last executing test programs:

28.763742554s ago: executing program 2 (id=1596):
r0 = socket$kcm(0x10, 0x2, 0x0)
close(r0)
socket$kcm(0xa, 0x2, 0x3a)
write$cgroup_subtree(r0, 0x0, 0xfe33)

28.343998773s ago: executing program 2 (id=1597):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000200)='./bus\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6f646973636172640000008000200000ff5f78617474722c646973636172642c7768696e745f6d6f64653d757365722d626173651a9603642c6e6f696e6c696e48c8b8bd9db81b403801c199ffba3691ebc17570972cb0aab560ecd4a62772a15b05a04f8812838b6d154a85515cf6a313e8043c58707a92ff4e0d69fdd8fd380734190ccaff409ba8953c23b0c6f1c09d49447f1e1d0cedb97bb4daf266dcc2cec17b92cbbe1303abfc278ad789ffe0f34862de20f795a4b968385446d1964503b1815a337e284216bd6809000000000004000000d593d55b7516ceab7cd6f2aebee0e3b4e72511cc77b8aeb6cb60fe02009fbd67bd8d700393ec17bc2e14a4811bdefdda2f5f5ebead17e18e7fa077c6bf2fe6d11ac484b13898ad0c52acbc155d3426"], 0x1, 0x54f8, &(0x7f0000010140)="$eJzs3LtvW1UcB/DjpGn6okSIga1XqpASqbbiPCrYArTiIVJFPAYmcGzHcmv7RrHjhEwMjIiB/wSBxMTI38DAzIYYQGxIIN9zQpvyWOLECfl8pOvvvcfXv3uOVVX6XUc3ABfWXPbbL6VwM1wNIUyHEG6EUOyX0lZYi/FCCOFWCGHqia2Uxv8auBxCuBZCuJkKJqO3vrgzvL3681u/fvv97KXrX37zwwSWC5wRL4YQuttxf68bM2/FfJjGa8N2kd2VYcr4RvdROs5j7jU3iwp7tcPzakUut+L5+fZuf5RbnVp9lK32VjG+3YsX7A9bh3WKDzys7RTHjeZmke1+XmTrIM5r/yD+93bQH8Q6jVTv46J8GAwOM44395txPduPiqz3Bmk81s0bzf1RDlOmy4V63mkU89g8zjd9tr3d7u3uZ8PmTr+d97LVSvWlSvVuubqTN5qD5kq51m3cXcnmW53RaeVBs9Zda+V5q9Os1PPuQjbfqtfL1Wo2f6+52a71smq1slxZLK8upL072esP3s86jWx+lK+2e7uDdqefbeU7WfzEQrZUWX55Ibtdzd5d38g23rl/f33jvQ/vffDglfU3X0sn/W1a2fzS4tJSubpYXqouXKD1f5omPcb1w7GUJj0BgPPnRPv/uVizpP8HnnLe+/+g/x+Lc9X/XvT+/wTWD8ei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+nPnqjWJnLh5fT+PPpKHn0nEphDAVQvjjH0yHy0dqTqc6M/9y/sxTc1gLoagwusZs2q6l8dH2+7Mn/S0AAADA/9fXn9z6PHbr8WVu0hPiNMWbNlM3PhpTvVIIYWbupzFVmxq9PD+mYsW/70thf0zVihtYV8ZULN5yuzSuav/h8X236SNx5YkoxZg6hekAAACn7GgncBpdCAAAAJPx2aQnwGSUwuPfBNMf8M/GSD8IXj1yBAAAAJxDpUlPAAAAADhxRf9/Fp7/913J8/8AAADgpMTn/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7NxPTsJAFAfg10IF/0Vi3HsVd3AMj+DSpeEAXoIj4BW8AGfAnUcwYGhLtAYTkw7FkO9L2jIT8uOVsHkzpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD69FfPJy9Ptc9uc1bqdNHcDAAAA7LIs5pPyxagan9fzl/XUdT3OIiKPiF29ey9OGpm9Oqf45f3FjxpeI8qEzWcM6uMsIu7q4+Nq398CAAAAHK/FdDauuvXqNDp0QXSpWrTJL+4T5WURUYzeE6Xlm9NNorDy992Px0Rp5QLWMFFYteTWT5X2J73GZfjtklWXvNNyAACATjQ7gW67EAAAALr0cOgCOIwstluZ273g8p/3XxuCp40RAAAA8L8Ndk1m3dcBAAAAdKzs/z3/DwAAAI5b9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9mlZzCeL6WzcNme1bifN3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLI/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79+8ZNxQEAf7bPF1pAHAFlCEIgMcBCr9fS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/6HzImUJWwZbggSc5B9duL8kDgIsa/J5yM9v+9Z1nvf50RRvn5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS8L2DOMkOnVEcF+c2dh8vZP3mkT6ztrI1m7UsjupM+unwavVDNNNcIgAAAFwcSVnfhxC209W5rI87ef2fltdkNf8Pz4/isp4/WveXfVn7Z+3333Ze3p+oM5onG/TO4qB/9XgqrbNb5WR74R+vaOV3Pn/2kuRfkPjD5ZeGaX4/o+/W199v5+FUHdkCAP/FlbIvgvL3oazvNZkYABdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6DJfDs2UchRBmWwdxZnP38cJJ/drK1mzZbj55slIdMxsiDSHcWRz0r9a4lkn34OGjz+YHg/79+oPXQgjNzV4EH49xTQhNZig4bRAX3+v/48h70QSs62yDhn8wAQBw7qRFy+r67XR1LjsXTYew9+Ph+v/NShzGrP93Prm5UZ2rWv/3alvh5Osu3fuy++Dho7cX783f7d/tf/7Otd67veu3bty41c2flXQ9MQEAAOB02kWr1v/x9PH9/8uVOIxZ/3/1fe+b6lyJ+v9EB5t+TWcCAABwsb34+l9/Riecj9rt8PX80tL93ui4//na6NhAqv/aVNGq9X8y3XRWAAAAQB2Gy9Gh/f/blTiMuf//3E+v/FIdMwkhXCr2/68sfDG4Xd9yJlodf07c9BoBAABo1qWiVff/0/z9/3j/lYc4hPDWG6O4+DeAY9X/yQff/lydq/r+//X6ljiR4pnR/cj7qRBaM01nBAAAwHn2TNGyYv+PdHXu018vf9T2/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//xwcQP8=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events.local\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x0, 0x2000402)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0/file0'}, 0x11)

25.478802402s ago: executing program 2 (id=1616):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x0)

23.888764226s ago: executing program 2 (id=1625):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06\x01\x00\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\x17\x00\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc5\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d\x83\xb2b8\xd2\xa4[\xf8\x9cm\x0f\xcd[\x05\xd5\xf9\xf2\x9a\xe5F\x00'/577, 0x6)
pwritev(r1, 0x0, 0x0, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)

23.591205671s ago: executing program 2 (id=1626):
unshare(0x20020480)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x7, &(0x7f0000000680)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe866}, [@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

23.352174359s ago: executing program 2 (id=1628):
r0 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xfffffffc})
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000240009000074f500030000000600"], 0x14}}, 0x0)

12.517423877s ago: executing program 3 (id=1688):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000380)=0x40)

12.013995911s ago: executing program 4 (id=1690):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x3200400, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x3, 0xa73, &(0x7f00000005c0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x46842, 0x0)
pwritev2(r0, &(0x7f0000000480)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7a680000)

11.370699987s ago: executing program 3 (id=1692):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x4f, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff00")

10.031826612s ago: executing program 4 (id=1695):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, 0x1, 0xa, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
recvmmsg(r0, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

8.649126789s ago: executing program 4 (id=1698):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000001, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
inotify_init()

6.805056633s ago: executing program 1 (id=1702):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67b, &(0x7f0000001d00)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVCZ/1R+5f9l6vXi9XrF/JuVrKQ5VzLWuazmtUsZyrJeFdDI2vzq6vLUz3UvLFvzRtHG/8fj1YNAAAAAAAAAP7f/DxzO7//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA06BIhtpv1XKxkx5Po5lkNMlIWW49+UcnfUYU+218ePrjAAAAgCcyeoQ6z2xlK2u50Fl/VFT3/Jer++XRvJulrGYxq2llIXfqe+jyrr+xuTHd2tyYfrC5MV11/MNHbe12vv3fvoZRtZj2dw/79/xiVWIsd7NYbbmW29Vg7qRR1Sy9WI9ne9ndyc/KMY29VutxZHfq97Kz3x70LcJxaPRbYbyqNLwdkcl6bGVDzx4eic/8dJqH9jSVxvY3PxcP6amzS0WfMT/fqZfk14/F/LV///4HPTZzArYj0UgViRtdR9/lw2OefOXPf3jzXmvp/r27K1dP7DA6LY8fE9NdkXjhTEei2Wf5ySoSl7bX5/LdfD9XM5E3spzF/CjzWc1C6pkx8/XxXL6Od0Up2ROpm7vW3viskYzUn0t7Fu1lTBM5V6Xm83JV90IWU+Tt3MlCXq3+3chUvpGZzGS26xO+dOAnXO1bNdM2+jvrr3w1O6f6b8qZurd6yV97Ldi/9iW1jOuzXXHtnnPHq7zuLTtReq6H61Gfc2PzS3Wi7OMXR7lsnJjHIzHVFYnnD4/E76pzY6W1dH/53vw7B7S//tj6K8M76V+d5JW5b+Xx8lxG65lk99FR5j2/PcvsjtdI/YtLO6+xJ+9SlVcUnTP1e/ucqWXEZ6vSl/dt6UaV98LevKF65P/8V1ferr+38vbfBhNPAPp0/mvnR8b+M/b3sQ/Hfjl2b+z10e+c++a5l0Yy/JfhbzUnh15pvFT8KR/mJzv3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNGtvPf+/flWa2F5/0Tj4KzjTRT1g3wOKtPMWE5hGKeZKJL1Y285g9+vHhKdhwg+aTtv3nwqdudMJ4aS1Ft+muwcP/VHdJSHiwJnwvXVB+9cX3nv/a8vPph/a+GthaXhmZnZydmZV6ev311sLUy2Xwc9SuAk7Pw9MOiRAAAAAAAAAAAAAL06jf9p0NXdxAB3FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADij5q6mOZwiU5PXJsv1zY3pVrl00jslm0kajaT4cVJ8lNxMe8l4V3PFQf18sDh76+NPNz/ZaavZKd84rF5v1uslE0mG6vc9Ro7W3u2D2utZsb2HZcCudAIHg/a/AAAA//9FqgbH")
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
capset(&(0x7f0000000300)={0x20071026}, &(0x7f0000000340))
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

6.011017476s ago: executing program 3 (id=1704):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
read$FUSE(r0, &(0x7f000000ae80)={0x2020}, 0x2020)
pread64(r0, &(0x7f00000002c0)=""/220, 0xdc, 0x0)
read$FUSE(r0, &(0x7f0000004b80)={0x2020}, 0x2020)

5.651701078s ago: executing program 1 (id=1705):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x9c)

4.57064268s ago: executing program 0 (id=1707):
r0 = socket(0xa, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
r1 = dup2(r0, r0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000003c0)={0x0, @in={{0x2, 0x0, @private=0xa010101}}}, &(0x7f0000000340)=0x90)

4.25876149s ago: executing program 1 (id=1708):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_buf(r1, 0x1, 0x1f, 0x0, &(0x7f0000000400))

4.097601005s ago: executing program 4 (id=1709):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002300)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c, &(0x7f0000000080)=[{&(0x7f00000022c0)='`', 0x1}], 0x1}}, {{&(0x7f0000000900)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000003580)=[{&(0x7f0000000940)='z', 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x71, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)

3.883900556s ago: executing program 0 (id=1710):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x37, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0xfffffffffffffe36, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x40}}, 0x0)

3.77429007s ago: executing program 3 (id=1711):
iopl(0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r0, 0x0, 0x0, 0x0)

3.521931229s ago: executing program 1 (id=1712):
r0 = io_uring_setup(0x3b4a, &(0x7f0000000ac0))
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5)
close_range(r0, 0xffffffffffffffff, 0x0)

3.414568866s ago: executing program 4 (id=1713):
ioprio_set$pid(0x2, 0x0, 0x2000)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = open(&(0x7f0000000280)='./bus\x00', 0x145842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)

2.772166817s ago: executing program 0 (id=1714):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x5)
ioprio_get$uid(0x3, 0x0)

2.266309436s ago: executing program 1 (id=1715):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x264e33, 0x0)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000080)=0x409, 0xffba)

2.266140478s ago: executing program 3 (id=1716):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x560f, &(0x7f0000000000)={0x1, 0x1, 0x1d, 0x1a, 0x1, 0x0})
ioctl$TCFLSH(r0, 0x40384708, 0x20000000)

2.103581884s ago: executing program 0 (id=1717):
r0 = socket$inet6(0xa, 0x3, 0xff)
syz_emit_ethernet(0x46, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x200}}}}}}, 0x0)
connect$inet6(r0, &(0x7f0000000500)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
write$binfmt_elf64(r0, 0x0, 0xc9)

1.904877195s ago: executing program 4 (id=1718):
bpf$PROG_LOAD(0x5, &(0x7f0000004680)={0x0, 0xb, &(0x7f0000004440)=@raw=[@cb_func, @ringbuf_output], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000003e00)=[{{&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x0, &(0x7f0000002680)=[{&(0x7f0000000100)=""/227}, {&(0x7f0000000200)=""/210}, {&(0x7f0000000300)=""/169}, {&(0x7f00000003c0)=""/152}, {&(0x7f0000000480)=""/4096}, {&(0x7f0000001480)=""/4096}, {&(0x7f0000002480)=""/136}, {&(0x7f0000002540)=""/157}, {&(0x7f0000002600)=""/111}], 0x0, &(0x7f0000003f40)=""/253}}, {{&(0x7f0000002840)=@tipc=@name, 0x0, &(0x7f0000002940), 0x0, &(0x7f0000002980)=""/193}}, {{0x0, 0x0, &(0x7f00000028c0)=[{&(0x7f0000002a80)=""/4096}, {&(0x7f0000003a80)=""/253}, {&(0x7f0000003b80)=""/215}, {&(0x7f0000003c80)=""/166}], 0x0, &(0x7f0000003ec0)=""/91}}], 0x4f, 0x0, 0x0)

