TpeQV77jp5/I9HipeefDt+K2+73fM/us/eOJoL33o+xz6N/2d6tg3lz/3te9N1AAAAAAAAAACAR9pAKuLvI8WPR/vTC3nbbv7939TWA+3Tv//6bM+2qXuzXtEdX+z5pAIAAADAQ2IgFfGzSHFt8e1bc6g3z//umf/5exvzP0fSlr3V3/N9snpuwL38+79eQ/lzJ/bebQAAAAAAAAAAAAAAAAAAAHiopFTEC3k99YlqPv/Ujuupr0SKV/7nuVwuHSnLddeBH6p+rV2cnTl+fnp6drK52Lwy3aqPzTUnW2XdpyLF2t9+IdctqvXVu+vNd9Z431iLfT5SjP5Dt2xnLfbu2uRPdcsutU6WZT8VKf77HzeX7a5j/ZmN454qy/5NpPjmv2xf9shG2dNl2e9Hip98s94te6gs230+6mc3yj4/OVvs5jR/8qOPDAAAAAAAAAAAAAAAAAAAAI+TgVTEn0eK/72+fGsuf17/f6DnbeWtb/es97/FzWqd/6Fq/f+dXt/N+v/VcwWWdvpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4eEpRxJuRYu7iWloZLN931C60Z27cHB8Z3b7awVTV7KvKlz+1k6dOn/nKC8Nnu3n7+vfa5+K1scvn6y/PXp+bby0stKbq4zPtydmp1q6PsNf6Wx2rTkD9+us3pq5eXaifev70pt03h94ffOLI0LnhZ48/0yn7ifr4yOjoWE+Z/oGP8HmDt9+ddth+IIr460jx3A9+nn48GFHE3s/FHb47++1g1YljVSfGR0arjky3mzOL5c5L3RNRRNR7KjW65yiP257GYj81IpbK5pcNPlZ2b2yuOd+8Mt2qX2rOL7YX27Mzl1KntWV/6lHE2RSxHBGr23xHBqKI1yPF9w6vpX/N41+dhy9fHPv6iVM7t6PYxz7uQl/Zt4GI5eJ2Y3aH3xTEYBTxz5HiF+8cjX8bjOiPzk98KeLVMn8U8VZ0xjuVX4wzEe85rR8b/VHE/5fjf24tvTNYXg+615UL36h/bebqbE/Z7nXlkb8/xH28mD/k95NaFPGT6oq/lv7d72sAAAAAAAAAAAAAAACAh0gRvx4pXnz3aKrmB9+aU9yeuVa/3Lwy3ZnW1537150zvb6+vl5PnWzknMi5lHM550rO1ZxR5Po5G2XW1tcn8vulnMs5V3Ku5oy+XD9nI+dEzqWcyzlXcq7mjP5cP2cj50TOpZzLOVdyrua8n9MHAQAAAAAAAAAAAAAAAACAx0dR/S/Fd7+1ltYHq/Wl+7r7VqwH+rH3qwAAAP//3v/zCw==")
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010049, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x1208c48, &(0x7f0000000740)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4.48559858s ago: executing program 1 (id=1928):
r0 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1)
r1 = dup(r0)
r2 = fanotify_init(0x0, 0x40000)
fanotify_mark(r2, 0x1, 0x8000000, r1, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="7f454c4606ff78a33e0200000000000002003e00cd000000c9030000000000004000000000000000ea02000000000000000001000500380010"], 0x178)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

4.118192992s ago: executing program 1 (id=1932):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

3.890284419s ago: executing program 33 (id=1932):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

2.1926401s ago: executing program 3 (id=1950):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, 0x0, 0x0)

2.104069824s ago: executing program 3 (id=1951):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
clock_adjtime(0x0, &(0x7f0000000000)={0xffffffff})

2.008701542s ago: executing program 3 (id=1952):
syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

1.457395527s ago: executing program 3 (id=1954):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1700"/20, @ANYRES32=0x1], 0x50)
keyctl$search(0xa, 0x0, &(0x7f00000004c0)='asymmetric\x00', 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0182101, &(0x7f00000004c0))

1.061882447s ago: executing program 0 (id=1957):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000006100)={0x34, 0x3f, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xd, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x18}]}, @generic='V']}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

971.32529ms ago: executing program 0 (id=1958):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100004800c000880"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

589.593799ms ago: executing program 3 (id=1959):
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000060000402505a1a440000102030109025c0002010000000901000100020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010120ee0ea6"], 0x0)

472.0053ms ago: executing program 0 (id=1960):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x7}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)

374.409611ms ago: executing program 0 (id=1961):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_FDB={0x4}]}, 0x1c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000006800e97800000000000000000a000000000000000400040030db918bc8cc"], 0x1c}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7}, 0x1c)

275.590581ms ago: executing program 0 (id=1962):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, r0}, './file1\x00'})

199.21582ms ago: executing program 0 (id=1963):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000002, 0xa, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf33", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 3 (id=1964):
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$inet_mreqn(r0, 0x0, 0x3, 0x0, 0x0)

kernel console output (not intermixed with test programs):

