last executing test programs:

3m44.101488716s ago: executing program 1 (id=255):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x8001, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000080)=0x7, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000100)=""/92, &(0x7f00000001c0)=0x5c)

3m43.8200675s ago: executing program 1 (id=257):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1, 0x0, 0x3}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x180000, @empty}, 0x1c)

3m43.634643219s ago: executing program 1 (id=260):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x40, r1, 0x5, 0x70bd27, 0x25dfdc01, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5665b9974644cf9607044163ba069bdd87aafd08fe18dae5"}]]}, 0x40}, 0x1, 0x0, 0x0, 0x40048}, 0x0)

3m43.300232926s ago: executing program 1 (id=263):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000001800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040), 0x1, 0x751, &(0x7f0000001040)="$eJzs3M9rHGUfAPDvTJP+zPtuXngP4kmoWKF2k6ZqT0LEc6HQP6AuySSETLIhu6ndNWDrwYMgqAhae9H/wIsieCn9HxTBm4IHQWsaDwUPkdnspu12E9c26Zb4+cDsfJ9nZvb7fNvJww7sswH8az1TvCQRIxFxPiJK7f40Ig62osMRVzbPu722OrW+tjqVxMbGhVtJcVmrr/NeSXt/LFqXxFMRcXM44uTbD+atNZrzlTzPltvtsfrC0lit0Tw1t1CZzWazxYnx8TNnXp546cXxXav1vTe/+O3dr1/79tOzC3++cuuF6SQmW3VHVx27afPfZDgmu/oX9yLZACWDHgAAAH0pPucfiIih1qfUUhxoRQAAAMB+snFoAwAAANj3khj0CAAAAIC91fkewO211anO9ji/f/DrqxExendt8fpW/qHWGuKIwzEcEUfXk/tWJiSbl8EjuXI1Im5M9rj/k/b99/C6V65bI/3kuVHMP5O95r90a/6JHvPPUOe3Ex5RZ/5bf2D+u5v/wDbz3/k+cxxaPvHdtvmvRjw91Ct/spU/6eSv3Lkv/+t95v9y5Icftzu28XnEieid/95cO/w+xNjMXJ61X3vmOP7VWyd3qv/odvmTrvrvua7oW+qz/p+uT8xuN5cU+Z8/vvP/f6/8xT3xfnscaUR80N4X7Q+7cjx3c/zaTvVPb1P/TvmLvs/6rP+bd5o/93kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtKQRMRJJWt6K07RcjjgWEf+Po2lerdVPzlRXFqeLYxGjMZzOzOXZeESUNttJ0T7diu+2J7raZyLifxHxUelIq12equbTgy4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALcciYiSStBwRaUT8UUrTcnnQowIAAAB23eigBwAAAADsOc//AAAAsP91Pf9fqwxqIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB+dv7cuWLbWF9bnSra05caK/PVS6ems7R9RnV5qTxbrc7mWXmquvB375dXq0tnY3Hl8lg9q9XHao3mxYXqymL94txCZTa7mA3veUUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8jJHWlqTliEhbcZqWyxH/iYjRGE5m5vJsPCL+GxHfl4YPFe3Tgx40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu67WaM5X8jxbFggEuxwcbv+VPSnj+SfBjtPGkccyOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NjVGs35Sp5ny7VBjwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9JIqLYTpSeHek+ejC5U2rtI+KN6xc+vlyp15dPF/2/b/XXP2n3Twxi/AAAAEC3znN65zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgX7VGc76S59nyHgaDrhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg4fwUAAP//zWnHag==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000003e40)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})

3m42.363286592s ago: executing program 1 (id=269):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000080)='Y')
ioctl$sock_bt_hci(r0, 0x400448e7, &(0x7f0000000080))

3m41.643348588s ago: executing program 1 (id=276):
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
openat$cgroup_int(r1, &(0x7f0000000100)='blkio.throttle.read_iops_device\x00', 0x2, 0x0)

3m41.378740981s ago: executing program 32 (id=276):
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
openat$cgroup_int(r1, &(0x7f0000000100)='blkio.throttle.read_iops_device\x00', 0x2, 0x0)

3m29.48953119s ago: executing program 2 (id=328):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x80045b10, &(0x7f0000000040))

3m27.623688822s ago: executing program 0 (id=347):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000300)="cd", 0x1, 0x8804, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c)
listen(r0, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

3m27.552092605s ago: executing program 2 (id=348):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1, 0x2, 0xfffffffc, 0x2, 0x9}})
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)

3m27.097729118s ago: executing program 0 (id=351):
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0xeba45e42f78e2070, 0x1000)
msgrcv(r0, 0x0, 0x0, 0x2, 0x1000)
msgsnd(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="5062c2be7ea37668"], 0x8, 0x0)

3m26.901105647s ago: executing program 2 (id=353):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000200)=0x6)

3m26.599222973s ago: executing program 2 (id=354):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000001800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040), 0x1, 0x751, &(0x7f0000001040)="$eJzs3M9rHGUfAPDvTJP+zPtuXngP4kmoWKF2k6ZqT0LEc6HQP6AuySSETLIhu6ndNWDrwYMgqAhae9H/wIsieCn9HxTBm4IHQWsaDwUPkdnspu12E9c26Zb4+cDsfJ9nZvb7fNvJww7sswH8az1TvCQRIxFxPiJK7f40Ig62osMRVzbPu722OrW+tjqVxMbGhVtJcVmrr/NeSXt/LFqXxFMRcXM44uTbD+atNZrzlTzPltvtsfrC0lit0Tw1t1CZzWazxYnx8TNnXp546cXxXav1vTe/+O3dr1/79tOzC3++cuuF6SQmW3VHVx27afPfZDgmu/oX9yLZACWDHgAAAH0pPucfiIih1qfUUhxoRQAAAMB+snFoAwAAANj3khj0CAAAAIC91fkewO211anO9ji/f/DrqxExendt8fpW/qHWGuKIwzEcEUfXk/tWJiSbl8EjuXI1Im5M9rj/k/b99/C6V65bI/3kuVHMP5O95r90a/6JHvPPUOe3Ex5RZ/5bf2D+u5v/wDbz3/k+cxxaPvHdtvmvRjw91Ct/spU/6eSv3Lkv/+t95v9y5Icftzu28XnEieid/95cO/w+xNjMXJ61X3vmOP7VWyd3qv/odvmTrvrvua7oW+qz/p+uT8xuN5cU+Z8/vvP/f6/8xT3xfnscaUR80N4X7Q+7cjx3c/zaTvVPb1P/TvmLvs/6rP+bd5o/93kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtKQRMRJJWt6K07RcjjgWEf+Po2lerdVPzlRXFqeLYxGjMZzOzOXZeESUNttJ0T7diu+2J7raZyLifxHxUelIq12equbTgy4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALcciYiSStBwRaUT8UUrTcnnQowIAAAB23eigBwAAAADsOc//AAAAsP91Pf9fqwxqIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB+dv7cuWLbWF9bnSra05caK/PVS6ems7R9RnV5qTxbrc7mWXmquvB375dXq0tnY3Hl8lg9q9XHao3mxYXqymL94txCZTa7mA3veUUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8jJHWlqTliEhbcZqWyxH/iYjRGE5m5vJsPCL+GxHfl4YPFe3Tgx40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu67WaM5X8jxbFggEuxwcbv+VPSnj+SfBjtPGkccyOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NjVGs35Sp5ny7VBjwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9JIqLYTpSeHek+ejC5U2rtI+KN6xc+vlyp15dPF/2/b/XXP2n3Twxi/AAAAEC3znN65zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgX7VGc76S59nyHgaDrhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg4fwUAAP//zWnHag==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000003e40)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})

3m26.147128635s ago: executing program 2 (id=356):
syz_open_dev$dri(&(0x7f0000001100), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x107fff, 0x10, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb6b, 0x800c1, 0x4, 0x1, 0x1, 0x9, 0xff, 0x1000, 0xc, 0x3, 0x3, 0x80000001, 0xfffffffa, 0x0, 0x1, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x63c, 0xe, 0x6, 0x100, 0x6, 0x1bfe, 0xb, 0x40, 0x40, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x5, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xa, 0x1fa0860a, 0x7, 0xa9, 0x81, 0x2, 0x180000, 0x4003, 0x28b, 0x5, 0x2af, 0x3, 0x5, 0x2, 0x1, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10000, 0x3f6, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0xfffffffe, 0x84, 0x100, 0x5, 0x252, 0x3, 0xb, 0x2, 0x20006, 0xc50, 0x2, 0xb, 0x2, 0xd9a, 0xc8, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x1, 0x8, 0x0, 0x4, 0x6, 0x0, 0x0, 0x1, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x5, 0x1fc, 0x1ff, 0xffffffff]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