1.347175707s ago: executing program 0 (id=1719):
r0 = syz_io_uring_setup(0x7540, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000200)=<r1=>0x0)
r2 = syz_io_uring_setup(0x34ee, &(0x7f0000000300)={0x0, 0x0, 0x40}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000001480))
syz_io_uring_submit(r3, r1, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r2, 0x0, 0x0})
io_uring_enter(r0, 0x2003, 0x0, 0x0, 0x0, 0x0)

876.164423ms ago: executing program 3 (id=1720):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x82781)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x1, 'client1\x00', 0xffffffff80000006, "d62e980da99179cf", "20e48560999fd132b6a5426180a8c27a00fcfffff0003336f794d20352346f8f"})
write$sndseq(r0, &(0x7f00000000c0)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {0x0, 0x1}, @result}], 0x1c)

340.72125ms ago: executing program 0 (id=1721):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "e59e75e84c"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac0d}]}]}, 0x3c}}, 0x0)

0s ago: executing program 1 (id=1722):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000040), 0x4)

kernel console output (not intermixed with test programs):

003:1532:010D.0026: unknown main item tag 0x0
[  191.793605][ T5286] razer 0003:1532:010D.0026: unknown main item tag 0x0
[  191.800575][ T5286] razer 0003:1532:010D.0026: unknown main item tag 0x0
[  191.807668][ T5286] razer 0003:1532:010D.0026: unknown main item tag 0x0
[  191.814768][ T5286] razer 0003:1532:010D.0026: unknown main item tag 0x0
[  191.823866][ T5286] razer 0003:1532:010D.0026: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.3-1/input0
[  191.927538][ T7711] loop0: detected capacity change from 0 to 40427
[  191.965358][ T7711] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  192.003750][ T7711] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  192.041927][ T7727] loop2: detected capacity change from 0 to 2048
[  192.042414][ T5286] usb 4-1: USB disconnect, device number 11
[  192.048796][ T7725] loop1: detected capacity change from 0 to 2048
[  192.086485][ T7727] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  192.105159][ T7711] F2FS-fs (loop0): Found nat_bits in checkpoint
[  192.115053][ T7715] loop4: detected capacity change from 0 to 40427
[  192.144244][ T7727] syz.2.866: attempt to access beyond end of device
[  192.144244][ T7727] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  192.153100][ T7715] F2FS-fs (loop4): invalid crc value
[  192.159197][ T7730] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  192.187502][ T7725] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  192.199849][ T7715] F2FS-fs (loop4): Found nat_bits in checkpoint
[  192.268648][ T7727] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  192.333976][ T7711] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  192.360928][ T7711] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  192.398731][ T7715] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  192.469408][ T7727] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  192.562639][ T5230] syz-executor: attempt to access beyond end of device
[  192.562639][ T5230] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  192.583614][ T5230] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  193.264149][ T5314] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  193.437799][ T5314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.474168][ T5314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.533136][ T5314] usb 3-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00
[  193.554662][ T5314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.593184][ T5314] usb 3-1: config 0 descriptor??
[  194.026821][ T7736] loop1: detected capacity change from 0 to 32768
[  194.071355][ T7736] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.867 (7736)
[  194.101413][ T7736] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  194.143545][ T7736] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  194.156834][ T5314] wacom 0003:056A:00B0.0027: Unknown device_type for 'HID 056a:00b0'. Assuming pen.
[  194.199165][ T7736] BTRFS info (device loop1): using free-space-tree
[  194.229938][ T5314] wacom 0003:056A:00B0.0027: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.2-1/input0
[  194.308276][ T5314] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00B0.0027/input/input29
[  194.372087][ T7736] BTRFS info (device loop1): rebuilding free space tree
[  194.440653][ T5314] usb 3-1: USB disconnect, device number 14
[  194.460846][ T7786] tmpfs: Bad value for 'mpol'
[  194.640573][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  194.647352][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  195.011103][ T7797] loop0: detected capacity change from 0 to 4096
[  195.018557][ T5242] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  195.107435][ T7804] loop4: detected capacity change from 0 to 128
[  195.198220][ T7806] loop2: detected capacity change from 0 to 1024
[  195.244525][ T7804] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.333809][ T7804] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  195.397814][ T7797] ntfs3: loop0: ino=21, The size of extended attributes must not exceed 64KiB
[  195.527688][ T5232] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.543988][ T7806] EXT4-fs: Ignoring removed orlov option
[  195.556196][ T7806] EXT4-fs (loop2): Test dummy encryption mode enabled
[  195.602682][ T7806] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  195.700684][ T7817] loop1: detected capacity change from 0 to 1024
[  195.765146][ T7806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.930349][ T5229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.178866][ T7835] netlink: 32 bytes leftover after parsing attributes in process `syz.2.905'.
[  196.180685][ T7831] netlink: 'syz.3.901': attribute type 2 has an invalid length.
[  196.262932][ T7831] netlink: 24 bytes leftover after parsing attributes in process `syz.3.901'.
[  196.410346][ T7837] loop1: detected capacity change from 0 to 4096
[  196.428988][ T7837] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  196.553728][ T5285] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  196.715615][ T5285] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  196.728551][ T5251] Bluetooth: hci4: command 0x0406 tx timeout
[  196.737519][ T5285] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.794635][ T5285] usb 5-1: config 0 descriptor??
[  196.803668][ T5249] Bluetooth: hci3: command 0x0406 tx timeout
[  196.803699][ T5252] Bluetooth: hci0: command 0x0406 tx timeout
[  196.812278][ T5249] Bluetooth: hci1: command 0x0406 tx timeout
[  196.944600][ T5286] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  197.022646][ T7855] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.031979][ T7855] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.064828][ T7856] program syz.2.911 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  197.106037][ T7855] bridge_slave_1: left allmulticast mode
[  197.112108][ T7855] bridge_slave_1: left promiscuous mode
[  197.126676][ T7855] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.144231][ T5286] usb 4-1: Using ep0 maxpacket: 16
[  197.151795][ T5286] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  197.213941][ T5286] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  197.253733][ T5286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  197.293301][ T5286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 17488, setting to 1024
[  197.332320][ T5286] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  197.355509][ T7855] bridge_slave_0: left allmulticast mode
[  197.359163][ T5286] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  197.361203][ T7855] bridge_slave_0: left promiscuous mode
[  197.400394][ T5286] usb 4-1: Manufacturer: syz
[  197.403695][ T7855] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.437730][ T5286] usb 4-1: config 0 descriptor??
[  197.455287][ T7849] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  197.486075][ T5285] ath6kl: Failed to read usb control message: -71
[  197.492696][ T5285] ath6kl: Unable to read the bmi data from the device: -71
[  197.510501][ T5285] ath6kl: unable to read target info byte count: -71
[  197.524673][ T5285] ath6kl: Failed to init ath6kl core: -71
[  197.535645][ T5285] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  197.569957][ T5285] usb 5-1: USB disconnect, device number 11
[  197.775257][ T5286] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  197.792490][ T5286] usb 4-1: USB disconnect, device number 12
[  197.885265][ T7847] loop1: detected capacity change from 0 to 32768
[  197.943027][ T7847] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  198.664893][ T7858] loop2: detected capacity change from 0 to 32768
[  198.694600][ T7847] XFS (loop1): Ending clean mount
[  198.727926][ T7847] XFS (loop1): Quotacheck needed: Please wait.
[  198.784083][ T7847] XFS (loop1): Quotacheck: Done.
[  198.977862][ T5242] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  200.220082][ T7910] loop1: detected capacity change from 0 to 32768
[  200.411012][ T5249] Bluetooth: hci3: unexpected event for opcode 0x2035
[  200.473919][ T7910] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  200.512406][ T7929] vivid-008: disconnect
[  200.519376][ T7928] vivid-008: reconnect
[  200.869623][ T7910] XFS (loop1): Ending clean mount
[  200.890709][ T7910] XFS (loop1): Quotacheck needed: Please wait.
[  201.000845][ T7910] XFS (loop1): Quotacheck: Done.
[  201.144466][ T7951] netlink: 12 bytes leftover after parsing attributes in process `syz.4.947'.
[  201.158534][ T7954] loop2: detected capacity change from 0 to 512
[  201.172561][ T7954] EXT4-fs: Ignoring removed mblk_io_submit option
[  201.188704][ T5242] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  201.193581][ T7954] ext4: Unknown parameter 'dont_measure'
[  201.680810][ T7970] loop2: detected capacity change from 0 to 64
[  202.051170][ T7976] loop4: detected capacity change from 0 to 1024
[  202.520040][ T7969] loop0: detected capacity change from 0 to 40427
[  202.603956][ T7969] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  202.612304][ T7969] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  202.678511][ T7974] loop2: detected capacity change from 0 to 32768
[  202.739904][ T7969] F2FS-fs (loop0): invalid crc value
[  202.801008][ T7974] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  202.826880][ T7969] F2FS-fs (loop0): Found nat_bits in checkpoint
[  203.022440][ T7969] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30
[  203.045004][ T7969] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  203.246464][ T7974] XFS (loop2): Ending clean mount
[  203.265677][ T7974] XFS (loop2): Quotacheck needed: Please wait.
[  203.298360][ T7990] loop1: detected capacity change from 0 to 4096
[  203.379922][ T7974] XFS (loop2): Quotacheck: Done.
[  203.519948][ T7990] ntfs3: loop1: ino=3, Correct links count -> 2.
[  203.697658][ T5229] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  203.903873][ T7985] loop4: detected capacity change from 0 to 32768
[  203.911109][ T7985] XFS: attr2 mount option is deprecated.
[  204.159788][   T25] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  204.196398][ T7985] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  204.475945][ T7985] XFS (loop4): Ending clean mount
[  204.488901][ T5249] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  204.499616][ T5249] Bluetooth: hci3: Injecting HCI hardware error event
[  204.510026][ T5240] Bluetooth: hci3: hardware error 0x00
[  204.530232][ T7985] XFS (loop4): Quotacheck needed: Please wait.
[  204.563757][   T25] usb 1-1: Using ep0 maxpacket: 32
[  204.593544][ T5286] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  204.623604][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.634626][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.644488][   T25] usb 1-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00
[  204.653633][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.681920][   T25] usb 1-1: config 0 descriptor??
[  204.753582][ T5286] usb 3-1: Using ep0 maxpacket: 32
[  204.768020][ T7985] XFS (loop4): Quotacheck: Done.
[  204.787214][ T5286] usb 3-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  204.797812][ T5286] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.821754][ T5286] usb 3-1: Product: syz
[  204.827079][ T5286] usb 3-1: Manufacturer: syz
[  204.831845][ T5286] usb 3-1: SerialNumber: syz
[  204.843034][ T5286] usb 3-1: config 0 descriptor??
[  204.893295][ T5285] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  205.088353][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.120345][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.181304][ T5285] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  205.201697][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.225463][ T5285] usb 4-1: config 0 descriptor??
[  205.248820][ T5232] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  205.404410][   T25] wacom 0003:056A:00F0.0028: unknown main item tag 0x0
[  205.420460][   T25] wacom 0003:056A:00F0.0028: hidraw0: USB HID v0.00 Device [HID 056a:00f0] on usb-dummy_hcd.0-1/input0
[  205.584322][   T25] usb 1-1: USB disconnect, device number 10
[  205.698218][ T5285] lg-g15 0003:046D:C222.0029: unbalanced collection at end of report description
[  205.726446][ T5286] usb 3-1: reset high-speed USB device number 15 using dummy_hcd
[  205.751399][ T5285] lg-g15 0003:046D:C222.0029: probe with driver lg-g15 failed with error -22
[  205.939978][ T5314] usb 4-1: USB disconnect, device number 13
[  206.195602][ T5333] usb 3-1: USB disconnect, device number 15
[  206.308479][ T8014] loop1: detected capacity change from 0 to 40427
[  206.391006][ T8014] F2FS-fs (loop1): Found nat_bits in checkpoint
[  206.510189][ T8014] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  206.563950][ T5240] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  207.646234][ T8021] f2fs_ckpt-7:1: attempt to access beyond end of device
[  207.646234][ T8021] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  207.737877][ T8021] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  207.919747][ T8027] loop0: detected capacity change from 0 to 131072
[  207.932493][ T8027] F2FS-fs (loop0): QUOTA feature is enabled, so ignore qf_name
[  207.987954][ T8027] F2FS-fs (loop0): invalid crc value
[  208.011702][ T8027] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  208.080677][ T8027] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b
[  208.115488][ T5333] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  208.292720][ T8017] loop4: detected capacity change from 0 to 40427
[  208.311856][ T5333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.326364][ T8017] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  208.339554][ T5333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.340288][ T8017] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  208.351990][ T5333] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  208.367010][ T5333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.398325][ T5333] usb 3-1: config 0 descriptor??
[  208.421990][ T8017] F2FS-fs (loop4): Found nat_bits in checkpoint
[  208.531150][ T8017] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  208.538651][ T8017] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  208.575234][ T8040] netlink: 'syz.3.979': attribute type 4 has an invalid length.
[  208.666836][ T8040] netlink: 'syz.3.979': attribute type 8 has an invalid length.
[  208.715753][ T8040] netlink: 204 bytes leftover after parsing attributes in process `syz.3.979'.
[  208.869803][ T5333] cm6533_jd 0003:0D8C:0022.002A: unknown global tag 0xc
[  208.884209][ T5333] cm6533_jd 0003:0D8C:0022.002A: item 0 1 1 12 parsing failed
[  208.909953][ T5333] cm6533_jd 0003:0D8C:0022.002A: parse failed
[  208.931709][ T5333] cm6533_jd 0003:0D8C:0022.002A: probe with driver cm6533_jd failed with error -22
[  209.065703][   T29] audit: type=1326 audit(1727331288.632:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8041 comm="syz.1.977" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f38d3d7df39 code=0x0
[  209.154834][ T5286] usb 3-1: USB disconnect, device number 16
[  210.021578][ T8067] loop2: detected capacity change from 0 to 128
[  210.100029][ T8067] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  210.132105][ T8076] loop0: detected capacity change from 0 to 64
[  210.162899][ T8067] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.437353][ T5229] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.626449][ T8085] loop4: detected capacity change from 0 to 4096
[  210.657730][ T8085] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  210.666393][   T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  210.789758][ T8085] ntfs3: loop4: Failed to load $Extend (-22).
[  210.796573][ T8085] ntfs3: loop4: Failed to initialize $Extend.
[  210.969399][   T25] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  210.991465][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.008995][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.019050][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  211.079686][   T25] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  211.089211][   T25] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  211.097679][   T25] usb 2-1: Manufacturer: syz
[  211.137687][   T25] usb 2-1: config 0 descriptor??
[  211.333792][ T5333] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  211.416685][ T8107] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1005'.
