last executing test programs:

12m37.919399525s ago: executing program 32 (id=5147):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000240)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x2007, 0x3a, '\r', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n\x00\x00\x00\x00\x00\x00\x00\x02E\xd4\xab\x1ed', 0x3a, './file2'}, 0x4a)

11m15.424915768s ago: executing program 6 (id=5829):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0xc0406618)

11m14.468579982s ago: executing program 6 (id=5836):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xabf, &(0x7f0000002340)="$eJzs3U2MW0fhAPCxd73JJuk/Tv8JXdLQJhTa8tFNs7uEjwiSKhESUVMhLpUiLlGalogQJIoEVJVIcuJGqypInPgQp16qgpDoBUU9calEI1VIPRUOHIiCqMQBAonReme89sTusze7fnb8+0mz43kzzzPP+/z8PmcCMLGqzb9LS3OVEC6/8cqxvz3819nlKYdbJerNv9NtqVoIoRLT09n7vTe1Et98/8XT3eJKWGj+Tenw1PXWvFtDCBfC3nAl1MPuy1dffmvhyRMXj1/a9/arh65tzNIDAMBk+eqVQ0u7/vzH+3fceO2BI2FTmrz8orl/Xo8TtsX9/iNxxz/t/1dDZ7rSFtrNZOWmY6jOdpab6lKuvZ5aVm66R/0zWf21HuU2hQ+uf6ptWrflhnGW1uN6qFTnO9LV6vz8yjF5aB7Xz1Tmz5899+zzJTUUWHf/fDCEsLctHL3UmR61cHgE2pCF5r5FH+UaI9DWsQxHhlfXjcaK0pd5SKGxvewtEMCK/HrhbS7kZxbuTOvdpvur//oT1e7zwzoY9vo/UP0zJdcf1P+ri7Y4rJ+7dW1Ky5W+R9tiOr+OkN+/1Pv7l1/p6JyaX4+o9dnOXtcRxuX6Qq92Tg25HWvVq/35enG3+mKM0+fwpSy//fuT/0/H5X8MdPev/Py/IAijHUJHunYn79UoefsDjK78vrlGuj4a5ff15fmbCvI3F+TPFuRvKcjfWpAPk+w33/1xeKmyepyfH9MPej48nWe7J8b/N2B78vORg9af3/c7qDutP7+fGEbZ7049feZzz5y8unL/f6W1/t+K63s63KjH79aVWCCdL8zPq7fu/a931lPtUe7erD33dCnffL2zs1xl5+r7hLbtzG3tmOucb3uvcns6y9WzcrMxbM7am++fbMnmS/sfabuaPq/pbHlr2XLMZO1I25UdMc7bAWuR1sde9/+n9XMu1CrPnj135vGYTuvpH6Zqm5anHxhyu4E71+/zP3Oh8/mfba3ptWr7dmH76vTKynbh9fh+ndMXWvV0Tl+M6fQ7942p2eb0+dPfPvfM+i8+TLTnf/DCN0+dO3fmO6W/WJwNYQSasYYXXx6NZgzyIh22jEp7vBi5FyVvmIANt/+HKzsBj5391qnnzjx35vziwYOLCwsHP7+4tL+5X7+/fe++3YUSWgusp9Uf/bJbAgAAAAAAAAAAAPTre8ePXX3nzc++u/L8/+rzf+n5/3Tnb3r+/0fZ8//5c/LpOfj0HOCOLvnNMlkHqzNZuVoM/5+1d2dWz65svg/FuDWOX3z+P1WX9+ua2nNfNr3WI5l1J3BbfykzWR8k+XiBH43xpRj/MkCJKrPdJ8e4qH/rtK6n/ina+qVo6B94fKT/W1obUj8m6fnvrv06tf2zdwyhjay/YTxOWPYyAt39faL6//7H6oKX3hahd5gebn0/ndx1otFzL73fEWwA1kfZ43+m854pPv/7r2xeDqnY9Sc6t5d5/6UwiD+905ke9fEnN7r+fNy+Yddf9vIPe/zP1vh3fW//shHz6mur998/u/ZuW7Vhd7/158uf+oHeOVj9N2L9aWkeCf3V3/hFVn9+QahP/8nq39Jn/bct/5611f/fWH/62B59qN/6V1pcqXa2Iz9vnK7/5eeNk5vZ8qe+PT+g/q+90G351zhQ461YP0yycRlndlDZfkRrp33t4/9GF9Z3/N9WY7PNWn4fxmdiOm2I030O+Xgng7Y/3V+Rfgd2Ze9fKfh9M/7vePtCjIu+D2n837Q+1uNPflu6+VmmdK3LZ3u3bmtgXL03Udf/1iGc3PA6Npe+jCMfjoxAG1qhMbWG+VrjxJXc/kajsbEntAqUWjmlf/5lHyeUXX/Zn3+RfPzffB8+H/83z8/H/83z8/F/8/zZ+B/qlZ+P/5t/nvn4v3n+fdn75uMDzxXkf7ggf3f3/NZh+/0F8+8pyP9IQf6+Vv7hjhIp/4GC+R8syL+3IP+hgvyPFeR/vCD/4YL8R9vy28eATvmfKJj/bpeeR5nU5YdJlj+f5/sPkyNd/+n1/d9ZkA+Mr5+8duDoyV9/vb7y/P9M63xIuo53JKZr8fjp+zGdX/cObenlvDdj+i9Z/qif74BJkvefkf++P1KQD4yvdJ+X7zdMoMrm7pNjXNRvVa/9fMbLJ2P8qRh/OsaPxXg+xvtjfCDGC0NqHxvj6Ou/PfRSZfV4f3uW3+/95PnzQB39RIUQFvtsT35+YND72fN+/AZ1p/Wv8XEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0lSbf5eW5iohXH7jlWNPnzi7f3nK4VaJevPvdFuq1povhMdjPBXjn8cXN99/8XR7fCvGlbAQKqHSmh6eut6qaWsI4ULYG66Eeth9+erLby08eeLi8Uv73n710LWN+wQAAADg7ve/AAAA//+NnAuo")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e8b, &(0x7f0000000080)={@desc={0x40002, 0x0, @desc1}})

11m13.412916771s ago: executing program 6 (id=5843):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x2}, 0x0)

11m12.895594453s ago: executing program 6 (id=5846):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@debug}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@block_validity}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

11m11.983122663s ago: executing program 6 (id=5851):
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x21488b, &(0x7f00000013c0)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000b18eb07a9dbec07d91edf772ce16e8f4545927e1e38533740c5b1da10b839e273fa468d364205a63adda5262cda8e690d1049c884d79e243210c733da8adfb6db6f3b3464aca805a08f3cacf9bce83fd7888eb1f09a8a7f55959926a7fd5ac27fd519bccdcfda872f503656169", @ANYRESOCT, @ANYBLOB="48aa122ce7bad1d4005fd66df97f8ec44bbc8f22ca2298ce346671617bb371da3c639abd9ee548b49a9c10009f28579f82efb3cf18d7e4f7d0cda9f6feec4c5df95db277defa1414ccf2075e6fd144cdc78c1f843f1574502ce415c27f3cec8893fe5950104e7d7b43440fd107294cf00fe8000000000000", @ANYRESOCT], 0x1, 0x65b, &(0x7f00000007c0)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiefWzDVzX/eMMhdjSSMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnL060t6nbauD2mqy+O9CtZ8T+Vy7qUzrr0neHid+JfN3UlfXRF5XhS1v7/vfP/D75dLOTrn5DQ61AkzbDNUpakMc9f7j95OBjsPJtzIl8BKswQtO52vdD3Ova6a7zQN421terdjVZoWl5J4XbYdzvGCdxC3w/MinPb1BqNVeNWtv3N7nrTbrv5zPvfr1era+b9pWzP3n2/EjobXrvtddeTmHhxHHPffPrzNMS1O8bsPh7srE5LMg6qzRJUnxZUr9brtVq9Xlu717h3v1otjsyoHqORiLk/afE1M7+TN/CGCnH9/7sltVVWV5vakhn746ipQL46E5Zn8vr/7l33xH4P1/+8yl8aLr6spP5fSx9dm1T/J+RiZJIVxi2xJsx/vZ/neql9PdFDDTTQjp7NZ7vX55fh2/1Zl4qSp1C+PHVka12uTDbHqKE1ramqD7ShlkIZteSpLVehthWqL1ed5JgEcmUnrdiKHN2WUU0NNbQqI1cVbcvXprpaV1O2/h1F0a4eJ/t99YQclQfVZgmqnxA0qf7/4pM066n13xL1/xstP3/NEgOcuyi7/j+l628nGwAAAAAA8DZYyV/freS1+6uSIrW8tls977QAAAAAAMAcJa/8X4kni3HrqqwJ1//R2ecGAAAAAADmw0o+Y2dJWk7e1G8NPwk1y5sAFs4gRQAAAAAA8IaS1/+vlaQouffadVmnuv4HAAAAAABfA78/dI/9Yn6P3Sh/Wb8gKewtWX/555KCRetVb+u71p4dL7H3spiRdwD0W5eti9mNepNJSVLyyHGvWFfToOwmmFa++pe70+71bwXHEigt5H++mJbAWjF7pE91I425UU6nj/YLSpakvSy3vLZbcfz2g5ps+2Kh7271f/308W+k4GCcu48HO5UPPx48SnJ5Fc96tRfn8cmRdArTcnmhbF9cHTviC2rlXf6h21m2kn6r+fgXZO8VDnc02/h/q5tpzM3ldLq8r2xPJOMvx+OvVZJDNhx9PKrP/jQcfe34yMcdiAlZlJMsbqUxt1ZupZM8vyyL7y1I9crxY1CKn4LDfVE/nMX0fWH9a2RfTMki3hercRZ/jTc0fCYcyWL1dFmMHBEAOC+7wyqU3MR89B77x+vu65zlplf3Hx3t5cVnUfqBwwWpmL02cWIvZcVn9JVk2yopObEWLx+cZfdu5Gf0alZXyppwRq++QXWL+/rz8DuQsrRH6sp/oih6UEv6/eNBv2lV/Txe4fOJ/Ybt+kI8wrsv9n6Z3AA/9tHORztP6/XVtep71eq9uhaTYWQTag8AYIzp37EzNcJ67+Cq+tE/3k1bRyretw7eUlDRh/pYAz3SnfwrBK6P3+ryobch3Bm9ao1jL0jHY2u6M/GqLqmlaezPtks/TIOS34vKVzlaqYfbXX2rxwAAgLN2s5E1JtThWer/neS6W9LK5UPX3QfX7Mdq+fFvCJ5Uc2tntg8AAPhf4wZfWsv931lB4PU+qDUaNbu/4ZrAd35iAq+57hqv23cDZ8PurrumF/h93/HbphdoyWu6oQk3ez0/6JuWH5ieH3pbpuW1XZN99Xvoduxu33PCXtu1Q9c4frdvO33T9ELH9DZ/3PbCDTdIVg57ruO1PMfue37XhP5m4LgVY0LXPRToNd1u32t5cbNreoHXsYNt81O/vdlxTdMNncDr9f10g3lfXrflB51ksxVFp/6iQwAAvomev9x/8nAw2Hk2qZFc0U+JGTZK4zaY98UrzgAAfDWMVumJymeSEAAAAAAAAAAAAAAAAAAAAAAAGDH9I32nbCyO+7CgdDDnVxdn2o6leSd2mkbh9Vf/2wkxFw7m5Lv/cMyrcxip0kZx/lu+cJqPjc6h8YPddI9OjIkXjl20dHAsivP/7xA3nn4xYVEURdHJqy8d3YelkwZ4tFGU9Kz0BofgfM5HAM7OfwMAAP//3JZAiA==")
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pread64(r0, &(0x7f0000002280)=""/4096, 0x1000, 0xd33)

11m10.236116326s ago: executing program 6 (id=5865):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x52, 0x0, 0x0, {0x1, 0x1}, {0x80, 0x2}, @const={0x2, {0x0, 0x0, 0x0, 0xfffc}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

11m9.356987245s ago: executing program 33 (id=5865):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000480)={0x52, 0x0, 0x0, {0x1, 0x1}, {0x80, 0x2}, @const={0x2, {0x0, 0x0, 0x0, 0xfffc}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

11m4.126751642s ago: executing program 2 (id=5899):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file1\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x444a, &(0x7f0000004480)="$eJzs3b1PHGcaAPB3BnwGfx32ufBJJ91KZ+k+hcDV3WHpMMbGYHOOnNhFmvUCa5tkYS1YohQuSGcpVaQUUQorkdJRWUhp0jh/QpqUTm0pKdJEimSFaHdnMTPsmg3ZhWD9fsXOzvv5wLMzvGNp/caJyr355dz8cq6wmCvP3lk+l3unXFpZKIZ4jzSd/9DezU97uvE5edmYn3cscpq5fvHy67fOhfDl3NfPNjY2NkJVb2hqeMv7H75/MLv12BBn+lTHbTLUoeYz7MabIYTT2+Kq6gkh9IUQohDChaRsLDn2hxCOJ3W3Hrx/O9ehaB4/LZ7PP59+uD5ydmrt0Xqzn70uCuHj0h//dXfh27/0jHzzj9YjfnG0Q6EBAAAAAAAAAAAAAAAAAHAATNy4fvO1oeHwJAq9a9H27+tOJMcW34/t3eiYP78szL+f6NyPDAAAAAAAAAAAAAAAAAAAAL85L77/n4tONfn+/3hyHG3Rf+N/3Y+R7pn8//XxS0PDyf7v0bb6fydF313oCSeb7Pue3f/9QqZ/8/3ft8+zW434GvMOhCgeTJ3H8eBgCJ8mG7+fiY7EpfJy5Z93yiuLcx0L48BK57++e38qO8mG/m3mPx7LjN9i//8O+sO2T1P1/HbnPmKvtHT+e1q2++y9qK3r/2Km317kn91L57+3Vta/tcFo/QZQzf8HvTvnfzwzfrfyfyKEkIuqseZSd4DqGqZa3mq9Qlo6/4dqZalbZ/KLbHX9/5jJ/6XM+Pt1/1/N/iGiqXT+f1cr60u1OFx7reU/3vn6v5wZfz/yX41/tV640d25D750/uu5Dr2pJrXfZLv3/4nM+C3zf/jXxX0zTuI8EaU+AWtRvbzF/1dHRjr/fdvqXzz/xW2t/65k+u/V819j3sbzX+P2/7eo/vxHc+n897ds1+71P5np1+37/2ht/cdupfN/pFaWXjsP1F7bzf9UZvxu5b/2VNLXyP+L+8lPh+vln1j/tSWd/6P1wnhri9Xaa239F+28/r+aGX8/1n/V+Ffj7s76qkjn/1jLdtX8f9XG3/9rmX7dz38IQ/6tb9fS+T/esl3t+u/bOf/Tm+/qY3U7/3/t5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8BYchwIUTyYOo/jwcEQLibnZ8KRaKYwl58plWffXg5hPCnPhVPR3VJ5plDKzy+W54r5QqlUng3hUlJ/OvRFy6VyJb9QuH95c6z+6F6xsFSZKRYqIYSJpPxP4XhjrJn5ykLhfgjhymbd7+Py0v17hcX83PzSf4eGhobC5GYMJ6Piu5XiYqU+e702hKnNvgPRluBq1Vc3YzkWvVVeWVoslGrl17b0KZVnC6UtfaaTug/DyaiytLI4W6gU86Xy3cZ8+2k0OY5P3njjxrXhbfW3o/pxbG/DAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXejLyn49CCL31sziEMNp4EzVr//hp8Xz++fTD9ZGzU2uP1p+1agcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DM7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2KVj1ASCKAzAbyZFki7HSLUkXdoNgZAU2SB4Aj2Gh9GjeAnvYGFhayGC7KKuu7CNVt/XPJifmfdgHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw3yPqvH/23tEiqf9Y8Ryulqf5791nX9233+4w4zczs9f9XX6w3SVf9RHmzIf0912NomO2li09qS9T5d9nnvn6tu3vvmavi+RchERZZ2/ppyLYthbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGAHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//hkEdVg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)

11m1.862457587s ago: executing program 2 (id=5905):
r0 = socket$kcm(0x29, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pimreg\x00', 0x2})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b0f, &(0x7f0000000000)={'wlan0\x00'})

10m59.055842028s ago: executing program 2 (id=5918):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000300)='.\x02\x00', 0x2000800, &(0x7f00000009c0)=ANY=[], 0x1, 0x2d6, &(0x7f0000001300)="$eJzs3c9qE10UAPDTJE3T8vG1a3ERcKOboq7dBKkgBgqVLNSNgSpIK0K6ia7yCm7EZ/CRXPgQXRVcRKYz7aRN0kKZzPTP7wfTnpkT7pwZJnNnce/k/f3Pe7tfDj6Of/+MVqsdjWhFHEVsRC3qkVpK/rRO4mZMGtXPrMZKAADX3c5OvzMvNyq3FArRmNoyGHT6yzOfzXq/SioKAAAAAAAAAACAgk2P/4/RzPH/EVE7O/7/ODBGEABunovG/3M7DAad/lr6/HZutqbx/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB1GjFeH4/Hj/5LV5M4X5qxXnV9AEDxjib7+9Pl7zij/weAW2h2/58vVdcHABRvov+PuKT/r1dXJgBQoNdv3r7qdLtbO+12K+JwNOwNe+n/NP/iZXfrcfvYRkTU0q2Hw2Gvfpp/kubbeatJfjnWsvzTmflmPHyQ5pPc8+3uufxK7JZzCgAAAAAAAAAAAAAAAAAAAKBymycv9Unn92fy+f2bm9s//nw6nf8/kU+j7P0AtZia39+Ie43L9r5S1GEAAAAAAAAAAAAAAAAAAADAjXbw9dtef3//w6CcYCkiim25HhHHQSPbUi98FxPB4lpOglbMSzUj4sotJyd9dirJXLXm72kQc2u+KHj2LuLSDy/trcZUarX8i3axwWr2Tbwu9fyfXS3z7hjN8m5OAAAAAAAAAAAAAAAAAABwx+Szf6uuBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqk//+/+KCqo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBv+BQAA//8hOXWq")
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

10m58.560366123s ago: executing program 2 (id=5922):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@debug}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@block_validity}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