48] bridge_slave_1: entered promiscuous mode
[  108.851654][ T6948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.862219][ T5824] Bluetooth: hci1: command tx timeout
[  108.867783][ T6948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.019597][ T6948] team0: Port device team_slave_0 added
[  109.026535][ T6948] team0: Port device team_slave_1 added
[  109.080758][ T6948] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.086740][ T6948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.109376][ T6948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.116479][ T6948] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.118878][ T6948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.128107][ T6948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.216586][ T6948] hsr_slave_0: entered promiscuous mode
[  109.219890][ T6948] hsr_slave_1: entered promiscuous mode
[  109.224267][ T6948] debugfs: 'hsr0' already exists in 'hsr'
[  109.226576][ T6948] Cannot create hsr debugfs directory
[  109.433967][ T7026] loop1: detected capacity change from 0 to 1764
[  109.473335][ T6948] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  109.484829][ T6948] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  109.495051][ T6948] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  109.504947][ T6948] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  109.671199][ T6948] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.728397][ T6948] 8021q: adding VLAN 0 to HW filter on device team0
[  109.789191][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.791531][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.798411][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.800634][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.495015][ T7056] loop1: detected capacity change from 0 to 16
[  110.552576][ T7056] erofs (device loop1): mounted with root inode @ nid 36.
[  110.664881][ T6948] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.712655][ T7058] x_tables: duplicate entry at hook 2
[  110.749993][ T6948] veth0_vlan: entered promiscuous mode
[  110.770244][ T6948] veth1_vlan: entered promiscuous mode
[  110.806792][ T7062] loop0: detected capacity change from 0 to 128
[  110.832786][ T6948] veth0_macvtap: entered promiscuous mode
[  110.836311][ T7062] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.844250][ T6948] veth1_macvtap: entered promiscuous mode
[  110.862134][ T7062] ext4 filesystem being mounted at /166/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.887538][ T6948] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.905853][ T6948] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.916024][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.933102][ T5708] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.936974][ T5708] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.943043][ T5824] Bluetooth: hci1: command tx timeout
[  110.951892][ T5812] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.967278][ T5708] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.082111][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.093039][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.135903][ T7072] loop1: detected capacity change from 0 to 256
[  111.150252][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.153816][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.215648][ T7073] ALSA: mixer_oss: invalid OSS volume ''
[  111.358079][ T7078] loop0: detected capacity change from 0 to 1024
[  111.443704][   T26] hfsplus: b-tree write err: -5, ino 4
[  112.307318][ T7088] loop0: detected capacity change from 0 to 131072
[  112.598781][ T7088] F2FS-fs (loop0): invalid crc value
[  112.687218][ T7088] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  112.699716][ T7088] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  112.822244][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  112.930336][ T7101] loop3: detected capacity change from 0 to 16
[  112.958705][ T7101] erofs (device loop3): mounted with root inode @ nid 36.
[  112.982632][   T10] usb 2-1: Using ep0 maxpacket: 32
[  113.015794][ T7101] erofs (device loop3): readahead error at folio 2 @ nid 89
[  113.018407][ T7101] erofs (device loop3): readahead error at folio 1 @ nid 89
[  113.021317][ T7101] erofs (device loop3): readahead error at folio 0 @ nid 89
[  113.024821][ T5824] Bluetooth: hci1: command tx timeout
[  113.031814][   T10] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  113.036023][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.039082][   T10] usb 2-1: Product: syz
[  113.040566][   T10] usb 2-1: Manufacturer: syz
[  113.042305][   T10] usb 2-1: SerialNumber: syz
[  113.042632][ T7101] erofs (device loop3): read error -117 @ 0 of nid 89
[  113.046220][   T10] usb 2-1: config 0 descriptor??
[  113.348018][   T10] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 008
[  113.473761][ T4234] Bluetooth: hci3: Frame reassembly failed (-84)
[  113.557002][   T47] usb 2-1: USB disconnect, device number 8
[  114.666564][ T7120] loop0: detected capacity change from 0 to 8192
[  114.921160][ T5201] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  115.000142][ T7129] netlink: 268 bytes leftover after parsing attributes in process `syz.0.458'.
[  115.008216][ T7129] unsupported nla_type 65024
[  115.103043][ T5201] Bluetooth: hci1: command tx timeout
[  115.167332][ T7131] IPVS: Scheduler module ip_vs_sip not found
[  115.171750][ T7131] IPVS: length: 141 != 8
[  115.222904][ T7137] loop1: detected capacity change from 0 to 512
[  115.268244][ T7137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.274682][ T7137] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  115.346574][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.512590][ T5824] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  115.546171][ T7155] program syz.0.468 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  115.682459][ T7148] loop1: detected capacity change from 0 to 40427
[  115.686534][ T7148] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  115.689742][ T7148] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  115.695706][ T7148] F2FS-fs (loop1): invalid crc value
[  115.764809][ T7148] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  115.765292][ T7164] binder: 7162:7164 ioctl 4018620d 0 returned -22
[  115.772166][ T7148] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  115.774999][ T7148] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  115.796383][ T7163] loop3: detected capacity change from 0 to 2048
[  115.811561][ T7163] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.851811][ T7166] binder: 7162:7166 ioctl c018620c 0 returned -14
[  116.918823][ T7188] overlayfs: upper fs does not support file handles, falling back to index=off.
[  117.284694][ T7190] loop3: detected capacity change from 0 to 8
[  117.373906][ T7190] SQUASHFS error: xz decompression failed, data probably corrupt
[  117.382613][ T7190] SQUASHFS error: Failed to read block 0x108: -5
[  117.387323][ T7190] SQUASHFS error: Unable to read metadata cache entry [106]
[  117.397296][ T7190] SQUASHFS error: Unable to read inode 0x11f
[  117.401764][ T7192] trusted_key: syz.1.477 sent an empty control message without MSG_MORE.
[  117.725310][ T7194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.482'.
[  118.009821][ T7202] netlink: 'syz.3.486': attribute type 1 has an invalid length.
[  118.278711][ T7205] loop0: detected capacity change from 0 to 32768
[  118.322839][ T7205] XFS (loop0): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  118.363141][ T7205] XFS (loop0): Ending clean mount
[  118.414733][ T7205] XFS (loop0): User initiated shutdown received.
[  118.417636][ T7205] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  118.435567][ T7205] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  118.502493][ T5812] XFS (loop0): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  118.664555][ T7242] loop0: detected capacity change from 0 to 512
[  118.672912][ T7242] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  118.684515][ T7242] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  118.687190][ T7242] System zones: 1-12
[  118.718332][ T7242] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.500: corrupted in-inode xattr: e_value size too large
[  118.735370][ T7242] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.500: couldn't read orphan inode 15 (err -117)
[  118.743205][ T7242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.894832][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.051357][ T7249] mmap: syz.3.503 (7249) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  119.204585][ T7255] loop0: detected capacity change from 0 to 128
[  119.240691][ T7255] EXT4-fs (loop0): Test dummy encryption mode enabled
[  119.311435][ T7255] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  119.324861][ T7255] ext4 filesystem being mounted at /190/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  120.028475][ T7255] fscrypt (loop0): Error allocating 'xts(aes)' transform: -4
[  120.140617][ T5812] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.184097][ T7277] loop3: detected capacity change from 0 to 256
[  120.672266][ T5279] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  120.783190][ T7305] loop1: detected capacity change from 0 to 32768
[  120.803189][ T7305] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.822159][ T5279] usb 4-1: Using ep0 maxpacket: 32
[  120.831556][ T5279] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  120.839751][ T5279] usb 4-1: config 0 has no interface number 0
[  120.847710][ T5279] usb 4-1: config 0 interface 12 has no altsetting 0
[  120.859333][ T5279] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  120.868262][ T7305] XFS (loop1): Ending clean mount
[  120.872655][ T5279] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.881633][ T5279] usb 4-1: Product: syz
[  120.884175][ T7305] XFS (loop1): Quotacheck needed: Please wait.
[  120.888677][ T5279] usb 4-1: Manufacturer: syz
[  120.890592][ T5279] usb 4-1: SerialNumber: syz
[  120.906550][ T5279] usb 4-1: config 0 descriptor??
[  120.938181][ T7305] XFS (loop1): Quotacheck: Done.
[  121.019772][ T5820] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.125896][ T5279] f81534 4-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[  121.129321][ T5279] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  121.152435][ T5279] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  121.155659][ T5279] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  121.179979][ T5279] usb 4-1: USB disconnect, device number 2
[  121.612163][ T5279] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  121.769026][ T5279] usb 2-1: Using ep0 maxpacket: 16
[  121.780205][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.786014][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.789853][ T5279] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  121.795952][ T5279] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  121.799586][ T5279] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.807906][ T5279] usb 2-1: config 0 descriptor??
[  122.225884][ T5279] microsoft 0003:045E:07DA.0002: ignoring exceeding usage max
[  122.241362][ T5279] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  122.250249][ T5279] microsoft 0003:045E:07DA.0002: no inputs found
[  122.257678][ T5279] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[  122.302610][ T7280] Bluetooth: hci0: Opcode 0x080f failed: -110
[  122.305746][ T5201] Bluetooth: hci0: command 0x080f tx timeout
[  122.437296][ T5279] usb 2-1: USB disconnect, device number 9
[  122.858764][ T7379] loop0: detected capacity change from 0 to 256
[  122.866013][ T7379] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  122.871020][ T7379] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  122.886658][ T7379] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  122.905812][ T7379] exFAT-fs (loop0): failed to load alloc-bitmap
[  122.908034][ T7379] exFAT-fs (loop0): failed to recognize exfat type
[  123.319822][ T7389] tipc: Started in network mode
[  123.321697][ T7389] tipc: Node identity , cluster identity 4711
[  123.325282][ T7389] tipc: Failed to set node id, please configure manually
[  123.328101][ T7389] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  123.369194][ T7391] loop1: detected capacity change from 0 to 256
[  123.409935][ T7391] FAT-fs (loop1): Directory bread(block 64) failed
[  123.412624][ T7391] FAT-fs (loop1): Directory bread(block 65) failed
[  123.416153][ T7391] FAT-fs (loop1): Directory bread(block 66) failed
[  123.419413][ T7391] FAT-fs (loop1): Directory bread(block 67) failed
[  123.426852][ T7391] FAT-fs (loop1): Directory bread(block 68) failed
[  123.429654][ T7391] FAT-fs (loop1): Directory bread(block 69) failed
[  123.441001][ T7391] FAT-fs (loop1): Directory bread(block 70) failed
[  123.445817][ T7391] FAT-fs (loop1): Directory bread(block 71) failed
[  123.449059][ T7391] FAT-fs (loop1): Directory bread(block 72) failed
[  123.451939][ T7391] FAT-fs (loop1): Directory bread(block 73) failed
[  124.432230][ T1905] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  124.606658][ T7421] netlink: 'syz.0.565': attribute type 1 has an invalid length.
[  124.612174][ T1905] usb 4-1: Using ep0 maxpacket: 32
[  124.616776][ T1905] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[  124.619913][ T1905] usb 4-1: config 0 has no interface number 0
[  124.623708][ T1905] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  124.627582][ T1905] usb 4-1: config 0 interface 196 has no altsetting 0
[  124.644779][ T1905] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  124.648549][ T1905] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.655774][ T1905] usb 4-1: Product: syz
[  124.657515][ T1905] usb 4-1: Manufacturer: syz
[  124.659340][ T1905] usb 4-1: SerialNumber: syz
[  124.674897][ T1905] usb 4-1: config 0 descriptor??
[  124.681325][ T7405] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  124.686908][ T7417] loop1: detected capacity change from 0 to 32768
[  124.757440][ T7417] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  124.847436][ T7417] XFS (loop1): Ending clean mount
[  125.042635][ T5820] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  125.979125][ T7443] loop1: detected capacity change from 0 to 32768
[  126.040943][ T7443] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.165036][ T7443] XFS (loop1): Ending clean mount
[  126.188614][ T7443] XFS (loop1): Quotacheck needed: Please wait.
[  126.260582][ T7443] XFS (loop1): Quotacheck: Done.
[  126.356067][ T5820] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.612594][ T5862] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  126.783513][ T5862] usb 1-1: Using ep0 maxpacket: 32
[  126.788300][ T5862] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  126.793815][ T5862] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 128, using maximum allowed: 30
[  126.801419][ T5862] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  126.821072][ T5862] usb 1-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=33.c7
[  126.824887][ T5862] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.828182][ T5862] usb 1-1: Product: syz
[  126.830089][ T5862] usb 1-1: Manufacturer: syz
[  126.832889][ T5862] usb 1-1: SerialNumber: syz
[  126.841396][ T5862] usb 1-1: config 0 descriptor??
[  126.846004][ T5862] hub 1-1:0.0: bad descriptor, ignoring hub
[  126.848346][ T5862] hub 1-1:0.0: probe with driver hub failed with error -5
[  126.854174][ T5862] keyspan 1-1:0.0: Keyspan - (without firmware) converter detected
[  127.053401][ T5862] usb 1-1: USB disconnect, device number 4
[  127.060152][ T5862] keyspan 1-1:0.0: device disconnected
[  127.088795][ T1905] ipheth 4-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[  127.091454][ T1905] ipheth 4-1:0.196: probe with driver ipheth failed with error -71
[  127.115415][ T1905] usb 4-1: USB disconnect, device number 3
[  129.188128][   T33] kauditd_printk_skb: 10 callbacks suppressed
[  129.188147][   T33] audit: type=1326 audit(1760619856.206:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.212871][   T33] audit: type=1326 audit(1760619856.206:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.224502][   T33] audit: type=1326 audit(1760619856.246:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.248332][   T33] audit: type=1326 audit(1760619856.246:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.260910][   T33] audit: type=1326 audit(1760619856.256:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.269053][   T33] audit: type=1326 audit(1760619856.256:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.0.588" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  129.291811][ T7497] loop1: detected capacity change from 0 to 65