[  211.483834][ T8113] loop0: detected capacity change from 0 to 2048
[  211.486072][ T5333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  211.523898][ T8113] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  211.534258][ T5333] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.570629][   T25] appleir 0003:05AC:8243.002B: item fetching failed at offset 0/1
[  211.579485][   T25] appleir 0003:05AC:8243.002B: parse failed
[  211.587722][ T5333] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  211.621194][   T25] appleir 0003:05AC:8243.002B: probe with driver appleir failed with error -22
[  211.643807][ T5333] usb 3-1: New USB device found, idVendor=045e, idProduct=83da, bcdDevice= 0.2c
[  211.653896][ T5333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.666071][ T5333] usb 3-1: config 0 descriptor??
[  211.699268][ T8117] loop4: detected capacity change from 0 to 256
[  211.709564][ T8113] syz.0.1009: attempt to access beyond end of device
[  211.709564][ T8113] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  211.732096][ T8118] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  211.776754][ T8113] syz.0.1009: attempt to access beyond end of device
[  211.776754][ T8113] loop0: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  211.795746][ T8113] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=0)
[  211.828091][ T5314] usb 2-1: USB disconnect, device number 12
[  211.923124][ T8117] FAT-fs (loop4): Directory bread(block 64) failed
[  211.949397][ T8117] FAT-fs (loop4): Directory bread(block 65) failed
[  211.958094][ T8117] FAT-fs (loop4): Directory bread(block 66) failed
[  212.012851][ T8117] FAT-fs (loop4): Directory bread(block 67) failed
[  212.052169][ T8117] FAT-fs (loop4): Directory bread(block 68) failed
[  212.089671][ T8117] FAT-fs (loop4): Directory bread(block 69) failed
[  212.123017][ T8117] FAT-fs (loop4): Directory bread(block 70) failed
[  212.146464][ T8117] FAT-fs (loop4): Directory bread(block 71) failed
[  212.180614][ T8117] FAT-fs (loop4): Directory bread(block 72) failed
[  212.197791][ T8117] FAT-fs (loop4): Directory bread(block 73) failed
[  212.394950][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.402436][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.411604][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.413685][ T5314] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  212.431374][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.483649][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.491132][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.513482][   T25] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  212.533626][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.541260][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.550837][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.563553][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.583702][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.621932][ T5314] usb 1-1: Using ep0 maxpacket: 8
[  212.631311][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.642533][ T5314] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice= 0.55
[  212.647655][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.669980][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.677670][ T5314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.678161][   T25] usb 4-1: Using ep0 maxpacket: 16
[  212.699949][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.710341][ T5314] usb 1-1: config 0 descriptor??
[  212.714096][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.746874][ T5314] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  212.761106][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.773710][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.788033][ T5314] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  212.800442][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.813900][   T25] usb 4-1: New USB device found, idVendor=6666, idProduct=8802, bcdDevice= 0.00
[  212.823150][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.841433][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.858235][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.872783][   T25] usb 4-1: config 0 descriptor??
[  212.879896][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.912246][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.943158][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.974022][ T5333] hid-generic 0003:045E:83DA.002C: unknown main item tag 0x0
[  212.985646][ T5314] usb 1-1: USB disconnect, device number 11
[  212.998298][ T5333] hid-generic 0003:045E:83DA.002C: unbalanced collection at end of report description
[  213.057246][ T5333] hid-generic 0003:045E:83DA.002C: probe with driver hid-generic failed with error -22
[  213.087947][ T5333] usb 3-1: USB disconnect, device number 17
[  213.130798][ T8134] loop4: detected capacity change from 0 to 16
[  213.176258][ T8134] erofs: (device loop4): mounted with root inode @ nid 36.
[  213.364966][   T25] smartjoyplus 0003:6666:8802.002D: item fetching failed at offset 2/5
[  213.387311][   T25] smartjoyplus 0003:6666:8802.002D: parse failed
[  213.432686][   T25] smartjoyplus 0003:6666:8802.002D: probe with driver smartjoyplus failed with error -22
[  213.623699][ T5314] usb 4-1: USB disconnect, device number 14
[  213.750432][ T8150] loop4: detected capacity change from 0 to 512
[  213.793738][   T25] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  213.933561][ T8150] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1027: corrupted in-inode xattr: invalid ea_ino
[  213.981064][ T8150] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1027: couldn't read orphan inode 15 (err -117)
[  214.020713][ T8150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.027546][   T25] usb 2-1: Using ep0 maxpacket: 16
[  214.119975][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.163553][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.177940][ T5232] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.190877][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  214.253528][   T25] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[  214.290735][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.336245][ T8167] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1035'.
[  214.363518][   T25] usb 2-1: config 0 descriptor??
[  214.576299][ T8173] binder: 8171:8173 ioctl c00c6211 0 returned -14
[  214.809930][   T25] shield 0003:0955:7214.002E: unexpected long global item
[  214.852431][   T25] shield 0003:0955:7214.002E: Parse failed
[  214.853753][ T5314] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  214.879075][   T25] shield 0003:0955:7214.002E: probe with driver shield failed with error -22
[  215.014330][   T25] usb 2-1: USB disconnect, device number 13
[  215.153996][ T5314] usb 4-1: Using ep0 maxpacket: 16
[  215.203678][ T5314] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  215.223812][ T5314] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.252588][ T5314] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  215.279532][ T5314] usb 4-1: config 0 interface 0 has no altsetting 0
[  215.294219][ T5314] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  215.303338][ T5314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.348157][ T5314] usb 4-1: config 0 descriptor??
[  215.594543][ T8200] loop0: detected capacity change from 0 to 512
[  215.725902][ T8200] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 ro without journal. Quota mode: writeback.
[  215.915218][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  215.932943][ T8198] loop2: detected capacity change from 0 to 32768
[  215.940837][ T5286] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  215.961544][ T8198] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1050 (8198)
[  216.042520][ T5314] hid-generic 0003:045E:05DA.002F: ignoring exceeding usage max
[  216.068401][ T5314] hid-generic 0003:045E:05DA.002F: hidraw0: USB HID v0.00 Device [HID 045e:05da] on usb-dummy_hcd.3-1/input0
[  216.081513][ T8198] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.095211][ T8198] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  216.103569][ T5286] usb 5-1: Using ep0 maxpacket: 32
[  216.104625][ T8198] BTRFS info (device loop2): using free-space-tree
[  216.115294][ T5286] usb 5-1: config 0 has an invalid interface number: 219 but max is 0
[  216.126480][ T5286] usb 5-1: config 0 has no interface number 0
[  216.132650][ T5286] usb 5-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  216.233928][ T5286] usb 5-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  216.279890][ T8223] sp0: Synchronizing with TNC
[  216.315710][ T5286] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  216.338142][ T5286] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  216.358115][ T5286] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  216.428516][ T5286] usb 5-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  216.481594][ T5286] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  216.500890][ T5286] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.522601][ T5286] usb 5-1: Product: syz
[  216.533634][ T5286] usb 5-1: Manufacturer: syz
[  216.538336][ T5286] usb 5-1: SerialNumber: syz
[  216.555968][ T5229] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.573215][ T5286] usb 5-1: config 0 descriptor??
[  216.580479][ T8192] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  216.590732][   T25] usb 4-1: USB disconnect, device number 15
[  216.598885][ T8192] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  216.916123][ T5286] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz)
[  217.011912][ T8232] loop0: detected capacity change from 0 to 512
[  217.034946][ T8232] EXT4-fs: Ignoring removed i_version option
[  217.074215][ T8232] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  217.128276][ T5286] etas_es58x 5-1:0.219: could not parse product info: '놹'
[  217.183553][   T46] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  217.184329][ T8232] EXT4-fs (loop0): 1 truncate cleaned up
[  217.264860][ T8232] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.376169][ T5286] usb 5-1: USB disconnect, device number 12
[  217.385538][   T46] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  217.398167][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  217.405733][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.409896][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  217.428436][   T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  217.441619][   T46] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  217.450805][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.488958][ T5286] etas_es58x 5-1:0.219: Disconnecting syz syz
[  217.512776][   T46] usb 2-1: config 0 descriptor??
[  217.898640][ T8245] loop0: detected capacity change from 0 to 256
[  217.934657][   T46] plantronics 0003:047F:FFFF.0030: unbalanced collection at end of report description
[  217.948218][ T8245] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  217.973734][   T46] plantronics 0003:047F:FFFF.0030: parse failed
[  217.993558][   T46] plantronics 0003:047F:FFFF.0030: probe with driver plantronics failed with error -22
[  218.064392][ T8245] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  218.191466][    T9] usb 2-1: USB disconnect, device number 14
[  218.237114][ T8256] program syz.2.1066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  218.327337][ T8260] openvswitch: netlink: Message has 225 unknown bytes.
[  218.368747][ T8260] openvswitch: netlink: Actions may not be safe on all matching packets
[  218.420057][ T8262] netlink: 'syz.0.1067': attribute type 2 has an invalid length.
[  218.959246][ T8281] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1074'.
[  219.003532][ T8281] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1074'.
[  219.133343][ T8288] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1077'.
[  219.272524][ T8283] loop1: detected capacity change from 0 to 4096
[  219.620264][ T8283] ntfs3: loop1: Failed to load $Extend (-22).
[  219.636851][ T8283] ntfs3: loop1: Failed to initialize $Extend.
[  219.645680][ T8265] loop4: detected capacity change from 0 to 32768
[  219.934283][ T5333] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  220.493220][ T8301] loop2: detected capacity change from 0 to 40427
[  220.508403][ T8301] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  220.515738][ T8301] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  220.524798][ T5333] usb 4-1: Using ep0 maxpacket: 16
[  220.532134][ T5333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.556617][ T5333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.583567][ T5333] usb 4-1: New USB device found, idVendor=056a, idProduct=0013, bcdDevice= 0.00
[  220.594120][ T5333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.615320][ T5333] usb 4-1: config 0 descriptor??
[  220.631256][ T8301] F2FS-fs (loop2): Found nat_bits in checkpoint
[  220.705195][ T8319] loop0: detected capacity change from 0 to 2048
[  220.766234][ T8319] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  220.815799][ T8319] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  220.840615][ T8301] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  220.853609][ T8301] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  220.963698][ T8319] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1376) has entry where CRC length (63772) does not match entry length (28)
[  221.099524][ T5229] syz-executor: attempt to access beyond end of device
[  221.099524][ T5229] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  221.124463][ T5229] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  221.151141][ T5333] wacom 0003:056A:0013.0031: Unknown device_type for 'HID 056a:0013'. Assuming pen.
[  221.168516][ T5333] wacom 0003:056A:0013.0031: hidraw0: USB HID v0.00 Device [HID 056a:0013] on usb-dummy_hcd.3-1/input0
[  221.226880][ T5333] input: Wacom Graphire3 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0013.0031/input/input35
[  221.332777][ T8333] loop0: detected capacity change from 0 to 1764
[  221.419087][ T8333] iso9660: Corrupted directory entry in block 2 of inode 1920
[  221.573746][ T5333] usb 4-1: USB disconnect, device number 16
[  221.594832][ T8336] netlink: 'syz.1.1094': attribute type 10 has an invalid length.
[  221.715933][ T8336] 8021q: adding VLAN 0 to HW filter on device team0
[  221.727707][ T8336] bond0: (slave team0): Enslaving as an active interface with an up link
[  221.769950][ T8339] netlink: 'syz.1.1094': attribute type 10 has an invalid length.
[  221.860229][ T8339] bond0: (slave team0): Releasing backup interface
[  221.966305][ T8339] bridge0: port 3(team0) entered blocking state
[  221.988146][ T8329] loop4: detected capacity change from 0 to 32768
[  222.004511][ T8339] bridge0: port 3(team0) entered disabled state
[  222.028492][ T8339] team0: entered allmulticast mode
[  222.056474][ T8339] team_slave_0: entered allmulticast mode
[  222.065794][ T8339] team_slave_1: entered allmulticast mode
[  222.073127][ T8339] team0: entered promiscuous mode
[  222.083649][ T8339] team_slave_0: entered promiscuous mode
[  222.089628][ T8339] team_slave_1: entered promiscuous mode
[  222.146263][ T8329] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  222.754736][ T8347] loop1: detected capacity change from 0 to 32768
[  222.845356][ T5232] ocfs2: Unmounting device (7,4) on (node local)
[  222.916273][ T8347] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  223.067855][ T8347] XFS (loop1): Ending clean mount
[  223.253979][ T8372] loop0: detected capacity change from 0 to 256
[  223.274297][ T8372] exfat: Deprecated parameter 'utf8'
[  223.337259][ T5242] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  223.338603][ T8372] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5b52992a, utbl_chksum : 0xe619d30d)
[  223.729418][ T8360] loop2: detected capacity change from 0 to 32768
[  223.871635][ T8360] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  224.180816][ T8360] XFS (loop2): Ending clean mount
[  224.376620][ T8407] loop0: detected capacity change from 0 to 128
[  224.392461][ T5229] XFS (loop2): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  224.439593][ T8407] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[  225.363735][ T5333] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  225.493895][   T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  225.533712][ T5333] usb 2-1: Using ep0 maxpacket: 32
[  225.544394][ T5333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.565700][ T5333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.596287][ T5333] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  225.636450][ T5333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.663476][   T25] usb 1-1: Using ep0 maxpacket: 8
[  225.676007][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.698702][ T5333] usb 2-1: config 0 descriptor??
[  225.708805][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.731070][   T25] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  225.751025][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.777971][   T25] usb 1-1: config 0 descriptor??
[  225.933852][   T46] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  226.098047][   T46] usb 5-1: Using ep0 maxpacket: 32
[  226.108914][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.130646][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.156497][   T46] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  226.168443][ T5333] uclogic 0003:28BD:0094.0032: interface is invalid, ignoring