10m57.519210057s ago: executing program 2 (id=5929):
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000500)='./file2\x00', 0x80408a, &(0x7f0000000540)=ANY=[], 0x11, 0x6c1, &(0x7f000000abc0)="$eJzs3c9vHGcZB/DvrNc/NpVct03TgCrVNFJBRCRxrBTCJQEhFKQKVUGCs9U4jRUnDY6L0h6IC0hInDjwB7SHcIETCCEhIUUqZ7hVcLI4VULqpae0Qgza2dn12t21N3FiO/D5WLPzvPPOvvPMs/NjdyVrA/zfunA8zbtp5cLxV2612+t35pfX78xf68SN5SSTSRpJszNLcT0p3k/OpzPlc+2F9XDFsO38aunsxQ8+Xv+w02pmY7z2Q2t4gs1R9mKtnjKbZKye78Km8V57sPEmN8KiV5l2wY51Cwf7bTxJuckPj2z0DFKO9TWGnu/A46Po3Df7dM7/meRQkqnuDW2t09nY+wx3NMK16Be9aO3R5gIAAAAHwpP3bie3Mr3feQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjpP79/6KeGt14NkX39/8n+n5jf2Kf0x1u+8ymusHdxl4kAwAAAAAAAACP1gv38puLZTndbZdFGt8fqxuHq8cn8mZuZjErOZFbWchqVrOSuSQzfQNN3FpYXV2Zy4udZ35aluWQZ54e+MzTIybc2v0+AwAAAAAAAMD/kHP1/Ce5kOl9zgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYpkrHOrJoOd+OZNJpJppJMtNdbS/7WjR9nd/c7AQAAAHhY/vHvsjKg68l7uZdbme62y6L6zH+k+tw/lTdzPatZymqWs5hL1XcBnU/9jfU788vrd+avtafPjvteayP+/fSOGVYjpvPdw+AtH63WaOVylqolJ/Ja3shyLqVRPbPtaDefwXm981F77HMdZZnJUWp3qZ639/yX9fxgmKkqMt6ryKl2bkWnjk9tX4lvfLSrLc2l0fvm5/B91Pzctlsp/tM9Qg91lyRPfGfnmo/f187sytZKnO47+o5sX4nki3/47Q+uLF+/eqVYO35wDqNBXhi8ePKfG9eQmfqMTfVl4GLm+yrx3MiVuHzzgFdiqOamViPP9uIL+Xa+l+OZzatZyVJ+lIWsZjGz+VYVLdTHc/txZvtKnd/UenWnnCbq12VsS05feLIz3y6nF6vnTmcp380buZTFvFz9nc5cvpozOZOzfa/wsyOc9Y0BZ/0fhyd/7Et10L5z/LyeHwztuj7VV9f+a+5M1de/pJGyvrM8/dCujT3Nz9dB+5X4ad85uP96lZhK7y7Rze6ZbgXGB1biveqycnP5+tWVKws3toxbrA3e3kvZvPsH50LSPl6e7l0jNh8d7b5nBvbNVX2He32NrX2/bvX6djpTJ+r3cJ8d6XTV99zAvvmq72hfX/v91lSSxXxalmXn/VbXM3tcVQBGdujLhyZa/2r9tfVu62etK61Xpr45+bXJ5ycy/pfxrzdPjb3UeL74Xd7Nj7PzJ3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBHN996++rC8vLiypagLMvbQ7oeSZBmsmnJn//Ut071W2NJRh+wvfb5RlItaaYO7i+x2w+2O+88aBH+Xr8me1LwhxJMDT1+tgaflGV5MHIeJShre771RvZ937vBvl6WgD1wcvXajZM333r7K0vXFl5ffH3x+tkzZ86eOnvm5fmTl5eWp/Y7PeARqu711fuc/c4EAAAAAAAAAAAAGNVo/5xT9JY0k9z3//YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7MKF42neTZG5UydOtdvrd+aX21M33ljzkySNJMVsUryfnE9nykzfcMWw7awlFz/4eP3DTqtZT9X6jd3vxVo9ZTbJWD0fYGrQwvL2sPGKapwbw8cbUdGrTLtgx7qFg/323wAAAP//yAscyg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xd2f0, 0x2000, 0x8, 0xadea})

10m56.190529446s ago: executing program 2 (id=5937):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r1})

10m55.325442457s ago: executing program 34 (id=5937):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r1})

5m54.314597329s ago: executing program 3 (id=8481):
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x46d, 0xc286, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x20, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x81, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x1000, 0x7, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x5}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x2d, 0x3, 0x83}}]}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5}]}}, 0x0}, 0x0)

5m51.963118972s ago: executing program 3 (id=8498):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10)
connect$llc(r0, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10)

5m51.568758762s ago: executing program 3 (id=8503):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_ORPHAN_MASK={0x8, 0xa, 0xaced}]}}]}, 0x38}}, 0x4048000)

5m51.149134029s ago: executing program 3 (id=8506):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f0000000300)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

5m50.2906714s ago: executing program 3 (id=8512):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffff8, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0xffffffff, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x68, &(0x7f0000000080)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x32, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @private1, [{0x3, 0x1, "430cac35d4bf2862"}]}}}}}}, 0x0)

5m46.780880551s ago: executing program 3 (id=8544):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x203a2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12)
ioctl$SNDCTL_DSP_GETFMTS(r0, 0x8004500b, 0x0)

5m46.117284083s ago: executing program 35 (id=8544):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x203a2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12)
ioctl$SNDCTL_DSP_GETFMTS(r0, 0x8004500b, 0x0)

3m9.631030331s ago: executing program 1 (id=9461):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80480e, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x3)

3m8.779546287s ago: executing program 1 (id=9467):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000180)={0x1})

3m7.937246003s ago: executing program 1 (id=9470):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
ioctl$SNDCTL_TMR_START(r0, 0x5402)
ioctl$SNDCTL_TMR_STOP(r0, 0x5403)

3m7.412647191s ago: executing program 1 (id=9475):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000780)={[{@errors_remount}, {@resuid}, {@minixdf}, {@resgid}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')

3m6.141644118s ago: executing program 1 (id=9483):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
link(&(0x7f0000000080)='.\x00', &(0x7f00000000c0)='./file0\x00')

3m5.399577744s ago: executing program 1 (id=9489):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TCFLSH(r0, 0x40087101, 0x20001100)

2m50.222125922s ago: executing program 36 (id=9489):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TCFLSH(r0, 0x40087101, 0x20001100)

1m46.999528959s ago: executing program 4 (id=9916):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000180)={0x0, r0, 0x1, 0x7, 0x8, 0x100})

1m46.60304063s ago: executing program 8 (id=9918):
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
open$dir(&(0x7f0000000040)='./file1\x00', 0x80, 0x104)

1m45.875870919s ago: executing program 4 (id=9923):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)

1m45.866746044s ago: executing program 9 (id=9925):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x1f, 0xd, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000050000000000000082000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000038000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1m43.961532662s ago: executing program 8 (id=9939):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0xc001, &(0x7f0000000f00)=ANY=[@ANYBLOB="6c617374626c6f636b3d30303030303030303030303030303030303030302c756d61736b3d30303030303030303030303030303030303030303030302c756e64656c6574652c6c6f6e6761642c73686f727461642c7569643d666f726765742c756e64656c6574652c696f636861727365743d757466382c73686f727461642c696f636861727365743d64656661756c742c7569643d666f726765742c6e6f7374726963742c73657373696f6e3d30303030303030303030303030303030303030302c706172746974696f6e3d30303030303030303030303030303030303030362c00b2e01f5c0b5c8fb2623d8f888e41dfceb3ecf959d23d90b071660660b17884bd109d37086024cf83fa"], 0x2, 0xc29, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3Fpd1WTOwoThoXm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgpYzOxbcUmRNiOKEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+9eun0mfSwWwEAPEhXxr5y+qz7PwA8Vq76/38AAAAAAAAAAAAAADjsUhTxVKSYv7KeJqr3HfXL7b5bt8eHR3auNpCqmkeq8uVP/czZc+e/9OLQhW5ebs9+SP377bPx+tjVS41X5m7OL0wvLk5PNcZn25NzU9N73sN+6293sjoBjZtv3Jq6fn2xcfaFc1s+vj34Qf+TxwcvDj136tlu2fHhkZGxzSL13vK1e25Ix24zPI5GEacixfPf/UlqRUQR+z8X9Qc79tsNVJ04WXVifHik6shMuzW7VH442j0RRUSjp1Kze452Houo9T3QPuyuGbFcNr9s8Mmye2PzrYXWtZnpxmhrYam91J6bHU2d1pb9aUQRF1LESkSs9d+9u74oohYpvn1sPV2LiCPd8/DFamLw7u0oDrCPe1C2s9EXsVI8AmN2iPVHEa9Fip++eyIm83WmutZ8IeK1Mr8f8XaZL0ek8otxPuL9Hb5HPJpqUcRflON/cT1NVdeD7nXl8lcbfzh7fa6nbPe68gveH+66Ujyk+8PAtnwwDvm1qR5FtKor/nq699/sAAAAAAAAAAAAAAAAAHC/DUQRn4kUr/77H1fziqOal37s4tDvD/5y75zxZz5iP2XZFyJiudjbnNyjeWLgaBpN6SHPJX6c1aOIP8nz/775sBsDAAAAAAAAAAAAAAAAAADwWCvix5HipfdOpJXoXVO8PXujcbV1baazKmx37d/umukbGxsbjdTJZs6JnMs5V3Ku5lzLGUWun7OZcyLncs6VnKs513LGkVw/ZzPnRM7lnCs5V3Ou5Yxarp+zmXMi53LOlZyrOddyxiFZuxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OOkiCJ+Him+9fX1FCkimhET0cnV/ofdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+F6kaPxB8862WkSk6t+OE+Uv56N5tMxPRnOozJejeSlnq8pa85sPof3sT18q4keRor/+zp0Bz+Pf13l352sQb39j891na5080v1w8IP+J48fuzg08mvP7PY67dSAk5fbs7duN8aHR0bGejbX8tE/2bNtMB+3uD9dJyIW33zrjdbMzPTCvb8ovwL7qP4IvUi1x6WnXlQvonYomvFw+s5joLz/vx8pfvu9/+je8Dv3/3r8UufdnTt8/OxPN+//L23f0R7v/7Xt9fL9v7yn73T/f6pn20v5dyN9tYj60s35vuMR9cU33zrVvtm6MX1jevb86dNfHhr68rnTfUcj6tfbM9M9r+7L6QIAAAAAAAAAAAAAAAB4cFIRvxspWj9aT42IuF3N1xq8OPTcqWePxJFqvtWWeduvj1291Hhl7ub8wvTi4vRUY3y2PTk3Nb3Xw9Wr6V7jwyMH0pmPNHDA7R+ovzI3/+ZC+8YfLe34+RP1S9cWlxZakzt/HANRRDR7t5ysGjw+PFI1eqbdmq2qju44mf4X15eK+M9IMXm+kT6ft+X5/9tn+G+Z/7+8fUcHNP//Ez3bymOmVMTPIsVv/eUz8fmqnU/EXecsl/vbSHHywudyuThaluu2ofNcgc7MwLLs/0aKf/z51rLd+ZBPbZY9s+cT+4gox/9YpPjen38nfj1v2/r8h53H/4ntOzqg8X+6Z9sTW55XsO+uk8f/VKR4+al34jfytg97/kf32RsncuE7z+c4oPH/VM+2wXzc37w/XQcAAAAAAAAAAHik9aUi/i5S/GCkll7M2/by9/+mtu/ogP7+16d7tk3dn/WKPvLFvk8qAAAAABwSfamIH0eKG0vv3JlDvXX+d8/8z9/ZnP85nLZ9Wv05369Uzw24n3/+12swH3di/90GAAAAAAAAAAAAAAAAAACAQyWlIl7M66lPVPP5p3ZdT301Urz638/ncul4Wa67Dvxg9Wv9ytzsqUszM3OTraXWtZnpxth8a3K6rPt0pFj/m8/lukW1vnp3vfnOGu+ba7EvRIqRv++W7azF3l2b/OnNsmfKsp+IFP/1D1vLdtex/tRm2bNl2b+OFF/7553LHt8se64s+51I8cOvNbplnyjLdp+P+unNsi9MzhUHMCoAAAAAAAAAAAAAAAAAAAA8bvpSEX8WKf7n5sqdufx5/f++nreVt7/Rs97/Nrerdf4Hq/X/d3t9L+v/V88VWN7tqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8PGUooi3IsX8lfW02l++76hfbs/euj0+PLJztYFU1TxSlS9/6mfOnjv/pReHLnTzw+vfb5+J18euXmq8MndzfmF6cXF6qjE+256cm5re8x72W3+7k9UJaNx849bU9euLjbMvnNvy8e3BD/qfPD54cei5U892y44Pj4yM9ZSp9d3z0e+Sdtl+NIr4q0jx/Hd/kn7QH1HE/s/FR3x3DtpA1YmTVSfGh0eqjsy0W7NL5Yej3RNRRDR6KjW75+gBjMW+NCOWy+aXDT5Zdm9svrXQujYz3RhtLSy1l9pzs6Op09qyP40o4kKKWImItf67d9cXRbwRKb59bD39S3/Eke55+OKVsa+cPrt7O4oD7OMelO1s9EWsFI/AmB1i/VHEP0WKn757Iv61P6IWnZ/4QsRrZX4/4u3ojHcqvxjnI97f4XvEo6kWRfxfOf4X19O7/eX1oHtdufzVgW1lu9eVR/7+8CAd8mtTPYr4YXXFX0//5r9rAAAAAAAAAAAAAAAAgEOkiF+NFC+9dyJV84PvzCluz95oXG1dm+lM6+vO/evOmd7Y2NhopE42c07kXM65knM151rOKHL9nM0y6xsbE/n9cs6VnKs513LGkVw/ZzPnRM7lnCs5V3Ou5Yxarp+zmXMi53LOlZyrOddyxiGZuwcAAAAAAAAAAAAAAAAAAHy8FNU/Kb719fW00d9ZX3oiOrlqPdCPvf8PAAD//9+79wg=")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xa, 0x0, &(0x7f0000000000))
mknod$loop(&(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

1m43.278852713s ago: executing program 8 (id=9943):
syz_io_uring_setup(0x275b, &(0x7f00000008c0)={0x0, 0x21d7, 0x40, 0x0, 0x2ad}, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)=ANY=[@ANYBLOB="1c0100002b00010000000000fcdbdf250a01f2800c00090008ac0f0000000000140001"], 0x11c}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1m43.214921959s ago: executing program 5 (id=9944):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000021c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)

1m43.156114946s ago: executing program 7 (id=9947):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002f000000180001801400020073797a5f74756e"], 0x2c}}, 0x0)

1m42.5439469s ago: executing program 0 (id=9948):
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x8}], 0x18}, 0x0)
r0 = io_uring_setup(0x20, &(0x7f00000000c0)={0x0, 0x0, 0x3000, 0x80000000, 0xfefffffd})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r0, 0x21, &(0x7f0000000340)={0x0, 0xebb9, 0x0, 0x3, 0xd5}, 0x1)

1m42.471906209s ago: executing program 7 (id=9949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x14, r1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000000)

1m42.386130583s ago: executing program 5 (id=9950):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x3c, r0, 0x6ae3e61d32b8160b, 0x0, 0x0, {0x4a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0xa8, 0x36}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0)

1m42.355596635s ago: executing program 9 (id=9951):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x1000000, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x18, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'batadv0\x00'}}, @TIPC_NLA_BEARER_PROP={0x4}]}]}, 0x2c}}, 0x0)

1m42.084124022s ago: executing program 4 (id=9952):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0x8}}}, 0x24}}, 0x0)

1m41.926514666s ago: executing program 0 (id=9953):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x12d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r0, 0x0)
preadv2(r0, &(0x7f0000000240)=[{&(0x7f0000002dc0)=""/4107, 0x100b}], 0x1, 0xffff, 0x0, 0x1c)

1m41.83554245s ago: executing program 5 (id=9954):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000004c0), 0xf02, 0xf0, 0x0)

1m41.835391876s ago: executing program 8 (id=9955):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}}, 0x0)

1m41.835237868s ago: executing program 7 (id=9956):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000480)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x3, 0x2}, @timestamp={0x8, 0xa, 0x8, 0xffffffff}]}}}}}}}, 0x0)

1m41.519363532s ago: executing program 9 (id=9957):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000c"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x37)

1m41.38520976s ago: executing program 0 (id=9958):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
recvmmsg(r0, &(0x7f0000005c80), 0x400030f, 0x0, 0x0)
listen(r0, 0xd3)

1m41.328341377s ago: executing program 4 (id=9959):
r0 = socket(0x11, 0x2, 0x0)
setsockopt(r0, 0x107, 0x1, &(0x7f0000000080)="010000000000060000071a80000001cc", 0x10)
close(r0)

1m41.090307834s ago: executing program 7 (id=9960):
r0 = syz_io_uring_setup(0xed1, &(0x7f0000000400)={0x0, 0x586d, 0x10300, 0xfffffffe, 0x103}, &(0x7f00000005c0)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x1, 0x3000000000000, 0x0, 0x91c, 0x0, 0x1})
io_uring_enter(r0, 0xa3d, 0x0, 0x0, 0x0, 0xff39)

1m40.852092279s ago: executing program 9 (id=9961):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r0)
sendmsg$NFC_CMD_ENABLE_SE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

1m40.645937212s ago: executing program 8 (id=9962):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x96}, 0x20)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x1d6225b, 0x0, 0x0, 0x14}, 0x90)

1m40.633242433s ago: executing program 5 (id=9963):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32, @ANYBLOB="41000e0080000002ffffffffffff080211000000ffffffffffff00000000000000000000070001000406f0027f0006a7060206002503018c08720603030303030300000004000e"], 0x74}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)

1m40.57223565s ago: executing program 0 (id=9964):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80, 0xe}, 'port0\x00', 0x511e36599023629, 0x1840, 0x0, 0x4000000, 0xffffffff, 0x1, 0x0, 0x0, 0x5, 0x4})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100075, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6})

1m40.477162682s ago: executing program 4 (id=9965):
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x8}], 0x18}, 0x0)
r0 = io_uring_setup(0x20, &(0x7f00000000c0)={0x0, 0x0, 0x3000, 0x80000000, 0xfefffffd})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r0, 0x21, &(0x7f0000000340)={0x0, 0xebb9, 0x0, 0x3, 0xd5}, 0x1)

1m40.195318964s ago: executing program 9 (id=9966):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x14, r1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000000)

1m40.195131864s ago: executing program 7 (id=9967):
syz_io_uring_setup(0x275b, &(0x7f00000008c0)={0x0, 0x21d7, 0x40, 0x0, 0x2ad}, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)=ANY=[@ANYBLOB="1c0100002b00010000000000fcdbdf250a01f2800c00090008ac0f0000000000140001"], 0x11c}], 0x1, 0x0, 0x0, 0x1}, 0x0)

1m39.994586887s ago: executing program 5 (id=9968):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3003, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300))

1m39.957227684s ago: executing program 8 (id=9969):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
io_setup(0x1, &(0x7f00000005c0)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)

1m39.939482527s ago: executing program 0 (id=9970):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x1000000, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x18, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'batadv0\x00'}}, @TIPC_NLA_BEARER_PROP={0x4}]}]}, 0x2c}}, 0x0)

1m39.767394617s ago: executing program 4 (id=9971):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x12d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r0, 0x0)
preadv2(r0, &(0x7f0000000240)=[{&(0x7f0000002dc0)=""/4107, 0x100b}], 0x1, 0xffff, 0x0, 0x1c)

1m39.509818371s ago: executing program 9 (id=9972):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0)

1m39.452104454s ago: executing program 5 (id=9973):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000480)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x3, 0x2}, @timestamp={0x8, 0xa, 0x8, 0xffffffff}]}}}}}}}, 0x0)

1m39.310942162s ago: executing program 7 (id=9974):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$P9_RSTATu(r0, 0x0, 0x54c)

1m39.161498665s ago: executing program 0 (id=9975):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}}, 0x0)