3m26.138814715s ago: executing program 0 (id=357):
pipe2(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
read$FUSE(r0, &(0x7f0000002600)={0x2020}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
fcntl$setpipe(r0, 0x407, 0xc000)

3m25.357977334s ago: executing program 2 (id=371):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r0}, 0xc)

3m24.860208349s ago: executing program 33 (id=371):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r0}, 0xc)

3m24.854275489s ago: executing program 0 (id=365):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000001800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040), 0x1, 0x751, &(0x7f0000001040)="$eJzs3M9rHGUfAPDvTJP+zPtuXngP4kmoWKF2k6ZqT0LEc6HQP6AuySSETLIhu6ndNWDrwYMgqAhae9H/wIsieCn9HxTBm4IHQWsaDwUPkdnspu12E9c26Zb4+cDsfJ9nZvb7fNvJww7sswH8az1TvCQRIxFxPiJK7f40Ig62osMRVzbPu722OrW+tjqVxMbGhVtJcVmrr/NeSXt/LFqXxFMRcXM44uTbD+atNZrzlTzPltvtsfrC0lit0Tw1t1CZzWazxYnx8TNnXp546cXxXav1vTe/+O3dr1/79tOzC3++cuuF6SQmW3VHVx27afPfZDgmu/oX9yLZACWDHgAAAH0pPucfiIih1qfUUhxoRQAAAMB+snFoAwAAANj3khj0CAAAAIC91fkewO211anO9ji/f/DrqxExendt8fpW/qHWGuKIwzEcEUfXk/tWJiSbl8EjuXI1Im5M9rj/k/b99/C6V65bI/3kuVHMP5O95r90a/6JHvPPUOe3Ex5RZ/5bf2D+u5v/wDbz3/k+cxxaPvHdtvmvRjw91Ct/spU/6eSv3Lkv/+t95v9y5Icftzu28XnEieid/95cO/w+xNjMXJ61X3vmOP7VWyd3qv/odvmTrvrvua7oW+qz/p+uT8xuN5cU+Z8/vvP/f6/8xT3xfnscaUR80N4X7Q+7cjx3c/zaTvVPb1P/TvmLvs/6rP+bd5o/93kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtKQRMRJJWt6K07RcjjgWEf+Po2lerdVPzlRXFqeLYxGjMZzOzOXZeESUNttJ0T7diu+2J7raZyLifxHxUelIq12equbTgy4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALcciYiSStBwRaUT8UUrTcnnQowIAAAB23eigBwAAAADsOc//AAAAsP91Pf9fqwxqIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB+dv7cuWLbWF9bnSra05caK/PVS6ems7R9RnV5qTxbrc7mWXmquvB375dXq0tnY3Hl8lg9q9XHao3mxYXqymL94txCZTa7mA3veUUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8jJHWlqTliEhbcZqWyxH/iYjRGE5m5vJsPCL+GxHfl4YPFe3Tgx40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu67WaM5X8jxbFggEuxwcbv+VPSnj+SfBjtPGkccyOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NjVGs35Sp5ny7VBjwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDBSn9JIqLYTpSeHek+ejC5U2rtI+KN6xc+vlyp15dPF/2/b/XXP2n3Twxi/AAAAEC3znN65zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgX7VGc76S59nyHgaDrhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg4fwUAAP//zWnHag==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000003e40)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})

3m23.945130514s ago: executing program 0 (id=367):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES32], 0x1, 0x1a2, &(0x7f0000000480)="$eJzs0b9rE2Ecx/H393me/KjQlqg4VLABK/FCNbmrOjgFpwg5cBUMGtLYFBO1vQy2tNBFClLtv6BTBRcVdBJBcC4OgoOcSzdphuIgDhK55Kng3+DzGu5z3w93PMf32tFSlAF+H6w1qTCkmeATggGmZdQpNcq3dv5uc3sUXLHzls3nNqeildU7jU6ntZy/nCf3TwH8GHZ/q+gVJxR9oYJ8OVhrNuRWyKBCV82H5GoUH6PrBu8JU2ac4zfRDApbXFUsSaEGk6Ve934pWlk9t9htLLQWWneDYO5S+UK5fDEo3V7stMpvEO+RKJ6yjheSCRnz1knVebhrjjAriNdWsZZin3yd7V199vRsH+XtMxADhT4ZkfZg8sUEZG8kH1/lmPAMHTJTY0xhGB5URa6p1+Kbz+ZnSpHd0Pp8815nfvO6kl/pnYrsZ8XfI1XwCYo+c8lqOMoHNmNmYqoxOzF735iWd8kph3s1G8n1pZ1OcgrSPGj0est+Gj6KCQmS/5mDcQTOJI/VkvG9fccGXw9vHMdxHMdxHMdxnP/AnwAAAP//fzxhdA==")
open$dir(&(0x7f0000000100)='./file0\x00', 0xe8c40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)

3m22.911302795s ago: executing program 0 (id=373):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000180), &(0x7f0000000540)=""/119}, 0x20)

3m22.481044836s ago: executing program 34 (id=373):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x8, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000180), &(0x7f0000000540)=""/119}, 0x20)

20.759210132s ago: executing program 5 (id=1732):
syz_mount_image$erofs(&(0x7f0000000280), &(0x7f0000000200)='./file0\x00', 0x81c452, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYRES64=0x0], 0xfe, 0x226, &(0x7f00000002c0)="$eJzsmb+LE0EUx7+zu7cbT1FsLGwsjHiit9ndqFxz4AmipXD+7AzeKupqJFkhdyDcYaOFnRaCrf+AhcVVFnZ2tlqoYOfZiSDCypudnUySTUgkYHHvUyzfee/NzHszzDu4gGGYbcvXLz8/Pz29cOEYgF2owlP2ihFjGfrTiwdHny+eefn646t393Y/3NSOs3nUjgn3p/i3SzZSUs+cwvwry7JMAKjKoXAoi6pyXoSFI0pfFgKHlL4GC5eUjiFwVenbhm4WCSaxf72ZrNy4lcQBffbQpIhU3cyPMtraEFhRZ1LkVdBeXbvTSJK41S9msmKfVls45TFjilHnJ/NbsrCoxpQf3cSVx482aOwre5Cf3ynyhbAQKnsdAstKL8CD7/v6SEKj/v1Od33buOZ/LKlMPDkHlLjsXPzWFg/dkx298t75qSQ2RWH3W36oYiZecB3A+LvvxP+vfTJR6d6yO+XkRb+FHrS27NvafD8469uEe4n1PH3DJab/ZMYTRTNvJPScDdeH2dHTi5c2LMZV/gGXR3vp/kTd+7DRnxzoPo9aevd+rb26Nu+icTPOPCCqnwyOB8GJqCYbUf4d6Ht/dP+ryP40a6w/M+TPkCtcdBpp2go7QNoK9TjqWL2VYPlN87s0WLL/WZg7mAfQJcqyvbIdcr9Q84RUc3bhs8unMAzDMAzDMAzDMAzDMAzDDMPtHR6AkP8FVT9UZUOIzsvovwEAAP//MG5Ihw==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
lsetxattr$security_evm(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000580), 0x0, 0x0, 0x3)

20.441304478s ago: executing program 5 (id=1737):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x1000000, 0x0)

20.00322831s ago: executing program 5 (id=1741):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a00)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="c0a201"], 0x24}}, 0x0)
recvmmsg$unix(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/250, 0xfa}, {&(0x7f0000003ac0)=""/4107, 0x100b}], 0x2}}], 0x1, 0x0, 0x0)
write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)

19.803640549s ago: executing program 5 (id=1746):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000140)='./file2\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x1, 0x1f3, &(0x7f0000001880)="$eJzslc+q00AUxr+ZxKT3Ij6AGxde8LowbXJB3Fy4d+PKheCfiwvBYtNSTa20XdiCaJ/AvTsXPoaiWxf6BlIF0U3dqOuRyUwmQ0mrMS0Knh90+k3m5MyZM5MzIAjiv+Xjhx8z8X3/cw3AcezA18+/OLkNt+zf174+fH3p4tGTm8/f+LNgq8inEL8/vwvg1aGDd+ZdIWynO/r/KrjR18BxVusjMARa3wLHda1jMNzQ+o6l+9I+CNrdJA5u95OWFA3ZhLKJ2t2EuYvxzacMLSs+Zo0Px5O7zSSJBxsUv8rf/JBj38SHmj1+ASrahpW/EByh1ntguGJs/Sw3KiXW+k+6+fqdlev3UHHZnwDkT9oFNrzqFJnw5FTLbbKFFgwBbF17H52o7ifb87KvO0iFU/p1rtIiT8XmP4AKAu7aHAq/4CT4q85PdfH2pRZ8pfGLA7V/JtRHql9u0oMlQ15JPzrzpj6JZwxnrPqpSsnT9Kqpj3r368Px5Fy31+zEnfheFO2db2wDiOppIVLtsvLnA1tpfdrO/RfeSRKPeXjQHI0GoWpNP1JtUcXlcDGfcuyexjHZl9XUW/D7zdIs/cmvgz1WvV27XConBEEQ/wCnwNKanNblTOjbxAwIEV3+y3ESBEEQBEEQBEEQBPHn/AwAAP//W8NQxQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000580)=""/174, 0xff56)