[  226.177765][ T8431] loop2: detected capacity change from 0 to 32768
[  226.183760][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.219287][ T8431] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.219304][   T46] usb 5-1: config 0 descriptor??
[  226.309140][   T25] hid-picolcd 0003:04D8:F002.0033: No report with id 0xf3 found
[  226.329113][   T25] hid-picolcd 0003:04D8:F002.0033: No report with id 0xf4 found
[  226.467560][ T5286] usb 2-1: USB disconnect, device number 15
[  226.475389][   T25] usb 1-1: USB disconnect, device number 12
[  226.588721][ T8431] XFS (loop2): Ending clean mount
[  226.689795][ T5229] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.701611][   T46] kye 0003:0458:5011.0034: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  226.738101][   T46] kye 0003:0458:5011.0034: hidraw0: USB HID v0.00 Device [HID 0458:5011] on usb-dummy_hcd.4-1/input0
[  226.798983][   T46] kye 0003:0458:5011.0034: tablet-enabling feature report not found
[  226.826599][   T46] kye 0003:0458:5011.0034: tablet enabling failed
[  226.956035][   T46] usb 5-1: USB disconnect, device number 13
[  227.079684][ T8447] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1134'.
[  227.155894][ T8449] loop0: detected capacity change from 0 to 64
[  227.337261][ T8457] loop2: detected capacity change from 0 to 256
[  227.387558][ T8458] loop1: detected capacity change from 0 to 64
[  227.900855][ T8466] netlink: 'syz.2.1144': attribute type 29 has an invalid length.
[  227.961951][ T8471] netlink: 'syz.2.1144': attribute type 29 has an invalid length.
[  228.039691][ T8473] tipc: Started in network mode
[  228.045434][ T8473] tipc: Node identity :, cluster identity 4711
[  228.226723][ T8475] loop0: detected capacity change from 0 to 1024
[  228.252273][ T8475] EXT4-fs: Ignoring removed nomblk_io_submit option
[  228.269322][ T8479] openvswitch: netlink: Missing key (keys=44, expected=200000)
[  228.352114][ T8475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.447530][   T46] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  228.500356][   T29] audit: type=1326 audit(1727331308.072:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.574247][   T29] audit: type=1326 audit(1727331308.072:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.630212][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.641486][   T29] audit: type=1326 audit(1727331308.092:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.651730][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.684481][   T29] audit: type=1326 audit(1727331308.102:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.713473][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.745853][   T29] audit: type=1326 audit(1727331308.102:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.785517][   T29] audit: type=1326 audit(1727331308.102:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.808006][   T29] audit: type=1326 audit(1727331308.102:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.2.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  228.810417][   T46] usb 5-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[  228.935188][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.987874][   T46] usb 5-1: config 0 descriptor??
[  229.115130][ T8492] dlm: plock device version mismatch: kernel (1.2.0), user (1.3.536871104)
[  229.238448][ T8464] loop1: detected capacity change from 0 to 40427
[  229.258415][ T8464] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  229.318079][ T8464] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  229.346463][ T8464] F2FS-fs (loop1): Found nat_bits in checkpoint
[  229.441619][   T46] microsoft 0003:045E:009D.0035: unbalanced delimiter at end of report description
[  229.479541][   T46] microsoft 0003:045E:009D.0035: parse failed
[  229.523531][   T46] microsoft 0003:045E:009D.0035: probe with driver microsoft failed with error -22
[  229.629365][ T8464] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  229.657163][ T8464] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  229.696713][ T5283] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  229.709689][   T25] usb 5-1: USB disconnect, device number 14
[  229.778493][ T8502] ipvlan0: entered allmulticast mode
[  229.853485][ T5283] usb 3-1: Using ep0 maxpacket: 8
[  229.866132][ T5283] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  229.889741][ T5283] usb 3-1: config 0 has no interface number 0
[  229.917831][ T5283] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  229.961666][ T5283] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.034334][ T5283] usb 3-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  230.063457][ T5283] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  230.071529][ T5283] usb 3-1: Manufacturer: syz
[  230.121496][ T5283] usb 3-1: config 0 descriptor??
[  230.429675][ T8512] loop0: detected capacity change from 0 to 2048
[  230.723189][ T8520] netlink: 'syz.1.1165': attribute type 2 has an invalid length.
[  230.753564][ T8512] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  230.816649][ T5283] usb 3-1: USB disconnect, device number 18
[  231.065646][ T5240] Bluetooth: hci5: link tx timeout
[  231.071471][ T5240] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  231.344754][ T8539] netlink: 'syz.0.1172': attribute type 10 has an invalid length.
[  231.354544][ T8539] 8021q: adding VLAN 0 to HW filter on device team0
[  231.384908][ T8539] bond0: (slave team0): Enslaving as an active interface with an up link
[  231.412332][ T8540] loop1: detected capacity change from 0 to 1024
[  231.436601][ T8543] netlink: 'syz.0.1172': attribute type 10 has an invalid length.
[  231.445471][ T8540] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  231.513971][ T8543] bond0: (slave team0): Releasing backup interface
[  231.800891][ T8540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.885043][ T5242] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.069751][ T8525] loop4: detected capacity change from 0 to 32768
[  232.197491][ T8525] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  232.478773][ T8525] XFS (loop4): Ending clean mount
[  232.580150][ T8525] XFS (loop4): Quotacheck needed: Please wait.
[  232.747419][ T8549] loop2: detected capacity change from 0 to 32768
[  232.773806][ T8525] XFS (loop4): Quotacheck: Done.
[  232.844302][ T8549] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  232.923773][ T8549] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  232.983215][ T5232] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  233.129849][ T5249] Bluetooth: hci5: command 0x0406 tx timeout
[  233.462897][ T8549] XFS (loop2): Ending clean mount
[  233.495237][ T8549] XFS (loop2): Quotacheck needed: Please wait.
[  233.571906][ T8549] XFS (loop2): Quotacheck: Done.
[  233.817862][ T5229] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  233.899150][ T8597] netlink: 'syz.1.1192': attribute type 9 has an invalid length.
[  233.909568][ T8586] loop0: detected capacity change from 0 to 32768
[  234.251492][ T8608] netlink: 'syz.1.1198': attribute type 1 has an invalid length.
[  234.297874][ T8608] netlink: 9344 bytes leftover after parsing attributes in process `syz.1.1198'.
[  234.363561][ T8608] netlink: 'syz.1.1198': attribute type 1 has an invalid length.
[  234.661891][ T8606] loop4: detected capacity change from 0 to 32768
[  234.804545][ T8606] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1196 (8606)
[  234.876569][ T8606] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.053576][ T8606] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  235.062295][ T8606] BTRFS info (device loop4): using free-space-tree
[  235.786142][ T5232] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  236.005134][ T8665] loop0: detected capacity change from 0 to 22
[  236.033900][ T8665] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  236.060256][ T8665] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  236.200739][ T8670] loop1: detected capacity change from 0 to 512
[  236.253917][ T8670] EXT4-fs: Ignoring removed i_version option
[  236.283211][ T8670] EXT4-fs: Ignoring removed nobh option
[  236.304278][ T8670] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  236.378752][ T8670] EXT4-fs (loop1): 1 truncate cleaned up
[  236.405109][ T8670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.656599][ T8680] loop0: detected capacity change from 0 to 136
[  236.673647][ T5286] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  236.674724][ T5242] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.853813][ T5283] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  236.864434][ T5286] usb 5-1: Using ep0 maxpacket: 16
[  236.886243][ T5286] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[  236.924901][ T5286] usb 5-1: config 0 has no interface number 0
[  236.966055][ T5286] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  236.995585][ T5286] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  237.013569][ T5286] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.029047][ T5286] usb 5-1: Product: syz
[  237.069623][ T5286] usb 5-1: Manufacturer: syz
[  237.083574][ T5283] usb 4-1: Using ep0 maxpacket: 32
[  237.085384][ T5286] usb 5-1: SerialNumber: syz
[  237.118969][ T5286] usb 5-1: config 0 descriptor??
[  237.119516][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  237.180532][ T5283] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  237.199638][ T8663] loop2: detected capacity change from 0 to 32768
[  237.206834][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  237.237134][ T5283] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  237.270966][ T5283] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  237.303579][ T5283] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  237.322105][ T8663] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  237.323127][ T5283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.372197][ T8695] loop1: detected capacity change from 0 to 256
[  237.386739][ T5283] usb 4-1: config 0 descriptor??
[  237.465719][ T8695] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  237.498608][ T8663] XFS (loop2): Ending clean mount
[  237.536153][ T8663] XFS (loop2): Quotacheck needed: Please wait.
[  237.594650][   T25] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  237.625038][ T8663] XFS (loop2): Quotacheck: Done.
[  237.654166][ T5283] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 17 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  237.765868][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.788039][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.807909][ T5286] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.214/input/input39
[  237.823807][   T25] usb 1-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  237.839792][ T5229] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  237.861885][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.927483][   T25] usb 1-1: config 0 descriptor??
[  238.024416][   T46] usb 5-1: USB disconnect, device number 15
[  238.254629][ T8706] program syz.2.1229 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.433856][   T25] zeroplus 0003:0C12:0030.0037: item fetching failed at offset 5/7
[  238.442372][   T25] zeroplus 0003:0C12:0030.0037: parse failed
[  238.460470][   T25] zeroplus 0003:0C12:0030.0037: probe with driver zeroplus failed with error -22
[  238.654574][    T9] usb 1-1: USB disconnect, device number 13
[  238.918550][ T8722] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1237'.
[  238.941906][ T8722] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1237'.
[  239.146906][ T8728] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1241'.
[  239.234527][ T8732] tipc: Started in network mode
[  239.270118][ T8732] tipc: Node identity , cluster identity 4711
[  239.284522][ T8732] tipc: Failed to set node id, please configure manually
[  239.333568][ T8732] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  239.636073][   T46] usb 4-1: USB disconnect, device number 17
[  239.691663][   T46] usblp0: removed
[  239.856618][ T8750] loop2: detected capacity change from 0 to 64
[  240.034253][ T8752] netlink: 'syz.3.1252': attribute type 1 has an invalid length.
[  240.059649][ T8752] netlink: 209848 bytes leftover after parsing attributes in process `syz.3.1252'.
[  240.547119][ T8743] loop0: detected capacity change from 0 to 32768
[  240.562373][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1257'.
[  240.633562][ T8743] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  240.962608][ T8746] loop1: detected capacity change from 0 to 32768
[  240.991632][ T8746] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1250 (8746)
[  241.039598][ T8746] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  241.270068][ T8746] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  241.316638][ T8787] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1266'.
[  241.351539][ T8743] XFS (loop0): Ending clean mount
[  241.371027][ T8787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1266'.
[  241.383521][ T8746] BTRFS info (device loop1): using free-space-tree
[  241.563786][   T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  241.620612][ T5230] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  241.804970][   T25] usb 5-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  241.819216][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.841135][   T25] usb 5-1: Product: syz
[  241.866687][   T25] usb 5-1: Manufacturer: syz
[  241.871496][   T25] usb 5-1: SerialNumber: syz
[  241.890491][   T25] usb 5-1: config 0 descriptor??
[  241.920961][   T25] gspca_main: sonixb-2.14.0 probing 0c45:6005
[  241.944094][ T5314] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  241.988349][ T5242] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  242.159087][ T5314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.194504][ T5314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.244264][ T5314] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  242.314296][ T5314] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  242.351845][ T5314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.390143][   T25] input: sonixb as /devices/platform/dummy_hcd.4/usb5/5-1/input/input40
[  242.391763][ T5314] usb 3-1: config 0 descriptor??
[  242.605701][ T5286] usb 5-1: USB disconnect, device number 16
[  242.856895][ T5314] plantronics 0003:047F:FFFF.0038: unbalanced delimiter at end of report description
[  242.907708][ T5314] plantronics 0003:047F:FFFF.0038: parse failed
[  242.935568][ T5314] plantronics 0003:047F:FFFF.0038: probe with driver plantronics failed with error -22
[  242.997055][ T8826] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.094195][ T5286] usb 3-1: USB disconnect, device number 19
[  243.890786][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1290'.
[  243.900113][ T8854] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1290'.
[  244.018008][ T8860] netlink: 'syz.3.1293': attribute type 10 has an invalid length.
[  244.059179][ T8862] [U] ^R
[  244.102347][ T8860] 8021q: adding VLAN 0 to HW filter on device team0
[  244.137697][ T8860] bond0: (slave team0): Enslaving as an active interface with an up link
[  244.152006][ T8863] netlink: 'syz.3.1293': attribute type 10 has an invalid length.
[  244.202762][ T8863] bond0: (slave team0): Releasing backup interface
[  244.227194][ T8863] bridge0: port 3(team0) entered blocking state
[  244.243973][ T8863] bridge0: port 3(team0) entered disabled state
[  244.255085][ T8863] team0: entered allmulticast mode
[  244.265920][ T8863] team_slave_0: entered allmulticast mode
[  244.278679][ T8863] team_slave_1: entered allmulticast mode
[  244.294036][ T8863] team0: entered promiscuous mode
[  244.304860][ T8863] team_slave_0: entered promiscuous mode
[  244.317655][ T8863] team_slave_1: entered promiscuous mode
[  244.543478][   T25] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  244.728437][   T25] usb 1-1: Using ep0 maxpacket: 16
[  244.786007][   T25] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  244.793334][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  244.852084][   T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  244.893609][   T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 255
[  244.924541][   T25] usb 1-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  244.954826][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.963007][   T25] usb 1-1: Product: syz
[  245.010049][   T25] usb 1-1: Manufacturer: syz
[  245.028530][ T8890] loop2: detected capacity change from 0 to 512
[  245.029156][   T25] usb 1-1: SerialNumber: syz
[  245.075647][   T25] usb 1-1: config 0 descriptor??
[  245.082109][ T8870] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  245.091378][ T8870] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  245.109787][ T8890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  245.133631][ T8890] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.163901][   T25] mcba_usb 1-1:0.0: Microchip CAN BUS Analyzer connected
[  245.171057][    C1] mcba_usb 1-1:0.0 can0: Tx URB aborted (-71)
[  245.171212][    C1] mcba_usb 1-1:0.0 can0: Tx URB aborted (-71)
[  245.280660][ T8899] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0
[  245.336531][ T8899] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  245.431878][ T8899] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.1306: Failed to acquire dquot type 0