0s ago: executing program 37 (id=9975):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}}, 0x0)

kernel console output (not intermixed with test programs):

id indirect mapped block 4294967295 (level 1)
[ 1018.444373][T27776] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #11: comm syz.9.8822: invalid indirect mapped block 4294967295 (level 1)
[ 1018.546978][T27787] loop4: detected capacity change from 0 to 512
[ 1018.659887][T27776] EXT4-fs (loop9): 2 truncates cleaned up
[ 1018.706024][T27776] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1018.785183][T27787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1018.893877][T27787] ext4 filesystem being mounted at /1461/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1019.385816][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1019.475974][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1020.528593][ T5943] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1020.659479][T27816] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[ 1020.818719][ T5943] usb 9-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[ 1020.871001][ T5943] usb 9-1: config 48 interface 0 altsetting 98 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1020.933302][ T5943] usb 9-1: config 48 interface 0 altsetting 98 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1020.985284][ T5943] usb 9-1: config 48 interface 0 altsetting 98 endpoint 0x8 has an invalid bInterval 0, changing to 7
[ 1021.060601][ T5943] usb 9-1: config 48 interface 0 altsetting 98 endpoint 0x8 has invalid wMaxPacketSize 0
[ 1021.122468][ T5943] usb 9-1: config 48 interface 0 altsetting 98 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1021.207926][ T5943] usb 9-1: config 48 interface 0 has no altsetting 0
[ 1021.260270][T27823] loop4: detected capacity change from 0 to 512
[ 1021.270485][ T5943] usb 9-1: New USB device found, idVendor=1784, idProduct=0006, bcdDevice=bb.2f
[ 1021.326395][ T5943] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1021.352026][T27823] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 1021.386411][ T5943] usb 9-1: Product: syz
[ 1021.418564][ T5943] usb 9-1: Manufacturer: syz
[ 1021.428103][T27823] EXT4-fs (loop4): 1 truncate cleaned up
[ 1021.444181][ T5943] usb 9-1: SerialNumber: syz
[ 1021.478777][T27823] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1021.801453][ T5943] usb 9-1: USB disconnect, device number 23
[ 1022.012153][T27801] loop7: detected capacity change from 0 to 32768
[ 1022.305108][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1022.515671][T27801] workqueue: Failed to create a rescuer kthread for wq "bcachefs_copygc": -EINTR
[ 1022.515886][T27801] bcachefs (loop7): shutdown complete
[ 1023.222822][ T5977] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1023.345360][T27846] loop8: detected capacity change from 0 to 256
[ 1023.410110][T27846] exfat: Deprecated parameter 'utf8'
[ 1023.449112][ T5977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1023.509046][ T5977] usb 2-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[ 1023.525724][T27846] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[ 1023.568303][ T5977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.656727][ T5977] usb 2-1: config 0 descriptor??
[ 1024.084961][T27854] loop9: detected capacity change from 0 to 4096
[ 1024.127416][T27854] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[ 1024.183901][ T5977] megaworld 0003:07B5:0312.0054: item fetching failed at offset 0/3
[ 1024.243160][ T5977] megaworld 0003:07B5:0312.0054: parse failed
[ 1024.264138][T27854] ntfs3(loop9): ino=1a, mi_enum_attr
[ 1024.276351][ T5977] megaworld 0003:07B5:0312.0054: probe with driver megaworld failed with error -22
[ 1024.296749][T27854] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1024.425496][ T5977] usb 2-1: USB disconnect, device number 56
[ 1025.727134][T27867] loop1: detected capacity change from 0 to 64
[ 1026.010876][T27872] netlink: 292 bytes leftover after parsing attributes in process `syz.9.8864'.
[ 1026.326554][T27876] loop8: detected capacity change from 0 to 512
[ 1026.509510][T27876] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[ 1026.549386][ T5840] Trying to free block not in datazone
[ 1026.585061][T27876] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[ 1026.660022][ T5840] Trying to free block not in datazone
[ 1026.679150][T27876] EXT4-fs error (device loop8): ext4_iget_extra_inode:5029: inode #15: comm syz.8.8865: corrupted in-inode xattr: e_value size too large
[ 1026.771656][ T5840] Trying to free block not in datazone
[ 1026.792652][T27876] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.8865: couldn't read orphan inode 15 (err -117)
[ 1026.812868][ T5840] Trying to free block not in datazone
[ 1026.821592][T27883] loop9: detected capacity change from 0 to 1024
[ 1026.842247][ T5840] Trying to free block not in datazone
[ 1026.870936][T27876] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1026.907344][ T5840] Trying to free block not in datazone
[ 1026.947772][ T5840] Trying to free block not in datazone
[ 1027.013978][ T5840] Trying to free block not in datazone
[ 1027.064839][ T5840] Trying to free block not in datazone
[ 1027.097602][ T5840] Trying to free block not in datazone
[ 1027.142123][T27887] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[ 1027.142123][T27887]    program syz.4.8870 not setting count and/or reply_len properly
[ 1027.160346][ T5840] Trying to free block not in datazone
[ 1027.165835][ T5840] Trying to free block not in datazone
[ 1027.238517][ T5840] Trying to free block not in datazone
[ 1027.293267][ T5840] Trying to free block not in datazone
[ 1027.547746][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1027.995888][T27893] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8885'.
[ 1030.039349][ T5943] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1030.228576][ T5943] usb 9-1: Using ep0 maxpacket: 16
[ 1030.247934][ T5943] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 1030.290261][ T5943] usb 9-1: config 0 has no interface number 0
[ 1030.296407][ T5943] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1030.366967][ T5943] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1030.400866][ T5152] Bluetooth: hci2: unexpected event for opcode 0x2028
[ 1030.423025][ T5943] usb 9-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1030.463624][ T5943] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1030.516045][ T5943] usb 9-1: config 0 descriptor??
[ 1030.624340][T27934] loop1: detected capacity change from 0 to 256
[ 1030.652568][T27934] exfat: Deprecated parameter 'namecase'
[ 1030.741340][T27934] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[ 1030.755805][T27903] loop9: detected capacity change from 0 to 32768
[ 1030.837661][T27903] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1031.001905][T27903] XFS (loop9): Ending clean mount
[ 1031.031739][ T5943] uclogic 0003:5543:0781.0055: unknown main item tag 0x0
[ 1031.098005][ T5943] uclogic 0003:5543:0781.0055: unknown main item tag 0x0
[ 1031.154030][ T5943] uclogic 0003:5543:0781.0055: unknown main item tag 0x0
[ 1031.206955][ T5943] uclogic 0003:5543:0781.0055: unknown main item tag 0x0
[ 1031.249975][ T5943] uclogic 0003:5543:0781.0055: unknown main item tag 0x0
[ 1031.318732][ T5943] uclogic 0003:5543:0781.0055: hidraw0: USB HID v0.40 Device [HID 5543:0781] on usb-dummy_hcd.8-1/input1
[ 1031.404507][ T5943] usb 9-1: USB disconnect, device number 24
[ 1031.672901][T27945] fido_id[27945]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[ 1032.238474][T27154] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1033.355403][T27801] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc
[ 1034.195431][T27975] loop4: detected capacity change from 0 to 256
[ 1034.202092][ T5943] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1034.288937][T27975] exfat: Deprecated parameter 'namecase'
[ 1034.383533][ T5943] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.497074][ T5943] usb 9-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[ 1034.551148][ T5943] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.584631][T27975] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[ 1034.637662][ T5943] usb 9-1: config 0 descriptor??
[ 1035.084204][T27978] loop9: detected capacity change from 0 to 16
[ 1035.161257][ T5943] megaworld 0003:07B5:0312.0056: item fetching failed at offset 0/3
[ 1035.210835][T27978] erofs (device loop9): mounted with root inode @ nid 36.
[ 1035.239937][ T5943] megaworld 0003:07B5:0312.0056: parse failed
[ 1035.296300][ T5943] megaworld 0003:07B5:0312.0056: probe with driver megaworld failed with error -22
[ 1035.467195][ T5943] usb 9-1: USB disconnect, device number 25
[ 1035.503280][T27978] erofs (device loop9): read error -117 @ 72 of nid 36
[ 1035.968141][T27963] loop1: detected capacity change from 0 to 32768
[ 1036.069287][T27987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8911'.
[ 1036.099617][T27987] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8911'.
[ 1036.153609][T27987] netlink: 'syz.0.8911': attribute type 11 has an invalid length.
[ 1036.384866][ T5943] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[ 1036.619257][ T5943] usb 8-1: Using ep0 maxpacket: 16
[ 1036.680065][ T5943] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[ 1036.712241][ T5943] usb 8-1: config 0 has no interface number 0
[ 1036.770672][ T5943] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1036.808752][T27995] netlink: 802 bytes leftover after parsing attributes in process `syz.1.8912'.
[ 1036.861397][ T5943] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1036.873875][T27993] loop8: detected capacity change from 0 to 1024
[ 1036.962290][ T5943] usb 8-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1037.058527][ T5943] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.126669][ T5943] usb 8-1: config 0 descriptor??
[ 1037.178982][T27993] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[ 1037.253862][T27993] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1037.369631][T27993] EXT4-fs (loop8): invalid journal inode
[ 1037.435211][T27993] EXT4-fs (loop8): can't get journal size
[ 1037.502393][T27993] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1037.747712][ T5943] uclogic 0003:5543:0781.0057: unknown main item tag 0x0
[ 1037.849315][ T5943] uclogic 0003:5543:0781.0057: unknown main item tag 0x0
[ 1037.928602][ T5943] uclogic 0003:5543:0781.0057: unknown main item tag 0x0
[ 1038.000664][ T5943] uclogic 0003:5543:0781.0057: unknown main item tag 0x0
[ 1038.055771][ T5943] uclogic 0003:5543:0781.0057: unknown main item tag 0x0
[ 1038.124514][ T5943] uclogic 0003:5543:0781.0057: hidraw0: USB HID v0.40 Device [HID 5543:0781] on usb-dummy_hcd.7-1/input1
[ 1038.157213][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1038.279663][ T5943] usb 8-1: USB disconnect, device number 20
[ 1038.451768][T28011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8932'.
[ 1038.659644][T28011] dummy0: entered promiscuous mode
[ 1038.744651][T28011] dummy0: left promiscuous mode
[ 1038.992146][T28009] fido_id[28009]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[ 1039.086361][T28015] siw: device registration error -23
[ 1039.724799][T28023] loop1: detected capacity change from 0 to 256
[ 1040.497527][T28034] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[ 1040.960674][T28039] netlink: 'syz.8.8933': attribute type 4 has an invalid length.
[ 1040.988078][T28043] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8934'.
[ 1041.765436][T28052] siw: device registration error -23
[ 1041.829994][ T5977] usb 8-1: new full-speed USB device number 21 using dummy_hcd
[ 1041.883656][T28050] loop8: detected capacity change from 0 to 1024
[ 1042.064347][ T5977] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.109250][ T5977] usb 8-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[ 1042.176232][ T5977] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.230333][ T5977] usb 8-1: config 0 descriptor??
[ 1042.424288][T28025] loop9: detected capacity change from 0 to 32768
[ 1042.846710][ T5977] wacom 0003:056A:0317.0058: Unknown device_type for 'HID 056a:0317'. Assuming pen.
[ 1042.985706][ T5977] wacom 0003:056A:0317.0058: hidraw0: USB HID v0.01 Device [HID 056a:0317] on usb-dummy_hcd.7-1/input0
[ 1043.097627][ T5977] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:056A:0317.0058/input/input64
[ 1043.374494][ T5977] usb 8-1: USB disconnect, device number 21
[ 1043.963339][T28067] fido_id[28067]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[ 1044.326720][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1044.326746][   T30] audit: type=1326 audit(2000000119.110:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1044.407773][T28080] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1044.451178][T28078] loop4: detected capacity change from 0 to 164
[ 1044.548481][T28078] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1044.590485][   T30] audit: type=1326 audit(2000000119.170:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1044.679137][ T5977] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[ 1044.699844][T28078] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1044.757271][T28078] Symlink component flag not implemented
[ 1044.796987][T28078] Symlink component flag not implemented
[ 1044.807619][   T30] audit: type=1326 audit(2000000119.210:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1044.882980][T28078] Symlink component flag not implemented (7)
[ 1044.903590][ T5977] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1044.936064][T28078] Symlink component flag not implemented (116)
[ 1044.982290][ T5977] usb 8-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[ 1045.011846][   T30] audit: type=1326 audit(2000000119.220:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff2de58e9e3 code=0x7ffc0000
[ 1045.054905][ T5977] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1045.092689][T28087] siw: device registration error -23
[ 1045.176004][ T5977] usb 8-1: config 0 descriptor??
[ 1045.247389][   T30] audit: type=1326 audit(2000000119.220:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff2de58d45f code=0x7ffc0000
[ 1045.516207][   T30] audit: type=1326 audit(2000000119.240:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff2de58ea37 code=0x7ffc0000
[ 1045.724316][ T5977] megaworld 0003:07B5:0312.0059: item fetching failed at offset 0/3
[ 1045.777683][   T30] audit: type=1326 audit(2000000119.240:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff2de58d310 code=0x7ffc0000
[ 1045.822578][ T5977] megaworld 0003:07B5:0312.0059: parse failed
[ 1045.891455][ T5977] megaworld 0003:07B5:0312.0059: probe with driver megaworld failed with error -22
[ 1045.922569][T28095] loop9: detected capacity change from 0 to 64
[ 1045.939824][ T5943] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1046.003686][   T30] audit: type=1326 audit(2000000119.240:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff2de58e5ab code=0x7ffc0000
[ 1046.035032][ T5977] usb 8-1: USB disconnect, device number 22
[ 1046.187128][ T5943] usb 1-1: Using ep0 maxpacket: 16
[ 1046.236698][ T5943] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1046.278616][   T30] audit: type=1326 audit(2000000119.240:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff2de58d60a code=0x7ffc0000
[ 1046.310940][ T5943] usb 1-1: config 0 has no interface number 0
[ 1046.340035][ T5943] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1046.370657][ T5943] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1046.409174][   T30] audit: type=1326 audit(2000000119.240:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28077 comm="syz.4.8950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff2de58d60a code=0x7ffc0000
[ 1046.476869][ T5943] usb 1-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1046.594572][ T5943] usb 1-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00
[ 1046.657293][ T5943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1046.723501][ T5943] usb 1-1: config 0 descriptor??
[ 1046.759832][T27154] Trying to free block not in datazone
[ 1046.894652][T27154] Trying to free block not in datazone
[ 1047.062081][T27154] Trying to free block not in datazone
[ 1047.067621][T27154] Trying to free block not in datazone
[ 1047.180757][T27154] Trying to free block not in datazone
[ 1047.237350][T27154] Trying to free block not in datazone
[ 1047.273372][ T5943] holtek_mouse 0003:04D9:A072.005A: unknown main item tag 0x0
[ 1047.302185][T27154] Trying to free block not in datazone
[ 1047.344203][ T5943] holtek_mouse 0003:04D9:A072.005A: unknown main item tag 0x0
[ 1047.355010][T27154] Trying to free block not in datazone
[ 1047.407725][T27154] Trying to free block not in datazone
[ 1047.450078][ T5943] holtek_mouse 0003:04D9:A072.005A: unknown main item tag 0x0
[ 1047.496421][T27154] Trying to free block not in datazone
[ 1047.532872][ T5943] holtek_mouse 0003:04D9:A072.005A: unknown main item tag 0x0
[ 1047.552664][T27154] Trying to free block not in datazone
[ 1047.607914][T27154] Trying to free block not in datazone
[ 1047.627150][ T5943] holtek_mouse 0003:04D9:A072.005A: hidraw0: USB HID v0.00 Device [HID 04d9:a072] on usb-dummy_hcd.0-1/input1
[ 1047.660776][T27154] Trying to free block not in datazone
[ 1047.682458][T28103] loop7: detected capacity change from 0 to 4096
[ 1047.730406][T27154] Trying to free block not in datazone
[ 1047.773017][T28103] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[ 1047.846902][ T5943] usb 1-1: USB disconnect, device number 56
[ 1047.960765][T28110] sp0: Synchronizing with TNC
[ 1048.179198][T28103] ntfs3(loop7): ino=19, mi_enum_attr
[ 1048.250480][T28103] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1048.558150][T28111] fido_id[28111]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1048.839321][ T5943] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1049.059651][ T5943] usb 2-1: Using ep0 maxpacket: 16
[ 1049.123655][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1049.191152][T28125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8972'.
[ 1049.244299][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1049.271979][T28125] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8972'.
[ 1049.356766][ T5943] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1049.442631][ T5943] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1049.527035][ T5943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.645760][ T5943] usb 2-1: config 0 descriptor??
[ 1050.161978][ T5943] microsoft 0003:045E:07DA.005B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1050.249069][ T5943] microsoft 0003:045E:07DA.005B: no inputs found
[ 1050.256033][ T5943] microsoft 0003:045E:07DA.005B: could not initialize ff, continuing anyway
[ 1050.373999][ T5943] usb 2-1: USB disconnect, device number 57
[ 1050.560706][T20479] usb 5-1: new full-speed USB device number 53 using dummy_hcd
[ 1050.733572][T28139] fido_id[28139]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1050.748813][ T5977] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1050.785640][T20479] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1050.834004][T20479] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1050.880494][ T1205] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 1050.927641][T20479] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1050.956549][T20479] usb 5-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[ 1050.975941][ T5977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1051.012651][T20479] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.044951][ T5977] usb 1-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[ 1051.077364][T20479] usb 5-1: config 0 descriptor??
[ 1051.087732][ T5977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.143800][ T1205] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1051.189745][ T5977] usb 1-1: config 0 descriptor??
[ 1051.205426][ T1205] usb 10-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[ 1051.286984][ T1205] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.379260][ T1205] usb 10-1: config 0 descriptor??
[ 1051.611882][T20479] saitek 0003:06A3:0621.005C: unknown main item tag 0x3
[ 1051.767506][ T5977] megaworld 0003:07B5:0312.005D: item fetching failed at offset 0/3
[ 1051.788985][T20479] saitek 0003:06A3:0621.005C: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.4-1/input0
[ 1051.867843][ T5977] megaworld 0003:07B5:0312.005D: parse failed
[ 1051.894021][ T1205] wacom 0003:056A:0317.005E: Unknown device_type for 'HID 056a:0317'. Assuming pen.
[ 1051.920607][ T5977] megaworld 0003:07B5:0312.005D: probe with driver megaworld failed with error -22
[ 1051.935397][T20479] usb 5-1: USB disconnect, device number 53
[ 1052.060822][ T5977] usb 1-1: USB disconnect, device number 57
[ 1052.105623][ T1205] wacom 0003:056A:0317.005E: hidraw0: USB HID v0.01 Device [HID 056a:0317] on usb-dummy_hcd.9-1/input0
[ 1052.283174][ T1205] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:056A:0317.005E/input/input67
[ 1052.478435][ T1205] usb 10-1: USB disconnect, device number 3
[ 1052.684920][T28156] fido_id[28156]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1053.014790][T28159] sp0: Synchronizing with TNC
[ 1054.088104][T28181] No buffer was provided with the request
[ 1054.275493][T28173] fido_id[28173]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1054.390013][T28186] genirq: Flags mismatch irq 5. 00200000 (pcl818) vs. 00200000 (comedi_parport)
[ 1054.770394][ T5977] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1054.989175][ T5977] usb 2-1: Using ep0 maxpacket: 32
[ 1055.082206][ T5977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1055.176828][ T5977] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1055.260425][ T5977] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1055.328329][ T5977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1055.408023][ T5977] usb 2-1: config 0 descriptor??