[  129.310159][ T7497] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
[  129.377799][ T7497] BFS-fs: bfs_readdir(): Bad f_pos=00000008 for loop1:00000002
[  129.622150][ T5862] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  129.624695][   T10] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  129.775142][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  129.779882][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  129.783808][   T10] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  129.788826][   T10] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  129.793290][   T10] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  129.797828][ T5862] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  129.801360][ T5862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.804689][   T10] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  129.808172][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.814623][ T5862] usb 4-1: config 0 descriptor??
[  129.821920][ T7499] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  129.836287][   T10] hub 1-1:1.0: bad descriptor, ignoring hub
[  129.839264][   T10] hub 1-1:1.0: probe with driver hub failed with error -5
[  129.844966][   T10] cdc_wdm 1-1:1.0: skipping garbage
[  129.847288][   T10] cdc_wdm 1-1:1.0: skipping garbage
[  129.852586][   T10] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  129.856434][   T10] cdc_wdm 1-1:1.0: Unknown control protocol
[  130.142493][   T24] usb 1-1: USB disconnect, device number 5
[  131.033416][ T5862] usb 4-1: Cannot set autoneg
[  131.035191][ T5862] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  131.050063][ T5862] usb 4-1: USB disconnect, device number 4
[  131.102280][   T10] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  131.252210][   T10] usb 2-1: Using ep0 maxpacket: 16
[  131.256458][   T10] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  131.259731][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.265007][   T10] usb 2-1: config 0 has no interface number 0
[  131.267498][   T10] usb 2-1: config 0 interface 105 has no altsetting 0
[  131.275384][   T10] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  131.278338][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.280816][   T10] usb 2-1: Product: syz
[  131.282563][   T10] usb 2-1: Manufacturer: syz
[  131.284133][   T10] usb 2-1: SerialNumber: syz
[  131.287248][   T10] usb 2-1: config 0 descriptor??
[  131.291583][   T10] uvcvideo 2-1:0.105: probe with driver uvcvideo failed with error -22
[  131.442180][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  131.500333][   T47] usb 2-1: USB disconnect, device number 10
[  131.592394][   T24] usb 1-1: Using ep0 maxpacket: 8
[  131.596230][   T24] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  131.599581][   T24] usb 1-1: config 179 has no interface number 0
[  131.605677][   T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  131.611472][   T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  131.618665][   T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  131.623072][   T24] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  131.627592][   T24] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  131.633458][   T24] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  131.637031][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.652216][ T7537] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  131.777395][ T7545] netlink: 24 bytes leftover after parsing attributes in process `syz.3.610'.
[  131.847532][ T7549] loop3: detected capacity change from 0 to 128
[  131.856024][ T7549] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  131.879831][   T33] audit: type=1800 audit(1760619858.896:33): pid=7549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.612" name="file1" dev="loop3" ino=94 res=0 errno=0
[  131.901111][ T7549] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  132.085066][ T7556] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0104 with DS=0x92
[  132.113059][ T1905] usb 1-1: USB disconnect, device number 6
[  132.114915][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  132.114943][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  132.235605][ T7563] loop1: detected capacity change from 0 to 4096
[  132.239809][ T7563] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  132.258302][ T7563] ntfs3(loop1): ino=19, mi_enum_attr
[  132.260631][ T7563] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  132.422579][   T47] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  132.572396][   T47] usb 4-1: Using ep0 maxpacket: 32
[  132.579488][   T47] usb 4-1: config 0 has an invalid interface number: 202 but max is 0
[  132.583336][   T47] usb 4-1: config 0 has no interface number 0
[  132.585662][   T47] usb 4-1: config 0 interface 202 has no altsetting 0
[  132.590097][   T47] usb 4-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice=5f.7a
[  132.593794][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.596255][   T47] usb 4-1: Product: syz
[  132.597552][   T47] usb 4-1: Manufacturer: syz
[  132.599301][   T47] usb 4-1: SerialNumber: syz
[  132.604576][   T47] usb 4-1: config 0 descriptor??
[  132.827212][   T47] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.202/input/input6
[  132.845654][ T5246] bcm5974 4-1:0.202: could not read from device
[  132.858077][ T5246] bcm5974 4-1:0.202: could not read from device
[  132.864259][   T47] usb 4-1: USB disconnect, device number 5
[  132.869469][ T5246] bcm5974 4-1:0.202: could not read from device
[  133.184341][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  133.186587][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  134.230208][ T7593] loop3: detected capacity change from 0 to 65536
[  134.255476][ T7598] xt_TCPMSS: Only works on TCP SYN packets
[  134.259999][ T7593] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  134.285422][ T7593] XFS (loop3): Ending clean mount
[  134.297283][ T7593] XFS (loop3): Quotacheck needed: Please wait.
[  134.369949][ T7593] XFS (loop3): Quotacheck: Done.
[  134.395786][ T6948] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  134.612645][   T47] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  134.762186][   T47] usb 1-1: Using ep0 maxpacket: 16
[  134.766667][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  134.770517][   T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  134.775669][   T47] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC1, changing to 0x81
[  134.780582][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.790860][   T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[  134.798922][   T47] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  134.803011][   T47] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  134.806169][   T47] usb 1-1: Product: syz
[  134.807863][   T47] usb 1-1: Manufacturer: syz
[  134.809739][   T47] usb 1-1: SerialNumber: syz
[  134.814766][   T47] usb 1-1: config 0 descriptor??
[  134.818945][   T47] usb 1-1: NFC: intf ffff88810d84e000 id ffffffff8eb1e280
[  135.021689][   T47] usb 1-1: USB disconnect, device number 7
[  136.155623][ T7646] loop0: detected capacity change from 0 to 1024
[  136.191601][ T7646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  136.204159][ T7646] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.244432][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  136.438053][ T7655] netlink: 100 bytes leftover after parsing attributes in process `syz.0.654'.
[  136.506808][ T7659] loop1: detected capacity change from 0 to 512
[  136.539485][ T7658] netlink: 4268 bytes leftover after parsing attributes in process `syz.0.655'.
[  136.551407][ T7658] openvswitch: netlink: Missing key (keys=40, expected=80)
[  136.556133][ T7659] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.587468][ T7659] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  136.588645][ T7661] bond1: option primary: mode dependency failed, not supported in mode 802.3ad(4)
[  136.598951][ T7659] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.653: bg 0: block 248: padding at end of block bitmap is not set
[  136.607693][ T7661] bond1 (unregistering): Released all slaves
[  136.608178][ T7659] Quota error (device loop1): write_blk: dquota write failed
[  136.616667][ T7659] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  136.620738][ T7659] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.653: Failed to acquire dquot type 1
[  136.634511][ T7659] EXT4-fs (loop1): 1 truncate cleaned up
[  136.639282][ T7659] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  136.698105][   T33] audit: type=1800 audit(1760619863.716:34): pid=7659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.653" name="file1" dev="loop1" ino=15 res=0 errno=0
[  136.787150][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  136.938740][ T7676] netlink: 96 bytes leftover after parsing attributes in process `syz.3.662'.
[  137.050769][ T7670] loop0: detected capacity change from 0 to 32768
[  137.086749][ T7670] JBD2: Unrecognised features on journal
[  137.088767][ T7670] (syz.0.659,7670,1):ocfs2_journal_init:973 ERROR: Linux journal layer error
[  137.105262][ T7670] (syz.0.659,7670,1):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[  137.109247][ T7670] (syz.0.659,7670,1):ocfs2_check_volume:2432 ERROR: status = -22
[  137.136324][ T7670] (syz.0.659,7670,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  137.149117][ T7687] warning: `syz.1.667' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  137.157958][ T7670] (syz.0.659,7670,1):ocfs2_fill_super:1177 ERROR: status = -22
[  137.421443][ T7697] netlink: 'syz.3.672': attribute type 2 has an invalid length.
[  137.617992][ T7706] loop0: detected capacity change from 0 to 1024
[  137.668987][ T7708] bond1: invalid ARP target 0.0.0.0 specified for addition
[  137.672104][ T7708] bond1: option arp_ip_target: invalid value (0)
[  137.677403][ T7708] bond1 (unregistering): Released all slaves
[  137.691158][ T1090] hfsplus: b-tree write err: -5, ino 3
[  137.847328][ T7715] loop1: detected capacity change from 0 to 4096
[  137.864317][ T7717] Invalid source name
[  137.866631][ T7717] UBIFS error (pid: 7717): cannot open "./file0", error -22
[  137.898365][ T7715] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  137.936668][   T33] audit: type=1800 audit(1760619864.946:35): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.680" name="file1" dev="loop1" ino=33 res=0 errno=0
[  138.100693][ T7724] loop3: detected capacity change from 0 to 2048
[  138.129888][ T7724] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  138.167973][ T7713] loop0: detected capacity change from 0 to 40427
[  138.168958][ T7731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.687'.
[  138.227932][ T7713] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  138.236300][ T7713] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  138.297087][ T7735] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  138.316698][ T7735] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 574 with error 28
[  138.321506][ T7735] EXT4-fs (loop3): This should not happen!! Data will be lost
[  138.321506][ T7735] 
[  138.337257][ T5812] syz-executor: attempt to access beyond end of device
[  138.337257][ T5812] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.349106][ T7735] EXT4-fs (loop3): Total free blocks count 0
[  138.352165][ T7735] EXT4-fs (loop3): Free/Dirty block details
[  138.354608][ T7735] EXT4-fs (loop3): free_blocks=2415919104
[  138.356892][ T7735] EXT4-fs (loop3): dirty_blocks=576
[  138.359684][ T7735] EXT4-fs (loop3): Block reservation details
[  138.364300][ T7735] EXT4-fs (loop3): i_reserved_data_blocks=36
[  138.370605][ T5812] CPU: 0 UID: 0 PID: 5812 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  138.370628][ T5812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  138.370637][ T5812] Call Trace:
[  138.370645][ T5812]  <TASK>
[  138.370653][ T5812]  dump_stack_lvl+0x189/0x250
[  138.370679][ T5812]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.370693][ T5812]  ? __pfx_queue_work_on+0x10/0x10
[  138.370713][ T5812]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  138.370734][ T5812]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  138.370795][ T5812]  f2fs_handle_critical_error+0x37c/0x540
[  138.370818][ T5812]  f2fs_write_end_io+0x886/0xb60
[  138.370852][ T5812]  __submit_merged_bio+0x27a/0x6a0
[  138.370873][ T5812]  __submit_merged_write_cond+0x255/0x530
[  138.370894][ T5812]  f2fs_write_data_pages+0x261d/0x3000
[  138.370941][ T5812]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.370999][ T5812]  ? check_path+0x21/0x40
[  138.371017][ T5812]  ? check_noncircular+0xe0/0x160
[  138.371080][ T5812]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.371097][ T5812]  do_writepages+0x32e/0x550
[  138.371121][ T5812]  ? do_raw_spin_unlock+0x4d/0x240
[  138.371139][ T5812]  filemap_fdatawrite+0x199/0x240
[  138.371153][ T5812]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  138.371209][ T5812]  ? do_raw_spin_unlock+0x4d/0x240
[  138.371227][ T5812]  f2fs_sync_dirty_inodes+0x31f/0x830
[  138.371265][ T5812]  f2fs_write_checkpoint+0x93e/0x2440
[  138.371281][ T5812]  ? __lock_acquire+0xab9/0xd20
[  138.371323][ T5812]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  138.371391][ T5812]  kill_f2fs_super+0x2cc/0x6d0
[  138.371414][ T5812]  ? __pfx_kill_f2fs_super+0x10/0x10
[  138.371446][ T5812]  ? shrinker_free+0x2ce/0x3e0
[  138.371468][ T5812]  deactivate_locked_super+0xbc/0x130
[  138.371492][ T5812]  cleanup_mnt+0x425/0x4c0
[  138.371511][ T5812]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.371527][ T5812]  task_work_run+0x1d4/0x260
[  138.371547][ T5812]  ? __pfx_task_work_run+0x10/0x10
[  138.371559][ T5812]  ? __x64_sys_umount+0x122/0x160
[  138.371576][ T5812]  ? exit_to_user_mode_loop+0x40/0x130
[  138.371598][ T5812]  exit_to_user_mode_loop+0xe9/0x130
[  138.371614][ T5812]  do_syscall_64+0x2bd/0xfa0
[  138.371632][ T5812]  ? lockdep_hardirqs_on+0x9c/0x150
[  138.371643][ T5812]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.371656][ T5812]  ? exc_page_fault+0xab/0x100
[  138.371670][ T5812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.371683][ T5812] RIP: 0033:0x7f127b5901f7
[  138.371698][ T5812] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  138.371709][ T5812] RSP: 002b:00007fffa9f43098 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  138.371724][ T5812] RAX: 0000000000000000 RBX: 00007f127b611d7d RCX: 00007f127b5901f7
[  138.371732][ T5812] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffa9f43150
[  138.371740][ T5812] RBP: 00007fffa9f43150 R08: 0000000000000000 R09: 0000000000000000
[  138.371747][ T5812] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffa9f441e0
[  138.371785][ T5812] R13: 00007f127b611d7d R14: 0000000000021bb5 R15: 00007fffa9f44220
[  138.371812][ T5812]  </TASK>
[  138.371818][ T5812] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  138.985266][   T26] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  139.003206][ T7750] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  139.357839][ T7765] ref_ctr increment failed for inode: 0x20b offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888108b25600
[  139.592950][ T7767] loop0: detected capacity change from 0 to 164
[  139.598921][ T7767] ISOFS: unable to read i-node block
[  139.601759][ T7767] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  139.605955][ T7767] isofs_fill_super: get root inode failed
[  140.148533][ T7793] loop0: detected capacity change from 0 to 1024
[  140.191902][ T7793] hfsplus: catalog searching failed
[  140.297586][ T7789] loop1: detected capacity change from 0 to 32768
[  140.345684][ T7789] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.383319][ T7789] XFS (loop1): Ending clean mount
[  140.415519][ T5820] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.717507][ T7816] input: syz1 as /devices/virtual/input/input7
[  140.891337][ T7830] loop1: detected capacity change from 0 to 256
[  140.904474][ T7830] FAT-fs (loop1): count of clusters too big (178174)
[  140.907186][ T7830] FAT-fs (loop1): Can't find a valid FAT filesystem
[  141.055432][ T7831] : entered promiscuous mode
[  141.072304][ T7834] netlink: 64 bytes leftover after parsing attributes in process `syz.3.725'.
[  142.052496][   T47] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  142.212405][   T47] usb 2-1: Using ep0 maxpacket: 8
[  142.216880][   T47] usb 2-1: config 0 has no interfaces?