[  245.471732][ T5286] usb 1-1: USB disconnect, device number 14
[  245.485834][ T5286] mcba_usb 1-1:0.0 can0: device disconnected
[  245.716140][ T8917] loop1: detected capacity change from 0 to 64
[  245.778570][ T5229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  246.401280][ T8940] loop0: detected capacity change from 0 to 512
[  246.429973][ T8940] EXT4-fs: Ignoring removed i_version option
[  246.449927][ T8940] EXT4-fs: Ignoring removed mblk_io_submit option
[  246.474310][ T8940] EXT4-fs: Ignoring removed orlov option
[  246.524019][ T8940] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  246.582278][ T8940] EXT4-fs (loop0): 1 orphan inode deleted
[  246.597710][ T8940] EXT4-fs (loop0): 1 truncate cleaned up
[  246.608169][ T8940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.753621][ T8943] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  246.868311][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.355736][ T8965] loop2: detected capacity change from 0 to 64
[  247.522712][ T8966] overlayfs: upper fs does not support tmpfile.
[  247.845681][ T8934] loop1: detected capacity change from 0 to 40427
[  247.888818][ T8934] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  247.901091][ T8934] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  247.942760][ T8934] F2FS-fs (loop1): invalid crc value
[  247.957286][ T8934] F2FS-fs (loop1): Found nat_bits in checkpoint
[  248.053538][ T5283] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  248.079899][ T8934] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  248.092942][ T8934] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  248.209210][ T5283] usb 1-1: Using ep0 maxpacket: 8
[  248.245360][ T5283] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=7d.78
[  248.279540][ T5283] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.291107][ T5283] usb 1-1: Product: syz
[  248.303622][ T5283] usb 1-1: Manufacturer: syz
[  248.309732][ T5283] usb 1-1: SerialNumber: syz
[  248.344505][ T5283] usb 1-1: config 0 descriptor??
[  248.364519][ T5283] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  248.374656][ T5283] dvb-usb: bulk message failed: -22 (2/0)
[  248.380935][ T5283] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  248.398021][ T5283] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  248.408708][ T5283] usb 1-1: media controller created
[  248.431679][ T5283] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  248.610491][ T5283] dvb-usb: bulk message failed: -22 (1/0)
[  248.616766][ T5283] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  248.632959][ T5283] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input41
[  248.647806][ T5283] dvb-usb: schedule remote query interval to 50 msecs.
[  248.655255][ T5283] dvb-usb: bulk message failed: -22 (2/0)
[  248.661057][ T5283] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  248.717083][   T25] dvb-usb: bulk message failed: -22 (1/0)
[  248.723214][   T25] dvb-usb: error while querying for an remote control event.
[  248.756271][ T5283] usb 1-1: USB disconnect, device number 15
[  248.840436][ T5283] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  249.550534][ T8994] loop2: detected capacity change from 0 to 32768
[  249.584139][ T8994] jfs_readdir called with invalid offset!
[  250.301749][ T9014] loop2: detected capacity change from 0 to 128
[  250.407964][ T5240] Bluetooth: hci5: command 0x0406 tx timeout
[  250.570657][ T9011] loop1: detected capacity change from 0 to 32768
[  250.594110][ T9011] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1346 (9011)
[  250.663670][ T9011] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  250.675239][ T9020] loop0: detected capacity change from 0 to 512
[  250.699424][ T9011] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  250.742874][ T9011] BTRFS info (device loop1): using free-space-tree
[  250.968023][ T9011] BTRFS info (device loop1): rebuilding free space tree
[  251.059473][ T9039] loop2: detected capacity change from 0 to 4096
[  251.086537][ T9039] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  251.420279][ T9046] loop0: detected capacity change from 0 to 2048
[  251.517303][ T9046] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.535999][ T5242] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  251.582772][ T9039] ntfs3: loop2: ino=1b, "file0" failed to parse mft record
[  251.600309][ T9039] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  251.640488][ T9039] ntfs3: loop2: ino=1b, "file0" attr_set_size
[  251.957393][ T5283] IPVS: starting estimator thread 0...
[  252.083666][ T9055] IPVS: using max 18 ests per chain, 43200 per kthread
[  252.316940][ T9064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1359'.
[  252.355290][ T9064] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1359'.
[  252.433633][ T5283] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  252.603647][ T5283] usb 1-1: Using ep0 maxpacket: 32
[  252.613422][ T5283] usb 1-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  252.633647][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.660761][ T5283] usb 1-1: config 0 descriptor??
[  252.694460][ T5283] gspca_main: sunplus-2.14.0 probing 0458:7006
[  253.019283][ T9079] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1366'.
[  253.273737][ T9085] vlan2: entered promiscuous mode
[  253.291949][ T9085] vlan2: entered allmulticast mode
[  253.315244][ T9085] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  253.322858][ T9085] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  253.351291][ T9085] team0: Port device vlan2 added
[  253.494287][ T5283] gspca_sunplus: reg_w_riv err -71
[  253.499695][ T5283] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  253.537109][ T5283] usb 1-1: USB disconnect, device number 16
[  253.545408][ T9091] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  254.383477][ T5285] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  254.593672][ T5285] usb 2-1: config 1 has an invalid interface number: 3 but max is 1
[  254.601977][ T5285] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  254.621931][ T5285] usb 2-1: config 1 has 3 interfaces, different from the descriptor's value: 2
[  254.644310][ T9116] syz.2.1384 uses obsolete (PF_INET,SOCK_PACKET)
[  254.652091][ T5285] usb 2-1: config 1 has no interface number 2
[  254.666337][ T5285] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.687712][ T5285] usb 2-1: config 1 interface 3 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  254.711069][ T5285] usb 2-1: config 1 interface 3 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.751517][ T5285] usb 2-1: config 1 interface 3 has no altsetting 0
[  254.772313][ T5285] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  254.784727][ T5285] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.801160][ T5285] usb 2-1: Product: syz
[  254.831064][ T5285] usb 2-1: Manufacturer: syz
[  254.846575][ T5285] usb 2-1: SerialNumber: syz
[  254.866489][ T5285] usb 2-1: selecting invalid altsetting 1
[  255.280471][ T5285] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[  255.287804][ T5285] cdc_ncm 2-1:1.0: bind() failure
[  255.299798][ T5285] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  255.307381][    C0] hrtimer: interrupt took 746452 ns
[  255.326613][ T5285] cdc_ncm 2-1:1.1: bind() failure
[  255.624428][ T5333] usb 2-1: USB disconnect, device number 16
[  255.764277][ T9132] can0: slcan on ptm0.
[  256.005614][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  256.032435][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  256.254031][ T9141] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1395'.
[  256.460011][ T9145] loop1: detected capacity change from 0 to 1024
[  256.618786][ T9149] loop2: detected capacity change from 0 to 16
[  256.647627][ T9145] syz.1.1396: attempt to access beyond end of device
[  256.647627][ T9145] loop1: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  256.726538][ T9149] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  256.823484][ T9133] loop0: detected capacity change from 0 to 32768
[  256.833544][ T9145] Buffer I/O error on dev loop1, logical block 100663296, async page read
[  256.848752][ T9145] syz.1.1396: attempt to access beyond end of device
[  256.848752][ T9145] loop1: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  256.863188][ T9145] Buffer I/O error on dev loop1, logical block 100663296, async page read
[  257.001070][ T9133] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  257.036830][ T5249] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  257.070782][ T5249] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  257.093644][ T5249] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  257.119145][ T5249] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  257.131133][ T5249] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  257.141514][ T5249] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  257.508860][ T9133] XFS (loop0): Ending clean mount
[  257.517613][ T9133] XFS (loop0): Quotacheck needed: Please wait.
[  257.826305][ T9162] chnl_net:caif_netlink_parms(): no params data found
[  257.876508][ T9133] XFS (loop0): Quotacheck: Done.
[  258.003229][ T9189] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  258.094335][   T46] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  258.213708][ T9192] loop1: detected capacity change from 0 to 2048
[  258.254477][ T9132] can0 (unregistered): slcan off ptm0.
[  258.265471][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.294419][ T9192] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  258.311486][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.324626][   T46] usb 3-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[  258.333814][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.366235][   T46] usb 3-1: config 0 descriptor??
[  258.430003][ T9162] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.438155][ T9162] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.445726][ T9162] bridge_slave_0: entered allmulticast mode
[  258.454651][ T9162] bridge_slave_0: entered promiscuous mode
[  258.463416][ T9162] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.470628][ T9162] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.478361][ T9162] bridge_slave_1: entered allmulticast mode
[  258.486164][ T9162] bridge_slave_1: entered promiscuous mode
[  258.544520][ T9162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.578180][ T9162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.672366][ T5230] XFS (loop0): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  258.682029][ T9192] syz.1.1405: attempt to access beyond end of device
[  258.682029][ T9192] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  258.697179][ T9196] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  258.779414][ T9192] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  258.814904][   T46] apple 0003:05AC:0262.0039: unbalanced delimiter at end of report description
[  258.829416][   T46] apple 0003:05AC:0262.0039: parse failed
[  258.840156][   T46] apple 0003:05AC:0262.0039: probe with driver apple failed with error -22
[  258.879249][ T9192] Remounting filesystem read-only
[  258.921942][ T9192] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=72057594037927938, rec_len=0, name_len=0
[  259.030958][ T9162] team0: Port device team_slave_0 added
[  259.068907][   T46] usb 3-1: USB disconnect, device number 20
[  259.070407][ T9162] team0: Port device team_slave_1 added
[  259.204267][ T5249] Bluetooth: hci6: command tx timeout
[  259.420237][ T9162] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.443799][ T9162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.541803][ T9162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.581883][ T9162] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.590933][ T9206] loop1: detected capacity change from 0 to 4096
[  259.620263][ T9162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.744262][ T9162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.744383][ T9206] ntfs3: loop1: ino=3, Correct links count -> 2.
[  259.860507][ T9214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1408'.
[  260.008562][ T9218] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  260.008562][ T9218] The task syz.2.1409 (9218) triggered the difference, watch for misbehavior.
[  260.081315][ T9220] program syz.0.1410 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.115605][ T9162] hsr_slave_0: entered promiscuous mode
[  260.126868][ T9162] hsr_slave_1: entered promiscuous mode
[  260.168993][ T9162] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  260.190104][ T9162] Cannot create hsr debugfs directory
[  260.628604][ T9162] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.671596][ T9227] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1414'.
[  261.184417][ T9239] loop1: detected capacity change from 0 to 512
[  261.196609][ T9162] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.224613][ T9239] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.237466][ T9239] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.284048][ T5249] Bluetooth: hci6: command tx timeout
[  261.433077][ T9239] EXT4-fs: Ignoring removed nobh option
[  261.453556][ T9239] EXT4-fs: Cannot change journaled quota options when quota turned on
[  261.601628][ T9162] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.696285][ T5242] EXT4-fs error (device loop1): ext4_readdir:261: inode #12: block 32: comm syz-executor: path /289/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  261.737188][ T9250] loop2: detected capacity change from 0 to 128
[  261.938415][ T9162] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.046022][ T9255] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1427'.
[  262.257877][ T9258] loop2: detected capacity change from 0 to 1024
[  262.289479][ T9258] EXT4-fs: Ignoring removed nomblk_io_submit option
[  262.395407][ T9258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.493324][ T9261] loop0: detected capacity change from 0 to 4096
[  262.502708][ T9258] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1428: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  262.533453][ T9261] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  262.551987][ T9261] ntfs3: loop0: It is recommened to use chkdsk.
[  262.594313][ T9258] EXT4-fs (loop2): Remounting filesystem read-only
[  262.639654][ T9162] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  262.695303][ T9261] ntfs3: loop0: failed to convert "076c" to cp737
[  262.708065][ T9162] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  262.737052][ T5229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.766581][ T9162] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  262.888403][ T9162] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  263.357522][ T9162] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.383830][ T5249] Bluetooth: hci6: command tx timeout
[  263.569252][ T9162] 8021q: adding VLAN 0 to HW filter on device team0
[  263.723391][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.730733][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.822795][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.830008][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.924551][ T9291] loop2: detected capacity change from 0 to 2048
[  265.041870][ T9291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.055092][ T9162] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.073003][ T9291] ext4 filesystem being mounted at /278/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.223555][   T29] audit: type=1800 audit(1727331344.772:23): pid=9291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1441" name="file0" dev="loop2" ino=13 res=0 errno=0
[  265.396552][ T5229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.443697][ T5249] Bluetooth: hci6: command tx timeout
[  266.259428][ T9162] veth0_vlan: entered promiscuous mode
[  266.341879][ T9162] veth1_vlan: entered promiscuous mode
[  266.521162][ T9162] veth0_macvtap: entered promiscuous mode
[  266.546329][ T9288] loop0: detected capacity change from 0 to 32768
[  266.644490][ T9162] veth1_macvtap: entered promiscuous mode
[  266.711608][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.088781][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.469490][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.480269][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.490192][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.500745][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.510695][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.521267][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.531547][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.542124][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.552157][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.562670][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.575558][ T9162] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.587330][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.600515][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.610655][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.621166][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.631065][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.641568][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.651595][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.662109][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.672677][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.683796][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.694233][ T9162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.704948][ T9162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.716259][ T9162] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.726632][ T9162] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.735479][ T9162] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.744432][ T9162] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.753185][ T9162] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.311888][ T9288] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,compression=zstd,norecovery,recovery_pass_last=check_dirents,nojournal_transaction_names,version_upgrade=none