[ 1055.450725][ T5977] hub 2-1:0.0: USB hub found
[ 1055.540171][T20479] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[ 1055.681955][ T5977] hub 2-1:0.0: 29 ports detected
[ 1055.706438][ T5977] hub 2-1:0.0: insufficient power available to use all downstream ports
[ 1055.743542][T20479] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1055.811187][T20479] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1055.863845][T20479] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1055.917319][T20479] usb 1-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[ 1055.971458][T20479] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1056.049621][T20479] usb 1-1: config 0 descriptor??
[ 1056.279165][ T5844] usb 9-1: new full-speed USB device number 26 using dummy_hcd
[ 1056.296986][ T5977] usb 2-1: USB disconnect, device number 58
[ 1056.547049][T20479] saitek 0003:06A3:0621.005F: unknown main item tag 0x3
[ 1056.622010][T20479] saitek 0003:06A3:0621.005F: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.0-1/input0
[ 1056.748130][ T5844] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1056.768266][T20479] usb 1-1: USB disconnect, device number 58
[ 1056.850469][ T5844] usb 9-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[ 1056.969218][ T5844] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.040462][ T5844] usb 9-1: config 0 descriptor??
[ 1057.401721][T28219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9011'.
[ 1057.477459][T28223] loop9: detected capacity change from 0 to 512
[ 1057.495068][T28217] fido_id[28217]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1057.519681][T28219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9011'.
[ 1057.585236][ T5844] wacom 0003:056A:0317.0060: Unknown device_type for 'HID 056a:0317'. Assuming pen.
[ 1057.623500][T28223] EXT4-fs: Ignoring removed i_version option
[ 1057.720669][ T5844] wacom 0003:056A:0317.0060: hidraw0: USB HID v0.01 Device [HID 056a:0317] on usb-dummy_hcd.8-1/input0
[ 1057.752243][T28223] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1057.902933][ T5844] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:056A:0317.0060/input/input70
[ 1057.957306][T28223] EXT4-fs (loop9): 1 truncate cleaned up
[ 1058.182787][T28223] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1058.226720][ T5844] usb 9-1: USB disconnect, device number 26
[ 1058.917197][T28232] loop1: detected capacity change from 0 to 4096
[ 1059.132986][T28232] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[ 1059.231703][T28231] fido_id[28231]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[ 1059.305325][T28241] genirq: Flags mismatch irq 5. 00200000 (pcl818) vs. 00200000 (comedi_parport)
[ 1059.451323][T28232] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[ 1059.533384][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1060.769068][ T5977] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1060.901082][T28258] sp0: Synchronizing with TNC
[ 1060.962889][ T5977] usb 1-1: Using ep0 maxpacket: 32
[ 1060.993208][ T5977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1061.041288][ T5977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1061.112605][ T5977] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1061.149229][ T5977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.218969][ T5977] usb 1-1: config 0 descriptor??
[ 1061.270442][ T5977] hub 1-1:0.0: USB hub found
[ 1061.497870][ T5977] hub 1-1:0.0: 29 ports detected
[ 1061.546495][ T5977] hub 1-1:0.0: insufficient power available to use all downstream ports
[ 1061.761353][T20479] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[ 1061.927063][ T5977] usb 1-1: USB disconnect, device number 59
[ 1062.012647][T20479] usb 10-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1062.064620][T20479] usb 10-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1062.105418][T20479] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1062.132831][T20479] usb 10-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00
[ 1062.152838][T20479] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1062.178149][T20479] usb 10-1: config 0 descriptor??
[ 1062.415021][T28256] loop1: detected capacity change from 0 to 32768
[ 1062.447549][T28256] JBD2: Ignoring recovery information on journal
[ 1062.644900][T28256] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1062.669713][T20479] saitek 0003:06A3:0621.0061: unknown main item tag 0x3
[ 1062.717510][T20479] saitek 0003:06A3:0621.0061: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.9-1/input0
[ 1062.883231][T20479] usb 10-1: USB disconnect, device number 4
[ 1062.973849][T28269] tipc: Enabling <eth:lo> not permitted
[ 1063.009534][T28269] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[ 1063.231732][ T5840] ocfs2: Unmounting device (7,1) on (node local)
[ 1063.245851][T28267] fido_id[28267]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1063.322714][T28272] loop4: detected capacity change from 0 to 4096
[ 1063.389248][ T5977] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1063.543336][T28272] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1063.602903][ T5977] usb 1-1: Using ep0 maxpacket: 16
[ 1063.663010][ T5977] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1063.734575][ T5977] usb 1-1: config 0 has no interface number 0
[ 1063.816041][ T5977] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1063.915756][T28272] fs-verity (loop4, inode 16): Unknown hash algorithm number: 3
[ 1063.941762][ T5977] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1063.998647][ T5844] usb 8-1: new full-speed USB device number 23 using dummy_hcd
[ 1064.056395][ T5977] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1064.084491][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1064.208436][ T5977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.299436][ T5844] usb 8-1: config 0 has an invalid interface number: 230 but max is 0
[ 1064.307729][ T5844] usb 8-1: config 0 has no interface number 0
[ 1064.333332][ T5977] usb 1-1: config 0 descriptor??
[ 1064.443792][ T5844] usb 8-1: too many endpoints for config 0 interface 230 altsetting 255: 65, using maximum allowed: 30
[ 1064.464374][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1064.524937][T28285] loop8: detected capacity change from 0 to 512
[ 1064.564170][ T5844] usb 8-1: config 0 interface 230 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1064.623271][T28285] EXT4-fs: Ignoring removed i_version option
[ 1064.726905][ T5844] usb 8-1: config 0 interface 230 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1064.803131][ T5844] usb 8-1: config 0 interface 230 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[ 1064.901779][T28285] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1064.931687][ T5977] uclogic 0003:5543:0781.0062: unknown main item tag 0x0
[ 1064.969930][ T5844] usb 8-1: config 0 interface 230 has no altsetting 0
[ 1065.022302][ T5977] uclogic 0003:5543:0781.0062: unknown main item tag 0x0
[ 1065.035348][ T5844] usb 8-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1065.087047][ T5977] uclogic 0003:5543:0781.0062: unknown main item tag 0x0
[ 1065.108163][ T5844] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1065.177818][ T5977] uclogic 0003:5543:0781.0062: unknown main item tag 0x0
[ 1065.220464][ T5844] usb 8-1: config 0 descriptor??
[ 1065.244053][ T5977] uclogic 0003:5543:0781.0062: unknown main item tag 0x0
[ 1065.262454][T28285] EXT4-fs (loop8): 1 truncate cleaned up
[ 1065.280714][T28285] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1065.335472][ T5977] uclogic 0003:5543:0781.0062: hidraw0: USB HID v0.40 Device [HID 5543:0781] on usb-dummy_hcd.0-1/input1
[ 1065.409152][T20479] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[ 1065.491037][ T5977] usb 1-1: USB disconnect, device number 60
[ 1065.690486][T20479] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1065.778458][T20479] usb 2-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00
[ 1065.813881][ T5844] uclogic 0003:5543:0781.0063: item fetching failed at offset 2/5
[ 1065.832613][T20479] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1065.851735][ T5844] uclogic 0003:5543:0781.0063: parse failed
[ 1065.857794][ T5844] uclogic 0003:5543:0781.0063: probe with driver uclogic failed with error -22
[ 1065.936367][T20479] usb 2-1: config 0 descriptor??
[ 1066.088680][ T5844] usb 8-1: USB disconnect, device number 23
[ 1066.100679][T28294] fido_id[28294]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1066.437558][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1066.553138][T20479] wacom 0003:056A:0317.0064: Unknown device_type for 'HID 056a:0317'. Assuming pen.
[ 1066.667666][T20479] wacom 0003:056A:0317.0064: hidraw0: USB HID v0.01 Device [HID 056a:0317] on usb-dummy_hcd.1-1/input0
[ 1066.756849][T20479] input: Wacom Intuos Pro L Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0317.0064/input/input73
[ 1066.988520][ T5844] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1067.060029][T20479] usb 2-1: USB disconnect, device number 59
[ 1067.253565][ T5844] usb 5-1: Using ep0 maxpacket: 32
[ 1067.324791][ T5844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1067.394355][T28304] fido_id[28304]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[ 1067.444039][ T5844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1067.530396][ T5844] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1067.612695][ T5844] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.710335][ T5844] usb 5-1: config 0 descriptor??
[ 1067.781318][ T5844] hub 5-1:0.0: USB hub found
[ 1067.885702][T28319] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9051'.
[ 1067.998984][ T5844] hub 5-1:0.0: 29 ports detected
[ 1068.039954][ T5844] hub 5-1:0.0: insufficient power available to use all downstream ports
[ 1068.300391][T28324] kernel profiling enabled (shift: 9)
[ 1068.726660][ T5844] usb 5-1: USB disconnect, device number 54
[ 1069.465862][T28337] loop9: detected capacity change from 0 to 256
[ 1070.155652][T28347] loop1: detected capacity change from 0 to 512
[ 1070.195086][T28344] loop4: detected capacity change from 0 to 2048
[ 1070.273258][T28347] EXT4-fs: Ignoring removed i_version option
[ 1070.420806][T28347] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1070.435904][T28352] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1070.556973][T28353] comedi comedi3: comedi_test: 20263 microvolt, 5 microsecond waveform attached
[ 1070.772426][T28347] EXT4-fs (loop1): 1 truncate cleaned up
[ 1070.872233][T28347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1071.594018][T28363] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9074'.
[ 1071.695081][T28363] nbd: must specify a size in bytes for the device
[ 1071.876392][ T5840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1073.998446][T28212] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1074.228437][T28212] usb 9-1: Using ep0 maxpacket: 8
[ 1074.271961][T28212] usb 9-1: config 2 has an invalid interface number: 31 but max is 0
[ 1074.339104][T28212] usb 9-1: config 2 has no interface number 0
[ 1074.357784][T28403] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9089'.
[ 1074.407978][T28212] usb 9-1: config 2 interface 31 has no altsetting 0
[ 1074.463814][T28406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9089'.
[ 1074.486772][T28402] comedi comedi3: comedi_test: 20263 microvolt, 5 microsecond waveform attached
[ 1074.523522][T28212] usb 9-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 1074.571001][T28212] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.665466][T28212] usb 9-1: Product: syz
[ 1074.674803][T28212] usb 9-1: Manufacturer: syz
[ 1074.704965][T28212] usb 9-1: SerialNumber: syz
[ 1075.232676][T28212] ch9200 9-1:2.31: probe with driver ch9200 failed with error -22
[ 1075.337522][T28212] usb 9-1: USB disconnect, device number 27
[ 1075.473595][T28417] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9094'.
[ 1076.230169][T28427] loop7: detected capacity change from 0 to 1024
[ 1076.295419][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1076.295448][   T30] audit: type=1326 audit(2000000151.080:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.643497][   T30] audit: type=1326 audit(2000000151.160:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.888180][   T30] audit: type=1326 audit(2000000151.180:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.893566][   T30] audit: type=1326 audit(2000000151.180:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.893645][   T30] audit: type=1326 audit(2000000151.180:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.893721][   T30] audit: type=1326 audit(2000000151.180:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.893803][   T30] audit: type=1326 audit(2000000151.180:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.893877][   T30] audit: type=1326 audit(2000000151.180:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28431 comm="syz.8.9101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1076.907325][   T12] hfsplus: b-tree write err: -5, ino 4
[ 1077.319161][T28212] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 1077.468240][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1077.482548][ T5152] Bluetooth: hci4: unexpected event for opcode 0x0c25
[ 1077.499370][T28212] usb 9-1: Using ep0 maxpacket: 16
[ 1077.509083][T28212] usb 9-1: config 0 has an invalid interface number: 214 but max is 0
[ 1077.509135][T28212] usb 9-1: config 0 has no interface number 0
[ 1077.510833][T28212] usb 9-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1077.526393][T28212] usb 9-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1077.526440][T28212] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1077.526477][T28212] usb 9-1: Product: syz
[ 1077.526517][T28212] usb 9-1: Manufacturer: syz
[ 1077.526545][T28212] usb 9-1: SerialNumber: syz
[ 1077.533034][T28212] usb 9-1: config 0 descriptor??
[ 1077.684989][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1078.266657][T28212] usbtouchscreen 9-1:0.214: probe with driver usbtouchscreen failed with error -71
[ 1078.271035][T28212] usb 9-1: USB disconnect, device number 28
[ 1080.121368][T28477] loop1: detected capacity change from 0 to 2048
[ 1080.215130][T28477] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1080.267096][T28477] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1080.364325][T28477] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1080.758591][T20479] usb 9-1: new full-speed USB device number 29 using dummy_hcd
[ 1080.975567][T20479] usb 9-1: config 0 has an invalid interface number: 230 but max is 0
[ 1081.005716][T28492] loop7: detected capacity change from 0 to 256
[ 1081.018718][T20479] usb 9-1: config 0 has no interface number 0
[ 1081.069213][T20479] usb 9-1: too many endpoints for config 0 interface 230 altsetting 255: 65, using maximum allowed: 30
[ 1081.082805][T28492] exfat: Deprecated parameter 'utf8'
[ 1081.144414][T20479] usb 9-1: config 0 interface 230 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1081.211982][T28492] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1081.247587][T20479] usb 9-1: config 0 interface 230 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1081.304349][T20479] usb 9-1: config 0 interface 230 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[ 1081.401354][T28493] loop4: detected capacity change from 0 to 4096
[ 1081.412192][T20479] usb 9-1: config 0 interface 230 has no altsetting 0
[ 1081.458363][T20479] usb 9-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1081.481310][T28493] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1081.512043][T20479] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1081.566328][T20479] usb 9-1: config 0 descriptor??
[ 1081.615817][T28499] loop1: detected capacity change from 0 to 1024
[ 1081.963669][   T13] hfsplus: b-tree write err: -5, ino 4
[ 1082.090964][T20479] uclogic 0003:5543:0781.0065: item fetching failed at offset 2/5
[ 1082.156343][T20479] uclogic 0003:5543:0781.0065: parse failed
[ 1082.186195][T20479] uclogic 0003:5543:0781.0065: probe with driver uclogic failed with error -22
[ 1082.279461][T20479] usb 9-1: USB disconnect, device number 29
[ 1083.558495][T28212] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1083.731660][T28212] usb 1-1: Using ep0 maxpacket: 16
[ 1083.772400][T28212] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1083.829483][T28212] usb 1-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[ 1083.896022][T28212] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1083.991606][T28212] usb 1-1: config 0 descriptor??
[ 1084.775367][T20479] usb 1-1: USB disconnect, device number 61
[ 1085.284703][T28546] loop8: detected capacity change from 0 to 128
[ 1085.323424][T28545] IPVS: stopping master sync thread 28547 ...
[ 1085.329666][T28547] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1085.401974][T28546] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1085.477044][T28546] ext4 filesystem being mounted at /521/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1085.536967][T28530] loop1: detected capacity change from 0 to 32768
[ 1085.801886][T20109] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1086.136932][T28556] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1086.517330][T28558] loop7: detected capacity change from 0 to 512
[ 1086.572612][T28558] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1086.613723][T28558] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[ 1086.643985][T28558] EXT4-fs error (device loop7): ext4_iget_extra_inode:5029: inode #15: comm syz.7.9160: corrupted in-inode xattr: e_value size too large
[ 1086.705977][T28558] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.9160: couldn't read orphan inode 15 (err -117)
[ 1086.757438][T28558] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1087.112381][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1087.254580][T28565] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9163'.
[ 1087.744175][T28552] Bluetooth: hci2: command 0x0406 tx timeout
[ 1087.792597][T28493] ntfs3(loop4): Failed to read $UpCase (-4).
[ 1087.809525][T28573] netlink: 216 bytes leftover after parsing attributes in process `syz.1.9167'.
[ 1087.889219][T28573] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9167'.
[ 1087.946049][T28573] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9167'.
[ 1087.968564][T28575] netlink: 20 bytes leftover after parsing attributes in process `syz.9.9168'.
[ 1088.890412][T28594] 9pnet_fd: Insufficient options for proto=fd
[ 1089.618511][T28606] (syz.9.9182,28606,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1089.671215][T28606] (syz.9.9182,28606,0):ocfs2_fill_super:1177 ERROR: status = -22
[ 1090.123956][T28621] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.9185' resets device
[ 1091.078624][T20479] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[ 1091.224052][T28637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9195'.
[ 1091.254787][T28641] netlink: 'syz.4.9196': attribute type 2 has an invalid length.
[ 1091.291085][T20479] usb 9-1: Using ep0 maxpacket: 16
[ 1091.358029][T20479] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1091.413970][T20479] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1091.498609][T20479] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1091.609792][T20479] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1091.647182][T20479] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1091.719475][T20479] usb 9-1: config 0 descriptor??
[ 1091.819657][T28647] loop9: detected capacity change from 0 to 256
[ 1091.940046][T28651] loop1: detected capacity change from 0 to 1024
[ 1092.330949][T20479] microsoft 0003:045E:07DA.0067: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[ 1092.402331][T20479] microsoft 0003:045E:07DA.0067: no inputs found
[ 1092.444655][T20479] microsoft 0003:045E:07DA.0067: could not initialize ff, continuing anyway
[ 1092.523157][T20479] usb 9-1: USB disconnect, device number 30
[ 1093.903736][   T30] audit: type=1800 audit(2000000168.690:466): pid=28683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9215" name="bus" dev="tmpfs" ino=8102 res=0 errno=0
[ 1094.433675][T28687] loop9: detected capacity change from 0 to 256
[ 1094.505130][T28687] exfat: Deprecated parameter 'utf8'
[ 1094.627935][T28691] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1094.790272][T28687] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[ 1094.815859][T28693] loop8: detected capacity change from 0 to 16
[ 1094.893380][T28693] erofs (device loop8): mounted with root inode @ nid 36.
[ 1095.619818][   T30] audit: type=1326 audit(2000000170.390:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1095.666217][T28704] loop7: detected capacity change from 0 to 2048
[ 1095.684744][T28706] loop4: detected capacity change from 0 to 1024
[ 1095.732714][   T30] audit: type=1326 audit(2000000170.390:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1095.893488][   T30] audit: type=1326 audit(2000000170.400:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1095.915904][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1095.966325][T28704] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1096.119487][T28704] bio_check_eod: 4 callbacks suppressed
[ 1096.119523][T28704] syz.7.9226: attempt to access beyond end of device
[ 1096.119523][T28704] loop7: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[ 1096.126934][T28716] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1096.167219][T28709] loop8: detected capacity change from 0 to 8192
[ 1096.168490][   T30] audit: type=1326 audit(2000000170.400:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fba3b98e9e3 code=0x7ffc0000