19.503301854s ago: executing program 5 (id=1747):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000004c0)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x2})

19.225952528s ago: executing program 5 (id=1748):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c0001"], 0x98}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

18.733030442s ago: executing program 35 (id=1748):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c0001"], 0x98}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

2.059436668s ago: executing program 6 (id=1872):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
quotactl$Q_QUOTAON(0xffffffff80000201, 0x0, 0x0, 0x0)

1.479894346s ago: executing program 7 (id=1874):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x95, 0x0, &(0x7f00000008c0)="e30080670000ec67838717bd86dde148f0630962bb87dd44fe42904bcee14db4241544716b9ea42231ed3373a3e29953e3bb017d9c1fd05dacf5bb80b4b7ee0fae7aea53492b38978defbb39a1ffa8a175e8257c3c5386795f7aaa2b182cc4c3705dc9f253d21fba2eace93b558c750cfba810dc7a19dbb15a5a39c850a7541d5e2765acdedc133065149a3bb727e42ad8305aaeca", 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xc}, 0x50)
r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x2d42)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

1.352523992s ago: executing program 7 (id=1875):
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000180)=ANY=[], 0xfe, 0xa7f, &(0x7f0000000b40)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4yvo9r/3W1tib9dpef5/0/PbNG897Mzsej2fmvReAiVVZfl1amitCuPrmq8f/+cA/Zu9MebQ5R235dbolVQ0hFDE9nS3vvalGfOv9l850iouwuPya0uHJm833bg8hXAoHwrVQC3uvXn/l7cUnTl4+ceXgO68dvTGYtQcAgMnyrWtHl/b87c/7dn3w+n3Hwpbm9HR+XovpHfG8/1g88U/n/5XQni5aQquZbL7pGCrZfFMd5mstp5rNN92l/JlsudVm/r62+baUlD/VMq3TesM4S/txLRSV+bZ0pTI/3/hNHpZ/188U8xfOnX/m4pAqCqy7f98fQjgwwBAGvPwhhXq9/uPNum6rw4368OsgDCLUdw718APQlN8vXOVSfmXh7jSXNt1b+Tcfq3R+P6yDjd7/lT9e5f/6ciz/1F8HWg8mw2b9/krrlT5HO2I6v4+QP7/U7+c/LW8qvkxnyy/T7T7CuNxf6FbPqQ2ux1p1q3++X2xWX49x2g7fyPJbPz/5/3Rc/sdAZ/8Z9PX/EQsHRqAOmzpUR6AOQs+hPuwDEDCyVp6ba6hHKT9/ri/P31KSv7Ukf7Ykf1tJ/vaSfJhkv3/+p+HlYuV3fv6bvt/rYek620di/NE+65Nfj+y3/Py5337dbfn588Qwyt44/dTZrzx96nrj+f+iuf/fjvv7gZiuxc/WtThDul6YX1dvPvtfay+n0mW+e7L6pONGZUuav94ocXf7fMXuleWEluPMqnrMtb9vZ7f59rfPV8vmm41ha1bf/PxkW/a+dP6Rjqtpe01n61vN1mMmq0c6ruyKcV4PWIu0P3Z7/j/tn3OhWjxz7vzZR2I67ad/mqpuuTP9UOtCf7MxdQfuTq/tf+ZCe/ufHc3p1UrrcWHnyvSi9bhQy6YvNpLN2+Rp+uGYTt9z35maXZ4+f+Z7559e75WHCXfxhRe/e/r8+bM/8Ef6Y9Zm8Yc/hn1kAgZt4fnnvr9w8YUXHz733Olnzz579sLhI0cOLy4e+erhpYXl8/qF1rN7YDNZ+dIfdk0AAAAAAAAAAACAXv3wxPHrf3nry+822v+vtP9L7f/Tk7+p/f9Psvb/eTv51A4+tQPc1SF/edy9N9rrMZPNV43hY1l9d2fl7Mne9/EYN8fxi+3/U3v7vF/XVJ97s+l5/71pvqw7gVX9pcxkfZDk4wV+KsZXYvyrAENUzHaeHOO2/q3D6v6t076e+qfQL8V4Sv+3tDekfkxS++9u/Tql4/+uDagj628jmhMOex2Bzv418v1/t5yJD70uExBs54kK9bpRPIDRMOzxP9N1zxRf+OM3t94Jababj7UfL/P+S+FujPr4k8ofhfE/i3WrRHP8u56Ofx16V2/r57n30RX++/Mb77YUG/b2evy9nK166gd6d3mZrT6I5af1fzD0Vn79l1n5+Q2hHv0vK39bj+WvWv/9ayv//7H8tNke+nSv5TdqnO+B+XXjdP8vv26c3MrWP/Xt2ff6r3GgxtuxfJhk3ceZ7XUE29E0lPF/O9wfXav8OYwvxXQ6EKbnHPJv5H7rn56vSN8De7LlFyXfb+MyTnE3kz7+79diXPZ5SOP/pv2x1iFdaUlXO2zbcd9XYLN5b+Tv/41ZuDQCdRBGNMz2M3/jkboB16lerw/2glaJoRbO0Lf/sO8+D7v8YW//Mvn4v/k5fD7+byX7AZGP/5u/Px//N8/Px9fL8/Pxf/PtmY//m+ffmy03v4I9V5L/iZL8vSX5+1byZzvl7y95/ydL8g+GeE7SJf++kvffX5J/T0n+VEn+Z0ryP1uS/0BJ/kMl+Z8ryd/sUnuUSV1/mGR5+zyff5gc6f5Pt8//7pJ8YHz97PVDj5/63bdrjfb/M83fa+k+3rGYrsbfzj+K6fy+d2hJ38l7K6b/nuWP+vUOmCR5/xn59/uDJfnA+ErPefl8wwQqOvfY02u/Vd3O8xkvn4/xF2L8xRg/HOP5GC/E+FCMFzeofgzG47/9w9GXi5Xf+zuz/F6fJy8q7b/s836iDvdYn/z6QL/Ps+f9+PXrbstfY3MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoaksvy4tzRUhXH3z1eNPnTy3cGfKo805asuv0y2pavN9ITwS46kY/yL+cev9l860xrdjXITFUISiOT08ebNZ0vYQwqVwIFwLtbD36vVX3l584uTlE1cOvvPa0RuD2wIAAACw+X0YAAD//7e9G+Y=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x109141, 0xdf)
write$binfmt_elf32(r0, &(0x7f00000015c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0xed, 0xb, 0x9, 0x8001, 0x3, 0x3e, 0x4, 0x247, 0x38, 0x1e2, 0x96, 0x7ffe, 0x20, 0x1, 0xfbd5, 0x40, 0x3b}, [{0x4, 0x4, 0x80000000, 0xb, 0x6, 0x7, 0x5, 0x7fff}], "", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x858)
creat(&(0x7f0000000180)='./file2\x00', 0x71283578ac7c5cd)

966.581972ms ago: executing program 3 (id=1878):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

960.215952ms ago: executing program 6 (id=1879):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000040000701"], 0x14}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d41b1b"])

882.078396ms ago: executing program 7 (id=1880):
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

815.147819ms ago: executing program 3 (id=1881):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="27031c12d8f714000000002f1eafbcf706e105000000894f000f1102ee1680ca8286cee844000000000019b0fb0bba00"/65, 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe73}], 0x4}, 0x0)

775.921281ms ago: executing program 4 (id=1882):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001280), r0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x30, r2, 0x1, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x14, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0x4}]}]}, 0x30}}, 0x2000c000)

719.637864ms ago: executing program 7 (id=1883):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x101001)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000006c0)={0x0, 0x56, &(0x7f0000003b00), 0x0, 0x0, 0x0, 0x0, 0x2000000000000583})