[  268.402959][ T2991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.453502][ T2991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.479415][ T9288] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[  268.646220][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.694566][ T9288] invalid bkey u64s 11 type alloc_v4 0:14:0 len 0 ver 0: 
[  268.694636][ T9288]   gen 0 oldest_gen 0 data_type journal
[  268.694652][ T9288]   journal_seq       1
[  268.694665][ T9288]   need_discard      1
[  268.694677][ T9288]   need_inc_gen      1
[  268.694690][ T9288]   dirty_sectors     256
[  268.694702][ T9288]   stripe_sectors    0
[  268.694715][ T9288]   cached_sectors    0
[  268.694727][ T9288]   stripe            67108864
[  268.694739][ T9288]   stripe_redundancy 0
[  268.694752][ T9288]   io_time[READ]     1
[  268.694764][ T9288]   io_time[WRITE]    1
[  268.694778][ T9288]   fragmentation     0
[  268.694791][ T9288]   bp_start          8
[  268.694803][ T9288] 
[  268.694815][ T9288]   invalid data type (got 2 should be 7): delete?, fixing
[  268.719881][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.235397][ T9288] bcachefs (loop0): accounting_read... done
[  269.264837][ T9288] bcachefs (loop0): alloc_read... done
[  269.270454][ T9288] bcachefs (loop0): stripes_read... done
[  269.353736][ T9288] bcachefs (loop0): snapshots_read... done
[  269.388624][ T9288] bcachefs (loop0): going read-write
[  269.513556][ T9288] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[  269.662838][ T9288] bcachefs (loop0): bch2_copygc_start(): error creating copygc thread EINTR
[  269.694753][ T9288] bcachefs (loop0): error starting copygc thread
[  269.701155][ T9288] bcachefs (loop0): bch2_fs_start(): error starting filesystem EINTR
[  269.760511][ T9288] bcachefs (loop0): shutting down
[  269.800960][ T9288] bcachefs (loop0): going read-only
[  269.835347][ T9288] bcachefs (loop0): finished waiting for writes to stop
[  269.884470][ T9288] bcachefs (loop0): flushing journal and stopping allocators, journal seq 8
[  269.953984][ T9288] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 8
[  270.006216][ T9288] bcachefs (loop0): unshutdown complete, journal seq 9
[  270.169061][ T9288] bcachefs (loop0): done going read-only, filesystem not clean
[  270.285936][ T9288] bcachefs (loop0): shutdown complete
[  271.241946][   T29] audit: type=1326 audit(1727331350.812:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9348 comm="syz.2.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  271.404434][   T29] audit: type=1326 audit(1727331350.862:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9348 comm="syz.2.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  271.541929][   T29] audit: type=1326 audit(1727331350.862:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9348 comm="syz.2.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  271.640838][   T29] audit: type=1326 audit(1727331350.862:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9348 comm="syz.2.1458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7ffc0000
[  272.366358][ T5249] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  272.377091][   T29] audit: type=1326 audit(1727331351.942:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9353 comm="syz.2.1460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80717df39 code=0x7fc00000
[  272.408484][ T5249] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  272.419762][ T5249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  272.429642][ T9367] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  272.451728][ T5249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  272.460093][ T5249] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  272.468055][ T5249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  272.632749][ T5242] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.036972][ T2991] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.279809][ T9382] netlink: 'syz.2.1471': attribute type 15 has an invalid length.
[  273.675836][ T2991] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.730060][ T9396] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  273.749504][ T9393] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  274.068047][ T2991] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.160285][ T9365] chnl_net:caif_netlink_parms(): no params data found
[  274.268168][ T9288] bcachefs: bch2_fs_get_tree() error: EINTR
[  274.287245][ T2991] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.563851][ T5240] Bluetooth: hci4: command tx timeout
[  275.508103][ T9365] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.515437][ T9365] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.522709][ T9365] bridge_slave_0: entered allmulticast mode
[  275.544784][ T9365] bridge_slave_0: entered promiscuous mode
[  275.553137][ T9365] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.575841][ T9365] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.583207][ T9365] bridge_slave_1: entered allmulticast mode
[  275.634669][ T9365] bridge_slave_1: entered promiscuous mode
[  275.897532][ T2991] team0: left allmulticast mode
[  275.903057][ T2991] team_slave_0: left allmulticast mode
[  275.909237][ T2991] team_slave_1: left allmulticast mode
[  275.939449][ T2991] team0: left promiscuous mode
[  275.969162][ T2991] team_slave_0: left promiscuous mode
[  275.992075][ T2991] team_slave_1: left promiscuous mode
[  276.015056][ T2991] bridge0: port 3(team0) entered disabled state
[  276.090828][ T2991] bridge_slave_1: left allmulticast mode
[  276.112532][ T2991] bridge_slave_1: left promiscuous mode
[  276.137495][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.180554][ T2991] bridge_slave_0: left allmulticast mode
[  276.189094][ T2991] bridge_slave_0: left promiscuous mode
[  276.209717][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.644519][ T5240] Bluetooth: hci4: command tx timeout
[  277.329382][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.361822][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.396577][ T2991] bond0 (unregistering): Released all slaves
[  277.906331][ T9365] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.945315][ T9365] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.347768][ T9443] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1492'.
[  278.596794][ T9365] team0: Port device team_slave_0 added
[  278.724629][ T5240] Bluetooth: hci4: command tx timeout
[  278.985091][ T9365] team0: Port device team_slave_1 added
[  279.053263][ T9461] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1498'.
[  279.073842][ T9461] tipc: Started in network mode
[  279.078920][ T9461] tipc: Node identity cgroup.pn, cluster identity 8
[  279.530937][ T9469] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1501'.
[  279.695536][ T9365] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.702643][ T9365] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.829287][ T9365] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.886302][ T9365] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.914357][ T9365] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.966767][ T9365] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.227472][ T9475] loop0: detected capacity change from 0 to 32768
[  280.292856][ T2991] hsr_slave_0: left promiscuous mode
[  280.445353][ T2991] hsr_slave_1: left promiscuous mode
[  280.464061][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.478116][ T9475] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  280.511505][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.511621][ T9499] loop2: detected capacity change from 0 to 16
[  280.527875][ T9499] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  280.609798][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.618703][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.800706][ T9503] loop4: detected capacity change from 0 to 256
[  280.809765][ T2991] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  280.813671][ T5240] Bluetooth: hci4: command tx timeout
[  280.818337][ T2991] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[  280.921708][ T2991] veth1_macvtap: left promiscuous mode
[  280.937562][ T9503] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  280.961163][ T2991] veth0_macvtap: left promiscuous mode
[  280.990157][ T2991] veth1_vlan: left promiscuous mode
[  280.997315][ T2991] veth0_vlan: left promiscuous mode
[  281.132930][ T9475] XFS (loop0): Ending clean mount
[  281.181027][ T9475] XFS (loop0): Quotacheck needed: Please wait.
[  281.332870][ T9475] XFS (loop0): Quotacheck: Done.
[  281.480381][ T9475] XFS (loop0): User initiated shutdown received.
[  281.516158][ T9475] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:457).  Shutting down filesystem.
[  281.520482][ T9515] loop2: detected capacity change from 0 to 128
[  281.592110][ T9475] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  281.730878][ T5230] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  281.775839][ T2991] team0 (unregistering): Port device vlan2 removed
[  282.276320][ T9524] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  282.644649][ T9529] loop0: detected capacity change from 0 to 1024
[  282.677009][ T9529] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  282.742197][ T9529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.865493][ T5230] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.904528][ T9531] loop4: detected capacity change from 0 to 32768
[  283.917196][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  283.938857][ T9531] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1526 (9531)
[  284.010972][ T9531] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  284.064139][ T9531] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  284.103541][ T9531] BTRFS info (device loop4): disk space caching is enabled
[  284.135358][ T9531] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  284.172840][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  284.471172][ T9531] BTRFS info (device loop4): rebuilding free space tree
[  284.503217][ T9531] BTRFS info (device loop4): disabling free space tree
[  284.522137][ T9531] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  284.544708][ T9531] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  284.935255][ T9531] BTRFS info (device loop4): balance: start -susage=7,stripes=0..262144
[  285.022336][ T9531] BTRFS info (device loop4): relocating block group 1048576 flags system
[  285.273039][ T9531] BTRFS info (device loop4): balance: ended with status: 0
[  285.340012][ T9162] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  286.137125][ T9520] tipc: Started in network mode
[  286.142616][ T9520] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711
[  286.168174][ T9520] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  286.187814][ T9535] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1527'.
[  286.254359][ T9535] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1527'.
[  286.572273][ T9365] hsr_slave_0: entered promiscuous mode
[  286.615196][ T9365] hsr_slave_1: entered promiscuous mode
[  286.726658][ T9365] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.767374][ T9365] Cannot create hsr debugfs directory
[  287.009644][ T9571] hsr0: entered promiscuous mode
[  287.039551][ T9571] hsr0: left promiscuous mode
[  288.011166][ T9598] loop4: detected capacity change from 0 to 512
[  288.078212][ T9598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.172687][   T46] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  288.190931][ T9598] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  288.401521][   T46] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  288.417481][ T9162] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.439114][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.463485][   T46] usb 1-1: Product: syz
[  288.483536][   T46] usb 1-1: Manufacturer: syz
[  288.489033][   T46] usb 1-1: SerialNumber: syz
[  288.556944][   T46] usb 1-1: config 0 descriptor??
[  288.824719][   T46] cx82310_eth 1-1:0.0: probe with driver cx82310_eth failed with error -22
[  289.022411][ T9607] loop4: detected capacity change from 0 to 1024
[  289.229515][ T9607] syz.4.1544: attempt to access beyond end of device
[  289.229515][ T9607] loop4: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  289.274857][   T46] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19!
[  289.297647][ T9607] Buffer I/O error on dev loop4, logical block 2889, async page read
[  289.323875][ T9587] loop2: detected capacity change from 0 to 32768
[  289.338881][ T9365] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  289.390978][ T9365] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  289.461470][ T9365] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  289.468510][   T29] audit: type=1800 audit(1727331368.982:29): pid=9607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1544" name="file1" dev="loop4" ino=20 res=0 errno=0
[  289.514153][ T5283] usb 1-1: USB disconnect, device number 17
[  289.591165][ T9365] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  289.901945][ T9365] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.022728][ T9365] 8021q: adding VLAN 0 to HW filter on device team0
[  290.084198][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.092009][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.228037][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.236053][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.350380][ T9562] syz.3.1529 (9562) used greatest stack depth: 17040 bytes left
[  290.460367][ T9365] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  290.517074][ T9632] loop4: detected capacity change from 0 to 64
[  290.533824][ T9365] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  291.302673][ T9365] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.623815][ T9365] veth0_vlan: entered promiscuous mode
[  291.660910][ T9365] veth1_vlan: entered promiscuous mode
[  291.796090][ T9365] veth0_macvtap: entered promiscuous mode
[  291.869224][ T9365] veth1_macvtap: entered promiscuous mode
[  291.975715][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.031044][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.081049][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.139554][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.193023][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.246093][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.293484][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.360744][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.412483][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.470180][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.511217][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.530088][ T9631] loop2: detected capacity change from 0 to 40427
[  292.561523][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.626177][ T9365] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.693897][ T9631] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  292.702489][ T9631] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  292.745868][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.785669][ T9631] F2FS-fs (loop2): invalid crc value
[  292.809545][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.856652][ T9631] F2FS-fs (loop2): Found nat_bits in checkpoint
[  292.863391][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.863422][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.863439][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.863463][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.863478][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.863495][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.863522][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.863539][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.863559][ T9365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.863576][ T9365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.865008][ T9365] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.883283][ T9365] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.062678][ T9647] loop4: detected capacity change from 0 to 32768
[  293.145009][ T9365] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.162843][ T9365] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.172429][ T9647] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  293.184315][ T9365] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.198947][ T9631] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  293.275131][ T9631] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  293.457731][ T9647] XFS (loop4): Ending clean mount
[  293.470861][ T9647] XFS (loop4): Quotacheck needed: Please wait.