[  142.219128][   T47] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  142.223441][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.232774][   T47] usb 2-1: config 0 descriptor??
[  142.344315][ T7861] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.348107][ T7861] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.431361][ T7861] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.438244][ T7861] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.452406][ T1905] usb 2-1: USB disconnect, device number 11
[  142.547106][   T14] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.549927][   T14] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.557343][   T14] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.560391][   T14] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.659834][ T7876] netlink: 'syz.3.744': attribute type 1 has an invalid length.
[  142.663496][ T7876] netlink: 'syz.3.744': attribute type 1 has an invalid length.
[  142.704198][ T7879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.746'.
[  142.739358][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.0.748'.
[  142.744237][ T7883] netlink: 4 bytes leftover after parsing attributes in process `syz.0.748'.
[  142.747115][ T7883] netlink: 'syz.0.748': attribute type 11 has an invalid length.
[  142.749693][ T7883] netlink: 'syz.0.748': attribute type 13 has an invalid length.
[  142.826771][ T7889] loop0: detected capacity change from 0 to 128
[  142.830349][ T7889] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  142.843943][ T7889] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.189308][ T7897] loop0: detected capacity change from 0 to 32768
[  143.208873][ T7897] jfs_mkdir: dtInsert returned -EIO
[  143.211127][ T7897] ERROR: (device loop0): jfs_mkdir: 
[  143.211127][ T7897] 
[  143.218544][ T7897] ERROR: (device loop0): remounting filesystem as read-only
[  143.322122][   T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  143.504930][   T24] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  143.512161][   T24] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  143.519974][   T24] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  143.532118][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.924292][ T7903] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  143.931256][   T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  144.142861][   T24] usb 2-1: USB disconnect, device number 12
[  144.395102][ T7919] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  144.692189][   T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  144.921037][ T7945] netlink: 12 bytes leftover after parsing attributes in process `syz.3.778'.
[  144.962144][   T24] usb 1-1: Using ep0 maxpacket: 32
[  144.966725][   T24] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  144.975420][   T24] usb 1-1: New USB device found, idVendor=05ac, idProduct=0232, bcdDevice= 0.40
[  144.979100][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.983316][ T7948] netlink: 44 bytes leftover after parsing attributes in process `syz.3.779'.
[  144.987279][   T24] usb 1-1: Product: syz
[  144.989287][   T24] usb 1-1: Manufacturer: syz
[  144.991219][   T24] usb 1-1: SerialNumber: syz
[  145.085598][   T24] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input8
[  145.229750][ T7952] netlink: 40 bytes leftover after parsing attributes in process `syz.3.780'.
[  145.244016][ T5246] bcm5974 1-1:1.0: could not read from device
[  145.249070][ T5246] bcm5974 1-1:1.0: could not read from device
[  145.259592][ T5246] bcm5974 1-1:1.0: could not read from device
[  145.261018][   T24] usb 1-1: USB disconnect, device number 8
[  145.265303][ T5246] bcm5974 1-1:1.0: could not read from device
[  146.082882][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  146.262389][   T24] usb 1-1: Using ep0 maxpacket: 16
[  146.270538][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.276599][   T24] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  146.280217][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.290928][   T24] usb 1-1: config 0 descriptor??
[  146.333247][   T14] nci: nci_ntf_packet: unknown ntf opcode 0x27
[  146.712430][   T24] mcp2221 0003:04D8:00DD.0003: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  147.114629][   T24] usb 1-1: USB disconnect, device number 9
[  147.276456][ T8012] team_slave_0: entered promiscuous mode
[  147.279402][ T8012] team_slave_1: entered promiscuous mode
[  147.605573][ T8028] netlink: 'syz.1.815': attribute type 1 has an invalid length.
[  147.664957][ T8031] netlink: 'syz.1.815': attribute type 27 has an invalid length.
[  147.718504][ T8028] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.730220][ T8031] bond1: option tlb_dynamic_lb: unable to set because the bond device is up
[  147.854081][ T8041] loop1: detected capacity change from 0 to 1024
[  147.879473][ T8041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.918134][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.070653][ T5279] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  148.275541][ T5279] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  148.278465][ T5279] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.280880][ T5279] usb 1-1: Product: syz
[  148.292216][ T5279] usb 1-1: Manufacturer: syz
[  148.293771][ T5279] usb 1-1: SerialNumber: syz
[  148.299568][ T5279] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  148.312151][ T5862] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  148.358043][ T5279] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  148.474702][ T5862] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  148.482135][ T5862] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  148.485576][ T5862] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  148.488762][ T5862] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  148.502742][ T5862] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  148.506049][ T5862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.520385][ T5862] usb 2-1: config 0 descriptor??
[  148.585721][    C0] usb 1-1: ath9k_htc: invalid pkt_len (8008)
[  148.802595][   T24] usb 1-1: USB disconnect, device number 10
[  148.944254][ T5862] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  148.962805][ T5862] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  149.226187][   T47] usb 2-1: USB disconnect, device number 13
[  149.424750][ T5279] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  149.448043][ T5279] ath9k_htc: Failed to initialize the device
[  149.614766][   T24] usb 1-1: ath9k_htc: USB layer deinitialized
[  149.840612][ T8087] netlink: 28 bytes leftover after parsing attributes in process `syz.1.838'.
[  149.847538][ T8087] netlink: 28 bytes leftover after parsing attributes in process `syz.1.838'.
[  150.082433][   T24] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  150.234716][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  150.238778][   T24] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  150.247315][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  150.258704][   T24] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  150.261756][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.269442][   T24] usb 1-1: Product: syz
[  150.270857][   T24] usb 1-1: Manufacturer: syz
[  150.276375][   T24] usb 1-1: SerialNumber: syz
[  150.284337][   T24] usb 1-1: config 0 descriptor??
[  150.289303][ T8089] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  150.292565][ T8089] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  150.300772][   T24] usb 1-1: ucan: probing device on interface #0
[  150.412604][   T47] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  150.572485][   T47] usb 2-1: Using ep0 maxpacket: 8
[  150.579004][   T47] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  150.583312][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.586442][   T47] usb 2-1: Product: syz
[  150.588159][   T47] usb 2-1: Manufacturer: syz
[  150.590102][   T47] usb 2-1: SerialNumber: syz
[  150.597188][   T47] usb 2-1: config 0 descriptor??
[  150.805767][   T47] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  150.917524][   T24] ucan 1-1:0.0: probe with driver ucan failed with error -71
[  150.924819][   T24] usb 1-1: USB disconnect, device number 11
[  151.219189][   T47] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  151.233813][   T47] usb 2-1: USB disconnect, device number 14
[  151.804806][ T8149] sctp: [Deprecated]: syz.1.867 (pid 8149) Use of struct sctp_assoc_value in delayed_ack socket option.
[  151.804806][ T8149] Use struct sctp_sack_info instead
[  152.164565][ T8165] netlink: 28 bytes leftover after parsing attributes in process `syz.0.873'.
[  152.586993][ T8168] sch_tbf: burst 3 is lower than device bond0 mtu (1514) !
[  153.034025][ T8175] No source specified
[  153.404488][ T8179] loop0: detected capacity change from 0 to 32768
[  153.416128][ T8179] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.879 (8179)
[  153.472961][ T8179] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  153.477228][ T8179] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  153.578478][ T8179] BTRFS info (device loop0): enabling ssd optimizations
[  153.580793][ T8179] BTRFS info (device loop0): enabling free space tree
[  153.680109][ T8227] loop1: detected capacity change from 0 to 512
[  153.686346][ T8227] EXT4-fs: Ignoring removed bh option
[  153.688667][ T8227] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.724681][ T8227] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  153.737722][ T8227] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  153.740422][ T8227] EXT4-fs (loop1): orphan cleanup on readonly fs
[  153.748148][ T8227] Quota error (device loop1): do_insert_tree: Free block already used in tree: block 4
[  153.751230][ T8227] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[  153.772477][ T8227] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.889: Failed to acquire dquot type 1
[  153.778902][ T8227] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.889: Invalid block bitmap block 0 in block_group 0
[  153.806511][ T8227] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.889: Invalid block bitmap block 0 in block_group 0
[  153.822537][ T8227] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.889: Invalid block bitmap block 0 in block_group 0
[  153.829316][ T5812] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  153.840135][ T8227] Quota error (device loop1): write_blk: dquota write failed
[  153.843214][ T8227] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  153.849321][ T8227] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.889: Failed to acquire dquot type 1
[  153.861591][ T8227] Quota error (device loop1): write_blk: dquota write failed
[  153.878358][ T8237] Cannot find add_set index 4 as target
[  153.893188][ T8227] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  153.896750][ T8227] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.889: Failed to acquire dquot type 1
[  153.905891][ T8227] EXT4-fs (loop1): 1 orphan inode deleted
[  153.914089][ T8227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  153.955700][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.203852][ T8246] overlayfs: failed to clone upperpath
[  154.664442][ T8248] loop1: detected capacity change from 0 to 256
[  154.667959][ T8248] exfat: Deprecated parameter 'utf8'
[  154.670122][ T8248] exfat: Deprecated parameter 'namecase'
[  154.673118][ T8248] exfat: Deprecated parameter 'namecase'
[  154.675409][ T8248] exfat: Deprecated parameter 'utf8'
[  154.687206][ T8248] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  154.707870][ T8248] exFAT-fs (loop1): start_clu is invalid cluster(0x400)
[  155.771272][ T8283] loop0: detected capacity change from 0 to 512
[  155.869059][ T8283] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  155.921622][ T8283] EXT4-fs (loop0): orphan cleanup on readonly fs
[  155.942323][ T8283] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.911: bg 0: block 248: padding at end of block bitmap is not set
[  155.950706][ T8283] Quota error (device loop0): write_blk: dquota write failed
[  155.953436][ T8283] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  155.957707][ T8283] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.911: Failed to acquire dquot type 1
[  155.977349][ T8283] EXT4-fs (loop0): 1 truncate cleaned up
[  155.994412][ T8283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  156.747232][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.804265][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.923'.
[  156.912828][   T10] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  157.164916][ T8324] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  157.172944][ T8324] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  157.282201][   T10] usb 2-1: Using ep0 maxpacket: 16
[  157.285485][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.289599][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.293882][   T10] usb 2-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00
[  157.297517][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.303355][   T10] usb 2-1: config 0 descriptor??
[  157.789794][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.806143][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.808909][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.811400][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.814788][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.817033][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.819187][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.823933][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.826202][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.828373][   T10] macally 0003:060B:0001.0005: unknown main item tag 0x0
[  157.836624][ T8330] loop0: detected capacity change from 0 to 1024
[  157.839295][ T8330] EXT4-fs: Ignoring removed bh option
[  157.852431][ T8330] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  157.862391][   T10] macally 0003:060B:0001.0005: hidraw0: USB HID v0.00 Device [HID 060b:0001] on usb-dummy_hcd.1-1/input0
[  157.884470][ T8330] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #3: block 1: comm syz.0.932: lblock 1 mapped to illegal pblock 1 (length 1)
[  157.891892][ T8330] EXT4-fs (loop0): Remounting filesystem read-only
[  157.895678][ T8330] Quota error (device loop0): write_blk: dquota write failed
[  157.898053][ T8330] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  157.901232][ T8330] EXT4-fs (loop0): 1 orphan inode deleted
[  157.904759][ T8330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.927200][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.985991][   T24] usb 2-1: USB disconnect, device number 15
[  158.031503][ T8336] loop0: detected capacity change from 0 to 2048
[  158.037928][ T8336] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  159.217991][ T8357] loop0: detected capacity change from 0 to 8192
[  159.913313][ T8366] binder_alloc: 8365: pid 8365 spamming oneway? 1 buffers allocated for a total size of 4096
[  159.957871][ T8368] loop0: detected capacity change from 0 to 164
[  161.034578][ T8383] syz.1.955 (8383) used greatest stack depth: 18680 bytes left
[  161.316604][ T8390] loop0: detected capacity change from 0 to 256
[  161.578096][ T8388] netlink: 8 bytes leftover after parsing attributes in process `syz.3.953'.
[  161.586185][ T8392] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  161.590230][ T8390] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  161.619806][ T8390] exFAT-fs (loop0): IO charset iso8859- not found
[  161.836413][ T8401] loop1: detected capacity change from 0 to 4096
[  161.840686][ T8401] ext4: Unknown parameter 'uid'
[  162.338044][ T8429] netlink: 12 bytes leftover after parsing attributes in process `syz.3.974'.
[  162.518275][ T8442] vivid-000: disconnect
[  162.520348][ T8436] vivid-000: reconnect
[  162.555912][ T8444] delete_channel: no stack
[  162.562172][   T10] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  162.722169][   T10] usb 2-1: Using ep0 maxpacket: 16
[  162.727831][   T10] usb 2-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e8.cf
[  162.730899][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.733745][   T10] usb 2-1: Product: syz
[  162.735398][   T10] usb 2-1: Manufacturer: syz
[  162.736926][   T10] usb 2-1: SerialNumber: syz
[  162.740491][   T10] usb 2-1: config 0 descriptor??
[  162.745687][   T10] cypress_cy7c63 2-1:0.0: Cypress CY7C63xxx device now attached
[  163.089718][   T10] usb 2-1: USB disconnect, device number 16