673.149656ms ago: executing program 3 (id=1884):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f0000000280)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x5, {0xb, 0x6, "a50500", 0x17, 0x2e, 0x0, @remote, @empty}}}}}}}, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000240)=0x464, 0x4)
recvmmsg(r0, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x400005aa, 0x0)

571.285321ms ago: executing program 4 (id=1885):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x1414, 0x2021}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x1}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)

571.096711ms ago: executing program 3 (id=1886):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x381, 0x0, 0x0, 0x9e25, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

509.294084ms ago: executing program 7 (id=1887):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x88000}], 0x4000000000001c0, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)

488.752045ms ago: executing program 4 (id=1888):
r0 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000200)={0xf, {{0xa, 0x0, 0x0, @mcast1, 0x5}}}, 0x88)
getsockopt$inet6_buf(r0, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000002280)=0x90)

359.279432ms ago: executing program 4 (id=1889):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net\x00')
getdents64(r0, &(0x7f0000000080)=""/222, 0xde)
getdents(r0, &(0x7f00000011c0)=""/4120, 0x1018)

359.137852ms ago: executing program 6 (id=1890):
mkdir(&(0x7f0000000100)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

310.323124ms ago: executing program 4 (id=1891):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @mcast1, 0x4}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f0000000240)={@random="5b685c7e778f", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00g\x00', 0x48, 0x11, 0x1, @local, @mcast2, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x4, "ac847a8d6a70500317a6ff633b2d873b3538b7a94d5194cc", "7a124682524e9cc26482e0daa35cc98a6f80be6351aa0bb5bd6db9e9548e79fb"}}}}}}}, 0x0)

307.781154ms ago: executing program 3 (id=1892):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bc26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffab}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc, 0x0, 0x7], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x2004c084}, 0x20000080)

235.155068ms ago: executing program 7 (id=1893):
r0 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0xfffffffa, 0x0, 0x0, 0x2b4})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000009968810524711004f320102030109021b0001000000000904000001ff01320009050d0353"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

182.326581ms ago: executing program 6 (id=1894):
socket$inet6(0xa, 0x80003, 0x6)
socket$inet6(0xa, 0x80003, 0x6)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/raw6\x00')
preadv(r0, &(0x7f00000002c0)=[{&(0x7f00000003c0)=""/257, 0x101}], 0x1, 0xa3, 0x0)

157.602902ms ago: executing program 4 (id=1895):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x8, @remote, 0xb}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0)

157.268722ms ago: executing program 3 (id=1896):
r0 = syz_open_dev$evdev(&(0x7f0000001080), 0xb, 0x1)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x6)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
write$evdev(r1, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

20.644759ms ago: executing program 6 (id=1897):
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x34, 0x0, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x10000802, 0x80, 0x0, 0x40000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000005200010004000000000000001c00000014"], 0x28}}, 0x0)

0s ago: executing program 6 (id=1898):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000300)='./file1\x00', 0x16, &(0x7f0000000380)={[{@barrier}, {@subvolid}, {@acl}, {@noflushoncommit}, {}, {@autodefrag}, {@nossd_spread}, {@barrier}]}, 0x15, 0x5102, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX/jei4r/D8W2kmPK2vzwpGkcDoW8vOhWziWFE7EM+3ztfl008L3sZBfYDEfr6BY070kIulxtV+PhcINe5ztHhwAAOCeEsNznmXHepshjbLztUE7rB60w8igHeqDdhhNdkh37Lc9zPYW4vb2mY1Le/7/keHyf3wrVmWLftf/h3j9f/5cw+71/7Ox0EgK87HQSu8Y0IrHyMLux/EYjVbe48r6bgEAAADuavF7gfoKzwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+Ye/eY+Sq7sOBn32O9+H1QvJTCL8o2SQ1jpt4vbbJQy1V1pSqEWmadUODqohiY6/J4gU7tikxCpGxiWiEoLRBSv4owiiKav6AWoGIpIBwkeIIlUdEVRRAoNAaoiBSShKRJkihmr33zN45d+exttd4yecjeefMfM/zzsNz7r1zLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Lvh8Feu+ttm8Yd/e97Tz104ftm+9Re+fM15pz8ewsTM4x1ZuKP/+lvHf37nuXftu2/tbfccPf+DvXm5PB4Gqn868zvXxVqPLg3h3o4QutPAqsEs0JPfH4z1vWswhNPCbKBWYrI/K5E2HL7fF8KBMBuoVfW9vhAGC4ELnnjowRuriVv6QlgeQqikbTxbydroSwNn9WaB/jSwvTsL/OqNTC3w3c4sAMctvhlqL/pDE/UZhucu