[ 1096.168575][   T30] audit: type=1326 audit(2000000170.520:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fba3b98d45f code=0x7ffc0000
[ 1096.168681][   T30] audit: type=1326 audit(2000000170.950:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fba3b98ea37 code=0x7ffc0000
[ 1096.168752][   T30] audit: type=1326 audit(2000000170.950:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fba3b98d310 code=0x7ffc0000
[ 1096.168823][   T30] audit: type=1326 audit(2000000170.950:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fba3b98e5ab code=0x7ffc0000
[ 1096.168893][   T30] audit: type=1326 audit(2000000170.950:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28702 comm="syz.8.9227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fba3b98d60a code=0x7ffc0000
[ 1097.393758][T19155] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[ 1097.691624][T28743] loop1: detected capacity change from 0 to 64
[ 1097.925836][T19155] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1098.035599][T19155] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.4b
[ 1098.054259][T19155] usb 9-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[ 1098.073916][T19155] usb 9-1: Product: syz
[ 1098.106919][T19155] usb 9-1: config 0 descriptor??
[ 1098.305549][T28750] netlink: 32 bytes leftover after parsing attributes in process `syz.7.9246'.
[ 1098.409015][T28752] loop9: detected capacity change from 0 to 256
[ 1098.710283][T19155] ath6kl: Unsupported hardware version: 0x0
[ 1098.717437][T19155] ath6kl: Failed to init ath6kl core: -22
[ 1098.737041][T19155] ath6kl_usb 9-1:0.0: probe with driver ath6kl_usb failed with error -22
[ 1098.853885][T28722] loop4: detected capacity change from 0 to 32768
[ 1098.917861][T28212] usb 9-1: USB disconnect, device number 31
[ 1099.144734][T28757] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9249'.
[ 1099.331103][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1099.331103][ T1145] loop1: rw=1, sector=65, nr_sectors = 1 limit=64
[ 1099.402737][ T1145] buffer_io_error: 2 callbacks suppressed
[ 1099.402764][ T1145] Buffer I/O error on dev loop1, logical block 65, lost async page write
[ 1099.533153][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1099.533153][ T1145] loop1: rw=1, sector=66, nr_sectors = 1 limit=64
[ 1099.651676][ T1145] Buffer I/O error on dev loop1, logical block 66, lost async page write
[ 1099.699437][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1099.699437][ T1145] loop1: rw=1, sector=67, nr_sectors = 1 limit=64
[ 1099.768325][ T1145] Buffer I/O error on dev loop1, logical block 67, lost async page write
[ 1099.787125][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1099.787125][ T1145] loop1: rw=1, sector=68, nr_sectors = 1 limit=64
[ 1099.808271][ T1145] Buffer I/O error on dev loop1, logical block 68, lost async page write
[ 1099.827908][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1099.827908][ T1145] loop1: rw=1, sector=72, nr_sectors = 1 limit=64
[ 1099.915035][ T1145] Buffer I/O error on dev loop1, logical block 72, lost async page write
[ 1100.000147][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1100.000147][ T1145] loop1: rw=1, sector=73, nr_sectors = 1 limit=64
[ 1100.071974][ T1145] Buffer I/O error on dev loop1, logical block 73, lost async page write
[ 1100.131095][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1100.131095][ T1145] loop1: rw=1, sector=76, nr_sectors = 1 limit=64
[ 1100.232313][ T1145] Buffer I/O error on dev loop1, logical block 76, lost async page write
[ 1100.268356][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1100.268356][ T1145] loop1: rw=1, sector=77, nr_sectors = 1 limit=64
[ 1100.314017][ T1145] Buffer I/O error on dev loop1, logical block 77, lost async page write
[ 1100.388141][ T1145] kworker/u8:7: attempt to access beyond end of device
[ 1100.388141][ T1145] loop1: rw=1, sector=78, nr_sectors = 2009 limit=64
[ 1100.849298][T28212] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1101.039230][T28212] usb 1-1: Using ep0 maxpacket: 16
[ 1101.069226][T28212] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1101.127795][T28782] loop7: detected capacity change from 0 to 256
[ 1101.135526][T28212] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1101.174752][T28212] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1101.204580][T28782] exfat: Deprecated parameter 'utf8'
[ 1101.277767][T28212] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1101.352561][T28212] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1101.388450][T28782] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[ 1101.446034][T28212] usb 1-1: config 0 descriptor??
[ 1101.784681][T28787] loop1: detected capacity change from 0 to 256
[ 1101.917709][T28787] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1101.978812][T28552] Bluetooth: hci5: command 0x0406 tx timeout
[ 1101.997612][T28212] microsoft 0003:045E:07DA.0068: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1102.057096][T28212] microsoft 0003:045E:07DA.0068: no inputs found
[ 1102.094265][T28212] microsoft 0003:045E:07DA.0068: could not initialize ff, continuing anyway
[ 1102.212597][T28212] usb 1-1: USB disconnect, device number 62
[ 1102.330693][T28793] loop8: detected capacity change from 0 to 256
[ 1102.465496][T28791] loop7: detected capacity change from 0 to 4096
[ 1102.540555][T28791] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[ 1102.700832][T28791] ntfs3(loop7): ino=19, mi_enum_attr
[ 1102.725764][T28791] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1103.235164][T28775] loop4: detected capacity change from 0 to 32768
[ 1103.290398][T28775] (syz.4.9250,28775,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1103.397005][T28775] (syz.4.9250,28775,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1103.542369][T28775] (syz.4.9250,28775,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[ 1103.644044][T28775] JBD2: Ignoring recovery information on journal
[ 1103.882363][T28775] JBD2: journal reset failed
[ 1103.902725][T28775] (syz.4.9250,28775,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[ 1103.968506][T28775] (syz.4.9250,28775,0):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4
[ 1104.820227][T28819] loop1: detected capacity change from 0 to 64
[ 1106.103451][T28839] loop1: detected capacity change from 0 to 1024
[ 1106.708467][T28212] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[ 1106.919618][T28212] usb 8-1: Using ep0 maxpacket: 16
[ 1106.955558][T28212] usb 8-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1107.007425][T28212] usb 8-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1107.072816][T28212] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1107.080089][ T5977] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1107.123789][T28212] usb 8-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[ 1107.156351][T28212] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1107.241218][T28212] usb 8-1: config 0 descriptor??
[ 1107.266408][ T5977] usb 2-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1107.316123][ T5977] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1107.360487][ T5977] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1107.431595][ T5977] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1107.511496][ T5977] usb 2-1: config 0 descriptor??
[ 1107.730964][T28212] redragon 0003:0C45:760B.0069: item fetching failed at offset 0/4
[ 1107.834696][T28212] redragon 0003:0C45:760B.0069: probe with driver redragon failed with error -22
[ 1107.995003][T28212] usb 8-1: USB disconnect, device number 24
[ 1108.082558][ T5977] acrux 0003:1A34:0802.006A: unknown main item tag 0x0
[ 1108.127102][ T5977] acrux 0003:1A34:0802.006A: hidraw0: USB HID v10.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0
[ 1108.192968][ T5977] acrux 0003:1A34:0802.006A: no inputs found
[ 1108.215014][ T5977] acrux 0003:1A34:0802.006A: Failed to enable force feedback support, error: -19
[ 1108.317005][ T5977] usb 2-1: USB disconnect, device number 60
[ 1108.715842][T28868] loop8: detected capacity change from 0 to 1024
[ 1108.727082][T28868] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[ 1110.081590][T28891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9314'.
[ 1110.172674][T28891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9314'.
[ 1110.198615][ T5977] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1110.348523][T28212] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[ 1110.360492][ T5977] usb 2-1: Using ep0 maxpacket: 8
[ 1110.415111][ T5977] usb 2-1: config 2 has an invalid interface number: 31 but max is 0
[ 1110.453860][ T5977] usb 2-1: config 2 has no interface number 0
[ 1110.476029][ T5977] usb 2-1: config 2 interface 31 has no altsetting 0
[ 1110.515501][ T5977] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 1110.539269][T28212] usb 9-1: Using ep0 maxpacket: 16
[ 1110.575495][T28212] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1110.594042][ T5977] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1110.629303][ T5977] usb 2-1: Product: syz
[ 1110.640567][T28212] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1110.661973][ T5977] usb 2-1: Manufacturer: syz
[ 1110.683784][ T5977] usb 2-1: SerialNumber: syz
[ 1110.694767][T28212] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1110.776778][T28212] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1110.850316][T28212] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.949488][T28212] usb 9-1: config 0 descriptor??
[ 1111.169683][ T5977] ch9200 2-1:2.31: probe with driver ch9200 failed with error -22
[ 1111.215143][ T5977] usb 2-1: USB disconnect, device number 61
[ 1111.278482][ T5844] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[ 1111.428031][T28212] microsoft 0003:045E:07DA.006B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[ 1111.461358][T28212] microsoft 0003:045E:07DA.006B: no inputs found
[ 1111.471507][ T5844] usb 8-1: Using ep0 maxpacket: 16
[ 1111.493155][T28212] microsoft 0003:045E:07DA.006B: could not initialize ff, continuing anyway
[ 1111.512611][ T5844] usb 8-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1111.533212][ T5844] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1111.563602][ T5844] usb 8-1: Product: syz
[ 1111.573282][ T5844] usb 8-1: Manufacturer: syz
[ 1111.586156][ T5844] usb 8-1: SerialNumber: syz
[ 1111.607786][ T5844] usb 8-1: config 0 descriptor??
[ 1111.613122][T20479] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1111.658519][ T5844] visor 8-1:0.0: Sony Clie 3.5 converter detected
[ 1111.716848][T28212] usb 9-1: USB disconnect, device number 32
[ 1111.802487][T20479] usb 1-1: Using ep0 maxpacket: 16
[ 1111.824536][T20479] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1111.891291][T20479] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1111.949183][T20479] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1112.007614][T20479] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1112.064298][T20479] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1112.101739][ T5844] usb 8-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 1112.126487][T20479] usb 1-1: config 0 descriptor??
[ 1112.345320][ T5844] usb 8-1: USB disconnect, device number 25
[ 1112.410338][ T5844] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 1112.455087][ T5844] visor 8-1:0.0: device disconnected
[ 1112.678778][T20479] microsoft 0003:045E:07DA.006C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1112.735103][T20479] microsoft 0003:045E:07DA.006C: no inputs found
[ 1112.778328][T20479] microsoft 0003:045E:07DA.006C: could not initialize ff, continuing anyway
[ 1113.008373][T20479] usb 1-1: USB disconnect, device number 63
[ 1113.142916][T28928] loop9: detected capacity change from 0 to 1024
[ 1114.143017][T28947] loop1: detected capacity change from 0 to 512
[ 1114.222828][T28947] EXT4-fs: Ignoring removed nobh option
[ 1114.458887][T28943] loop7: detected capacity change from 0 to 4096
[ 1114.479726][T28947] EXT4-fs error (device loop1): ext4_do_update_inode:5563: inode #16: comm syz.1.9336: corrupted inode contents
[ 1114.519403][T28943] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1114.599265][T28947] EXT4-fs (loop1): Remounting filesystem read-only
[ 1114.638704][ T5844] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 1114.646069][T28947] EXT4-fs (loop1): 1 truncate cleaned up
[ 1114.664983][T28947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1114.706515][ T1145] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1114.719788][T28947] ext4 filesystem being mounted at /1583/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1114.762882][T28943] ntfs3(loop7): ino=b, mi_enum_attr
[ 1114.766203][ T1145] __quota_error: 18 callbacks suppressed
[ 1114.766226][ T1145] Quota error (device loop1): write_blk: dquota write failed
[ 1114.807212][T28943] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1114.852235][ T5844] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1114.852832][T28943] ntfs3(loop7): Failed to load $Extend (-22).
[ 1114.878562][T28943] ntfs3(loop7): Failed to initialize $Extend.
[ 1114.889364][ T1145] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[ 1114.927361][ T1145] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1114.940943][ T5844] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[ 1114.954388][ T5844] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[ 1115.017104][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1115.077987][ T5844] usb 1-1: Product: syz
[ 1115.108117][ T5844] usb 1-1: Manufacturer: syz
[ 1115.156710][ T5844] usb 1-1: SerialNumber: syz
[ 1115.225622][ T1145] Quota error (device loop1): write_blk: dquota write failed
[ 1115.320601][ T5840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1115.353569][ T1145] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[ 1115.466912][ T1145] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1115.535804][ T1145] Quota error (device loop1): v2_write_file_info: Can't write info structure
[ 1115.620301][ T1145] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1116.041801][T28969] loop9: detected capacity change from 0 to 256
[ 1116.138609][ T5844] usb 1-1: reset high-speed USB device number 64 using dummy_hcd
[ 1116.185018][T28969] FAT-fs (loop9): Directory bread(block 64) failed
[ 1116.227282][T28969] FAT-fs (loop9): Directory bread(block 65) failed
[ 1116.271737][T28969] FAT-fs (loop9): Directory bread(block 66) failed
[ 1116.335405][T28969] FAT-fs (loop9): Directory bread(block 67) failed
[ 1116.355703][ T5844] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1116.405285][ T5844] usb 1-1: device firmware changed
[ 1116.419215][T28969] FAT-fs (loop9): Directory bread(block 68) failed
[ 1116.466945][ T5844] usb 1-1: USB disconnect, device number 64
[ 1116.482827][T28969] FAT-fs (loop9): Directory bread(block 69) failed
[ 1116.535627][T28969] FAT-fs (loop9): Directory bread(block 70) failed
[ 1116.624162][T28969] FAT-fs (loop9): Directory bread(block 71) failed
[ 1116.669766][T28948] loop4: detected capacity change from 0 to 32768
[ 1116.689656][T28969] FAT-fs (loop9): Directory bread(block 72) failed
[ 1116.730090][T28969] FAT-fs (loop9): Directory bread(block 73) failed
[ 1116.760925][T28948] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.9337 (28948)
[ 1116.872885][T28948] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[ 1116.923134][T28948] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[ 1116.992920][T28948] BTRFS info (device loop4): using free-space-tree
[ 1117.085218][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[ 1117.085715][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[ 1117.134289][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[ 1117.254893][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[ 1117.312872][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[ 1117.371815][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1117.442823][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1117.556338][T28948] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1117.793680][T28948] BTRFS error (device loop4): open_ctree failed: -12
[ 1118.075482][T29003] loop8: detected capacity change from 0 to 256
[ 1118.134865][T29003] exfat: Deprecated parameter 'namecase'
[ 1118.261758][T29003] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1118.501718][T29005] loop7: detected capacity change from 0 to 4096
[ 1118.597659][T29005] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1119.115638][T28212] IPVS: starting estimator thread 0...
[ 1119.209194][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1119.241835][T29022] IPVS: using max 21 ests per chain, 50400 per kthread
[ 1119.972583][T29030] loop7: detected capacity change from 0 to 2048
[ 1120.037510][T29030] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1120.797316][T29043] loop8: detected capacity change from 0 to 1024
[ 1121.173610][   T12] hfsplus: b-tree write err: -5, ino 4
[ 1121.640539][T29049] loop1: detected capacity change from 0 to 4096
[ 1121.646507][T29055] loop4: detected capacity change from 0 to 2048
[ 1121.677237][T29057] loop8: detected capacity change from 0 to 64
[ 1121.699236][T29049] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[ 1121.929669][T29059] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9381'.
[ 1121.966116][   T30] audit: type=1800 audit(2000000196.750:494): pid=29049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9388" name="file1" dev="loop1" ino=30 res=0 errno=0
[ 1122.438424][T28212] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[ 1122.529140][T29069] IPVS: Error connecting to the multicast addr
[ 1122.623308][T28212] usb 10-1: config 0 has an invalid interface number: 230 but max is 0
[ 1122.667391][T28212] usb 10-1: config 0 has no interface number 0
[ 1122.703710][T28212] usb 10-1: too many endpoints for config 0 interface 230 altsetting 255: 65, using maximum allowed: 30
[ 1122.779926][T28212] usb 10-1: config 0 interface 230 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1122.881735][T28212] usb 10-1: config 0 interface 230 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1122.971395][T28212] usb 10-1: config 0 interface 230 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[ 1123.006811][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.006811][T20288] loop8: rw=1, sector=65, nr_sectors = 1 limit=64
[ 1123.041864][T28212] usb 10-1: config 0 interface 230 has no altsetting 0
[ 1123.075724][T28212] usb 10-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1123.079164][T20288] Buffer I/O error on dev loop8, logical block 65, lost async page write
[ 1123.154837][T28212] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1123.192706][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.192706][T20288] loop8: rw=1, sector=66, nr_sectors = 1 limit=64
[ 1123.229799][T28212] usb 10-1: config 0 descriptor??
[ 1123.249986][T20288] Buffer I/O error on dev loop8, logical block 66, lost async page write
[ 1123.368542][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.368542][T20288] loop8: rw=1, sector=67, nr_sectors = 1 limit=64
[ 1123.458563][T20288] Buffer I/O error on dev loop8, logical block 67, lost async page write
[ 1123.528447][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.528447][T20288] loop8: rw=1, sector=68, nr_sectors = 1 limit=64
[ 1123.614035][T20288] Buffer I/O error on dev loop8, logical block 68, lost async page write
[ 1123.673808][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.673808][T20288] loop8: rw=1, sector=72, nr_sectors = 1 limit=64
[ 1123.695318][T29089] loop1: detected capacity change from 0 to 256
[ 1123.737972][T28212] uclogic 0003:5543:0781.006D: item fetching failed at offset 2/5
[ 1123.781939][T20288] Buffer I/O error on dev loop8, logical block 72, lost async page write
[ 1123.810264][T28212] uclogic 0003:5543:0781.006D: parse failed
[ 1123.816319][T28212] uclogic 0003:5543:0781.006D: probe with driver uclogic failed with error -22
[ 1123.841314][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.841314][T20288] loop8: rw=1, sector=73, nr_sectors = 1 limit=64
[ 1123.921579][T20288] Buffer I/O error on dev loop8, logical block 73, lost async page write
[ 1123.948062][T28212] usb 10-1: USB disconnect, device number 5
[ 1123.977104][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1123.977104][T20288] loop8: rw=1, sector=76, nr_sectors = 1 limit=64
[ 1124.097004][T20288] Buffer I/O error on dev loop8, logical block 76, lost async page write
[ 1124.116396][   T30] audit: type=1326 audit(2000000198.880:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1124.175529][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1124.175529][T20288] loop8: rw=1, sector=77, nr_sectors = 1 limit=64
[ 1124.207595][T29089] FAT-fs (loop1): Directory bread(block 64) failed
[ 1124.234874][T29089] FAT-fs (loop1): Directory bread(block 65) failed
[ 1124.263239][T20288] Buffer I/O error on dev loop8, logical block 77, lost async page write
[ 1124.283535][   T30] audit: type=1326 audit(2000000198.880:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1124.320832][T29089] FAT-fs (loop1): Directory bread(block 66) failed
[ 1124.372840][T20288] kworker/u8:8: attempt to access beyond end of device
[ 1124.372840][T20288] loop8: rw=1, sector=78, nr_sectors = 2009 limit=64
[ 1124.386953][T29089] FAT-fs (loop1): Directory bread(block 67) failed
[ 1124.452396][T29089] FAT-fs (loop1): Directory bread(block 68) failed
[ 1124.479239][   T30] audit: type=1326 audit(2000000199.020:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1124.501557][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1124.513083][T29089] FAT-fs (loop1): Directory bread(block 69) failed
[ 1124.569393][T29089] FAT-fs (loop1): Directory bread(block 70) failed
[ 1124.618681][T29089] FAT-fs (loop1): Directory bread(block 71) failed