[  163.095467][   T10] cypress_cy7c63 2-1:0.0: Cypress CY7C63xxx device now disconnected
[  163.737556][ T8467] loop1: detected capacity change from 0 to 4096
[  163.918413][   T33] audit: type=1804 audit(1760619890.936:36): pid=8467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.991" name=2F6E6577726F6F742F3332362F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C6531 dev="loop1" ino=33 res=1 errno=0
[  164.051849][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.995'.
[  164.062642][ T8475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.995'.
[  164.127215][ T8475] netlink: 156 bytes leftover after parsing attributes in process `syz.1.995'.
[  164.579805][ T8503] loop0: detected capacity change from 0 to 32768
[  164.583145][ T8503] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1008 (8503)
[  164.593586][ T8503] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  164.597130][ T8503] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  164.727953][ T8503] BTRFS info (device loop0): enabling ssd optimizations
[  164.730307][ T8503] BTRFS info (device loop0): enabling free space tree
[  164.742222][   T24] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  164.775370][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1014'.
[  164.806588][ T5812] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  164.923859][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  164.927428][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  164.931028][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  164.956751][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  164.961682][   T24] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  164.973863][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.976610][   T24] usb 2-1: Product: syz
[  164.978006][   T24] usb 2-1: Manufacturer: syz
[  164.979467][   T24] usb 2-1: SerialNumber: syz
[  165.001687][   T24] usb 2-1: config 0 descriptor??
[  165.012834][   T24] iguanair 2-1:0.0: failed to get version
[  165.019446][   T24] iguanair 2-1:0.0: probe with driver iguanair failed with error -90
[  165.213331][ T8539] loop0: detected capacity change from 0 to 32768
[  165.228086][ T8539] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  165.228086][ T8539] 
[  165.237403][ T8539] non-latin1 character 0x3ff found in JFS file name
[  165.241019][ T8539] mount with iocharset=utf8 to access
[  165.254777][   T24] usb 2-1: USB disconnect, device number 17
[  165.807127][ T8551] loop0: detected capacity change from 0 to 2048
[  165.829528][ T8551] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.057593][ T8546] Process accounting resumed
[  166.424407][ T8566] loop0: detected capacity change from 0 to 32768
[  166.465875][ T8574] dummy0: entered promiscuous mode
[  166.466549][ T5201] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  166.469223][ T8573] dummy0: left promiscuous mode
[  166.474093][ T5201] CPU: 0 UID: 0 PID: 5201 Comm: kworker/u11:1 Not tainted syzkaller #0 PREEMPT(full) 
[  166.474116][ T5201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  166.474128][ T5201] Workqueue: hci1 hci_rx_work
[  166.474158][ T5201] Call Trace:
[  166.474166][ T5201]  <TASK>
[  166.474174][ T5201]  dump_stack_lvl+0x189/0x250
[  166.474198][ T5201]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.474214][ T5201]  ? __pfx__printk+0x10/0x10
[  166.474236][ T5201]  ? kernfs_path_from_node+0x250/0x290
[  166.474251][ T5201]  ? kernfs_path_from_node+0x2f/0x290
[  166.474269][ T5201]  sysfs_create_dir_ns+0x259/0x280
[  166.474296][ T5201]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  166.474319][ T5201]  ? do_raw_spin_unlock+0x4d/0x240
[  166.474339][ T5201]  kobject_add_internal+0x59f/0xb40
[  166.474365][ T5201]  kobject_add+0x155/0x220
[  166.474388][ T5201]  ? __pfx_kobject_add+0x10/0x10
[  166.474406][ T5201]  ? _raw_spin_unlock+0x28/0x50
[  166.474433][ T5201]  ? get_device_parent+0x366/0x3a0
[  166.474456][ T5201]  device_add+0x408/0xb50
[  166.474476][ T5201]  hci_conn_add_sysfs+0xd5/0x1e0
[  166.474501][ T5201]  le_conn_complete_evt+0xf39/0x1500
[  166.474525][ T5201]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  166.474540][ T5201]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  166.474553][ T5201]  ? __asan_memcpy+0x40/0x70
[  166.474571][ T5201]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  166.474620][ T5201]  ? skb_pull_data+0xfb/0x200
[  166.474642][ T5201]  hci_le_conn_complete_evt+0x187/0x450
[  166.474662][ T5201]  hci_event_packet+0x78f/0x1200
[  166.474682][ T5201]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  166.474696][ T5201]  ? __pfx_hci_event_packet+0x10/0x10
[  166.474715][ T5201]  ? kcov_remote_start+0x4d3/0x7f0
[  166.474732][ T5201]  ? local_clock_noinstr+0xe0/0xe0
[  166.474747][ T5201]  ? hci_send_to_monitor+0xe2/0x570
[  166.474765][ T5201]  hci_rx_work+0x46a/0xe80
[  166.474787][ T5201]  ? process_scheduled_works+0x9ef/0x17b0
[  166.474808][ T5201]  process_scheduled_works+0xae1/0x17b0
[  166.474847][ T5201]  ? __pfx_process_scheduled_works+0x10/0x10
[  166.474875][ T5201]  worker_thread+0x8a0/0xda0
[  166.474894][ T5201]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  166.474917][ T5201]  ? __kthread_parkme+0x7b/0x200
[  166.474942][ T5201]  kthread+0x711/0x8a0
[  166.474956][ T5201]  ? __pfx_worker_thread+0x10/0x10
[  166.474975][ T5201]  ? __pfx_kthread+0x10/0x10
[  166.474991][ T5201]  ? _raw_spin_unlock_irq+0x23/0x50
[  166.475011][ T5201]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.475022][ T5201]  ? __pfx_kthread+0x10/0x10
[  166.475035][ T5201]  ret_from_fork+0x4bc/0x870
[  166.475053][ T5201]  ? __pfx_ret_from_fork+0x10/0x10
[  166.475075][ T5201]  ? __switch_to_asm+0x39/0x70
[  166.475101][ T5201]  ? __switch_to_asm+0x33/0x70
[  166.475117][ T5201]  ? __pfx_kthread+0x10/0x10
[  166.475131][ T5201]  ret_from_fork_asm+0x1a/0x30
[  166.475160][ T5201]  </TASK>
[  166.475186][ T5201] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  166.578443][ T5201] Bluetooth: hci1: failed to register connection device
[  166.741520][ T8579] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1034'.
[  166.866868][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1039'.
[  167.080811][ T8596] ALSA: seq fatal error: cannot create timer (-16)
[  168.195010][ T8621] loop0: detected capacity change from 0 to 8
[  168.203727][ T8621] SQUASHFS error: zlib decompression failed, data probably corrupt
[  168.206878][ T8621] SQUASHFS error: Failed to read block 0x9b: -5
[  168.221557][ T8621] SQUASHFS error: Unable to read metadata cache entry [99]
[  168.226737][ T8621] SQUASHFS error: Unable to read inode 0x127
[  168.346689][ T8617] loop1: detected capacity change from 0 to 32768
[  168.421546][ T8617] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  168.440496][ T8617] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  168.731430][ T5820] ocfs2: Unmounting device (7,1) on (node local)
[  169.072559][ T8643] syz.3.1061 uses obsolete (PF_INET,SOCK_PACKET)
[  169.676649][   T33] audit: type=1326 audit(1760619896.696:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  169.694124][   T33] audit: type=1326 audit(1760619896.706:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  169.712605][   T33] audit: type=1326 audit(1760619896.706:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f127b58ef03 code=0x7ffc0000
[  169.724237][ T8691] loop0: detected capacity change from 0 to 2048
[  169.727688][   T33] audit: type=1326 audit(1760619896.726:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f127b58d97f code=0x7ffc0000
[  169.743425][   T33] audit: type=1326 audit(1760619896.746:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f127b58ef57 code=0x7ffc0000
[  169.751839][   T33] audit: type=1326 audit(1760619896.746:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f127b58d710 code=0x7ffc0000
[  169.762788][   T33] audit: type=1326 audit(1760619896.746:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f127b58eacb code=0x7ffc0000
[  169.772720][ T8691]  loop0: p1 < > p4
[  169.776761][ T8691] loop0: p4 size 8388608 extends beyond EOD, truncated
[  169.780706][   T33] audit: type=1326 audit(1760619896.746:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f127b58db2a code=0x7ffc0000
[  169.790781][   T33] audit: type=1326 audit(1760619896.746:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f127b58eacb code=0x7ffc0000
[  169.799751][   T33] audit: type=1326 audit(1760619896.756:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1079" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f127b58eacb code=0x7ffc0000
[  170.060481][ T8706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1087'.
[  170.144573][   T10] kernel read not supported for file /785/net/snmp6 (pid: 10 comm: kworker/0:1)
[  170.392966][ T8730] xt_hashlimit: overflow, try lower: 6/0
[  170.447348][ T8735] loop1: detected capacity change from 0 to 512
[  170.469988][ T8735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.480638][ T8735] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.508416][ T8735] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  170.537861][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.917418][ T8749] loop1: detected capacity change from 0 to 32768
[  170.921026][ T8749] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1106 (8749)
[  170.941596][ T8749] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  170.947495][ T8749] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  171.005370][ T8749] BTRFS info (device loop1): enabling ssd optimizations
[  171.007666][ T8749] BTRFS info (device loop1): enabling free space tree
[  171.054677][ T5820] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  171.305814][ T8782] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1115'.
[  171.410808][ T8786] netlink: 'syz.3.1118': attribute type 25 has an invalid length.
[  171.419756][ T8786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1118'.
[  171.714283][ T8799] Bluetooth: MGMT ver 1.23
[  171.944437][ T8811] 9pnet: Unknown protocol version 9
[  173.133602][ T8822] loop0: detected capacity change from 0 to 32768
[  173.156478][ T8822] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  173.218916][ T8822] XFS (loop0): Ending clean mount
[  173.237782][ T8822] XFS (loop0): Quotacheck needed: Please wait.
[  173.307272][ T8822] XFS (loop0): Quotacheck: Done.
[  173.352356][ T8822] XFS (loop0): Metadata CRC error detected at xfs_refcountbt_read_verify+0x42/0xe0, xfs_refcountbt block 0x28 
[  173.360173][ T8822] XFS (loop0): Unmount and run xfs_repair
[  173.363615][ T8822] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  173.367441][ T8822] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff  R...............
[  173.373804][ T8822] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00  .......(........
[  173.377209][ T8822] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  173.380311][ T8822] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00  .......]........
[  173.384824][ T8822] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  173.389985][ T8822] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  173.403280][ T8822] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  173.407688][ T8822] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  173.411658][ T8822] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x28 len 8 error 74
[  173.426387][ T8822] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  173.432608][ T8822] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  173.481583][ T5812] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  174.126380][ T8864] loop0: detected capacity change from 0 to 1024
[  174.179942][ T8864] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.219623][ T8864] EXT4-fs error (device loop0): ext4_get_first_dir_block:3552: inode #11: comm syz.0.1146: directory missing '..'
[  174.291330][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.745795][ T8874] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1150'.
[  174.754095][ T8874] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1150'.
[  174.886018][ T8885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1155'.
[  175.150320][ T8895] loop1: detected capacity change from 0 to 512
[  175.164590][ T8895] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  175.183969][ T8895] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  175.196795][ T8895] EXT4-fs (loop1): group descriptors corrupted!
[  178.182133][ T5862] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  178.328968][ T8973] loop1: detected capacity change from 0 to 32768
[  178.334445][ T5862] usb 1-1: config 0 has no interfaces?
[  178.336956][ T5862] usb 1-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  178.344805][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.350589][ T5862] usb 1-1: config 0 descriptor??
[  178.368034][ T8973] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.389263][ T8973] XFS (loop1): Ending clean mount
[  178.396308][ T8973] XFS (loop1): Quotacheck needed: Please wait.
[  178.443854][ T8973] XFS (loop1): Quotacheck: Done.
[  178.495047][ T5820] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.633827][ T5862] usb 1-1: USB disconnect, device number 12
[  178.818687][ T9005] ip6gretap1: entered allmulticast mode
[  178.925445][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1205'.
[  180.207499][ T9052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1224'.
[  180.623642][ T9080] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  180.626838][ T9080] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  180.898348][ T9095] loop0: detected capacity change from 0 to 64
[  180.939144][   T33] kauditd_printk_skb: 15 callbacks suppressed
[  180.939161][   T33] audit: type=1800 audit(1760619907.956:62): pid=9095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1244" name="file1" dev="loop0" ino=5 res=0 errno=0
[  181.029788][ T9103] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  181.145123][ T9109] 9pnet_fd: Insufficient options for proto=fd
[  181.193515][ T9111] delete_channel: no stack
[  181.356392][ T9123] cgroup: name respecified
[  181.608937][ T9137] loop0: detected capacity change from 0 to 512
[  181.659984][ T9135] loop1: detected capacity change from 0 to 32768
[  181.675979][ T9137] EXT4-fs (loop0): orphan cleanup on readonly fs
[  181.692459][ T9137] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.1264: corrupted in-inode xattr: overlapping e_value 
[  181.697457][ T9135] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  181.719460][ T9137] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1264: couldn't read orphan inode 15 (err -117)
[  181.731124][ T9135] (syz.1.1263,9135,1):ocfs2_mknod:505 ERROR: status = -2
[  181.754064][ T9137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  181.762135][ T9135] (syz.1.1263,9135,1):ocfs2_create:678 ERROR: status = -2
[  181.800479][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.844036][ T5820] (syz-executor,5820,0):ocfs2_inode_is_valid_to_delete:928 ERROR: Skipping delete of root inode.
[  181.855096][ T5820] ocfs2: Unmounting device (7,1) on (node local)
[  182.090284][   T33] audit: type=1800 audit(1760619909.106:63): pid=9147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.1.1266" name="/newroot/396/bus" dev="tmpfs" ino=2078 res=0 errno=0
[  182.209769][ T9158] loop1: detected capacity change from 0 to 256
[  182.221243][ T9158] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65d9f0a, utbl_chksum : 0x7319d30d)
[  182.248411][ T9160] netdevsim netdevsim3 : renamed from netdevsim0 (while UP)
[  182.935246][ T9170] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  182.994984][ T9174] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1279'.
[  183.208586][ T9183] veth0_to_bond: entered allmulticast mode
[  184.071356][   T33] audit: type=1326 audit(1760619911.086:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9211 comm="syz.3.1294" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f769238eec9 code=0x0
[  184.405534][ T9222] netlink: 'syz.0.1298': attribute type 29 has an invalid length.
[  184.416365][ T9222] netlink: 'syz.0.1298': attribute type 29 has an invalid length.
[  184.424047][ T9222] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1298'.
[  185.385243][ T9242] loop1: detected capacity change from 0 to 32768
[  185.398577][ T9242] (syz.1.1307,9242,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  185.404555][ T9242] (syz.1.1307,9242,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  185.429790][ T9242] JBD2: Ignoring recovery information on journal
[  185.456445][ T9242] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  185.577951][ T5820] ocfs2: Unmounting device (7,1) on (node local)