1+D113PCOvbmSofXFRPDjfP9bP0Cd6qgN31g4rietlJ1LIjS2+Owd9sieLeVtvPNnrbiF6n8G8obs6FK6NwyuXXTldO74yOdYXS0q1FNC/Q8P/XqlzbPJ71oXoexA8Mn5HV402PL7+xa+alH71m1/MWDH9r/0vF280eFTVpML7RKyF9zi+Z5jMZ9niyCt1/pW9KIL10hhK2f/71PN4uX5v/Dzef/8eUcbzvrcsdaXx/K5ubxkcGYeGUom5sDAADAorEY9ppuH33gY83qK83/R9o7/h8P+eeT+Wy0h0MYn0nsXxbCGTOPZ4E7YnOXLAvhvTOpifrA+iRwOIR3ziRW1qpKSiyJJUaSwE+G8sB4EjgSAxNJ4FsxcHMSuC4GDiWBzTFwOAmcGwNhqn4cvz+Uj6PtQF8MbMw24qF4FsIvhmJrybZ6plYVAADACZLPDnvq7xbOdTjeDHF6eaivVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17b/Phl2ruaFVz6TSMjvoMt/7ybz4TmijN/8eaz/8rc3Sko3T8P4QNM39j7s48Ml2Lb5yoywAAAAAch4H/ff6bzeKl+f94e+f/x30iXYXM4ZG4G2LbshDG6gNZtX9YDmRHvQfyAAAAACwGtePxtWPhU/ltdop2Op8u55+YZ/544H98zvy9h+/f2Ky/pfn/RHvn//fX32adOBJ78bVlISwpBH4Qe1kNzBiJgR9/vD6Qj/9I3AA3xKryExNqVd0QS2yMgbEkcKBRiR/WSpxRH8ifrFrj+2vjmMpLFAIAAABw0sXdAfG4fDz//32/WXtVs3Kl+f/G+Z3/PzMPLp3ePz0QwuruELrSHwY80p8tDBgDgx154oH+rK6utKpr+0M4pzqwtKrn8/X/u9M1Bp/oy6qKgTPed/DVs6qJb/aFsLoYePJzt3+4mtidBGqN/2VfCO+pjjZt/DtLssZ70sa/viSEdxcCtaouWRJCtbHetKqHKvl1DNKq/rkSwtsKgVpVH6mEsCcAsEjF/0q3FB/ctefqbZumpyd3LmAi7sPvC1unpidHN2+f3lJp0KctSZ/rljG6tjymdq9880y+RNFn794w2E669jvBsWJb+X780omD+f34XahnZpxre+rurkuH/IH3l5sIhW9SjYbcucBD7i9WMvskluqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/sbDTNm2WpNuq/65+tbGy6PhalmJY91WK4qVrN59+Y7Vu/ZcvWrq8k2XTl46ecWaj6wdO3ts3dhHz15dHdVY9rfFUFfMVXUy1Ddub3NcJ3CoZ3YXKjkZnxoSEhKLLbF9YEXT/5NL8/8dzef/8VMnfvLn6zM0Ov4/HA/zZ4/PHubfGAMH2j3+P9zoaH7txICRJLA3BvY6zA8AAMBbQ5zkx72Zca/0T1d+58Vm5Urz/73t/f7/BK3/X1u6/vxGy/yvjCXGGq3/ny7zX1v/f2+j9f/TZf5r6/8feBPW/7+yFkg2yS+s/w8AALwVnLz1/1su759eIKCUoeXy/ukFAkoZWi7j3+4FAua9/v+z//lX/x2aKM3/b25v/m/hfgAAADh1fPnPrvp/zeKl+f+B9ub/J3/9v9Do/P+RRoGJRgsDWv8PAACARarR+n/D1/df3Kxcaf5/qL35fzztorMud6z19aFsTbuQrmn3ylDtJwMAAACwOHSG0dGeNvPWrYy6/tjbfCpfCrRZuuj5Pzk6v/P/D7c3/6/7XcZNjy2/s2vlpx59/Z5Vy188+KH9L80e/wcAAAAWTrv7JQAAAAAAAAAAAAAAgDff8/+xb12zeOn3/2HDzOONfv8fr/sXf1/w9rrcsdbW6//l9y/45F17ZpYsfGQohPcXA9v2bTst5NfmX1EMPHjRyndUE/vSEvc/d+4L1cTFaeATq05/rZo4JwlsjIskvjMNxKsqvrY0CcTlFf89DcTtcSgN9OaBry7NxtGRbqufDmbbqiPdVk8PhrCsEKhtq3sHszY60gHekgRqA/xCGogD/PM80Jn26q6BrFcxMBiL3jaQ9QoAgFNW/BbYE7ZOTU+Oxa/w8fbM7vrbqG7JsmvL1Xa02fwz+dJkn717w2A76a70u+jstcZ7QqU6hDWlr6vFLB0zozwxtbTYdG9vMORWq711NiiXmu+m6208or5sRKObt09v6Wk58HWts6ztbpllTWmyU8zSObNJ26iljb60MaI2t00bXY73O8PoaFeS6w9icDjUafWKaPf3+sV1/hq9Cop5rji6/1fN6ivN/4fbm/9XiuN6Lb8YwN54Zb2/W2aZfwAAAFhYX13/62/Ef5+5/uEnm+Utzf9H2pv/xz1Y+aHgbG/H4Xj9//3LQpi5tP5wFrgjNnfJshDeO5OaiCWyC+qfH0uMZYE74g6TlbHExon6qpbEwKEk8JOhPHA4CRyJgXwvxcGQ78r5+6EQPjyT2lBfYkcsMZwEPh0DI0lgNAbGksDSGBhPAi8vzQMTSeDfYiBM1W+ru5fm2woAAGA+8nlWT/3dkM7zDnW3ytDRKkN/qwydrTJUWmVoNIp4/9sxQ09y8kpHIVNPWmtfUkspQ7wY/rz7VcoQflifMy1Yajqef1A736CjPsN9H+uuhCZK8/+x9ub//fW3WetH4vx/9vp/WeAHsXtfi6eOj8TAjz9eH8h3DByJk90balVN5CXySfsNscR4DIwkgR0xMJ4ENm7IAwfeUR/IZ9q1xvfXGp/KSxQCAAAAcNLFHQRxN02c/9+26ysDzcqV5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP5dgyGcVtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f4FTzz04I3VxC19ISwv7H2ptfFsJWujLw2c1ZsF+tPA9u4sEPf81ALf7cwCcNxqewXjCyo/1aVmeO5yDV5/b5VrgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffcsKU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+gS8Dvcee29bq6QdGEs+PsbmLjf367AjVnfTY8vv7Fr5qUfvWbX8xYMf2v9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbw0/59ob/7fndzO+HXcmLuWhfCBwsZ9JG7+P16WfQ4WAtmn5NvKgeyQ+38NNfzkBAAAgBOttrujtr9gKr/NTghP58nl/BPzzB/3V4zPmb/dfvf/9UXLm8VL8/+Nzef/S5JuOv7v+D8LxPH/OZ3qu6KXpA/sPa5d0aXqWBCO/8/pVH+3Of4/J8f/Hf+fi+P/LTj+P6dT/WkrfUva4UtXCOHFP3rg6Wbx0vx/R3vzf+v/zb1oX239v42N1v/b0Wj9v73W/wMAABZUg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f/Ne/++FM5/9TWiiNP/f2978P74cBoqtL5b1/0Y2NKjq5hjYYWFAAAAATkWNdhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5rrvH/5nS7P4w7897+nnLhy/bN/6C1++5rzTHw9haubxjizc0X/9reM/v/Pcu/bdt/a2e46e/8FKXq4nv/3/dbljra8PhXCg8MhgTLwyVL0zG7jgk3ft6a4mHhkK4f3FwLZ9206rJr41FMKKYuDBi1a+o5rYl5a4/7lzX6gmLk4Dn1h1+mvVxDl5oCPt7j8uzbrbkXb3xqUhLCsEat29bGl9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhiakkIq7tD6EqreriSVdWVVvUvlayqrrSqL1dCOCeE0J1W9VxvVlV3OvLHe7OqYuCM9x189axq4kBvCKuLgSc/d/uHq4kvJIFa43/RG8J7qi+ZtPFv92SN96SN39ITwrtDCL1piV92ZyV60xLPd4fwtkKg1vjnu0PYE3hLiB8+dZ9ou/ZcvW3T9PTkzgVM9OZt9YWtU9OTo5u3T2+pJH1qpKOQfuPaYx/7M69+aXP19rN3bxhsJ92dl+uZ6fLanrq760713sd+9RcrmX0+SvXH/L1hICy5ctfkztEvbtq9e+ea7G+72ddmf7vyaLat1jTZVl3FO2/2tlpRrGT17st3rN615+pVU5dvunTy0skr1nxk7djZY+vGPnr26uqoxrK/7Q81NBzq7Sd/qGd2Fyo5GR8A80vEzXOq9EdC4ncx0Vn36TZ2qv+nV/qiP9vRnlCZ+YAuTSuKWTpmRnkiBr3+GEd8LN9TWo5oTWniUMqytnWWdaXJxGyWvizLzPe60uSwWFPnzCaN9zvD6GhXo+0wXH+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/o8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbh9GzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//+xnJvI=")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x400)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)