[ 1124.625866][T29089] FAT-fs (loop1): Directory bread(block 72) failed
[ 1124.693306][   T30] audit: type=1326 audit(2000000199.020:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1124.715730][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1124.763255][T29089] FAT-fs (loop1): Directory bread(block 73) failed
[ 1124.941526][   T30] audit: type=1326 audit(2000000199.020:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1124.963928][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1125.188305][   T30] audit: type=1326 audit(2000000199.040:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1125.386366][   T30] audit: type=1326 audit(2000000199.040:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29093 comm="syz.4.9399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2de58e9a9 code=0x7ffc0000
[ 1125.516888][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1125.536817][T29110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9405'.
[ 1125.862755][T29115] loop8: detected capacity change from 0 to 256
[ 1125.936601][T29115] exfat: Deprecated parameter 'utf8'
[ 1126.052837][T29115] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d)
[ 1126.511397][T29127] can0: slcan on ptm0.
[ 1126.829306][T29126] can0 (unregistered): slcan off ptm0.
[ 1126.916903][T29131] loop8: detected capacity change from 0 to 4096
[ 1127.006240][T29131] ntfs3(loop8): It is recommened to use chkdsk.
[ 1127.047315][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[ 1127.111561][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[ 1127.149094][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[ 1127.193366][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[ 1127.233352][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc1c00
[ 1127.274654][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc2c00
[ 1127.317251][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc4c00
[ 1127.325296][ T5844] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1127.378946][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffc8c00
[ 1127.427510][T29131] ntfs3(loop8): try to read out of volume at offset 0x3fffffd0c00
[ 1127.528434][ T5844] usb 2-1: Using ep0 maxpacket: 32
[ 1127.547388][ T5844] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1127.604934][ T5844] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1127.633655][ T5844] usb 2-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00
[ 1127.685368][ T5844] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1127.759458][ T5844] usb 2-1: config 0 descriptor??
[ 1128.014260][T29154] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9427'.
[ 1128.035983][T29155] netlink: 'syz.0.9426': attribute type 2 has an invalid length.
[ 1128.254098][ T5844] hid-retrode 0003:0403:97C1.006E: hidraw0: USB HID v0.02 Device [HID 0403:97c1] on usb-dummy_hcd.1-1/input0
[ 1128.396418][T29160] loop7: detected capacity change from 0 to 512
[ 1128.477706][ T5844] usb 2-1: USB disconnect, device number 62
[ 1128.503352][T29160] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1128.556716][T29160] ext4 filesystem being mounted at /548/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1128.711355][T29167] loop9: detected capacity change from 0 to 8
[ 1128.774021][T29167] SQUASHFS error: Unable to read directory block [249:c]
[ 1128.836411][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1129.505009][T29177] netlink: 666 bytes leftover after parsing attributes in process `syz.4.9436'.
[ 1130.384418][T29195] UHID_CREATE from different security context by process 3327 (syz.0.9444), this is not allowed.
[ 1130.522287][T29201] loop9: detected capacity change from 0 to 256
[ 1130.609985][T29201] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1130.711298][T29201] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[ 1130.855090][T29203] loop8: detected capacity change from 0 to 1024
[ 1130.902110][T29201] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1130.984776][T29203] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1131.006463][T29209] netlink: 44 bytes leftover after parsing attributes in process `syz.4.9452'.
[ 1131.038887][T29209] netlink: 31 bytes leftover after parsing attributes in process `syz.4.9452'.
[ 1131.083992][T29209] netlink: 'syz.4.9452': attribute type 4 has an invalid length.
[ 1131.108042][T29203] ext4 filesystem being mounted at /566/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.852127][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.001488][T29231] loop7: detected capacity change from 0 to 512
[ 1132.053108][T29231] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1132.087761][T29230] loop1: detected capacity change from 0 to 2048
[ 1132.131682][T29231] EXT4-fs (loop7): 1 truncate cleaned up
[ 1132.167193][T29231] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1132.217887][T29230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1132.265942][T29229] loop9: detected capacity change from 0 to 4096
[ 1132.315038][T29229] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[ 1132.355673][T29230] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.9461: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[ 1132.446091][T29230] EXT4-fs (loop1): Remounting filesystem read-only
[ 1132.524752][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.636188][ T5840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.901375][T29229] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1133.152143][T29249] loop7: detected capacity change from 0 to 512
[ 1133.169764][T29229] netlink: 'syz.9.9458': attribute type 8 has an invalid length.
[ 1133.404396][T29249] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.507646][T29249] ext4 filesystem being mounted at /555/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1133.600630][   T30] audit: type=1800 audit(2000000208.390:502): pid=29249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.9465" name="file2" dev="loop7" ino=16 res=0 errno=0
[ 1133.946843][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.408603][T29270] loop1: detected capacity change from 0 to 512
[ 1134.458089][T29270] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1134.558679][T29270] EXT4-fs (loop1): 1 truncate cleaned up
[ 1134.592372][T29270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.785832][T29279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9479'.
[ 1134.815919][T29270] EXT4-fs error (device loop1): mb_free_blocks:1945: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[ 1134.859487][T29279] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9479'.
[ 1134.913859][T29279] netlink: 'syz.4.9479': attribute type 13 has an invalid length.
[ 1134.937958][T29270] EXT4-fs (loop1): Remounting filesystem read-only
[ 1134.987957][T29279] netlink: 'syz.4.9479': attribute type 11 has an invalid length.
[ 1135.299365][ T5840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.325315][   T30] audit: type=1326 audit(2000000210.080:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29271 comm="syz.7.9474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550ed8e9a9 code=0x7fc00000
[ 1135.458498][   T30] audit: type=1326 audit(2000000210.150:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29271 comm="syz.7.9474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f550ed8e9a9 code=0x7fc00000
[ 1135.669399][   T30] audit: type=1326 audit(2000000210.150:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29271 comm="syz.7.9474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550ed8e9a9 code=0x7fc00000
[ 1135.691811][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1135.851035][T29298] sp0: Synchronizing with TNC
[ 1135.886397][   T30] audit: type=1326 audit(2000000210.150:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29271 comm="syz.7.9474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f550ed8e9a9 code=0x7fc00000
[ 1135.908848][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1135.955259][T29295] [U] è
[ 1135.958944][T29302] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[ 1137.057324][T29314] loop9: detected capacity change from 0 to 16
[ 1137.122851][T29314] erofs (device loop9): mounted with root inode @ nid 36.
[ 1137.188638][   T30] audit: type=1800 audit(2000000211.960:507): pid=29314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.9496" name="file1" dev="loop9" ino=86 res=0 errno=0
[ 1137.487604][T29325] loop7: detected capacity change from 0 to 8
[ 1137.629515][T29325] SQUASHFS error: Unable to read directory block [629:46]
[ 1138.313852][T29336] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1138.313852][T29336]    program syz.9.9506 not setting count and/or reply_len properly
[ 1138.525063][T29333] loop7: detected capacity change from 0 to 4096
[ 1139.950308][T29351] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1140.024830][T29331] loop8: detected capacity change from 0 to 32768
[ 1140.069230][T29331] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.9502 (29331)
[ 1140.082781][T28212] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[ 1140.174180][T29331] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1140.249181][T29331] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[ 1140.298610][T28212] usb 8-1: Using ep0 maxpacket: 16
[ 1140.324173][T29331] BTRFS info (device loop8): using free-space-tree
[ 1140.344463][T28212] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1140.407683][T28212] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1140.484801][T28212] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1140.587067][T28212] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.684506][T28212] usb 8-1: config 0 descriptor??
[ 1140.830515][   T30] audit: type=1800 audit(2000000215.620:508): pid=29331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.9502" name="file1" dev="loop8" ino=260 res=0 errno=0
[ 1140.886518][T29331] BTRFS error (device loop8): balance: invalid convert system profile single
[ 1141.186984][T28212] input: HID 05ac:8241 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:05AC:8241.006F/input/input82
[ 1141.290408][T20109] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1141.367913][T29375] loop9: detected capacity change from 0 to 2048
[ 1141.411855][T28212] appleir 0003:05AC:8241.006F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.7-1/input0
[ 1141.470412][T29375] NILFS (loop9): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1141.517779][T28212] usb 8-1: USB disconnect, device number 26
[ 1141.685022][T29378] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1143.838680][ T5977] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 1143.970845][T29397] loop9: detected capacity change from 0 to 512
[ 1144.018780][ T5977] usb 1-1: Using ep0 maxpacket: 8
[ 1144.034237][T29397] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1144.059980][ T5977] usb 1-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1144.099850][ T5977] usb 1-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1144.129014][T29397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=800ec018, mo2=0082]
[ 1144.155335][T29397] EXT4-fs (loop9): 1 truncate cleaned up
[ 1144.186126][ T5977] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1144.215149][T29397] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1144.253927][ T5977] usb 1-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[ 1144.299821][ T5977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1144.339964][ T5977] usb 1-1: config 0 descriptor??
[ 1144.432488][T29402] loop7: detected capacity change from 0 to 64
[ 1144.896664][ T5977] lenovo 0003:17EF:60EE.0070: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.0-1/input0
[ 1144.916754][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1145.072406][ T5977] usb 1-1: USB disconnect, device number 65
[ 1145.316737][T29404] loop7: detected capacity change from 0 to 512
[ 1145.393195][T29404] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[ 1145.718559][T29404] EXT4-fs error (device loop7): ext4_validate_block_bitmap:431: comm syz.7.9531: bg 0: block 104: invalid block bitmap
[ 1145.808500][T29404] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1145.899837][T29404] EXT4-fs error (device loop7): ext4_free_branches:1020: inode #11: comm syz.7.9531: invalid indirect mapped block 1 (level 1)
[ 1146.004608][T29404] EXT4-fs (loop7): 1 truncate cleaned up
[ 1146.062998][T29409] loop4: detected capacity change from 0 to 4096
[ 1146.095160][T29409] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1146.115452][T29404] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1146.357769][T29409] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[ 1146.832393][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1147.975726][T29406] loop9: detected capacity change from 0 to 32768
[ 1148.197283][T29406] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1148.505737][T29406] XFS (loop9): Ending clean mount
[ 1148.576142][T29406] XFS (loop9): Quotacheck needed: Please wait.
[ 1148.864672][T29406] XFS (loop9): Quotacheck: Done.
[ 1148.885805][T29452] loop8: detected capacity change from 0 to 128
[ 1149.023187][T29452] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1149.102809][T27154] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1149.126194][T29452] ext4 filesystem being mounted at /580/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1149.760889][T20109] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1151.544002][T29486] loop9: detected capacity change from 0 to 1024
[ 1151.763994][T29486] hfsplus: bad catalog entry type
[ 1152.043469][   T13] hfsplus: b-tree write err: -5, ino 4
[ 1152.536563][   T30] audit: type=1326 audit(2000000227.320:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1152.559010][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1152.781947][   T30] audit: type=1326 audit(2000000227.320:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1152.934180][T29503] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9572'.
[ 1153.023557][   T30] audit: type=1326 audit(2000000227.420:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1153.058566][T29503] netlink: 'syz.0.9572': attribute type 1 has an invalid length.
[ 1153.066835][T29503] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9572'.
[ 1153.259644][   T30] audit: type=1326 audit(2000000227.420:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1153.443698][   T30] audit: type=1326 audit(2000000227.420:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1153.484284][T29508] loop4: detected capacity change from 0 to 256
[ 1153.622912][   T30] audit: type=1326 audit(2000000227.420:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1153.787055][   T30] audit: type=1326 audit(2000000227.420:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1153.809533][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1153.914870][T28552] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1153.933484][T28552] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1153.941907][T28552] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1153.950962][T28552] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1153.960176][T28552] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1154.042971][   T30] audit: type=1326 audit(2000000227.450:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29498 comm="syz.9.9570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6586f8e9a9 code=0x7ffc0000
[ 1154.116230][T29509] lo speed is unknown, defaulting to 1000
[ 1154.892668][T29518] loop8: detected capacity change from 0 to 2048
[ 1155.007016][T29518] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1155.083064][T29518] ext4 filesystem being mounted at /582/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1155.328416][T29523] EXT4-fs error (device loop8): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[ 1155.805487][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1156.219705][T28552] Bluetooth: hci6: command tx timeout
[ 1156.665235][T29519] loop7: detected capacity change from 0 to 32768
[ 1156.684639][T29536] loop9: detected capacity change from 0 to 8192
[ 1156.708966][T29543] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9589'.
[ 1156.732587][T29519] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.9577 (29519)
[ 1156.754225][T29536] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1156.775245][T29543] openvswitch: netlink: Invalid MD length 0 for MD type 0
[ 1156.800141][T29543] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1157.632019][T29558] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1157.984170][T29562] loop9: detected capacity change from 0 to 256
[ 1158.076412][T29562] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1158.117177][T29565] loop4: detected capacity change from 0 to 256
[ 1158.172458][T29565] exfat: Deprecated parameter 'utf8'
[ 1158.193418][T29565] exfat: Deprecated parameter 'utf8'
[ 1158.202611][T29562] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1158.244801][T29565] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011fde, chksum : 0x26f39415, utbl_chksum : 0xe619d30d)
[ 1158.302518][T28552] Bluetooth: hci6: command tx timeout
[ 1159.112319][T29509] chnl_net:caif_netlink_parms(): no params data found
[ 1160.138962][T29595] loop4: detected capacity change from 0 to 512
[ 1160.222856][T29595] FAT-fs (loop4): error, clusters badly computed (1 != 0)
[ 1160.244540][T29595] FAT-fs (loop4): Filesystem has been set read-only
[ 1160.378443][T28552] Bluetooth: hci6: command tx timeout
[ 1160.595056][T29600] pimreg2: entered allmulticast mode
[ 1160.624370][T29602] netlink: 16 bytes leftover after parsing attributes in process `syz.7.9616'.
[ 1161.003828][   T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1162.091550][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1162.287304][T29621] netlink: 152 bytes leftover after parsing attributes in process `syz.8.9622'.
[ 1162.310082][T29621] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9622'.
[ 1162.389133][T29621] tipc: Invalid UDP bearer configuration
[ 1162.389206][T29621] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1162.463205][T28552] Bluetooth: hci6: command tx timeout
[ 1163.130805][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.279169][T29509] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1163.323666][T29509] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1163.371001][T29509] bridge_slave_0: entered allmulticast mode
[ 1163.414143][T29509] bridge_slave_0: entered promiscuous mode
[ 1164.013688][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1164.031744][T29659] loop7: detected capacity change from 0 to 1024
[ 1164.145450][T29509] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1164.179485][T29509] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1164.202077][T29509] bridge_slave_1: entered allmulticast mode
[ 1164.228645][T29509] bridge_slave_1: entered promiscuous mode
[ 1164.884998][ T5998] hfsplus: b-tree write err: -5, ino 4
[ 1165.092684][T29509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1165.201721][T29509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1165.776584][T29509] team0: Port device team_slave_0 added
[ 1166.202591][T29509] team0: Port device team_slave_1 added
[ 1166.820654][T29710] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9663'.
[ 1166.950119][T29509] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1166.998533][T29509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.024656][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1167.147712][T28552] Bluetooth: hci5: unexpected event for opcode 0x0c05
[ 1167.179014][T29509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1167.204065][T29509] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1167.211473][T29509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.237609][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1167.257203][T29509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1167.282076][T29714] loop9: detected capacity change from 0 to 1764
[ 1167.440677][   T59] bridge_slave_1: left allmulticast mode
[ 1167.488049][   T59] bridge_slave_1: left promiscuous mode
[ 1167.533318][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1167.644109][   T59] bridge_slave_0: left allmulticast mode
[ 1167.678622][   T59] bridge_slave_0: left promiscuous mode
[ 1167.698170][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1167.863041][   T30] audit: type=1326 audit(2000000242.650:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1167.885546][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1168.108345][   T30] audit: type=1326 audit(2000000242.650:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1168.207134][T29730] loop7: detected capacity change from 0 to 256
[ 1168.269785][T29730] exfat: Deprecated parameter 'namecase'
[ 1168.309755][   T30] audit: type=1326 audit(2000000242.700:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1168.420919][T29730] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1168.503730][   T30] audit: type=1326 audit(2000000242.700:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1168.729658][   T30] audit: type=1326 audit(2000000242.700:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1168.752175][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1169.008437][   T30] audit: type=1326 audit(2000000242.710:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1169.188785][   T30] audit: type=1326 audit(2000000242.710:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1169.387105][   T30] audit: type=1326 audit(2000000242.710:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29724 comm="syz.8.9671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba3b98e9a9 code=0x7ffc0000
[ 1170.544980][T29762] loop7: detected capacity change from 0 to 1024