[  185.632662][ T9270] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  186.466594][ T5201] Bluetooth: hci0: command 0x080f tx timeout
[  186.529786][ T9300] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1331'.
[  187.201606][ T9328] loop1: detected capacity change from 0 to 256
[  187.213047][ T9328] exfat: Deprecated parameter 'namecase'
[  187.230157][ T9328] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  187.771357][ T9343] loop1: detected capacity change from 0 to 40427
[  187.795129][ T9343] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  187.809546][ T9343] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  187.937011][ T9343] F2FS-fs (loop1): invalid crc value
[  187.995325][ T9343] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  188.000253][ T9343] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  188.003328][ T9343] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  189.043950][ T9404] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1370'.
[  189.982519][   T10] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  190.152673][   T10] usb 2-1: device descriptor read/64, error -71
[  190.402322][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  190.549798][   T10] usb 2-1: device descriptor read/64, error -71
[  190.882510][   T10] usb usb2-port1: attempt power cycle
[  191.222259][   T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  191.252850][   T10] usb 2-1: device descriptor read/8, error -71
[  191.356481][ T9469] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.423858][ T9475] loop0: detected capacity change from 0 to 1024
[  191.441377][ T9475] hfsplus: bad catalog entry type
[  191.496311][ T9477] netlink: 'syz.0.1403': attribute type 4 has an invalid length.
[  191.622277][   T10] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  191.653129][   T10] usb 2-1: device descriptor read/8, error -71
[  191.768578][   T10] usb usb2-port1: unable to enumerate USB device
[  192.014196][ T9491] loop0: detected capacity change from 0 to 8192
[  192.023684][ T9491] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  192.042696][   T33] audit: type=1800 audit(1760619919.066:65): pid=9491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1409" name="bus" dev="loop0" ino=1048619 res=0 errno=0
[  192.108432][ T9493] x_tables: ip_tables: ah match: only valid for protocol 51
[  192.396944][ T9502] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  193.931641][ T9547] vlan0: entered promiscuous mode
[  194.639829][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  194.642352][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  195.128583][   T33] audit: type=1326 audit(1760619922.146:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.3.1448" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f769238eec9 code=0x0
[  197.166857][ T9611] : entered promiscuous mode
[  197.233416][   T10] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  197.412313][   T10] usb 2-1: Using ep0 maxpacket: 32
[  197.422597][   T10] usb 2-1: config 0 interface 0 altsetting 237 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  197.429528][   T10] usb 2-1: config 0 interface 0 altsetting 237 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.449093][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  197.451536][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=027c, bcdDevice= 0.00
[  197.462390][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.480229][   T10] usb 2-1: config 0 descriptor??
[  197.936003][   T10] apple 0003:05AC:027C.0006: hidraw0: USB HID v0.07 Device [HID 05ac:027c] on usb-dummy_hcd.1-1/input0
[  198.212675][ T9630] loop0: detected capacity change from 0 to 64
[  198.216277][ T9630] minix: Unknown parameter '@C|'
[  198.238625][   T10] usb 2-1: USB disconnect, device number 22
[  199.454006][ T9653] loop1: detected capacity change from 0 to 40427
[  199.457098][ T9653] F2FS-fs: heap/no_heap options were deprecated
[  199.470416][ T9653] F2FS-fs: heap/no_heap options were deprecated
[  199.474279][ T9653] F2FS-fs (loop1): Image doesn't support compression
[  199.480872][ T9653] F2FS-fs (loop1): invalid crc value
[  199.618164][ T9645] loop0: detected capacity change from 0 to 131072
[  199.622822][ T9645] F2FS-fs (loop0): Test dummy encryption mode enabled
[  199.637134][ T9645] F2FS-fs (loop0): invalid crc value
[  199.653910][ T9653] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  199.669256][ T9653] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  199.699789][ T9645] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  199.706701][ T9645] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  199.731819][ T9645] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  199.746115][   T33] audit: type=1800 audit(1760619926.766:67): pid=9645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1477" name="file1" dev="loop0" ino=10 res=0 errno=0
[  199.754353][ T9665] tipc: Started in network mode
[  199.754405][ T9665] tipc: Node identity , cluster identity 4711
[  199.754420][ T9665] tipc: Failed to obtain node identity
[  199.754441][ T9665] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[  199.778259][ T9653] syz.1.1481: attempt to access beyond end of device
[  199.778259][ T9653] loop1: rw=34817, sector=77824, nr_sectors = 8 limit=40427
[  199.810346][ T9667] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1485'.
[  199.845263][ T5820] syz-executor: attempt to access beyond end of device
[  199.845263][ T5820] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  199.854260][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  199.854294][ T5820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  199.854304][ T5820] Call Trace:
[  199.854310][ T5820]  <TASK>
[  199.854318][ T5820]  dump_stack_lvl+0x189/0x250
[  199.854342][ T5820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.854356][ T5820]  ? __pfx_queue_work_on+0x10/0x10
[  199.854377][ T5820]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  199.854400][ T5820]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  199.854428][ T5820]  f2fs_handle_critical_error+0x37c/0x540
[  199.854460][ T5820]  f2fs_write_end_io+0x886/0xb60
[  199.854495][ T5820]  __submit_merged_bio+0x27a/0x6a0
[  199.854514][ T5820]  __submit_merged_write_cond+0x255/0x530
[  199.854533][ T5820]  f2fs_write_data_pages+0x261d/0x3000
[  199.854575][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  199.854601][ T5820]  ? is_bpf_text_address+0x292/0x2b0
[  199.854621][ T5820]  ? is_bpf_text_address+0x26/0x2b0
[  199.854663][ T5820]  ? stack_trace_save+0x9c/0xe0
[  199.854678][ T5820]  ? __pfx_stack_trace_save+0x10/0x10
[  199.854706][ T5820]  ? __lock_acquire+0xab9/0xd20
[  199.854730][ T5820]  ? do_raw_spin_lock+0x121/0x290
[  199.854752][ T5820]  ? do_raw_spin_unlock+0x4d/0x240
[  199.854766][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  199.854785][ T5820]  do_writepages+0x32e/0x550
[  199.854809][ T5820]  ? do_raw_spin_unlock+0x4d/0x240
[  199.854827][ T5820]  filemap_fdatawrite+0x199/0x240
[  199.854841][ T5820]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  199.854890][ T5820]  ? do_raw_spin_unlock+0x4d/0x240
[  199.854907][ T5820]  f2fs_sync_dirty_inodes+0x31f/0x830
[  199.854936][ T5820]  f2fs_write_checkpoint+0x93e/0x2440
[  199.854953][ T5820]  ? stack_depot_save_flags+0x40/0x860
[  199.854991][ T5820]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  199.855063][ T5820]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  199.855081][ T5820]  ? kfree+0x19a/0x6d0
[  199.855109][ T5820]  kill_f2fs_super+0x2cc/0x6d0
[  199.855133][ T5820]  ? __pfx_kill_f2fs_super+0x10/0x10
[  199.855165][ T5820]  ? shrinker_free+0x2ce/0x3e0
[  199.855187][ T5820]  deactivate_locked_super+0xbc/0x130
[  199.855211][ T5820]  cleanup_mnt+0x425/0x4c0
[  199.855245][ T5820]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.855264][ T5820]  task_work_run+0x1d4/0x260
[  199.855287][ T5820]  ? __pfx_task_work_run+0x10/0x10
[  199.855300][ T5820]  ? __x64_sys_umount+0x122/0x160
[  199.855319][ T5820]  ? exit_to_user_mode_loop+0x40/0x130
[  199.855341][ T5820]  exit_to_user_mode_loop+0xe9/0x130
[  199.855359][ T5820]  do_syscall_64+0x2bd/0xfa0
[  199.855374][ T5820]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.855386][ T5820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.855400][ T5820]  ? exc_page_fault+0xab/0x100
[  199.855419][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.855435][ T5820] RIP: 0033:0x7f4f223901f7
[  199.855451][ T5820] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  199.855463][ T5820] RSP: 002b:00007ffcb1b78d88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  199.855478][ T5820] RAX: 0000000000000000 RBX: 00007f4f22411d7d RCX: 00007f4f223901f7
[  199.855486][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb1b78e40
[  199.855493][ T5820] RBP: 00007ffcb1b78e40 R08: 0000000000000000 R09: 0000000000000000
[  199.855509][ T5820] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb1b79ed0
[  199.855519][ T5820] R13: 00007f4f22411d7d R14: 0000000000030c16 R15: 00007ffcb1b79f10
[  199.855543][ T5820]  </TASK>
[  199.855551][ T5820] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  200.004863][ T9673] overlayfs: conflicting options: nfs_export=on,index=off
[  200.588255][ T9682] loop0: detected capacity change from 0 to 2048
[  200.596806][ T9682] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  200.604542][ T9682] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  200.917188][ T9704] loop0: detected capacity change from 0 to 256
[  201.152758][ T9706] loop1: detected capacity change from 0 to 32768
[  201.175262][ T9706] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  201.189018][ T9706] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  201.214649][   T33] audit: type=1800 audit(1760619928.236:68): pid=9706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1503" name="bus" dev="loop1" ino=17059 res=0 errno=0
[  201.263432][ T5820] ocfs2: Unmounting device (7,1) on (node local)
[  201.546301][ T9728] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1513'.
[  201.663290][   T24] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  201.824653][   T24] usb 2-1: Using ep0 maxpacket: 16
[  201.828618][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  201.837455][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  201.851225][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  201.860269][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.867377][   T24] usb 2-1: Product: syz
[  201.869484][   T24] usb 2-1: Manufacturer: syz
[  201.871872][   T24] usb 2-1: SerialNumber: syz
[  201.876154][ T5824] Bluetooth: hci1: connection err: -111
[  202.028523][ T9753] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  202.308505][ T9762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1529'.
[  202.322587][   T24] usb 2-1: 0:2 : does not exist
[  202.342783][   T24] usb 2-1: USB disconnect, device number 23
[  202.381098][ T5892] udevd[5892]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  202.531066][ T9764] loop0: detected capacity change from 0 to 32768
[  202.544857][ T9764] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  202.588565][ T9764] XFS (loop0): Ending clean mount
[  202.593674][ T9764] XFS (loop0): Quotacheck needed: Please wait.
[  202.630784][ T9764] XFS (loop0): Quotacheck: Done.
[  202.661123][ T5812] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  203.123637][   T24] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  203.392830][   T24] usb 2-1: Using ep0 maxpacket: 16
[  203.551149][   T24] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  203.555050][   T24] usb 2-1: config 0 has no interface number 0
[  203.557876][   T24] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  203.562622][   T24] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  203.569804][ T9787] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1536'.
[  203.606060][   T24] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  203.609811][   T24] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  203.613155][   T24] usb 2-1: Product: syz
[  203.615013][   T24] usb 2-1: SerialNumber: syz
[  203.627459][   T24] usb 2-1: config 0 descriptor??
[  203.646393][   T24] cm109 2-1:0.8: invalid payload size 0, expected 4
[  203.674557][   T24] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input12
[  204.101250][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  204.426155][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  204.426345][   T10] usb 2-1: USB disconnect, device number 24
[  204.428976][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  204.473207][   T10] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  205.573189][ T9826] loop1: detected capacity change from 0 to 32768
[  205.600604][ T9826] XFS (loop1): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  205.640863][ T5820] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  205.831413][ T9849] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1561'.
[  206.258598][ T9858] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1564'.
[  206.345288][ T9849] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  206.351262][ T9849] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  206.357002][ T9849] bond0 (unregistering): Released all slaves
[  207.189318][ T9877] loop0: detected capacity change from 0 to 256
[  207.192969][ T9877] exfat: Deprecated parameter 'utf8'
[  207.201897][ T9877] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  207.301917][ T9879] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1572'.
[  208.156927][ T9910] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.1585'.
[  208.161222][ T9910] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1585'.
[  208.211473][   T33] audit: type=1326 audit(1760619935.226:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1584" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f769238eec9 code=0x7fc00000
[  208.229286][ T9915] loop0: detected capacity change from 0 to 1024
[  208.259756][ T9915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.268322][ T9915] EXT4-fs (loop0): shut down requested (2)
[  208.288543][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.929569][   T33] audit: type=1326 audit(1760619935.946:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9905 comm="syz.3.1584" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f769238eec9 code=0x7fc00000
[  209.629559][ T9966] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1611'.
[  209.638767][ T9966] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1611'.
[  209.655985][ T9969] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1612'.
[  210.062285][   T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  210.213908][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.218292][   T10] usb 1-1: New USB device found, idVendor=045e, idProduct=00f9, bcdDevice= 0.00
[  210.221565][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.226711][   T10] usb 1-1: config 0 descriptor??
[  210.661523][   T10] microsoft 0003:045E:00F9.0007: unbalanced delimiter at end of report description
[  210.667902][   T10] microsoft 0003:045E:00F9.0007: parse failed
[  210.670012][   T10] microsoft 0003:045E:00F9.0007: probe with driver microsoft failed with error -22
[  210.875376][   T10] usb 1-1: USB disconnect, device number 13
[  211.131526][T10020] (syz.3.1635,10020,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  211.895211][T10038] loop1: detected capacity change from 0 to 128
[  211.899393][T10038] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  211.906525][T10038] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  212.026423][   T40] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  214.133823][ T5824] Bluetooth: Wrong link type (-71)
[  214.142840][ T5824] Bluetooth: hci1: link tx timeout
[  214.145610][ T5824] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa
[  214.152727][ T5824] Bluetooth: hci1: link tx timeout
[  214.154796][ T5824] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  214.722430][ T5279] usb 2-1: new full-speed USB device number 25 using dummy_hcd
[  215.193567][ T5279] usb 2-1: not running at top speed; connect to a high speed hub
[  215.198192][ T5279] usb 2-1: config 0 interface 0 has no altsetting 0
[  215.204646][ T5279] usb 2-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice=2b.5c
[  215.208231][ T5279] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.211342][ T5279] usb 2-1: Product: syz
[  215.213667][ T5279] usb 2-1: Manufacturer: syz
[  215.215576][ T5279] usb 2-1: SerialNumber: syz
[  215.220061][ T5279] usb 2-1: config 0 descriptor??
[  215.434618][T10078] cgroup: fork rejected by pids controller in /syz3