[  293.548248][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.557136][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.638703][ T9647] XFS (loop4): Quotacheck: Done.
[  293.691088][ T5229] syz-executor: attempt to access beyond end of device
[  293.691088][ T5229] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  293.768473][ T5229] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  293.804886][ T5229] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  293.820392][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.886462][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.105375][ T5285] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  294.316244][ T5285] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  294.323778][ T9162] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  294.375178][ T5285] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.453639][ T5285] usb 4-1: Product: syz
[  294.458490][ T5285] usb 4-1: Manufacturer: syz
[  294.608468][ T5285] usb 4-1: SerialNumber: syz
[  294.675011][ T5285] usb 4-1: config 0 descriptor??
[  295.199351][ T5285] usb 4-1: USB disconnect, device number 18
[  295.294891][ T5286] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  295.455918][ T5286] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  295.468706][ T5286] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  295.513586][ T5286] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  295.573571][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.606103][ T9731] loop4: detected capacity change from 0 to 1024
[  295.609425][ T9727] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  295.673700][ T5286] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  295.724668][ T9733] netlink: 'syz.0.1566': attribute type 1 has an invalid length.
[  295.788658][ T9735] loop2: detected capacity change from 0 to 128
[  295.797694][ T9735] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  295.875357][ T9735] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  296.105728][ T5283] usb 2-1: USB disconnect, device number 17
[  296.193492][ T2952] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  296.666058][ T9751] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  296.675072][ T9751] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  297.241251][ T9760] loop1: detected capacity change from 0 to 8
[  297.302997][ T9760] SQUASHFS error: lzo decompression failed, data probably corrupt
[  297.362753][ T9760] SQUASHFS error: Failed to read block 0x144: -5
[  297.403259][ T9760] SQUASHFS error: Unable to read metadata cache entry [142]
[  297.432752][ T9760] SQUASHFS error: Unable to read directory block [142:26]
[  297.952996][ T9753] loop2: detected capacity change from 0 to 32768
[  298.033608][ T9753] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1573 (9753)
[  298.098685][ T9753] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  298.125445][ T5283] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  298.145250][ T9753] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  298.164429][ T9753] BTRFS info (device loop2): using free-space-tree
[  298.304995][ T5283] usb 5-1: Using ep0 maxpacket: 32
[  298.335978][ T5283] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  298.365248][ T9753] BTRFS info (device loop2): rebuilding free space tree
[  298.392716][ T5283] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  298.461318][ T5283] usb 5-1: string descriptor 0 read error: -71
[  298.523490][ T5283] usb 5-1: New USB device found, idVendor=05ac, idProduct=0214, bcdDevice= 0.40
[  298.561762][ T5283] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.597304][ T5283] usb 5-1: rejected 1 configuration due to insufficient available bus power
[  298.648015][ T5283] usb 5-1: no configuration chosen from 1 choice
[  298.700259][ T5283] usb 5-1: USB disconnect, device number 17
[  298.816530][ T5229] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  300.644857][   T25] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  300.803549][   T25] usb 2-1: Using ep0 maxpacket: 16
[  301.013808][   T25] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  301.023482][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.031541][   T25] usb 2-1: Product: syz
[  301.036030][   T25] usb 2-1: Manufacturer: syz
[  301.040673][   T25] usb 2-1: SerialNumber: syz
[  301.195585][   T25] r8152-cfgselector 2-1: Unknown version 0x0000
[  301.202100][   T25] r8152-cfgselector 2-1: config 0 descriptor??
[  301.568912][   T25] r8152-cfgselector 2-1: Needed 2 retries to read version
[  301.612526][   T25] r8152-cfgselector 2-1: Unknown version 0x0000
[  301.645786][   T25] r8152-cfgselector 2-1: bad CDC descriptors
[  301.904229][   T25] r8152-cfgselector 2-1: USB disconnect, device number 18
[  302.906309][ T9823] loop2: detected capacity change from 0 to 40427
[  302.918039][ T9823] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  302.926748][ T9823] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  302.940981][ T9823] F2FS-fs (loop2): invalid crc value
[  302.979275][ T9823] F2FS-fs (loop2): Found nat_bits in checkpoint
[  303.187546][ T9823] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  303.195711][ T9823] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  303.345706][   T29] audit: type=1326 audit(1727331382.922:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.0.1613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204e17df39 code=0x7ffc0000
[  303.443707][   T29] audit: type=1326 audit(1727331382.922:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.0.1613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204e17df39 code=0x7ffc0000
[  303.485614][ T5229] syz-executor: attempt to access beyond end of device
[  303.485614][ T5229] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  303.548510][   T29] audit: type=1326 audit(1727331382.942:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.0.1613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f204e17df39 code=0x7ffc0000
[  303.573742][ T5229] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  303.652046][ T9869] loop1: detected capacity change from 0 to 16
[  303.715129][   T29] audit: type=1326 audit(1727331382.942:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.0.1613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204e17df39 code=0x7ffc0000
[  303.715612][ T9869] erofs: (device loop1): mounted with root inode @ nid 36.
[  303.862082][   T29] audit: type=1326 audit(1727331382.942:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.0.1613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204e17df39 code=0x7ffc0000
[  303.907237][ T9872] loop4: detected capacity change from 0 to 1024
[  304.053661][ T9872] hfsplus: bad catalog entry type
[  304.134378][   T12] hfsplus: b-tree write err: -5, ino 4
[  304.438907][ T9878] loop4: detected capacity change from 0 to 2048
[  304.549636][ T9878] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.592271][ T9881] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1622'.
[  304.745629][ T9878] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  305.003625][ T9878] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  305.056254][ T9878] EXT4-fs (loop4): This should not happen!! Data will be lost
[  305.056254][ T9878] 
[  305.083982][ T9878] EXT4-fs (loop4): Total free blocks count 0
[  305.103793][ T9878] EXT4-fs (loop4): Free/Dirty block details
[  305.143536][ T9878] EXT4-fs (loop4): free_blocks=2415919104
[  305.154678][ T5286] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  305.181190][ T9878] EXT4-fs (loop4): dirty_blocks=48
[  305.208777][ T9894] overlayfs: overlapping lowerdir path
[  305.223615][ T9878] EXT4-fs (loop4): Block reservation details
[  305.229779][ T9878] EXT4-fs (loop4): i_reserved_data_blocks=3
[  305.294756][ T9888] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 12 with error 28
[  305.327732][ T5286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.351068][ T5286] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.423313][ T5286] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  305.523311][ T5286] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.556021][ T5286] usb 1-1: config 0 descriptor??
[  305.855681][ T9901] loop4: detected capacity change from 0 to 1024
[  306.214204][ T5286] hid-led 0003:27B8:01ED.003A: probe with driver hid-led failed with error -71
[  306.227833][ T5286] usb 1-1: USB disconnect, device number 18
[  306.260130][ T9904] loop4: detected capacity change from 0 to 2048
[  306.314602][ T9904] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.414918][ T9904] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.611485][ T9162] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.171482][ T9926] loop4: detected capacity change from 0 to 128
[  307.275739][ T9926] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  307.347386][ T9926] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  307.427536][ T9926] fscrypt (loop4, inode 12): Unsupported encryption flags (0x23)
[  307.556441][ T9162] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  307.995960][   T46] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  308.213493][   T46] usb 2-1: Using ep0 maxpacket: 16
[  308.295873][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.343457][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.383796][   T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  308.437082][   T46] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  308.466830][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.498752][ T9928] loop0: detected capacity change from 0 to 32768
[  308.508638][   T46] usb 2-1: config 0 descriptor??
[  308.619011][ T9795] coredump: 22(syz.1.1586): written to core: VMAs: 34, size 82735104; core: 62108614 bytes, pos 82743296
[  308.642409][ T9928] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  308.867983][ T9928] XFS (loop0): Ending clean mount
[  309.079632][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.109626][ T5230] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  309.123736][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.152181][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.173439][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.201460][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.217040][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.224500][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.231817][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.239307][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.247857][   T46] microsoft 0003:045E:07DA.003B: unknown main item tag 0x0
[  309.258736][   T46] microsoft 0003:045E:07DA.003B: No inputs registered, leaving
[  309.314471][   T46] microsoft 0003:045E:07DA.003B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  309.326914][   T46] microsoft 0003:045E:07DA.003B: no inputs found
[  309.333308][   T46] microsoft 0003:045E:07DA.003B: could not initialize ff, continuing anyway
[  309.500028][ T9937] loop4: detected capacity change from 0 to 40427
[  309.508233][   T46] usb 2-1: USB disconnect, device number 19
[  309.543657][ T9937] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x1fffff
[  309.633537][ T9937] F2FS-fs (loop4): Image doesn't support compression
[  309.640354][ T9937] F2FS-fs (loop4): Image doesn't support compression
[  309.673378][ T9937] F2FS-fs (loop4): invalid crc value
[  309.716471][ T9937] F2FS-fs (loop4): Found nat_bits in checkpoint
[  309.938598][ T9949] loop0: detected capacity change from 0 to 2048
[  309.954385][ T9937] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  310.008719][ T9949]  loop0: p1 p2 p3
[  310.032782][ T9949] loop0: p3 size 2164260864 extends beyond EOD, truncated
[  310.037798][ T9937] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0
[  310.083721][ T4687]  loop0: p1 p2 p3
[  310.095076][ T4687] loop0: p3 size 2164260864 extends beyond EOD, truncated
[  310.123754][ T9937] F2FS-fs (loop4): invalid blkaddr: 5643, type: 7, run fsck to fix.
[  310.133137][ T9937] syz.4.1643: attempt to access beyond end of device
[  310.133137][ T9937] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  310.573833][ T9162] syz-executor: attempt to access beyond end of device
[  310.573833][ T9162] loop4: rw=2049, sector=45224, nr_sectors = 8 limit=40427
[  310.665807][ T5838] udevd[5838]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  310.681258][ T5238] udevd[5238]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  310.717309][ T5233] udevd[5233]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  310.729897][ T9162] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  310.948650][ T5233] udevd[5233]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  311.896523][ T9981] Driver unsupported XDP return value 0 on prog  (id 104) dev N/A, expect packet loss!
[  312.453743][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  312.573705][ T9996] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1665'.
[  312.635679][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.666070][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.693611][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  312.707244][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.732849][    T9] usb 1-1: config 0 descriptor??
[  313.170901][    T9] logitech-djreceiver 0003:046D:C534.003C: unknown main item tag 0x7
[  313.386267][   T46] usb 1-1: USB disconnect, device number 19
[  313.932757][T10008] loop1: detected capacity change from 0 to 32768
[  313.977651][T10008] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1669 (10008)
[  314.085862][T10008] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  314.137400][T10008] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  314.164802][T10008] BTRFS info (device loop1): using free-space-tree
[  314.687950][ T9365] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  316.790205][   T29] audit: type=1326 audit(1727331396.362:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  317.096692][   T29] audit: type=1326 audit(1727331396.472:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  317.356685][   T29] audit: type=1326 audit(1727331396.472:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  317.474356][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  317.498237][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  317.547310][T10067] loop4: detected capacity change from 0 to 2048
[  317.623650][   T29] audit: type=1326 audit(1727331396.472:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  317.843550][T10072] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  317.873173][ T5249] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  317.933595][ T5249] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  317.945640][ T5249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  317.958411][ T5249] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  317.972436][ T5249] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  317.985840][ T5249] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  318.131512][   T29] audit: type=1326 audit(1727331396.542:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  318.483614][   T29] audit: type=1326 audit(1727331396.542:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10064 comm="syz.3.1688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2945b7df39 code=0x7ffc0000
[  318.722130][   T29] audit: type=1800 audit(1727331397.782:41): pid=10067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1690" name="file1" dev="loop4" ino=15 res=0 errno=0
[  318.805268][T10078] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1694'.
[  318.833935][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  319.273735][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.447353][    T9] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  319.583142][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.637195][T10082] loop0: detected capacity change from 0 to 128
[  319.720251][    T9] usb 4-1: config 0 descriptor??
[  320.083827][ T5249] Bluetooth: hci3: command tx timeout
[  320.437381][    T9] keytouch 0003:0926:3333.003D: fixing up Keytouch IEC report descriptor
[  320.618446][    T9] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.003D/input/input43
[  320.646129][ T5286] kernel read not supported for file /dsp (pid: 5286 comm: kworker/0:5)
[  320.982764][T10070] chnl_net:caif_netlink_parms(): no params data found
[  321.504599][    T9] keytouch 0003:0926:3333.003D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  321.759849][    T9] usb 4-1: USB disconnect, device number 19
[  322.164414][ T5249] Bluetooth: hci3: command tx timeout
[  322.676017][T10101] loop1: detected capacity change from 0 to 1024
[  322.783754][T10070] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.856894][T10070] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.946482][T10070] bridge_slave_0: entered allmulticast mode
[  323.034760][T10103] loop0: detected capacity change from 0 to 164
[  323.093778][T10070] bridge_slave_0: entered promiscuous mode
[  323.215741][T10070] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.282312][T10070] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.364077][T10070] bridge_slave_1: entered allmulticast mode
[  323.372794][T10070] bridge_slave_1: entered promiscuous mode
[  324.086114][T10070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.243657][ T5249] Bluetooth: hci3: command tx timeout
[  324.265663][T10070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.493344][    C1] sched: DL replenish lagged too much
[  325.045512][T10070] team0: Port device team_slave_0 added