[ 1170.654785][T29762] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1170.709130][T29762] ext4 filesystem being mounted at /591/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1170.883140][T29762] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1170.994441][T29762] EXT4-fs (loop7): Remounting filesystem read-only
[ 1171.302800][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.873852][T29773] loop7: detected capacity change from 0 to 4096
[ 1171.946166][T29773] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1173.150270][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1173.230797][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1173.297182][   T59] bond0 (unregistering): Released all slaves
[ 1173.395321][   T59] bond1 (unregistering): Released all slaves
[ 1173.525447][T29785] pimreg: entered allmulticast mode
[ 1173.574175][T29786] pimreg: left allmulticast mode
[ 1174.597586][   T59] : left promiscuous mode
[ 1174.896190][T29800] mkiss: ax0: crc mode is auto.
[ 1174.979859][T29509] hsr_slave_0: entered promiscuous mode
[ 1175.059575][T29509] hsr_slave_1: entered promiscuous mode
[ 1175.066019][T29509] debugfs: 'hsr0' already exists in 'hsr'
[ 1175.148361][T29509] Cannot create hsr debugfs directory
[ 1175.845976][T29821] netlink: 28 bytes leftover after parsing attributes in process `syz.7.9713'.
[ 1177.291917][   T59] hsr_slave_0: left promiscuous mode
[ 1177.379433][   T59] hsr_slave_1: left promiscuous mode
[ 1177.563670][   T59] veth1_macvtap: left allmulticast mode
[ 1177.590818][   T59] veth0_macvtap: left promiscuous mode
[ 1177.620181][   T59] veth1_vlan: left promiscuous mode
[ 1177.641416][T29844] netlink: 368 bytes leftover after parsing attributes in process `syz.7.9723'.
[ 1177.657058][   T59] veth0_vlan: left promiscuous mode
[ 1177.751836][T29819] loop8: detected capacity change from 0 to 32768
[ 1177.966737][T29825] loop4: detected capacity change from 0 to 32768
[ 1178.116772][T29847] loop7: detected capacity change from 0 to 512
[ 1178.157642][T29847] EXT4-fs: Ignoring removed bh option
[ 1178.224379][T29847] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1178.297471][T29847] EXT4-fs (loop7): 1 truncate cleaned up
[ 1178.337378][T29847] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1178.456680][T29847] EXT4-fs error (device loop7): ext4_generic_delete_entry:2667: inode #2: block 13: comm syz.7.9725: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1178.481664][   T59] pim6reg (unregistering): left allmulticast mode
[ 1178.542681][T29847] EXT4-fs (loop7): Remounting filesystem read-only
[ 1178.562518][T29847] EXT4-fs warning (device loop7): ext4_rename_delete:3724: inode #2: comm syz.7.9725: Deleting old file: nlink 5, error=-117
[ 1178.824870][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1180.451572][   T59] team0 (unregistering): Port device team_slave_1 removed
[ 1180.715171][   T59] team0 (unregistering): Port device team_slave_0 removed
[ 1181.071335][T29859] loop8: detected capacity change from 0 to 40427
[ 1181.114714][T29859] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[ 1181.123970][T29859] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[ 1181.141830][T29859] F2FS-fs (loop8): invalid crc_offset: 33558524
[ 1181.394728][T29859] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[ 1181.430676][T29859] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1181.497800][T29859] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix.
[ 1182.317272][   T59] vxcan1 (unregistering): left allmulticast mode
[ 1183.235416][T29872] netlink: 'syz.8.9733': attribute type 21 has an invalid length.
[ 1185.122571][T29886] sctp: failed to load transform for md5: -2
[ 1186.216231][   T59] IPVS: stop unused estimator thread 0...
[ 1186.318582][ T5932] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1186.365281][T29918] syz.4.9754 (29918): drop_caches: 4
[ 1186.728137][ T5932] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1186.760839][ T5932] usb 10-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[ 1186.781465][ T5932] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.954164][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1187.103190][ T5932] usb 10-1: config 0 descriptor??
[ 1187.559029][T29905] loop7: detected capacity change from 0 to 32768
[ 1187.627404][T29905] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.9745 (29905)
[ 1187.759843][T29905] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1187.793667][T29905] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[ 1187.851012][T29905] BTRFS info (device loop7): using free-space-tree
[ 1187.863887][ T5977] usb 10-1: USB disconnect, device number 6
[ 1187.990544][T29937] sp0: Synchronizing with TNC
[ 1188.389826][T19855] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1188.727213][T29960] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9767'.
[ 1189.025265][T29509] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1189.147529][T29509] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1189.253156][T29509] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1189.918575][T29977] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9774'.
[ 1190.207134][T29509] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1190.271603][T29976] loop7: detected capacity change from 0 to 4096
[ 1190.372772][T29976] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[ 1190.764682][T29976] ntfs3(loop7): ino=1a, mi_enum_attr
[ 1190.841487][T29976] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1190.896777][T29976] ntfs3(loop7): ino=1a, mi_enum_attr
[ 1190.956539][T29976] ntfs3(loop7): Failed to initialize $Extend/$Reparse.
[ 1191.449295][T29509] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1191.679975][T29509] 8021q: adding VLAN 0 to HW filter on device team0
[ 1191.774529][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1191.781802][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1191.940050][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1191.947351][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1192.501227][T29509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1193.726725][T30026] loop9: detected capacity change from 0 to 1024
[ 1194.035160][T30026] hfsplus: bad catalog entry type
[ 1194.341278][T20288] hfsplus: b-tree write err: -5, ino 4
[ 1194.406312][T30031] loop8: detected capacity change from 0 to 4096
[ 1194.443271][T29509] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1194.564010][T30036] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1195.711191][T30047] loop7: detected capacity change from 0 to 4096
[ 1195.772644][T30047] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[ 1196.704628][T29509] veth0_vlan: entered promiscuous mode
[ 1196.837778][T29509] veth1_vlan: entered promiscuous mode
[ 1197.030809][T29509] veth0_macvtap: entered promiscuous mode
[ 1197.114463][T29509] veth1_macvtap: entered promiscuous mode
[ 1197.321538][T29509] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1197.374426][T29509] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1197.504971][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1197.545224][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1197.614151][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1197.657046][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1197.775161][T30078] loop9: detected capacity change from 0 to 2048
[ 1197.916007][T30078] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1198.120514][T30078] EXT4-fs (loop9): Online defrag not supported with bigalloc
[ 1198.223918][T30047] ntfs3(loop7): Failed to read $UpCase (-4).
[ 1198.277658][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.369711][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.586059][T20288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.612581][T30062] loop8: detected capacity change from 0 to 32768
[ 1198.631749][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1198.669680][T20288] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.834338][   T30] audit: type=1800 audit(2000000273.590:525): pid=30062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.9806" name="file1" dev="loop8" ino=4 res=0 errno=0
[ 1198.854810][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1198.939249][ T5977] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1199.079491][T30089] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9819'.
[ 1199.172324][ T5977] usb 1-1: Using ep0 maxpacket: 16
[ 1199.209577][ T5977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1199.292573][ T5977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1199.398562][ T5977] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1199.407792][ T5977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1199.593352][ T5977] usb 1-1: config 0 descriptor??
[ 1199.843064][T30095] loop7: detected capacity change from 0 to 1024
[ 1199.916045][T30096] loop4: detected capacity change from 0 to 2048
[ 1200.013750][T30096] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1200.088382][   T30] audit: type=1800 audit(2000000274.870:526): pid=30095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.9821" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1200.144558][ T5977] elan 0003:04F3:0755.0072: failed to start in urb: -90
[ 1200.239881][ T5977] elan 0003:04F3:0755.0072: hidraw0: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[ 1200.415463][ T5977] usb 1-1: USB disconnect, device number 66
[ 1200.770736][T30102] loop8: detected capacity change from 0 to 512
[ 1200.852880][T30102] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1200.993119][T30102] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #16: comm syz.8.9820: invalid indirect mapped block 4294967295 (level 0)
[ 1201.162178][T30102] EXT4-fs (loop8): Remounting filesystem read-only
[ 1201.214889][T30102] EXT4-fs (loop8): 1 orphan inode deleted
[ 1201.276217][T30102] EXT4-fs (loop8): 1 truncate cleaned up
[ 1201.330115][T30102] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1201.918520][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1202.659262][   T44] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[ 1202.793854][T30135] loop8: detected capacity change from 0 to 256
[ 1202.893812][T30135] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1202.921110][T30139] loop4: detected capacity change from 0 to 8
[ 1203.035976][T30139] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1203.059329][T30135] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1203.099820][T30139] SQUASHFS error: Failed to read block 0x1d2: -5
[ 1203.139142][T30139] SQUASHFS error: Unable to read metadata cache entry [1d0]
[ 1203.187900][T30139] SQUASHFS error: Unable to read directory block [1d0:26]
[ 1203.567830][   T44] usb 1-1: Using ep0 maxpacket: 16
[ 1203.568504][ T5844] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1203.710058][T30145] loop8: detected capacity change from 0 to 512
[ 1203.737947][T30145] EXT4-fs: Ignoring removed nobh option
[ 1203.779726][ T5844] usb 6-1: Using ep0 maxpacket: 16
[ 1203.796218][T30151] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1203.817453][ T5844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1203.862924][   T44] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1203.882443][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1203.883128][ T5844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1203.900476][   T44] usb 1-1: Product: syz
[ 1203.905291][   T44] usb 1-1: Manufacturer: syz
[ 1203.924300][T30145] EXT4-fs error (device loop8): ext4_do_update_inode:5563: inode #16: comm syz.8.9843: corrupted inode contents
[ 1203.942940][ T5844] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1203.959029][ T5844] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1203.971124][ T5844] usb 6-1: config 0 descriptor??
[ 1203.990184][T30145] EXT4-fs (loop8): Remounting filesystem read-only
[ 1203.998900][T30145] EXT4-fs (loop8): 1 truncate cleaned up
[ 1204.017089][T30145] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.021978][   T44] usb 1-1: SerialNumber: syz
[ 1204.036305][ T1145] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1204.036353][ T1145] Quota error (device loop8): write_blk: dquota write failed
[ 1204.036381][ T1145] Quota error (device loop8): remove_free_dqentry: Can't write block (5) with free entries
[ 1204.036444][ T1145] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1204.036480][ T1145] Quota error (device loop8): write_blk: dquota write failed
[ 1204.036507][ T1145] Quota error (device loop8): free_dqentry: Can't move quota data block (5) to free list
[ 1204.036651][ T1145] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1204.036688][ T1145] Quota error (device loop8): v2_write_file_info: Can't write info structure
[ 1204.036978][ T1145] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1204.145241][T30156] loop9: detected capacity change from 0 to 512
[ 1204.200714][T30145] ext4 filesystem being mounted at /633/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1204.332872][T30156] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1204.364321][T30156] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #16: comm syz.9.9847: invalid indirect mapped block 4294967295 (level 0)
[ 1204.457085][ T5844] elan 0003:04F3:0755.0073: failed to start in urb: -90
[ 1204.480241][ T5844] elan 0003:04F3:0755.0073: hidraw0: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0
[ 1204.548772][T30156] EXT4-fs (loop9): Remounting filesystem read-only
[ 1204.570596][T30156] EXT4-fs (loop9): 1 orphan inode deleted
[ 1204.590574][T30156] EXT4-fs (loop9): 1 truncate cleaned up
[ 1204.629421][T30156] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.644458][T20109] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1204.861751][ T5844] usb 6-1: USB disconnect, device number 21
[ 1205.023142][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1205.099471][   T44] usb 1-1: config 0 descriptor??
[ 1205.276291][   T44] usb 1-1: can't set config #0, error -71
[ 1205.323958][   T44] usb 1-1: USB disconnect, device number 67
[ 1205.371072][T30171] loop9: detected capacity change from 0 to 1024
[ 1205.562613][T30171] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1205.568664][ T5977] usb 8-1: new low-speed USB device number 27 using dummy_hcd
[ 1205.639444][T30171] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1205.736742][T30183] loop5: detected capacity change from 0 to 8
[ 1205.779775][ T5977] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1205.817192][ T5977] usb 8-1: config 0 has no interface number 0
[ 1205.851480][ T5977] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1205.895904][ T5977] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1205.917760][T30183] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1205.947429][T30183] SQUASHFS error: Failed to read block 0x1d2: -5
[ 1205.959872][ T5977] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1205.980660][T30183] SQUASHFS error: Unable to read metadata cache entry [1d0]
[ 1206.011340][T30183] SQUASHFS error: Unable to read directory block [1d0:26]
[ 1206.025098][ T5977] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1206.078135][ T5977] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1206.135272][ T5977] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1206.203068][T27154] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1206.228178][ T5977] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1206.308596][ T5977] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1206.333836][T30185] loop8: detected capacity change from 0 to 4096
[ 1206.365774][ T5977] usb 8-1: config 0 descriptor??
[ 1206.377119][T30185] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[ 1206.400810][T30174] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1206.408150][T30174] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1206.455370][ T5977] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1206.541120][T30185] ntfs3(loop8): ino=b, mi_enum_attr
[ 1206.559259][T30185] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[ 1206.566848][T30185] ntfs3(loop8): Failed to load $Extend (-22).
[ 1206.586912][T30185] ntfs3(loop8): Failed to initialize $Extend.
[ 1206.665916][T30189] loop9: detected capacity change from 0 to 256
[ 1206.738845][T30189] exfat: Deprecated parameter 'namecase'
[ 1206.773761][T30189] exfat: Deprecated parameter 'utf8'
[ 1206.852998][T30189] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1206.877452][ T5977] usb 8-1: USB disconnect, device number 27
[ 1206.912841][ T5977] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1207.869639][T30206] loop7: detected capacity change from 0 to 2048
[ 1207.994716][T30206] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1208.211021][T30206] EXT4-fs (loop7): Online defrag not supported with bigalloc
[ 1208.615008][T19855] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1209.073533][T30226] netlink: 'syz.9.9879': attribute type 1 has an invalid length.
[ 1211.992207][T30273] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[ 1212.610644][T30282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9901'.
[ 1213.712414][T30298] geneve2: entered promiscuous mode
[ 1214.842341][T30318] loop4: detected capacity change from 0 to 2048
[ 1214.972561][T30325] loop9: detected capacity change from 0 to 1024
[ 1215.024097][T30318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1215.113116][T30326] loop8: detected capacity change from 0 to 2048
[ 1215.204200][T30318] EXT4-fs (loop4): Online defrag not supported with bigalloc
[ 1215.414178][T30326]  loop8: p1 < > p4
[ 1215.518904][T30322] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1215.553535][T30326] loop8: p4 size 8388608 extends beyond EOD, truncated
[ 1215.983215][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1217.186645][T30357] geneve2: entered promiscuous mode
[ 1217.758068][T28552] Bluetooth: hci2: unexpected event for opcode 0x0c05
[ 1217.809641][T30361] loop8: detected capacity change from 0 to 2048
[ 1218.958702][T30380] netlink: 'syz.8.9943': attribute type 1 has an invalid length.
[ 1219.069100][T30380] netlink: 232 bytes leftover after parsing attributes in process `syz.8.9943'.
[ 1219.157988][T30380] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9943'.
[ 1219.356482][T30387] tipc: Started in network mode
[ 1219.404698][T30387] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711
[ 1219.473906][T30387] tipc: Enabled bearer <eth:batadv0>, priority 10
[ 1220.591899][ T5844] tipc: Node number set to 8432298
[ 1221.585756][T30421] netlink: 'syz.7.9967': attribute type 1 has an invalid length.
[ 1221.679011][T30421] netlink: 232 bytes leftover after parsing attributes in process `syz.7.9967'.
[ 1221.750801][T30421] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9967'.
[ 1221.857976][T30428] tipc: Enabled bearer <eth:batadv0>, priority 10
[ 1250.474309][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1311.693389][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1317.593091][T28552] Bluetooth: hci6: command 0x0406 tx timeout
[ 1372.147243][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1434.623279][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1472.957079][   T84] ==================================================================
[ 1472.965204][   T84] BUG: KASAN: slab-use-after-free in folio_evictable+0x7b/0x270
[ 1472.972926][   T84] Read of size 8 at addr ffff88807698ee08 by task kswapd0/84
[ 1472.980342][   T84] 
[ 1472.982676][   T84] CPU: 0 UID: 0 PID: 84 Comm: kswapd0 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[ 1472.982726][   T84] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1472.982750][   T84] Call Trace:
[ 1472.982762][   T84]  <TASK>
[ 1472.982778][   T84]  dump_stack_lvl+0x116/0x1f0
[ 1472.982829][   T84]  print_report+0xcd/0x630
[ 1472.982870][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.982917][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.982961][   T84]  ? __phys_addr+0xe8/0x180
[ 1472.983012][   T84]  ? folio_evictable+0x7b/0x270
[ 1472.983062][   T84]  kasan_report+0xe0/0x110
[ 1472.983105][   T84]  ? folio_evictable+0x7b/0x270
[ 1472.983160][   T84]  kasan_check_range+0x100/0x1b0
[ 1472.983209][   T84]  folio_evictable+0x7b/0x270
[ 1472.983259][   T84]  isolate_folios+0x6c8/0x2f90
[ 1472.983333][   T84]  ? __pfx_isolate_folios+0x10/0x10
[ 1472.983399][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983448][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983494][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983546][   T84]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1472.983587][   T84]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1472.983627][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983678][   T84]  evict_folios+0x188/0x1b60
[ 1472.983731][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983777][   T84]  ? arch_stack_walk+0x94/0x100
[ 1472.983823][   T84]  ? ret_from_fork_asm+0x1a/0x30
[ 1472.983872][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.983918][   T84]  ? __pfx_evict_folios+0x10/0x10
[ 1472.983971][   T84]  ? __pfx_stack_trace_save+0x10/0x10
[ 1472.984025][   T84]  ? check_path.constprop.0+0x24/0x50
[ 1472.984078][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984122][   T84]  ? save_trace+0x4e/0x380
[ 1472.984167][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984216][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984259][   T84]  ? mem_cgroup_get_nr_swap_pages+0x20/0x120
[ 1472.984310][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984354][   T84]  ? sc_swappiness+0xd4/0x190
[ 1472.984415][   T84]  try_to_shrink_lruvec+0x5a3/0x990
[ 1472.984483][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984533][   T84]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[ 1472.984588][   T84]  ? get_random_u8+0x595/0x7f0
[ 1472.984637][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.984686][   T84]  shrink_one+0x3e3/0x7a0