kernel console output (not intermixed with test programs):

noring recovery information on journal
[  197.803897][ T8753] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  197.916432][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  197.924786][   T28] audit: type=1800 audit(1773926033.055:15): pid=8753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.829" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  197.964685][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  197.977140][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  197.985365][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  197.996211][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  198.005224][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  198.013604][ T7222] hid-led 0003:1D34:0004.000C: unknown main item tag 0x0
[  198.050505][ T6744] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  198.122634][ T7222] hid-led 0003:1D34:0004.000C: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.4-1/input0
[  198.241644][ T7222] hid-led 0003:1D34:0004.000C: Dream Cheeky Webmail Notifier initialized
[  198.260668][ T6744] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  198.299364][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.318400][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.342366][ T5774] usb 5-1: USB disconnect, device number 8
[  198.390042][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.408696][ T6969] ocfs2: Unmounting device (7,6) on (node local)
[  198.416224][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.443921][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.466389][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.536443][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.548330][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.567757][ T8791] loop3: detected capacity change from 0 to 256
[  198.575562][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.594198][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.620425][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.647880][ T8791] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  198.687758][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.711358][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.743119][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.766268][   T28] audit: type=1800 audit(1773926033.905:16): pid=8791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.838" name="file1" dev="loop3" ino=1048633 res=0 errno=0
[  198.779554][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.827724][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.840116][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.869952][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  198.892701][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.919617][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.962907][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  199.010971][ T6744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  199.049639][ T6744] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  199.077936][ T6744] usb 6-1: config 0 interface 0 has no altsetting 0
[  199.098975][ T6744] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  199.117366][ T6744] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  199.129975][ T6744] usb 6-1: Product: syz
[  199.138096][ T6744] usb 6-1: Manufacturer: syz
[  199.168749][ T6744] usb 6-1: SerialNumber: syz
[  199.190306][ T6744] usb 6-1: config 0 descriptor??
[  199.197588][ T8803] loop3: detected capacity change from 0 to 2048
[  199.241963][ T8803] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  199.257040][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  199.294292][ T6744] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  199.459861][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  199.469162][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  199.478290][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  199.488265][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  199.819248][    C1] usb 6-1: yurex_control_callback - control failed: -71
[  199.830325][ T5757] usb 6-1: USB disconnect, device number 4
[  199.862905][ T5757] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  200.650898][ T7222] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  200.870991][ T7222] usb 4-1: config 0 interface 0 has no altsetting 0
[  200.889649][ T7222] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  200.905047][ T7222] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.926207][ T7222] usb 4-1: config 0 descriptor??
[  201.546874][ T8856] loop5: detected capacity change from 0 to 32768
[  201.568272][ T8856] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop5 scanned by syz.5.854 (8856)
[  201.625399][ T8856] BTRFS info (device loop5): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  201.659752][ T8856] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  201.689741][ T8856] BTRFS info (device loop5): using free space tree
[  201.760602][ T7222] video4linux radio48: keene_cmd_main failed (-71)
[  201.796671][ T7222] radio-keene 4-1:0.0: V4L2 device registered as radio48
[  201.823713][ T8856] BTRFS info (device loop5): enabling ssd optimizations
[  201.831945][ T8856] BTRFS info (device loop5): auto enabling async discard
[  201.871747][ T7222] usb 4-1: USB disconnect, device number 13
[  201.987653][ T6923] BTRFS info (device loop5): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  202.010097][ T5775] Bluetooth: hci1: command 0x0406 tx timeout
[  202.080008][ T5807] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  202.279945][ T5807] usb 5-1: Using ep0 maxpacket: 16
[  202.294129][ T5807] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  202.330805][ T5807] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  202.358756][ T5807] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  202.411086][ T5807] usb 5-1: config 1 interface 0 has no altsetting 0
[  202.441631][ T5807] usb 5-1: New USB device found, idVendor=0521, idProduct=b1a8, bcdDevice= 0.40
[  202.461381][ T5807] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.486937][ T5807] usb 5-1: Product: syz
[  202.498790][ T5807] usb 5-1: Manufacturer: syz
[  202.529718][ T5807] usb 5-1: SerialNumber: syz
[  202.667227][ T8905] netlink: 72 bytes leftover after parsing attributes in process `syz.5.866'.
[  202.767229][ T5807] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 255 proto 1 vid 0x0521 pid 0xB1A8
[  202.822412][ T8909] loop5: detected capacity change from 0 to 256
[  202.853882][ T8907] loop3: detected capacity change from 0 to 8192
[  202.875888][ T8909] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  202.880106][ T8907] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  202.998445][ T5807] usb 5-1: USB disconnect, device number 9
[  203.013176][ T8907] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  203.054133][ T5807] usblp0: removed
[  203.129844][ T8907] REISERFS (device loop3): using ordered data mode
[  203.138093][ T8907] reiserfs: using flush barriers
[  203.159036][ T8907] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  203.232789][ T8907] REISERFS (device loop3): checking transaction log (loop3)
[  203.267487][ T8918] loop6: detected capacity change from 0 to 1024
[  203.363322][ T8918] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.409442][ T8907] REISERFS (device loop3): Using tea hash to sort names
[  203.436065][ T8907] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  203.510434][   T28] audit: type=1800 audit(1773926038.645:17): pid=8907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.868" name="file1" dev="loop3" ino=4 res=0 errno=0
[  203.573179][ T6969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.716750][ T8927] netlink: 40 bytes leftover after parsing attributes in process `syz.5.877'.
[  203.873755][ T8933] loop4: detected capacity change from 0 to 256
[  203.889625][ T8933] exfat: Deprecated parameter 'utf8'
[  203.917440][ T8933] exfat: Deprecated parameter 'namecase'
[  203.947006][ T8933] exfat: Deprecated parameter 'utf8'
[  203.987055][ T8933] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  204.302086][ T8939] loop3: detected capacity change from 0 to 4096
[  204.319887][ T8939] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  204.420776][ T8939] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  204.444891][ T8939] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  204.489620][ T5807] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  204.685319][ T5807] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  204.721815][ T5807] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  204.742280][ T5807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  204.758828][ T5807] usb 5-1: SerialNumber: syz
[  204.855304][ T8960] loop3: detected capacity change from 0 to 2048
[  204.928223][ T8960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.947114][ T8960] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.131870][ T8967] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.892: bg 0: block 345: padding at end of block bitmap is not set
[  205.184637][ T8967] EXT4-fs (loop3): Remounting filesystem read-only
[  205.226139][   T59] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4874: inode #15: block 1: len 15: ext4_ext_map_blocks returned -5
[  205.430757][  T746] wlan1: Trigger new scan to find an IBSS to join
[  205.526102][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.842790][ T3461] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.025004][ T3461] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.039605][ T2175] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  206.176767][ T3461] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.239984][ T2175] usb 4-1: Using ep0 maxpacket: 8
[  206.280761][ T2175] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  206.289561][ T5774] IPVS: starting estimator thread 0...
[  206.307022][ T3461] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.313754][ T8979] net_ratelimit: 52 callbacks suppressed
[  206.313775][ T8979] IPVS: lc: SCTP 172.20.20.187:0 - no destination available
[  206.322046][ T2175] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  206.379607][ T2175] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  206.409994][ T2175] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  206.434759][ T8980] IPVS: using max 23 ests per chain, 55200 per kthread
[  206.479571][ T2175] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  206.499671][ T2175] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.759870][ T2175] usb 4-1: GET_CAPABILITIES returned 0
[  206.765867][ T2175] usbtmc 4-1:16.0: can't read capabilities
[  206.997269][ T5775] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  207.043585][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  207.055701][ T5775] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  207.069379][ T5775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  207.083331][ T2175] usb 4-1: USB disconnect, device number 14
[  207.091497][ T5775] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  207.100073][ T5775] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  207.271733][ T5807] cdc_ether: probe of 5-1:1.0 failed with error -71
[  207.328982][ T5807] usb 5-1: USB disconnect, device number 10
[  207.466190][ T9001] loop4: detected capacity change from 0 to 1024
[  207.577041][ T9001] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.021968][ T8987] chnl_net:caif_netlink_parms(): no params data found
[  208.301354][ T9026] sctp: [Deprecated]: syz.6.912 (pid 9026) Use of struct sctp_assoc_value in delayed_ack socket option.
[  208.301354][ T9026] Use struct sctp_sack_info instead
[  208.385464][   T28] audit: type=1800 audit(1773926043.525:18): pid=9001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.907" name="file1" dev="loop4" ino=15 res=0 errno=0
[  208.411633][   T12] wlan1: Trigger new scan to find an IBSS to join