[  325.148179][T10070] team0: Port device team_slave_1 added
[  325.691019][T10119] netlink: 'syz.0.1710': attribute type 1 has an invalid length.
[  325.756342][T10119] netlink: 'syz.0.1710': attribute type 2 has an invalid length.
[  325.858382][T10124] loop4: detected capacity change from 0 to 128
[  325.869612][T10070] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.921099][T10070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.091125][T10124] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  326.237538][T10124] ext4 filesystem being mounted at /80/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  326.275737][T10070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.355735][ T5249] Bluetooth: hci3: command tx timeout
[  326.432707][T10070] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.500410][T10070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.684788][   T29] audit: type=1800 audit(1727331406.252:42): pid=10124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1713" name="bus" dev="loop4" ino=12 res=0 errno=0
[  326.805320][T10070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  327.086039][ T9162] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  327.441478][T10070] hsr_slave_0: entered promiscuous mode
[  327.522760][T10070] hsr_slave_1: entered promiscuous mode
[  327.621968][T10070] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  327.725725][T10070] Cannot create hsr debugfs directory
[  454.473302][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  454.480347][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P9162/1:b..l
[  454.489105][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=37909, q=1272552 ncpus=2)
[  454.497230][    C1] task:syz-executor    state:R  running task     stack:20856 pid:9162  tgid:9162  ppid:9135   flags:0x00000000
[  454.511183][    C1] Call Trace:
[  454.514512][    C1]  <TASK>
[  454.517494][    C1]  __schedule+0x1895/0x4b30
[  454.522073][    C1]  ? __pfx___schedule+0x10/0x10
[  454.526979][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  454.533018][    C1]  ? __lock_acquire+0x1384/0x2050
[  454.538105][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[  454.543451][    C1]  preempt_schedule_irq+0xfb/0x1c0
[  454.548610][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  454.554504][    C1]  irqentry_exit+0x5e/0x90
[  454.558979][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  454.565060][    C1] RIP: 0010:lock_acquire+0x264/0x550
[  454.570421][    C1] Code: 2b 00 74 08 4c 89 f7 e8 3a 64 8e 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  454.590233][    C1] RSP: 0018:ffffc900096af4e0 EFLAGS: 00000206
[  454.596540][    C1] RAX: 0000000000000001 RBX: 1ffff920012d5ea8 RCX: 93560255a879da00
[  454.604663][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0adca0 RDI: ffffffff8c610e60
[  454.612691][    C1] RBP: ffffc900096af640 R08: ffffffff942cd807 R09: 1ffffffff2859b00
[  454.620717][    C1] R10: dffffc0000000000 R11: fffffbfff2859b01 R12: 1ffff920012d5ea4
[  454.628781][    C1] R13: dffffc0000000000 R14: ffffc900096af540 R15: 0000000000000246
[  454.637102][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  454.642225][    C1]  ? free_unref_page+0x6aa/0xf20
[  454.647220][    C1]  ? page_ext_get+0x20/0x2a0
[  454.651866][    C1]  page_ext_get+0x3d/0x2a0
[  454.656515][    C1]  ? page_ext_get+0x20/0x2a0
[  454.661164][    C1]  __reset_page_owner+0x30/0x430
[  454.666160][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  454.671474][    C1]  free_unref_page+0xcfb/0xf20
[  454.676299][    C1]  __put_partials+0xeb/0x130
[  454.681253][    C1]  put_cpu_partial+0x17c/0x250
[  454.686070][    C1]  ? put_cpu_partial+0x70/0x250
[  454.691020][    C1]  __slab_free+0x2ea/0x3d0
[  454.695492][    C1]  ? __phys_addr+0xba/0x170
[  454.700052][    C1]  qlist_free_all+0x9a/0x140
[  454.704696][    C1]  kasan_quarantine_reduce+0x14f/0x170
[  454.710207][    C1]  __kasan_slab_alloc+0x23/0x80
[  454.715108][    C1]  ? tomoyo_encode+0x26f/0x540
[  454.719925][    C1]  __kmalloc_noprof+0x1a6/0x400
[  454.724834][    C1]  tomoyo_encode+0x26f/0x540
[  454.729572][    C1]  tomoyo_realpath_from_path+0x59e/0x5e0
[  454.735292][    C1]  tomoyo_path_perm+0x2b7/0x740
[  454.740204][    C1]  ? tomoyo_path_perm+0x287/0x740
[  454.745285][    C1]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  454.750921][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  454.756178][    C1]  ? __d_lookup+0x64/0x7b0
[  454.760641][    C1]  ? hook_path_rmdir+0x18a/0x4b0
[  454.765626][    C1]  tomoyo_path_rmdir+0xd0/0x110
[  454.770531][    C1]  ? __pfx_tomoyo_path_rmdir+0x10/0x10
[  454.776059][    C1]  security_path_rmdir+0x169/0x360
[  454.781240][    C1]  do_rmdir+0x2e7/0x580
[  454.785468][    C1]  ? __pfx_do_rmdir+0x10/0x10
[  454.790207][    C1]  ? getname_flags+0x1e3/0x540
[  454.795043][    C1]  __x64_sys_unlinkat+0xde/0xf0
[  454.799955][    C1]  do_syscall_64+0xf3/0x230
[  454.804513][    C1]  ? clear_bhb_loop+0x35/0x90
[  454.809257][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.815213][    C1] RIP: 0033:0x7f6e52b7d517
[  454.819692][    C1] RSP: 002b:00007fffb32b7358 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  454.828167][    C1] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f6e52b7d517
[  454.836218][    C1] RDX: 0000000000000200 RSI: 00007fffb32b8490 RDI: 00000000ffffff9c
[  454.844274][    C1] RBP: 00007f6e52bf00b4 R08: 000055556d82662b R09: 0000000000000000
[  454.852306][    C1] R10: 0000000000001000 R11: 0000000000000207 R12: 00007fffb32b8490
[  454.860523][    C1] R13: 00007f6e52bf00b4 R14: 000000000004f880 R15: 00007fffb32b84d0
[  454.868581][    C1]  </TASK>
[  454.871641][    C1] rcu: rcu_preempt kthread starved for 10444 jiffies! g37909 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  454.883235][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  454.893254][    C1] rcu: RCU grace-period kthread stack dump:
[  454.899180][    C1] task:rcu_preempt     state:R  running task     stack:25952 pid:17    tgid:17    ppid:2      flags:0x00004000
[  454.911268][    C1] Call Trace:
[  454.914589][    C1]  <TASK>
[  454.917562][    C1]  __schedule+0x1895/0x4b30
[  454.922149][    C1]  ? __pfx___schedule+0x10/0x10
[  454.927051][    C1]  ? __pfx_lock_release+0x10/0x10
[  454.932143][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  454.938529][    C1]  ? schedule+0x90/0x320
[  454.942817][    C1]  schedule+0x14b/0x320
[  454.947019][    C1]  schedule_timeout+0x15a/0x290
[  454.951923][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  454.957353][    C1]  ? __pfx_process_timeout+0x10/0x10
[  454.962695][    C1]  ? prepare_to_swait_event+0x330/0x350
[  454.968301][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  454.973197][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  454.978456][    C1]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  454.984651][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  454.989991][    C1]  ? finish_swait+0xd4/0x1e0
[  454.994653][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  454.999374][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  455.004624][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  455.010662][    C1]  ? __kthread_parkme+0x169/0x1d0
[  455.015742][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  455.020996][    C1]  kthread+0x2f0/0x390
[  455.025197][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  455.030438][    C1]  ? __pfx_kthread+0x10/0x10
[  455.035163][    C1]  ret_from_fork+0x4b/0x80
[  455.039627][    C1]  ? __pfx_kthread+0x10/0x10
[  455.044344][    C1]  ret_from_fork_asm+0x1a/0x30
[  455.049185][    C1]  </TASK>
[  455.052239][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  455.058692][    C1] CPU: 1 UID: 0 PID: 5283 Comm: kworker/1:3 Not tainted 6.11.0-next-20240926-syzkaller #0
[  455.068621][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  455.078716][    C1] Workqueue: events nsim_dev_trap_report_work
[  455.084842][    C1] RIP: 0010:unwind_next_frame+0x148a/0x22d0
[  455.090779][    C1] Code: 44 24 38 80 3c 28 00 74 08 4c 89 ff e8 ff 3a bd 00 49 89 1f 41 0f b6 04 2c 84 c0 0f 85 1d 0c 00 00 41 c6 06 00 48 8b 5c 24 40 <e9> 5b 01 00 00 48 89 ef 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07
[  455.110692][    C1] RSP: 0018:ffffc90000a17530 EFLAGS: 00000246
[  455.116909][    C1] RAX: ffffc90000a17650 RBX: 1ffffffff2256cbd RCX: 0000000000000000
[  455.125189][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000a17660
[  455.133208][    C1] RBP: dffffc0000000000 R08: ffffc90000a1765f R09: 0000000000000000
[  455.141492][    C1] R10: ffffc90000a17650 R11: fffff52000142ecc R12: ffffc90000a19000
[  455.149518][    C1] R13: ffffc90000a17600 R14: ffffffff8a226344 R15: ffffc90000a17650
[  455.157577][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  455.166574][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  455.173204][    C1] CR2: 000055556d82e608 CR3: 000000007b2dc000 CR4: 00000000003526f0
[  455.181229][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  455.189244][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  455.197265][    C1] Call Trace:
[  455.200591][    C1]  <IRQ>
[  455.203466][    C1]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  455.209850][    C1]  ? print_other_cpu_stall+0x1475/0x15b0
[  455.215546][    C1]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  455.221456][    C1]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  455.227840][    C1]  ? rcu_sched_clock_irq+0xa1a/0x10d0
[  455.233266][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  455.238952][    C1]  ? hrtimer_run_queues+0x16c/0x460
[  455.244196][    C1]  ? acct_account_cputime+0x207/0x210
[  455.249634][    C1]  ? update_process_times+0x1ce/0x230
[  455.255056][    C1]  ? tick_nohz_handler+0x37c/0x500
[  455.260220][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  455.265759][    C1]  ? __hrtimer_run_queues+0x551/0xd50
[  455.271202][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  455.277072][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  455.283198][    C1]  ? hrtimer_interrupt+0x396/0x990
[  455.288379][    C1]  ? __sysvec_apic_timer_interrupt+0x110/0x3f0
[  455.294587][    C1]  ? sysvec_apic_timer_interrupt+0x52/0xc0
[  455.300529][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  455.306748][    C1]  ? NF_HOOK+0x3a4/0x450
[  455.311139][    C1]  ? unwind_next_frame+0x148a/0x22d0
[  455.316485][    C1]  ? NF_HOOK+0x29e/0x450
[  455.320812][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  455.327030][    C1]  arch_stack_walk+0x11c/0x150
[  455.331846][    C1]  ? NF_HOOK+0x3a4/0x450
[  455.336143][    C1]  stack_trace_save+0x118/0x1d0
[  455.341069][    C1]  ? __asan_memset+0x23/0x50
[  455.345787][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  455.351214][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  455.356383][    C1]  kasan_save_track+0x3f/0x80
[  455.361274][    C1]  ? kasan_save_track+0x3f/0x80
[  455.366247][    C1]  ? __kasan_kmalloc+0x98/0xb0
[  455.371142][    C1]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  455.376736][    C1]  ? ref_tracker_alloc+0x14b/0x490
[  455.381889][    C1]  ? dst_init+0xee/0x490
[  455.386174][    C1]  ? dst_alloc+0x14f/0x190
[  455.390666][    C1]  ? ip_route_output_key_hash_rcu+0x13cc/0x2390
[  455.396963][    C1]  ? ip_route_output_key_hash+0x193/0x2b0
[  455.402988][    C1]  ? ip_route_output_flow+0x29/0x140
[  455.408328][    C1]  ? ip_route_me_harder+0x80d/0x1300
[  455.413672][    C1]  ? synproxy_send_tcp+0x356/0x6c0
[  455.418837][    C1]  ? synproxy_send_client_synack+0x8b8/0xf30
[  455.424866][    C1]  ? nft_synproxy_eval_v4+0x3ca/0x610
[  455.430277][    C1]  ? nft_synproxy_do_eval+0x362/0xa60
[  455.435687][    C1]  ? nft_do_chain+0x4ad/0x1da0
[  455.440492][    C1]  ? nft_do_chain_inet+0x418/0x6b0
[  455.445650][    C1]  ? nf_hook_slow+0xc3/0x220
[  455.450291][    C1]  ? NF_HOOK+0x29e/0x450
[  455.454635][    C1]  __kasan_kmalloc+0x98/0xb0
[  455.459264][    C1]  ? ref_tracker_alloc+0x14b/0x490
[  455.464416][    C1]  __kmalloc_cache_noprof+0x19c/0x2c0
[  455.469841][    C1]  ref_tracker_alloc+0x14b/0x490
[  455.474859][    C1]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  455.480392][    C1]  dst_init+0xee/0x490
[  455.484516][    C1]  ? kmem_cache_alloc_noprof+0x185/0x2a0
[  455.490214][    C1]  dst_alloc+0x14f/0x190
[  455.494544][    C1]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[  455.500784][    C1]  ip_route_output_key_hash+0x193/0x2b0
[  455.506421][    C1]  ? ip_route_output_key_hash+0xdf/0x2b0
[  455.512159][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  455.518455][    C1]  ? __pfx_lock_release+0x10/0x10
[  455.523519][    C1]  ? kthread+0x2f0/0x390
[  455.527903][    C1]  ip_route_output_flow+0x29/0x140
[  455.533074][    C1]  ip_route_me_harder+0x80d/0x1300
[  455.538248][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[  455.544467][    C1]  ? trace_kmalloc+0x1f/0xd0
[  455.549101][    C1]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[  455.555965][    C1]  synproxy_send_tcp+0x356/0x6c0
[  455.561067][    C1]  synproxy_send_client_synack+0x8b8/0xf30
[  455.567308][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  455.573702][    C1]  ? synproxy_pernet+0x45/0x270
[  455.578689][    C1]  nft_synproxy_eval_v4+0x3ca/0x610
[  455.583942][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  455.589708][    C1]  ? nf_ip_checksum+0x13a/0x500
[  455.594615][    C1]  nft_synproxy_do_eval+0x362/0xa60
[  455.599868][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  455.605643][    C1]  ? __pfx_validate_chain+0x10/0x10
[  455.610888][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  455.616933][    C1]  nft_do_chain+0x4ad/0x1da0
[  455.621588][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  455.626666][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  455.632139][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  455.637401][    C1]  nft_do_chain_inet+0x418/0x6b0
[  455.642402][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  455.647905][    C1]  ? ipt_do_table+0x312/0x1860
[  455.652731][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  455.658246][    C1]  nf_hook_slow+0xc3/0x220
[  455.662724][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  455.668870][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  455.674910][    C1]  NF_HOOK+0x29e/0x450
[  455.679032][    C1]  ? NF_HOOK+0x9a/0x450
[  455.683235][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  455.687880][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  455.694011][    C1]  ? ip_rcv_finish+0x406/0x560
[  455.698831][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  455.704431][    C1]  NF_HOOK+0x3a4/0x450
[  455.708558][    C1]  ? __lock_acquire+0x1384/0x2050
[  455.713629][    C1]  ? NF_HOOK+0x9a/0x450
[  455.717837][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  455.722478][    C1]  ? ip_rcv_core+0x801/0xd10
[  455.727211][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  455.732394][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  455.736956][    C1]  __netif_receive_skb+0x2bf/0x650
[  455.742131][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  455.747222][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  455.753393][    C1]  ? __pfx_lock_release+0x10/0x10
[  455.758478][    C1]  ? mark_lock+0x9a/0x360
[  455.762878][    C1]  process_backlog+0x662/0x15b0
[  455.767815][    C1]  ? process_backlog+0x33b/0x15b0
[  455.773007][    C1]  ? __pfx_process_backlog+0x10/0x10
[  455.778366][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  455.784684][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  455.791166][    C1]  __napi_poll+0xcb/0x490
[  455.795571][    C1]  net_rx_action+0x89b/0x1240
[  455.800358][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  455.805539][    C1]  ? sched_clock+0x4a/0x70
[  455.810386][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  455.816791][    C1]  handle_softirqs+0x2c5/0x980
[  455.821654][    C1]  ? do_softirq+0x11b/0x1e0
[  455.826829][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  455.832179][    C1]  do_softirq+0x11b/0x1e0
[  455.836741][    C1]  </IRQ>
[  455.839707][    C1]  <TASK>
[  455.842674][    C1]  ? __pfx_do_softirq+0x10/0x10
[  455.847755][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  455.853459][    C1]  ? rcu_is_watching+0x15/0xb0
[  455.858281][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  455.863549][    C1]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  455.869411][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  455.875199][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  455.880455][    C1]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  455.886324][    C1]  nsim_dev_trap_report_work+0x75d/0xaa0
[  455.892133][    C1]  ? process_scheduled_works+0x976/0x1850
[  455.898032][    C1]  process_scheduled_works+0xa63/0x1850
[  455.903994][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  455.910345][    C1]  ? assign_work+0x364/0x3d0
[  455.915075][    C1]  worker_thread+0x870/0xd30
[  455.920358][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  455.926402][    C1]  ? __kthread_parkme+0x169/0x1d0
[  455.931506][    C1]  ? __pfx_worker_thread+0x10/0x10
[  455.937235][    C1]  kthread+0x2f0/0x390
[  455.941363][    C1]  ? __pfx_worker_thread+0x10/0x10
[  455.946539][    C1]  ? __pfx_kthread+0x10/0x10
[  455.951180][    C1]  ret_from_fork+0x4b/0x80
[  455.955653][    C1]  ? __pfx_kthread+0x10/0x10
[  455.960297][    C1]  ret_from_fork_asm+0x1a/0x30
[  455.965153][    C1]  </TASK>