[ 1472.984742][   T84]  ? shrink_node+0x2695/0x3d50
[ 1472.984800][   T84]  shrink_node+0x26b5/0x3d50
[ 1472.984858][   T84]  ? __lock_acquire+0x622/0x1c90
[ 1472.984919][   T84]  ? shrink_node+0x2405/0x3d50
[ 1472.984981][   T84]  ? __pfx_shrink_node+0x10/0x10
[ 1472.985039][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985084][   T84]  ? find_held_lock+0x2b/0x80
[ 1472.985134][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985183][   T84]  ? balance_pgdat+0xbb8/0x1a70
[ 1472.985241][   T84]  balance_pgdat+0xbb8/0x1a70
[ 1472.985300][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985352][   T84]  ? __pfx_balance_pgdat+0x10/0x10
[ 1472.985420][   T84]  ? __free_object+0x270/0x400
[ 1472.985467][   T84]  ? __entry_text_end+0x1020b5/0x1020b9
[ 1472.985516][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1472.985562][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985608][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985653][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1472.985699][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985744][   T84]  ? __lock_acquire+0xb8a/0x1c90
[ 1472.985814][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985862][   T84]  ? __pfx___might_resched+0x10/0x10
[ 1472.985912][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.985956][   T84]  ? rcu_is_watching+0x12/0xc0
[ 1472.986006][   T84]  kswapd+0x590/0xb90
[ 1472.986068][   T84]  ? __pfx_kswapd+0x10/0x10
[ 1472.986127][   T84]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1472.986181][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1472.986225][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.986270][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.986315][   T84]  ? __kthread_parkme+0x19e/0x250
[ 1472.986369][   T84]  ? __pfx_kswapd+0x10/0x10
[ 1472.986435][   T84]  kthread+0x3c5/0x780
[ 1472.986469][   T84]  ? __pfx_kthread+0x10/0x10
[ 1472.986510][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1472.986554][   T84]  ? rcu_is_watching+0x12/0xc0
[ 1472.986599][   T84]  ? __pfx_kthread+0x10/0x10
[ 1472.986634][   T84]  ret_from_fork+0x5d7/0x6f0
[ 1472.986667][   T84]  ? __pfx_kthread+0x10/0x10
[ 1472.986700][   T84]  ret_from_fork_asm+0x1a/0x30
[ 1472.986755][   T84]  </TASK>
[ 1472.986769][   T84] 
[ 1473.421422][   T84] Allocated by task 23783:
[ 1473.425837][   T84]  kasan_save_stack+0x33/0x60
[ 1473.430535][   T84]  kasan_save_track+0x14/0x30
[ 1473.435224][   T84]  __kasan_slab_alloc+0x89/0x90
[ 1473.440087][   T84]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1473.445555][   T84]  gfs2_glock_get+0x1e5/0x1230
[ 1473.450328][   T84]  gfs2_inode_lookup+0x277/0x8a0
[ 1473.455321][   T84]  gfs2_dir_search+0x22a/0x2e0
[ 1473.460117][   T84]  gfs2_lookupi+0x4b7/0x6e0
[ 1473.464656][   T84]  init_inodes+0x869/0x2eb0
[ 1473.469184][   T84]  gfs2_fill_super+0x1be2/0x2d30
[ 1473.474145][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1473.479271][   T84]  gfs2_get_tree+0x4e/0x280
[ 1473.483796][   T84]  vfs_get_tree+0x8e/0x340
[ 1473.488250][   T84]  path_mount+0x1482/0x1fd0
[ 1473.492769][   T84]  __x64_sys_mount+0x28d/0x310
[ 1473.497553][   T84]  do_syscall_64+0xcd/0x4c0
[ 1473.502081][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1473.507986][   T84] 
[ 1473.510310][   T84] Freed by task 23783:
[ 1473.514371][   T84]  kasan_save_stack+0x33/0x60
[ 1473.519061][   T84]  kasan_save_track+0x14/0x30
[ 1473.523746][   T84]  kasan_save_free_info+0x3b/0x60
[ 1473.528797][   T84]  __kasan_slab_free+0x51/0x70
[ 1473.533571][   T84]  kmem_cache_free+0x2d1/0x4d0
[ 1473.538367][   T84]  gfs2_glock_dealloc+0xd0/0x150
[ 1473.543332][   T84]  rcu_core+0x79c/0x14e0
[ 1473.547585][   T84]  handle_softirqs+0x219/0x8e0
[ 1473.552376][   T84]  __irq_exit_rcu+0x109/0x170
[ 1473.557070][   T84]  irq_exit_rcu+0x9/0x30
[ 1473.561329][   T84]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1473.566978][   T84]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1473.572982][   T84] 
[ 1473.575299][   T84] Last potentially related work creation:
[ 1473.581095][   T84]  kasan_save_stack+0x33/0x60
[ 1473.585785][   T84]  kasan_record_aux_stack+0xa7/0xc0
[ 1473.591012][   T84]  __call_rcu_common.constprop.0+0xa5/0xa10
[ 1473.596940][   T84]  gfs2_glock_free+0x35/0x90
[ 1473.601594][   T84]  glock_work_func+0x396/0x4d0
[ 1473.606391][   T84]  process_one_work+0x9cf/0x1b70
[ 1473.611359][   T84]  worker_thread+0x6c8/0xf10
[ 1473.615978][   T84]  kthread+0x3c5/0x780
[ 1473.620074][   T84]  ret_from_fork+0x5d7/0x6f0
[ 1473.624686][   T84]  ret_from_fork_asm+0x1a/0x30
[ 1473.629483][   T84] 
[ 1473.631850][   T84] Second to last potentially related work creation:
[ 1473.638437][   T84]  kasan_save_stack+0x33/0x60
[ 1473.643142][   T84]  kasan_record_aux_stack+0xa7/0xc0
[ 1473.648378][   T84]  insert_work+0x36/0x230
[ 1473.652732][   T84]  __queue_work+0x97e/0x10f0
[ 1473.657341][   T84]  __queue_delayed_work+0x35b/0x460
[ 1473.662561][   T84]  queue_delayed_work_on+0x1b5/0x200
[ 1473.667868][   T84]  gfs2_glock_queue_work+0x75/0x120
[ 1473.673084][   T84]  clear_glock+0xa7/0xe0
[ 1473.677339][   T84]  glock_hash_walk+0x12c/0x1c0
[ 1473.682138][   T84]  gfs2_gl_hash_clear+0x103/0x780
[ 1473.687181][   T84]  gfs2_fill_super+0x2524/0x2d30
[ 1473.692151][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1473.697276][   T84]  gfs2_get_tree+0x4e/0x280
[ 1473.701803][   T84]  vfs_get_tree+0x8e/0x340
[ 1473.706247][   T84]  path_mount+0x1482/0x1fd0
[ 1473.710777][   T84]  __x64_sys_mount+0x28d/0x310
[ 1473.715562][   T84]  do_syscall_64+0xcd/0x4c0
[ 1473.720093][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1473.726007][   T84] 
[ 1473.728332][   T84] The buggy address belongs to the object at ffff88807698ea40
[ 1473.728332][   T84]  which belongs to the cache gfs2_glock(aspace) of size 1224
[ 1473.743098][   T84] The buggy address is located 968 bytes inside of
[ 1473.743098][   T84]  freed 1224-byte region [ffff88807698ea40, ffff88807698ef08)
[ 1473.757023][   T84] 
[ 1473.759382][   T84] The buggy address belongs to the physical page:
[ 1473.765820][   T84] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807698dfb0 pfn:0x7698c
[ 1473.775910][   T84] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1473.784426][   T84] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1473.791991][   T84] page_type: f5(slab)
[ 1473.795990][   T84] raw: 00fff00000000040 ffff88801ef2ab40 dead000000000122 0000000000000000
[ 1473.804595][   T84] raw: ffff88807698dfb0 00000000800c0007 00000000f5000000 0000000000000000
[ 1473.813206][   T84] head: 00fff00000000040 ffff88801ef2ab40 dead000000000122 0000000000000000
[ 1473.821906][   T84] head: ffff88807698dfb0 00000000800c0007 00000000f5000000 0000000000000000
[ 1473.830600][   T84] head: 00fff00000000002 ffffea0001da6301 00000000ffffffff 00000000ffffffff
[ 1473.839299][   T84] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1473.847992][   T84] page dumped because: kasan: bad access detected
[ 1473.854418][   T84] page_owner tracks the page as allocated
[ 1473.860192][   T84] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 21820, tgid 21819 (syz.3.6509), ts 744015292506, free_ts 740547873637
[ 1473.880991][   T84]  post_alloc_hook+0x1c0/0x230
[ 1473.885850][   T84]  get_page_from_freelist+0x1321/0x3890
[ 1473.891413][   T84]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1473.897325][   T84]  alloc_pages_mpol+0x1fb/0x550
[ 1473.902198][   T84]  new_slab+0x247/0x330
[ 1473.906386][   T84]  ___slab_alloc+0xd1e/0x1780
[ 1473.911127][   T84]  __slab_alloc.constprop.0+0x56/0xb0
[ 1473.916546][   T84]  kmem_cache_alloc_noprof+0xef/0x3b0
[ 1473.921938][   T84]  gfs2_glock_get+0x1e5/0x1230
[ 1473.926716][   T84]  gfs2_inode_lookup+0x277/0x8a0
[ 1473.931698][   T84]  gfs2_lookup_root+0x57/0x130
[ 1473.936491][   T84]  init_sb+0xae5/0x10d0
[ 1473.940678][   T84]  gfs2_fill_super+0x1967/0x2d30
[ 1473.945647][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1473.950823][   T84]  gfs2_get_tree+0x4e/0x280
[ 1473.955361][   T84]  vfs_get_tree+0x8e/0x340
[ 1473.959810][   T84] page last free pid 6146 tgid 6146 stack trace:
[ 1473.966142][   T84]  __free_frozen_pages+0x7fe/0x1180
[ 1473.971384][   T84]  qlist_free_all+0x4d/0x120
[ 1473.976015][   T84]  kasan_quarantine_reduce+0x195/0x1e0
[ 1473.981587][   T84]  __kasan_slab_alloc+0x69/0x90
[ 1473.986470][   T84]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1473.991955][   T84]  getname_flags.part.0+0x4c/0x550
[ 1473.997103][   T84]  getname_flags+0x93/0xf0
[ 1474.001671][   T84]  user_path_at+0x24/0x60
[ 1474.006021][   T84]  do_faccessat+0x139/0xba0
[ 1474.010537][   T84]  __x64_sys_faccessat2+0x96/0x100
[ 1474.015676][   T84]  do_syscall_64+0xcd/0x4c0
[ 1474.020211][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.026125][   T84] 
[ 1474.028453][   T84] Memory state around the buggy address:
[ 1474.034439][   T84]  ffff88807698ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1474.042664][   T84]  ffff88807698ed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1474.050747][   T84] >ffff88807698ee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1474.058816][   T84]                       ^
[ 1474.063150][   T84]  ffff88807698ee80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1474.071236][   T84]  ffff88807698ef00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1474.079310][   T84] ==================================================================
[ 1474.087377][   T84] Disabling lock debugging due to kernel taint
[ 1474.093543][   T84] ==================================================================
[ 1474.101618][   T84] BUG: KASAN: slab-use-after-free in folio_evictable+0x24f/0x270
[ 1474.109387][   T84] Read of size 8 at addr ffff88807698ee08 by task kswapd0/84
[ 1474.116778][   T84] 
[ 1474.119119][   T84] CPU: 0 UID: 0 PID: 84 Comm: kswapd0 Tainted: G    B               6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[ 1474.119176][   T84] Tainted: [B]=BAD_PAGE
[ 1474.119190][   T84] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1474.119214][   T84] Call Trace:
[ 1474.119228][   T84]  <TASK>
[ 1474.119243][   T84]  dump_stack_lvl+0x116/0x1f0
[ 1474.119296][   T84]  print_report+0xcd/0x630
[ 1474.119336][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.119383][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.119428][   T84]  ? __phys_addr+0xe8/0x180
[ 1474.119480][   T84]  ? folio_evictable+0x24f/0x270
[ 1474.119534][   T84]  kasan_report+0xe0/0x110
[ 1474.119576][   T84]  ? folio_evictable+0x24f/0x270
[ 1474.119630][   T84]  folio_evictable+0x24f/0x270
[ 1474.119679][   T84]  isolate_folios+0x6c8/0x2f90
[ 1474.119751][   T84]  ? __pfx_isolate_folios+0x10/0x10
[ 1474.119805][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.119854][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.119899][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.119944][   T84]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1474.119984][   T84]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1474.120023][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120074][   T84]  evict_folios+0x188/0x1b60
[ 1474.120126][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120169][   T84]  ? arch_stack_walk+0x94/0x100
[ 1474.120215][   T84]  ? ret_from_fork_asm+0x1a/0x30
[ 1474.120264][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120309][   T84]  ? __pfx_evict_folios+0x10/0x10
[ 1474.120362][   T84]  ? __pfx_stack_trace_save+0x10/0x10
[ 1474.120417][   T84]  ? check_path.constprop.0+0x24/0x50
[ 1474.120470][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120522][   T84]  ? save_trace+0x4e/0x380
[ 1474.120570][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120618][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120663][   T84]  ? mem_cgroup_get_nr_swap_pages+0x20/0x120
[ 1474.120715][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120760][   T84]  ? sc_swappiness+0xd4/0x190
[ 1474.120812][   T84]  try_to_shrink_lruvec+0x5a3/0x990
[ 1474.120879][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.120923][   T84]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[ 1474.120977][   T84]  ? get_random_u8+0x595/0x7f0
[ 1474.121025][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.121074][   T84]  shrink_one+0x3e3/0x7a0
[ 1474.121130][   T84]  ? shrink_node+0x2695/0x3d50
[ 1474.121188][   T84]  shrink_node+0x26b5/0x3d50
[ 1474.121244][   T84]  ? __lock_acquire+0x622/0x1c90
[ 1474.121306][   T84]  ? shrink_node+0x2405/0x3d50
[ 1474.121369][   T84]  ? __pfx_shrink_node+0x10/0x10
[ 1474.121427][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.121472][   T84]  ? find_held_lock+0x2b/0x80
[ 1474.121538][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.121586][   T84]  ? balance_pgdat+0xbb8/0x1a70
[ 1474.121644][   T84]  balance_pgdat+0xbb8/0x1a70
[ 1474.121703][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.121755][   T84]  ? __pfx_balance_pgdat+0x10/0x10
[ 1474.121813][   T84]  ? __free_object+0x270/0x400
[ 1474.121860][   T84]  ? __entry_text_end+0x1020b5/0x1020b9
[ 1474.121902][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1474.121948][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.121995][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122041][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1474.122087][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122132][   T84]  ? __lock_acquire+0xb8a/0x1c90
[ 1474.122204][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122252][   T84]  ? __pfx___might_resched+0x10/0x10
[ 1474.122300][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122344][   T84]  ? rcu_is_watching+0x12/0xc0
[ 1474.122395][   T84]  kswapd+0x590/0xb90
[ 1474.122456][   T84]  ? __pfx_kswapd+0x10/0x10
[ 1474.122523][   T84]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1474.122578][   T84]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1474.122621][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122667][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122712][   T84]  ? __kthread_parkme+0x19e/0x250
[ 1474.122766][   T84]  ? __pfx_kswapd+0x10/0x10
[ 1474.122822][   T84]  kthread+0x3c5/0x780
[ 1474.122856][   T84]  ? __pfx_kthread+0x10/0x10
[ 1474.122890][   T84]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1474.122935][   T84]  ? rcu_is_watching+0x12/0xc0
[ 1474.122981][   T84]  ? __pfx_kthread+0x10/0x10
[ 1474.123015][   T84]  ret_from_fork+0x5d7/0x6f0
[ 1474.123048][   T84]  ? __pfx_kthread+0x10/0x10
[ 1474.123082][   T84]  ret_from_fork_asm+0x1a/0x30
[ 1474.123136][   T84]  </TASK>
[ 1474.123150][   T84] 
[ 1474.560409][   T84] Allocated by task 23783:
[ 1474.564828][   T84]  kasan_save_stack+0x33/0x60
[ 1474.569528][   T84]  kasan_save_track+0x14/0x30
[ 1474.574222][   T84]  __kasan_slab_alloc+0x89/0x90
[ 1474.579104][   T84]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1474.584584][   T84]  gfs2_glock_get+0x1e5/0x1230
[ 1474.589447][   T84]  gfs2_inode_lookup+0x277/0x8a0
[ 1474.594426][   T84]  gfs2_dir_search+0x22a/0x2e0
[ 1474.599227][   T84]  gfs2_lookupi+0x4b7/0x6e0
[ 1474.603764][   T84]  init_inodes+0x869/0x2eb0
[ 1474.608295][   T84]  gfs2_fill_super+0x1be2/0x2d30
[ 1474.613270][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1474.618405][   T84]  gfs2_get_tree+0x4e/0x280
[ 1474.622958][   T84]  vfs_get_tree+0x8e/0x340
[ 1474.627431][   T84]  path_mount+0x1482/0x1fd0
[ 1474.631963][   T84]  __x64_sys_mount+0x28d/0x310
[ 1474.636760][   T84]  do_syscall_64+0xcd/0x4c0
[ 1474.641297][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.647206][   T84] 
[ 1474.649530][   T84] Freed by task 23783:
[ 1474.653594][   T84]  kasan_save_stack+0x33/0x60
[ 1474.658283][   T84]  kasan_save_track+0x14/0x30
[ 1474.662971][   T84]  kasan_save_free_info+0x3b/0x60
[ 1474.668029][   T84]  __kasan_slab_free+0x51/0x70
[ 1474.672835][   T84]  kmem_cache_free+0x2d1/0x4d0
[ 1474.677727][   T84]  gfs2_glock_dealloc+0xd0/0x150
[ 1474.682751][   T84]  rcu_core+0x79c/0x14e0
[ 1474.687021][   T84]  handle_softirqs+0x219/0x8e0
[ 1474.691810][   T84]  __irq_exit_rcu+0x109/0x170
[ 1474.696507][   T84]  irq_exit_rcu+0x9/0x30
[ 1474.700779][   T84]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1474.706431][   T84]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1474.712430][   T84] 
[ 1474.714753][   T84] Last potentially related work creation:
[ 1474.720474][   T84]  kasan_save_stack+0x33/0x60
[ 1474.725163][   T84]  kasan_record_aux_stack+0xa7/0xc0
[ 1474.730404][   T84]  __call_rcu_common.constprop.0+0xa5/0xa10
[ 1474.736314][   T84]  gfs2_glock_free+0x35/0x90
[ 1474.740942][   T84]  glock_work_func+0x396/0x4d0
[ 1474.746188][   T84]  process_one_work+0x9cf/0x1b70
[ 1474.751142][   T84]  worker_thread+0x6c8/0xf10
[ 1474.755748][   T84]  kthread+0x3c5/0x780
[ 1474.759834][   T84]  ret_from_fork+0x5d7/0x6f0
[ 1474.764461][   T84]  ret_from_fork_asm+0x1a/0x30
[ 1474.769246][   T84] 
[ 1474.771571][   T84] Second to last potentially related work creation:
[ 1474.778150][   T84]  kasan_save_stack+0x33/0x60
[ 1474.782840][   T84]  kasan_record_aux_stack+0xa7/0xc0
[ 1474.788068][   T84]  insert_work+0x36/0x230
[ 1474.792409][   T84]  __queue_work+0x97e/0x10f0
[ 1474.797013][   T84]  __queue_delayed_work+0x35b/0x460
[ 1474.802230][   T84]  queue_delayed_work_on+0x1b5/0x200
[ 1474.807535][   T84]  gfs2_glock_queue_work+0x75/0x120
[ 1474.812747][   T84]  clear_glock+0xa7/0xe0
[ 1474.817011][   T84]  glock_hash_walk+0x12c/0x1c0
[ 1474.821808][   T84]  gfs2_gl_hash_clear+0x103/0x780
[ 1474.826844][   T84]  gfs2_fill_super+0x2524/0x2d30
[ 1474.831808][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1474.836932][   T84]  gfs2_get_tree+0x4e/0x280
[ 1474.841467][   T84]  vfs_get_tree+0x8e/0x340
[ 1474.845912][   T84]  path_mount+0x1482/0x1fd0
[ 1474.850483][   T84]  __x64_sys_mount+0x28d/0x310
[ 1474.855270][   T84]  do_syscall_64+0xcd/0x4c0
[ 1474.859800][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.865714][   T84] 
[ 1474.868037][   T84] The buggy address belongs to the object at ffff88807698ea40
[ 1474.868037][   T84]  which belongs to the cache gfs2_glock(aspace) of size 1224
[ 1474.882806][   T84] The buggy address is located 968 bytes inside of
[ 1474.882806][   T84]  freed 1224-byte region [ffff88807698ea40, ffff88807698ef08)
[ 1474.896717][   T84] 
[ 1474.899048][   T84] The buggy address belongs to the physical page:
[ 1474.905461][   T84] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807698dfb0 pfn:0x7698c
[ 1474.915544][   T84] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1474.924109][   T84] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1474.931674][   T84] page_type: f5(slab)
[ 1474.935675][   T84] raw: 00fff00000000040 ffff88801ef2ab40 dead000000000122 0000000000000000
[ 1474.944275][   T84] raw: ffff88807698dfb0 00000000800c0007 00000000f5000000 0000000000000000
[ 1474.952878][   T84] head: 00fff00000000040 ffff88801ef2ab40 dead000000000122 0000000000000000
[ 1474.961580][   T84] head: ffff88807698dfb0 00000000800c0007 00000000f5000000 0000000000000000
[ 1474.970260][   T84] head: 00fff00000000002 ffffea0001da6301 00000000ffffffff 00000000ffffffff
[ 1474.978942][   T84] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1474.987614][   T84] page dumped because: kasan: bad access detected
[ 1474.994024][   T84] page_owner tracks the page as allocated
[ 1474.999738][   T84] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 21820, tgid 21819 (syz.3.6509), ts 744015292506, free_ts 740547873637
[ 1475.020548][   T84]  post_alloc_hook+0x1c0/0x230
[ 1475.025376][   T84]  get_page_from_freelist+0x1321/0x3890
[ 1475.030957][   T84]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1475.036890][   T84]  alloc_pages_mpol+0x1fb/0x550
[ 1475.041776][   T84]  new_slab+0x247/0x330
[ 1475.045973][   T84]  ___slab_alloc+0xd1e/0x1780
[ 1475.050688][   T84]  __slab_alloc.constprop.0+0x56/0xb0
[ 1475.056105][   T84]  kmem_cache_alloc_noprof+0xef/0x3b0
[ 1475.061493][   T84]  gfs2_glock_get+0x1e5/0x1230
[ 1475.066276][   T84]  gfs2_inode_lookup+0x277/0x8a0
[ 1475.071256][   T84]  gfs2_lookup_root+0x57/0x130
[ 1475.076057][   T84]  init_sb+0xae5/0x10d0
[ 1475.080241][   T84]  gfs2_fill_super+0x1967/0x2d30
[ 1475.085221][   T84]  get_tree_bdev_flags+0x38c/0x620
[ 1475.090359][   T84]  gfs2_get_tree+0x4e/0x280
[ 1475.094930][   T84]  vfs_get_tree+0x8e/0x340
[ 1475.099383][   T84] page last free pid 6146 tgid 6146 stack trace:
[ 1475.105711][   T84]  __free_frozen_pages+0x7fe/0x1180
[ 1475.110957][   T84]  qlist_free_all+0x4d/0x120
[ 1475.115594][   T84]  kasan_quarantine_reduce+0x195/0x1e0
[ 1475.121069][   T84]  __kasan_slab_alloc+0x69/0x90
[ 1475.125941][   T84]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1475.131429][   T84]  getname_flags.part.0+0x4c/0x550
[ 1475.136616][   T84]  getname_flags+0x93/0xf0
[ 1475.141049][   T84]  user_path_at+0x24/0x60
[ 1475.145395][   T84]  do_faccessat+0x139/0xba0
[ 1475.149910][   T84]  __x64_sys_faccessat2+0x96/0x100
[ 1475.155040][   T84]  do_syscall_64+0xcd/0x4c0
[ 1475.159575][   T84]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1475.165490][   T84] 
[ 1475.167818][   T84] Memory state around the buggy address:
[ 1475.173451][   T84]  ffff88807698ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1475.181520][   T84]  ffff88807698ed80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1475.189594][   T84] >ffff88807698ee00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1475.197657][   T84]                       ^
[ 1475.201991][   T84]  ffff88807698ee80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1475.210060][   T84]  ffff88807698ef00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1475.218122][   T84] ==================================================================
[ 1475.226318][    C0] vkms_vblank_simulate: vblank timer overrun