[  208.622367][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.819303][ T8987] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.881353][ T8987] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.889156][ T8987] bridge_slave_0: entered allmulticast mode
[  208.924424][ T9035] loop4: detected capacity change from 0 to 64
[  208.942529][ T8987] bridge_slave_0: entered promiscuous mode
[  208.953924][ T8987] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.991683][ T8987] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.040167][ T8987] bridge_slave_1: entered allmulticast mode
[  209.058199][ T8987] bridge_slave_1: entered promiscuous mode
[  209.190135][ T5777] Bluetooth: hci0: command tx timeout
[  209.216821][ T9041] loop4: detected capacity change from 0 to 1024
[  209.503997][ T8987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.591152][ T8987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.674322][ T3461] hsr_slave_0: left promiscuous mode
[  209.741215][ T3461] hsr_slave_1: left promiscuous mode
[  209.788977][ T3461] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.819613][ T3461] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.840797][ T3461] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.864572][ T3461] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.890631][ T3461] bridge_slave_1: left allmulticast mode
[  209.906609][ T3461] bridge_slave_1: left promiscuous mode
[  209.922100][ T3461] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.961925][ T3461] bridge_slave_0: left allmulticast mode
[  209.968171][ T3461] bridge_slave_0: left promiscuous mode
[  209.999880][ T3461] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.077052][ T9060] loop4: detected capacity change from 0 to 8192
[  210.101456][ T3461] veth1_macvtap: left promiscuous mode
[  210.114078][ T3461] veth0_macvtap: left promiscuous mode
[  210.127981][ T3461] veth1_vlan: left promiscuous mode
[  210.139637][ T3461] veth0_vlan: left promiscuous mode
[  210.152851][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.161643][ T9060] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  210.227480][ T9060] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  210.255666][ T9060] REISERFS (device loop4): using ordered data mode
[  210.267430][ T9060] reiserfs: using flush barriers
[  210.293847][ T9060] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  210.379416][ T9060] REISERFS (device loop4): checking transaction log (loop4)
[  210.572985][ T9060] REISERFS (device loop4): Using tea hash to sort names
[  210.598088][ T9060] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  210.696434][   T28] audit: type=1800 audit(1773926045.835:19): pid=9060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.921" name="file1" dev="loop4" ino=4 res=0 errno=0
[  210.910231][ T9066] loop3: detected capacity change from 0 to 32768
[  211.009082][ T9066] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  211.279895][ T5777] Bluetooth: hci0: command tx timeout
[  211.303146][ T9066] XFS (loop3): Ending clean mount
[  211.354687][ T9066] XFS (loop3): Quotacheck needed: Please wait.
[  211.359858][   T12] wlan1: Creating new IBSS network, BSSID 06:0e:ab:3b:54:73
[  211.519873][ T9066] XFS (loop3): Quotacheck: Done.
[  211.623655][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  212.126104][ T3461] team_slave_1 (unregistering): left allmulticast mode
[  212.147564][ T3461] team0 (unregistering): Port device team_slave_1 removed
[  212.234942][ T3461] team_slave_0 (unregistering): left allmulticast mode
[  212.246953][ T3461] team0 (unregistering): Port device team_slave_0 removed
[  212.324409][ T3461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.387763][ T3461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.898069][ T3461] team0 (unregistering): left allmulticast mode
[  212.952196][ T3461] bond0 (unregistering): Released all slaves
[  213.244862][ T8987] team0: Port device team_slave_0 added
[  213.325579][ T8987] team0: Port device team_slave_1 added
[  213.362634][ T5777] Bluetooth: hci0: command tx timeout
[  213.518881][ T9097] netlink: 52 bytes leftover after parsing attributes in process `syz.3.930'.
[  213.613739][ T8987] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.657274][ T8987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.779749][ T8987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.820030][ T8987] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.846378][ T8987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.881928][ T8987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.960269][ T9113] fuse: Bad value for 'fd'
[  214.057219][ T8987] hsr_slave_0: entered promiscuous mode
[  214.069759][ T5774] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  214.089884][ T8987] hsr_slave_1: entered promiscuous mode
[  214.276260][ T5774] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[  214.295528][ T5774] usb 4-1: config 0 has no interface number 0
[  214.314688][ T5774] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  214.334642][ T5774] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.353567][ T5774] usb 4-1: Product: syz
[  214.358228][ T5774] usb 4-1: Manufacturer: syz
[  214.374161][ T5774] usb 4-1: SerialNumber: syz
[  214.406321][ T5774] usb 4-1: config 0 descriptor??
[  214.445918][ T5774] hub 4-1:0.132: bad descriptor, ignoring hub
[  214.472367][ T5774] hub: probe of 4-1:0.132 failed with error -5
[  214.481882][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz.6.939'.
[  214.515218][ T5774] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.132/input/input12
[  214.579591][ T9104] loop4: detected capacity change from 0 to 40427
[  214.623848][ T9104] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  214.662194][ T9104] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  214.722638][ T9104] F2FS-fs (loop4): Found nat_bits in checkpoint
[  214.766756][    T9] usb 4-1: USB disconnect, device number 15
[  214.941558][ T9104] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  214.991782][ T9104] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  215.309635][ T6744] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  215.446697][ T5777] Bluetooth: hci0: command tx timeout
[  215.544775][ T8987] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  215.559735][ T6744] usb 4-1: Using ep0 maxpacket: 16
[  215.583865][ T6744] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[  215.595781][ T8987] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  215.603976][ T6744] usb 4-1: config 0 has no interface number 0
[  215.625418][ T6744] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  215.627062][ T8987] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  215.646331][ T6744] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.668099][ T6744] usb 4-1: Product: syz
[  215.678313][ T6744] usb 4-1: Manufacturer: syz
[  215.702015][ T6744] usb 4-1: SerialNumber: syz
[  215.702567][ T8987] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  215.722347][ T6744] usb 4-1: config 0 descriptor??
[  215.738945][ T6744] hub 4-1:0.132: bad descriptor, ignoring hub
[  215.752007][ T6744] hub: probe of 4-1:0.132 failed with error -5
[  215.777791][ T6744] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.132/input/input13
[  215.983441][ T8987] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.052762][ T5774] usb 4-1: USB disconnect, device number 16
[  216.061543][ T8987] 8021q: adding VLAN 0 to HW filter on device team0
[  216.085874][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.095623][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.165706][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.175376][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.219837][ T5807] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  216.410271][ T5807] usb 5-1: Using ep0 maxpacket: 16
[  216.430616][ T5807] usb 5-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.457192][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0
[  216.482640][ T5807] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  216.506690][ T5807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.540998][ T5807] usb 5-1: config 0 descriptor??
[  216.726645][ T8987] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.015257][ T5807] mcp2221 0003:04D8:00DD.000D: USB HID v0.01 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  217.486544][ T6744] usb 5-1: USB disconnect, device number 11
[  217.538711][ T8987] veth0_vlan: entered promiscuous mode
[  217.578851][ T8987] veth1_vlan: entered promiscuous mode
[  217.675859][ T8987] veth0_macvtap: entered promiscuous mode
[  217.699247][ T8987] veth1_macvtap: entered promiscuous mode
[  217.770947][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.787880][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.814706][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.854873][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.869612][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.938431][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.981348][ T8987] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.027920][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.055772][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.096787][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.155400][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.194857][ T8987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.228446][ T8987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.260692][   T28] audit: type=1326 audit(1773926053.405:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9208 comm="syz.4.954" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5fccd9c799 code=0x0
[  218.270906][ T8987] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.400632][ T8987] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.439651][ T8987] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.476835][ T8987] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.510026][ T8987] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.735496][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.761735][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.829734][  T746] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.855816][  T746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.879090][ T9203] loop3: detected capacity change from 0 to 40427
[  218.949165][ T9203] F2FS-fs (loop3): invalid crc value
[  218.985367][ T9203] F2FS-fs (loop3): Found nat_bits in checkpoint
[  219.159434][ T9203] F2FS-fs (loop3): Start checkpoint disabled!
[  219.208974][ T9203] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  219.700337][   T11] kworker/u4:0: attempt to access beyond end of device
[  219.700337][   T11] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  219.749644][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  219.757539][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  219.856110][ T9241] loop5: detected capacity change from 0 to 512
[  219.938092][ T9241] EXT4-fs: Ignoring removed i_version option
[  220.028800][ T9241] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.120441][ T9241] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.238892][   T28] audit: type=1800 audit(1773926055.375:21): pid=9241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.959" name="file1" dev="loop5" ino=15 res=0 errno=0
[  220.297571][ T9252] netlink: 12 bytes leftover after parsing attributes in process `syz.4.961'.
[  220.543203][ T8987] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.035982][ T9274] loop5: detected capacity change from 0 to 1024
[  221.081772][ T9274] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  221.135321][ T9274] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  221.176447][ T9274] EXT4-fs error (device loop5): ext4_get_journal_inode:5816: inode #32: comm syz.5.970: iget: special inode unallocated
[  221.214134][ T9278] loop4: detected capacity change from 0 to 4096
[  221.223519][ T9274] EXT4-fs (loop5): no journal found