[  215.445498][ T5279] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input13
[  215.451197][ T5246] bcm5974 2-1:0.0: could not read from device
[  215.557621][ T5279] usb 2-1: USB disconnect, device number 25
[  215.566627][ T5246] bcm5974 2-1:0.0: could not read from device
[  215.870838][T10323] loop0: detected capacity change from 0 to 1024
[  216.084244][T10329] loop0: detected capacity change from 0 to 1024
[  216.112306][   T27] hfsplus: b-tree write err: -5, ino 4
[  216.402318][ T5201] Bluetooth: hci1: command 0x0406 tx timeout
[  217.714937][T10352] loop1: detected capacity change from 0 to 1024
[  217.895482][ T1088] hfsplus: b-tree write err: -5, ino 4
[  218.202180][ T1277] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  218.311836][T10366] loop0: detected capacity change from 0 to 8192
[  218.366351][ T1277] usb 2-1: unable to get BOS descriptor or descriptor too short
[  218.370026][ T1277] usb 2-1: config 6 has an invalid interface number: 200 but max is 0
[  218.379410][ T1277] usb 2-1: config 6 has no interface number 0
[  218.382906][ T1277] usb 2-1: config 6 interface 200 altsetting 8 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  218.386426][ T1277] usb 2-1: config 6 interface 200 has no altsetting 0
[  218.394629][ T1277] usb 2-1: string descriptor 0 read error: -22
[  218.397142][ T1277] usb 2-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  218.400616][ T1277] usb 2-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3
[  218.409874][ T1277] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  218.462165][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[  218.542410][T10372] loop0: detected capacity change from 0 to 1024
[  218.547463][T10372] EXT4-fs: Ignoring removed nobh option
[  218.549908][T10372] EXT4-fs: Ignoring removed bh option
[  218.577782][T10372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.657216][ T1277] dvb-usb: bulk message failed: -71 (3/0)
[  218.667970][ T1277] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  218.690103][T10372] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.702859][ T1277] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  218.706707][ T1277] usb 2-1: media controller created
[  218.774642][ T1277] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  218.833720][ T1277] dvb-usb: bulk message failed: -71 (6/0)
[  218.837973][ T1277] dvb-usb: bulk message failed: -71 (6/0)
[  218.840384][ T1277] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  218.847321][ T1277] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input14
[  218.862979][ T1277] dvb-usb: schedule remote query interval to 150 msecs.
[  218.865713][ T1277] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  218.880836][ T1277] usb 2-1: USB disconnect, device number 26
[  219.013504][ T1277] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  219.052571][T10387] loop1: detected capacity change from 0 to 8192
[  219.092729][T10387]  loop1: p1 < > p2 p3 < p5 >
[  219.094438][T10387] loop1: partition table partially beyond EOD, truncated
[  219.097194][T10387] loop1: p1 start 13500155 is beyond EOD, truncated
[  219.099820][T10387] loop1: p2 start 31232 is beyond EOD, truncated
[  219.111683][T10387] loop1: p5 start 31232 is beyond EOD, truncated
[  220.127897][ T1277] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  220.302901][ T1277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.306863][ T1277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.310611][ T1277] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  220.324926][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1707'.
[  220.328552][ T1277] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  220.342101][ T1277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.353413][ T1277] usb 2-1: config 0 descriptor??
[  220.779214][ T1277] hid_parser_main: 1260 callbacks suppressed
[  220.779238][ T1277] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  220.794666][ T1277] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  220.797648][ T1277] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  220.829671][ T1277] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  220.941872][T10447] tipc: Started in network mode
[  220.949231][T10447] tipc: Node identity 4, cluster identity 4711
[  220.951891][T10447] tipc: Node number set to 4
[  221.037699][ T1277] usb 2-1: USB disconnect, device number 27
[  221.910982][T10460] loop1: detected capacity change from 0 to 40427
[  221.922418][T10460] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  221.928863][T10460] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  221.937519][T10460] F2FS-fs (loop1): Image doesn't support compression
[  221.940182][T10460] F2FS-fs (loop1): build fault injection rate: 690
[  221.945513][T10460] F2FS-fs (loop1): build fault injection type: 0x35f7
[  221.950378][T10460] F2FS-fs (loop1): invalid crc value
[  222.045793][T10460] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  222.050885][T10460] F2FS-fs (loop1): Start checkpoint disabled!
[  222.065148][T10460] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  222.069121][T10460] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  222.075148][T10460] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  222.497687][T10479] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1730'.
[  222.501307][T10479] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1730'.
[  222.507153][T10479] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1730'.
[  222.512541][T10479] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  222.534575][ T4234] kworker/u9:5: attempt to access beyond end of device
[  222.534575][ T4234] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  222.547096][ T4234] CPU: 0 UID: 0 PID: 4234 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[  222.547118][ T4234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  222.547127][ T4234] Workqueue: writeback wb_workfn (flush-7:1)
[  222.547156][ T4234] Call Trace:
[  222.547162][ T4234]  <TASK>
[  222.547169][ T4234]  dump_stack_lvl+0x189/0x250
[  222.547192][ T4234]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.547207][ T4234]  ? __pfx_queue_work_on+0x10/0x10
[  222.547228][ T4234]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  222.547281][ T4234]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  222.547310][ T4234]  f2fs_handle_critical_error+0x37c/0x540
[  222.547334][ T4234]  f2fs_write_end_io+0x886/0xb60
[  222.547368][ T4234]  __submit_merged_bio+0x27a/0x6a0
[  222.547389][ T4234]  __submit_merged_write_cond+0x255/0x530
[  222.547410][ T4234]  f2fs_write_data_pages+0x261d/0x3000
[  222.547426][ T4234]  ? rb_commit+0x781/0x7e0
[  222.547465][ T4234]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  222.547493][ T4234]  ? bpf_trace_run4+0x19c/0x4a0
[  222.547534][ T4234]  ? __switch_to+0xdc8/0x1690
[  222.547572][ T4234]  ? finish_task_switch+0x266/0x950
[  222.547589][ T4234]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.547609][ T4234]  ? rcu_is_watching+0x15/0xb0
[  222.547635][ T4234]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  222.547653][ T4234]  do_writepages+0x32e/0x550
[  222.547672][ T4234]  ? reacquire_held_locks+0x127/0x1d0
[  222.547694][ T4234]  ? writeback_sb_inodes+0x384/0x1010
[  222.547722][ T4234]  __writeback_single_inode+0x145/0xff0
[  222.547738][ T4234]  ? do_raw_spin_unlock+0x4d/0x240
[  222.547757][ T4234]  writeback_sb_inodes+0x6c7/0x1010
[  222.547777][ T4234]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  222.547810][ T4234]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  222.547857][ T4234]  ? rcu_is_watching+0x15/0xb0
[  222.547884][ T4234]  wb_writeback+0x43b/0xaf0
[  222.547905][ T4234]  ? queue_io+0x2f1/0x590
[  222.547923][ T4234]  ? __pfx_wb_writeback+0x10/0x10
[  222.547944][ T4234]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.547967][ T4234]  wb_workfn+0x409/0xef0
[  222.548000][ T4234]  ? __pfx_wb_workfn+0x10/0x10
[  222.548024][ T4234]  ? __lock_acquire+0xab9/0xd20
[  222.548051][ T4234]  ? process_scheduled_works+0x9ef/0x17b0
[  222.548076][ T4234]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.548095][ T4234]  ? process_scheduled_works+0x9ef/0x17b0
[  222.548112][ T4234]  ? process_scheduled_works+0x9ef/0x17b0
[  222.548132][ T4234]  process_scheduled_works+0xae1/0x17b0
[  222.548174][ T4234]  ? __pfx_process_scheduled_works+0x10/0x10
[  222.548207][ T4234]  worker_thread+0x8a0/0xda0
[  222.548228][ T4234]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  222.548279][ T4234]  ? __kthread_parkme+0x7b/0x200
[  222.548308][ T4234]  kthread+0x711/0x8a0
[  222.548326][ T4234]  ? __pfx_worker_thread+0x10/0x10
[  222.548345][ T4234]  ? __pfx_kthread+0x10/0x10
[  222.548361][ T4234]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.548381][ T4234]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.548393][ T4234]  ? __pfx_kthread+0x10/0x10
[  222.548408][ T4234]  ret_from_fork+0x4bc/0x870
[  222.548430][ T4234]  ? __pfx_ret_from_fork+0x10/0x10
[  222.548454][ T4234]  ? __switch_to_asm+0x39/0x70
[  222.548469][ T4234]  ? __switch_to_asm+0x33/0x70
[  222.548485][ T4234]  ? __pfx_kthread+0x10/0x10
[  222.548499][ T4234]  ret_from_fork_asm+0x1a/0x30
[  222.548527][ T4234]  </TASK>
[  222.548534][ T4234] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  222.653765][T10483] loop0: detected capacity change from 0 to 256
[  223.209911][T10517] tmpfs: Bad value for 'mpol'
[  223.264996][T10521] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1751'.
[  223.451460][T10537] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  223.675024][T10535] loop0: detected capacity change from 0 to 32768
[  223.703113][   T33] audit: type=1326 audit(1760619950.726:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10542 comm="syz.1.1762" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x0
[  224.105608][ T5824] Bluetooth: hci0: unexpected event for opcode 0x0000
[  224.215066][T10552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1764'.
[  224.878464][T10559] netlink: 'syz.1.1768': attribute type 4 has an invalid length.
[  224.910294][T10559] netlink: 'syz.1.1768': attribute type 4 has an invalid length.
[  226.195295][T10597] loop0: detected capacity change from 0 to 512
[  226.211912][T10597] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  226.215557][T10597] EXT4-fs (loop0): orphan cleanup on readonly fs
[  226.219955][T10597] EXT4-fs warning (device loop0): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  226.239696][T10597] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  226.243769][T10597] EXT4-fs error (device loop0): __ext4_iget:5435: inode #16: block 127754: comm syz.0.1785: invalid block
[  226.250776][T10597] EXT4-fs (loop0): Remounting filesystem read-only
[  226.255025][T10597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  226.288271][ T5812] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.376033][T10600] netlink: 'syz.0.1786': attribute type 7 has an invalid length.
[  226.379281][T10600] netlink: 'syz.0.1786': attribute type 8 has an invalid length.
[  226.635592][T10615] loop0: detected capacity change from 0 to 1024
[  226.711321][   T66] hfsplus: b-tree write err: -5, ino 4
[  226.781234][T10621] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1796'.
[  227.220428][T10654] veth0: entered promiscuous mode
[  227.223079][T10653] veth0: left promiscuous mode
[  227.276326][T10657] netlink: 47 bytes leftover after parsing attributes in process `syz.3.1808'.
[  227.371164][   T33] audit: type=1326 audit(1760619954.386:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.388435][   T33] audit: type=1326 audit(1760619954.406:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.409998][   T33] audit: type=1326 audit(1760619954.406:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.426962][   T33] audit: type=1326 audit(1760619954.406:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.435738][   T33] audit: type=1326 audit(1760619954.406:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.442903][   T33] audit: type=1326 audit(1760619954.406:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.451197][   T33] audit: type=1326 audit(1760619954.406:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.458919][   T33] audit: type=1326 audit(1760619954.406:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10667 comm="syz.1.1811" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f2238eec9 code=0x7ffc0000
[  227.479789][T10675] loop1: detected capacity change from 0 to 1024
[  227.500254][T10675] hfsplus: failed to load attributes file
[  227.640983][T10687] loop1: detected capacity change from 0 to 1024
[  228.145162][ T5824] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  228.148843][ T5824] Bluetooth: hci0: Injecting HCI hardware error event
[  228.154738][ T5824] Bluetooth: hci0: hardware error 0x00
[  228.232754][T10721] loop0: detected capacity change from 0 to 32768
[  228.298147][   T10] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  228.762150][   T10] usb 2-1: Using ep0 maxpacket: 8
[  228.766429][   T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[  228.772761][   T10] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  228.776604][   T10] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  228.779881][   T10] usb 2-1: Product: syz
[  228.781552][   T10] usb 2-1: Manufacturer: syz
[  228.784564][   T10] usb 2-1: SerialNumber: syz
[  229.001544][   T10] usb 2-1: Invalid connection information received from device
[  229.213353][ T1277] usb 2-1: USB disconnect, device number 28
[  229.473511][   T33] audit: type=1326 audit(1760619956.496:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.482657][   T33] audit: type=1326 audit(1760619956.496:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.491490][   T33] audit: type=1326 audit(1760619956.506:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.500450][   T33] audit: type=1326 audit(1760619956.506:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.511528][   T33] audit: type=1326 audit(1760619956.506:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.522041][   T33] audit: type=1326 audit(1760619956.506:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.531401][   T33] audit: type=1326 audit(1760619956.516:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.540516][   T33] audit: type=1326 audit(1760619956.516:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.549580][   T33] audit: type=1326 audit(1760619956.516:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.558627][   T33] audit: type=1326 audit(1760619956.526:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10744 comm="syz.0.1827" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f127b58eec9 code=0x7ffc0000
[  229.900274][T10764] loop5: detected capacity change from 0 to 7
[  229.913110][ T5892] Dev loop5: unable to read RDB block 7
[  229.915395][ T5892]  loop5: unable to read partition table
[  229.917582][ T5892] loop5: partition table beyond EOD, truncated
[  229.944505][T10764] Dev loop5: unable to read RDB block 7
[  229.947013][T10764]  loop5: unable to read partition table
[  229.949587][T10764] loop5: partition table beyond EOD, truncated
[  229.952579][T10764] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5)
[  230.027796][T10753] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.031413][T10753] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.215015][ T5824] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  230.280026][T10774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1837'.
[  230.507325][T10753] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.549802][T10753] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.828403][T10789] loop1: detected capacity change from 0 to 1024
[  230.857733][T10789] hfsplus: bad catalog entry type
[  231.030850][   T14] netdevsim netdevsim3 : unset [1, 0] type 2 family 0 port 6081 - 0
[  231.037515][   T14] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  231.083252][   T14] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  231.086030][   T14] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  231.135478][T10805] loop0: detected capacity change from 0 to 128
[  231.177273][T10807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1853'.
[  231.434508][T10815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1856'.
[  231.581688][T10819] loop0: detected capacity change from 0 to 16
[  231.590813][T10819] erofs (device loop0): mounted with root inode @ nid 36.
[  232.722210][T10854] netlink: 'syz.1.1876': attribute type 29 has an invalid length.
[  232.725814][T10854] netlink: 'syz.1.1876': attribute type 29 has an invalid length.
[  232.729554][T10854] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1876'.
[  234.126539][T10889] xt_CT: You must specify a L4 protocol and not use inversions on it
[  234.473323][T10895] netlink: 'syz.3.1891': attribute type 12 has an invalid length.
[  234.476997][T10895] netlink: 'syz.3.1891': attribute type 29 has an invalid length.
[  234.480560][T10895] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1891'.
[  234.648435][T10901] loop1: detected capacity change from 0 to 1024
[  234.765040][T10909] overlayfs: failed to clone lowerpath
[  235.220984][T10925] 9pnet_virtio: no channels available for device 
[  235.417675][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1911'.
[  235.462613][T10940] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1912'.
[  235.555621][ T1090] hfsplus: b-tree write err: -5, ino 4
[  235.600713][T10946] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  235.603069][T10946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  235.610683][T10946] vhci_hcd vhci_hcd.0: Device attached
[  236.031585][ T1277] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  236.034762][   T24] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  236.178526][ T1277] usb 2-1: Using ep0 maxpacket: 16
[  236.182571][ T1277] usb 2-1: config 0 has no interfaces?
[  236.184822][ T1277] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  236.188523][ T1277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.194153][ T1277] usb 2-1: config 0 descriptor??
[  236.399982][T10756] usb 2-1: USB disconnect, device number 29
[  236.413925][T10947] vhci_hcd: connection closed
[  236.422678][ T5874] vhci_hcd: stop threads
[  236.428662][ T5874] vhci_hcd: release socket
[  236.432738][ T5874] vhci_hcd: disconnect device
[  236.531165][   T24] vhci_hcd: vhci_device speed not set
[  236.785670][T10755] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  236.932784][T10755] usb 1-1: Using ep0 maxpacket: 8
[  236.946173][T10755] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  236.949767][T10755] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.971430][T10755] pvrusb2: Hardware description: Terratec Grabster AV400
[  236.974067][T10755] pvrusb2: **********
[  236.975406][T10755] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  236.978835][T10755] pvrusb2: Important functionality might not be entirely working.
[  236.982886][T10755] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  236.987110][T10755] pvrusb2: **********
[  237.122521][T10974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1926'.
[  237.134252][T10976] loop1: detected capacity change from 0 to 2048
[  237.144304][T10976] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.164722][T10976] overlayfs: upper fs needs to support d_type.
[  237.170716][T10976] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  237.173558][T10976] overlayfs: failed to set xattr on upper
[  237.175600][T10976] overlayfs: ...falling back to redirect_dir=nofollow.
[  237.179355][ T2396] pvrusb2: Invalid write control endpoint
[  237.181467][T10976] overlayfs: ...falling back to index=off.
[  237.184179][T10976] overlayfs: ...falling back to uuid=null.
[  237.243764][ T5820] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh
[  237.249263][ T5820] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh
[  237.260711][ T2396] pvrusb2: Invalid write control endpoint
[  237.263219][ T2396] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  237.282267][ T2396] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  237.284698][ T2396] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  237.288364][ T2396] pvrusb2: Device being rendered inoperable
[  237.294105][ T2396] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  237.298049][ T2396] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  237.314211][ T2396] pvrusb2: Attached sub-driver cx25840
[  237.320077][ T2396] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  237.323423][ T2396] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  237.369449][ T1905] usb 1-1: USB disconnect, device number 14
[  237.698712][ T5874] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  237.703413][ T5874] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.793644][ T5874] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  237.797179][ T5874] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.870508][ T5874] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  237.875300][ T5874] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.010276][ T5874] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  238.016736][ T5874] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.116043][ T5201] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  238.121932][ T5201] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  238.131632][ T5201] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  238.671060][ T5201] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  238.676250][ T5201] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  238.781947][ T5874] bridge_slave_1: left allmulticast mode
[  238.784300][ T5874] bridge_slave_1: left promiscuous mode
[  238.797265][ T5874] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.804825][ T5874] bridge_slave_0: left allmulticast mode
[  238.816601][ T5874] bridge_slave_0: left promiscuous mode
[  238.819149][ T5874] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.444507][ T5874] bond1 (unregistering): Released all slaves
[  239.678641][T11003] chnl_net:caif_netlink_parms(): no params data found
[  239.734257][ T5874] hsr_slave_0: left promiscuous mode
[  239.737339][ T5874] hsr_slave_1: left promiscuous mode
[  239.744086][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  239.747100][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.752418][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.755278][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.788727][ T5874] team_slave_0: left promiscuous mode
[  239.791308][ T5874] team_slave_1: left promiscuous mode
[  239.795562][ T5874] veth1_macvtap: left promiscuous mode
[  239.797781][ T5874] veth0_macvtap: left promiscuous mode
[  239.800585][ T5874] veth1_vlan: left promiscuous mode
[  239.802787][ T5874] veth0_vlan: left promiscuous mode
[  240.213546][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  240.213557][   T33] audit: type=1326 audit(1760619967.473:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11049 comm="syz.3.1954" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f769238eec9 code=0x0
[  240.592936][ T5874] team0 (unregistering): Port device team_slave_1 removed
[  240.643343][ T5874] team0 (unregistering): Port device team_slave_0 removed
[  240.672481][T11058] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  240.703765][ T5201] Bluetooth: hci2: command tx timeout
[  241.173658][T11060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1958'.
[  241.232005][T11003] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.235153][T11003] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.246304][T11003] bridge_slave_0: entered allmulticast mode
[  241.261125][T11003] bridge_slave_0: entered promiscuous mode
[  241.266769][T11003] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.269636][T11003] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.272550][T11003] bridge_slave_1: entered allmulticast mode
[  241.286501][T11003] bridge_slave_1: entered promiscuous mode
[  241.339671][T11003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.356468][T11003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.423647][T11003] team0: Port device team_slave_0 added
[  241.428168][T11003] team0: Port device team_slave_1 added
[  241.519498][T11003] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.522471][T11003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  241.560631][T11003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.566951][T11003] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.569640][T11003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  241.579849][T11003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.637445][T11003] hsr_slave_0: entered promiscuous mode
[  241.640962][T11003] hsr_slave_1: entered promiscuous mode
[  241.644205][T11003] debugfs: 'hsr0' already exists in 'hsr'
[  241.646465][T11003] Cannot create hsr debugfs directory
[  241.735854][ T5874] ------------[ cut here ]------------
[  241.738333][ T5874] WARNING: CPU: 0 PID: 5874 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x26d/0x2f0
[  241.742740][ T5874] Modules linked in:
[  241.744483][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[  241.749468][ T5874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  241.752619][ T5874] Workqueue: netns cleanup_net
[  241.754143][ T5874] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  241.755877][ T5874] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 2b 48 34 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 f9 2e 14 f8 e8 74 91 ce f7 90 <0f> 0b 90 e9 fd fd ff ff e8 66 91 ce f7 90 0f 0b 90 e9 60 fe ff ff
[  241.761952][ T5874] RSP: 0018:ffffc90004307878 EFLAGS: 00010293
[  241.764097][ T5874] RAX: ffffffff89f1b27c RBX: ffff88816ad92480 RCX: ffff88816bb83a00
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  241.766539][ T5874] RDX: 0000000000000000 RSI: ffffffff8d9d1510 RDI: ffff88816bb83a00
[  241.769470][ T5874] RBP: ffffc90004307990 R08: ffffffff8f9e1177 R09: 1ffffffff1f3c22e
[  241.771903][ T5874] R10: dffffc0000000000 R11: fffffbfff1f3c22f R12: ffffffff8f5da8c0
[  241.774650][ T5874] R13: 1ffff92000860f3c R14: ffff88816ad93940 R15: dffffc0000000000
[  241.777057][ T5874] FS:  0000000000000000(0000) GS:ffff88818e70c000(0000) knlGS:0000000000000000
[  241.780880][ T5874] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  241.783009][ T5874] CR2: 00007f76931d0fc8 CR3: 0000000169276000 CR4: 00000000000006f0
[  241.785517][ T5874] Call Trace:
[  241.786588][ T5874]  <TASK>
[  241.787604][ T5874]  xfrm_net_exit+0x2d/0x70
[  241.789291][ T5874]  ops_undo_list+0x49a/0x990
[  241.790744][ T5874]  ? __pfx_ops_undo_list+0x10/0x10
[  241.792444][ T5874]  ? do_raw_spin_unlock+0x4d/0x240
[  241.794119][ T5874]  cleanup_net+0x4d8/0x820
[  241.795502][ T5874]  ? __pfx_cleanup_net+0x10/0x10
[  241.796989][ T5874]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.799049][ T5874]  ? process_scheduled_works+0x9ef/0x17b0
[  241.800876][ T5874]  ? process_scheduled_works+0x9ef/0x17b0
[  241.802702][ T5874]  process_scheduled_works+0xae1/0x17b0
[  241.804704][ T5874]  ? __pfx_process_scheduled_works+0x10/0x10
[  241.806736][ T5874]  worker_thread+0x8a0/0xda0
[  241.808510][ T5874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  241.810680][ T5874]  ? __kthread_parkme+0x7b/0x200
[  241.812492][ T5874]  kthread+0x711/0x8a0
[  241.813720][ T5874]  ? __pfx_worker_thread+0x10/0x10
[  241.815267][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.816697][ T5874]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.818580][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.820555][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.822096][ T5874]  ret_from_fork+0x4bc/0x870
[  241.823732][ T5874]  ? __pfx_ret_from_fork+0x10/0x10
[  241.825558][ T5874]  ? __switch_to_asm+0x39/0x70
[  241.827102][ T5874]  ? __switch_to_asm+0x33/0x70
[  241.828982][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.830516][ T5874]  ret_from_fork_asm+0x1a/0x30
[  241.832130][ T5874]  </TASK>
[  241.833182][ T5874] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  241.835636][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[  241.838931][ T5874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  241.842506][ T5874] Workqueue: netns cleanup_net
[  241.844077][ T5874] Call Trace:
[  241.845313][ T5874]  <TASK>
[  241.846356][ T5874]  dump_stack_lvl+0x99/0x250
[  241.847904][ T5874]  ? __asan_memcpy+0x40/0x70
[  241.849618][ T5874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.851552][ T5874]  ? __pfx__printk+0x10/0x10
[  241.853274][ T5874]  vpanic+0x237/0x6d0
[  241.854744][ T5874]  ? __pfx_vpanic+0x10/0x10
[  241.856516][ T5874]  panic+0xb9/0xc0
[  241.857906][ T5874]  ? __pfx_panic+0x10/0x10
[  241.859355][ T5874]  __warn+0x31b/0x4b0
[  241.860584][ T5874]  ? xfrm_state_fini+0x26d/0x2f0
[  241.862062][ T5874]  ? xfrm_state_fini+0x26d/0x2f0
[  241.863679][ T5874]  report_bug+0x2be/0x4f0
[  241.865222][ T5874]  ? xfrm_state_fini+0x26d/0x2f0
[  241.867094][ T5874]  ? xfrm_state_fini+0x26d/0x2f0
[  241.868631][ T5874]  ? xfrm_state_fini+0x26f/0x2f0
[  241.870447][ T5874]  handle_bug+0x84/0x160
[  241.871830][ T5874]  exc_invalid_op+0x1a/0x50
[  241.873290][ T5874]  asm_exc_invalid_op+0x1a/0x20
[  241.874899][ T5874] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  241.876588][ T5874] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 2b 48 34 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 f9 2e 14 f8 e8 74 91 ce f7 90 <0f> 0b 90 e9 fd fd ff ff e8 66 91 ce f7 90 0f 0b 90 e9 60 fe ff ff
[  241.883016][ T5874] RSP: 0018:ffffc90004307878 EFLAGS: 00010293
[  241.885106][ T5874] RAX: ffffffff89f1b27c RBX: ffff88816ad92480 RCX: ffff88816bb83a00
[  241.887751][ T5874] RDX: 0000000000000000 RSI: ffffffff8d9d1510 RDI: ffff88816bb83a00
[  241.890370][ T5874] RBP: ffffc90004307990 R08: ffffffff8f9e1177 R09: 1ffffffff1f3c22e
[  241.893076][ T5874] R10: dffffc0000000000 R11: fffffbfff1f3c22f R12: ffffffff8f5da8c0
[  241.895606][ T5874] R13: 1ffff92000860f3c R14: ffff88816ad93940 R15: dffffc0000000000
[  241.898310][ T5874]  ? xfrm_state_fini+0x26c/0x2f0
[  241.899976][ T5874]  ? xfrm_state_fini+0x26c/0x2f0
[  241.901691][ T5874]  xfrm_net_exit+0x2d/0x70
[  241.903073][ T5874]  ops_undo_list+0x49a/0x990
[  241.904638][ T5874]  ? __pfx_ops_undo_list+0x10/0x10
[  241.906451][ T5874]  ? do_raw_spin_unlock+0x4d/0x240
[  241.908118][ T5874]  cleanup_net+0x4d8/0x820
[  241.909699][ T5874]  ? __pfx_cleanup_net+0x10/0x10
[  241.911350][ T5874]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.913302][ T5874]  ? process_scheduled_works+0x9ef/0x17b0
[  241.915415][ T5874]  ? process_scheduled_works+0x9ef/0x17b0
[  241.917275][ T5874]  process_scheduled_works+0xae1/0x17b0
[  241.919285][ T5874]  ? __pfx_process_scheduled_works+0x10/0x10
[  241.921507][ T5874]  worker_thread+0x8a0/0xda0
[  241.923100][ T5874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  241.925114][ T5874]  ? __kthread_parkme+0x7b/0x200
[  241.926849][ T5874]  kthread+0x711/0x8a0
[  241.928122][ T5874]  ? __pfx_worker_thread+0x10/0x10
[  241.929709][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.931194][ T5874]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.932953][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.934623][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.936096][ T5874]  ret_from_fork+0x4bc/0x870
[  241.937582][ T5874]  ? __pfx_ret_from_fork+0x10/0x10
[  241.939218][ T5874]  ? __switch_to_asm+0x39/0x70
[  241.940741][ T5874]  ? __switch_to_asm+0x33/0x70
[  241.942346][ T5874]  ? __pfx_kthread+0x10/0x10
[  241.943896][ T5874]  ret_from_fork_asm+0x1a/0x30
[  241.945395][ T5874]  </TASK>
[  241.947078][ T5874] Kernel Offset: disabled
[  241.948479][ T5874] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:06:08  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000072 RBX=0000000000000072 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90004307010
R8 =ffff888169c18237 R9 =1ffff1102d383046 R10=dffffc0000000000 R11=ffffffff851c1050
R12=dffffc0000000000 R13=ffffffff99a0891c R14=ffffffff99d1bfc0 R15=0000000000000000
RIP=ffffffff851c10cc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88818e70c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f76931d0fc8 CR3=0000000169276000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f769241313d
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000138 RBX=ffff8881036a2000 RCX=ffff88810ebe8000 RDX=0000000000000cc0
RSI=ffff8881036a2798 RDI=ffff888160415780 RBP=0000000000000cc0 RSP=ffffc9000915e998
R8 =0000000000000003 R9 =0000000000000000 R10=ffffc9000915ec60 R11=fffff5200122bd96
R12=dffffc0000000000 R13=ffff888167c17780 R14=ffff888160415780 R15=ffffc9000915ed60
RIP=ffffffff821a74a6 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055557fde9500 ffffffff 00c00000
GS =0000 ffff8882a9d0c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2ec23ffc CR3=0000000112794000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000ff0000000000 0000000000000000 XMM05=0000000000000000 00007f4c9b212fcb
XMM06=0000000000000000 00007f4c9b212fc5 XMM07=0000000000000000 00007f4c9b212fd9
XMM08=0000000000000000 00007f4c9b21305f XMM09=0000000000000000 00007f4c9b21313d
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