[  221.242392][ T9274] EXT4-fs (loop5): can't get journal size
[  221.282867][ T9274] EXT4-fs (loop5): filesystem is read-only
[  221.320095][ T9274] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  221.345924][ T9278] ntfs: volume version 3.1.
[  221.600656][ T8987] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.713463][ T9285] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  222.374311][ T9306] netlink: 132 bytes leftover after parsing attributes in process `syz.5.984'.
[  222.564811][ T9314] loop4: detected capacity change from 0 to 1024
[  222.609928][ T9314] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  222.655125][ T9314] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  222.695392][ T9316] netlink: 'syz.6.988': attribute type 1 has an invalid length.
[  222.708408][ T9314] EXT4-fs error (device loop4): ext4_get_journal_inode:5816: inode #32: comm syz.4.987: iget: special inode unallocated
[  222.767744][ T9314] EXT4-fs (loop4): no journal found
[  222.778534][ T9314] EXT4-fs (loop4): can't get journal size
[  222.799864][ T9314] EXT4-fs (loop4): filesystem is read-only
[  222.814840][ T9314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  223.101732][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.528804][ T9335] loop4: detected capacity change from 0 to 2048
[  223.640807][ T9335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.707258][ T9335] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.867045][ T9343] program syz.3.1001 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  223.920834][ T9344] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.999: bg 0: block 345: padding at end of block bitmap is not set
[  223.951380][ T9344] EXT4-fs (loop4): Remounting filesystem read-only
[  223.966041][   T11] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4874: inode #15: block 1: len 15: ext4_ext_map_blocks returned -5
[  224.084865][ T7222] kernel read not supported for file /dsp1 (pid: 7222 comm: kworker/0:7)
[  224.317121][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.865359][ T9365] loop3: detected capacity change from 0 to 4096
[  224.999099][ T9365] ntfs: volume version 3.1.
[  225.279682][ T5774] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  225.459732][ T5774] usb 6-1: Using ep0 maxpacket: 8
[  225.467710][ T5774] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  225.481056][ T5774] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  225.493030][ T5774] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  225.504971][ T5774] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  225.522011][ T5774] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  225.533726][ T5774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.757467][ T5774] usb 6-1: GET_CAPABILITIES returned 0
[  225.766952][ T5774] usbtmc 6-1:16.0: can't read capabilities
[  225.986118][ T5774] usb 6-1: USB disconnect, device number 5
[  226.569587][ T9372] Bluetooth: MGMT ver 1.22
[  226.578485][ T9372] Bluetooth: hci1: expected 19 bytes, got 2 bytes
[  226.623094][ T9376] loop5: detected capacity change from 0 to 2048
[  226.733907][ T9376] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.759245][ T9376] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.940207][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1019'.
[  226.979661][ T9388] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm syz.5.1014: bg 0: block 345: padding at end of block bitmap is not set
[  227.024955][ T9388] EXT4-fs (loop5): Remounting filesystem read-only
[  227.058910][  T746] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4874: inode #15: block 1: len 15: ext4_ext_map_blocks returned -5
[  227.273972][ T8987] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.459045][ T9383] loop3: detected capacity change from 0 to 40427
[  227.470326][ T9394] veth0: entered promiscuous mode
[  227.491665][ T9393] veth0: left promiscuous mode
[  227.500892][ T9383] F2FS-fs (loop3): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  227.543976][ T9383] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  227.596674][ T9383] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7
[  227.607086][ T9385] loop4: detected capacity change from 0 to 32768
[  227.638204][ T9383] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  227.653933][ T9396] program syz.5.1024 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  227.665537][ T9383] F2FS-fs (loop3): Image doesn't support compression
[  227.711949][ T9385] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  227.760933][ T9383] F2FS-fs (loop3): invalid crc value
[  227.819302][ T9383] F2FS-fs (loop3): Found nat_bits in checkpoint
[  227.948041][ T9383] F2FS-fs (loop3): Start checkpoint disabled!
[  227.985963][ T9385] XFS (loop4): Ending clean mount
[  227.987109][ T9413] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1028'.
[  228.014446][ T9383] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  228.014557][ T9413] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1028'.
[  228.035083][ T9383] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  228.047772][ T9385] XFS (loop4): Quotacheck needed: Please wait.
[  228.182761][ T9385] XFS (loop4): Quotacheck: Done.
[  228.240022][ T9383] syz.3.1017: attempt to access beyond end of device
[  228.240022][ T9383] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  228.324490][ T9383] F2FS-fs (loop3): inject checkpoint error in f2fs_balance_fs of f2fs_write_single_data_page+0x105a/0x1a00
[  228.381339][ T9383] syz.3.1017: attempt to access beyond end of device
[  228.381339][ T9383] loop3: rw=2049, sector=53256, nr_sectors = 8 limit=40427
[  228.418361][ T9383] F2FS-fs (loop3): Stopped filesystem due to reason: 1
[  228.438657][ T9383] syz.3.1017: attempt to access beyond end of device
[  228.438657][ T9383] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  228.543869][ T6565] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  229.638810][ T9446] loop3: detected capacity change from 0 to 8
[  229.715324][ T9446] SQUASHFS error: lzo decompression failed, data probably corrupt
[  229.738105][ T9446] SQUASHFS error: Failed to read block 0x91: -5
[  229.768278][ T9446] SQUASHFS error: Unable to read metadata cache entry [8f]
[  229.796501][ T9446] SQUASHFS error: Unable to read inode 0x11f
[  230.242642][ T9467] loop4: detected capacity change from 0 to 256
[  230.415362][ T9448] loop5: detected capacity change from 0 to 40427
[  230.448736][ T9448] F2FS-fs (loop5): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  230.469010][ T9448] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  230.482149][ T9448] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x35f7
[  230.495223][ T9448] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x7ffff
[  230.506841][ T9448] F2FS-fs (loop5): Image doesn't support compression
[  230.519934][ T9448] F2FS-fs (loop5): invalid crc value
[  230.528134][ T9448] F2FS-fs (loop5): Found nat_bits in checkpoint
[  230.535403][ T7222] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  230.598856][ T9448] F2FS-fs (loop5): Start checkpoint disabled!
[  230.617374][ T9448] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  230.629107][ T9448] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  230.719769][ T7222] usb 4-1: Using ep0 maxpacket: 32
[  230.731127][ T9448] syz.5.1043: attempt to access beyond end of device
[  230.731127][ T9448] loop5: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  230.741789][ T7222] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  230.763763][ T7222] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.778290][ T7222] usb 4-1: config 0 descriptor??
[  230.791460][ T9448] F2FS-fs (loop5): inject checkpoint error in f2fs_balance_fs of f2fs_write_single_data_page+0x105a/0x1a00
[  230.815559][ T9448] syz.5.1043: attempt to access beyond end of device
[  230.815559][ T9448] loop5: rw=2049, sector=53256, nr_sectors = 8 limit=40427
[  230.847209][ T9448] F2FS-fs (loop5): Stopped filesystem due to reason: 1
[  230.864999][ T9448] syz.5.1043: attempt to access beyond end of device
[  230.864999][ T9448] loop5: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  230.972626][ T9481] loop4: detected capacity change from 0 to 512
[  230.993771][ T9481] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  231.035251][ T7222] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  231.066155][ T9481] EXT4-fs (loop4): 1 truncate cleaned up
[  231.080583][ T9481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.129902][ T7222] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  231.184190][ T7222] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  231.209752][   T28] audit: type=1800 audit(1773926066.345:22): pid=9481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1057" name="file1" dev="loop4" ino=15 res=0 errno=0
[  231.249196][ T7222] usb 4-1: media controller created
[  231.357161][ T7222] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  231.374983][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.403848][ T7222] az6027: usb out operation failed. (-71)
[  231.440426][ T7222] az6027: usb out operation failed. (-71)
[  231.447062][ T7222] stb0899_attach: Driver disabled by Kconfig
[  231.470611][ T7222] az6027: no front-end attached
[  231.470611][ T7222] 
[  231.480522][ T7222] az6027: usb out operation failed. (-71)
[  231.489304][ T7222] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  231.518837][ T7222] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input14
[  231.591118][ T7222] dvb-usb: schedule remote query interval to 400 msecs.
[  231.609950][ T7222] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  231.646007][ T7222] usb 4-1: USB disconnect, device number 17
[  231.807700][ T7222] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  232.101854][ T9511] loop5: detected capacity change from 0 to 256
[  232.124680][ T9511] exfat: Deprecated parameter 'utf8'
[  232.146217][ T9511] exfat: Deprecated parameter 'namecase'
[  232.185481][ T9511] exfat: Deprecated parameter 'utf8'
[  232.263722][ T9511] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  232.846957][ T5777] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  232.860342][ T5777] CPU: 1 PID: 5777 Comm: kworker/u5:3 Not tainted syzkaller #0
[  232.870778][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  232.883570][ T5777] Workqueue: hci0 hci_rx_work
[  232.889213][ T5777] Call Trace:
[  232.892788][ T5777]  <TASK>
[  232.897008][ T5777]  dump_stack_lvl+0x18c/0x250
[  232.902583][ T5777]  ? show_regs_print_info+0x20/0x20
[  232.909188][ T5777]  ? load_image+0x400/0x400
[  232.913974][ T5777]  sysfs_create_dir_ns+0x26e/0x2a0
[  232.920246][ T5777]  ? sysfs_warn_dup+0xa0/0xa0
[  232.925348][ T5777]  ? do_raw_spin_unlock+0x121/0x230
[  232.931465][ T5777]  kobject_add_internal+0x61c/0xcc0
[  232.937137][ T5777]  kobject_add+0x164/0x240
[  232.942469][ T5777]  ? __rwlock_init+0x150/0x150
[  232.947561][ T5777]  ? kobject_init+0x1e0/0x1e0
[  232.953258][ T5777]  ? _raw_spin_unlock+0x28/0x40
[  232.959297][ T5777]  ? get_device_parent+0x366/0x390
[  232.965128][ T5777]  device_add+0x408/0xc20
[  232.970522][ T5777]  hci_conn_add_sysfs+0xd5/0x1e0
[  232.975812][ T5777]  le_conn_complete_evt+0xf5d/0x1540
[  232.982084][ T5777]  ? hci_event_packet+0x4cb/0x1270
[  232.987592][ T5777]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  232.995285][ T5777]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  233.001569][ T5777]  ? skb_pull_data+0xfb/0x200
[  233.007856][ T5777]  hci_le_conn_complete_evt+0x187/0x440
[  233.014664][ T5777]  ? hci_remote_host_features_evt+0x150/0x150
[  233.022824][ T5777]  hci_event_packet+0x7ba/0x1270
[  233.028313][ T5777]  ? bis_list+0x290/0x290
[  233.033710][ T5777]  ? lockdep_hardirqs_on+0x98/0x150
[  233.040180][ T5777]  ? hci_send_to_monitor+0xd7/0x4f0
[  233.045842][ T5777]  hci_rx_work+0x43a/0xd60
[  233.050556][ T5777]  ? process_scheduled_works+0x96f/0x15d0
[  233.056727][ T5777]  process_scheduled_works+0xa5d/0x15d0
[  233.062741][ T5777]  ? worker_attach_to_pool+0x380/0x380
[  233.069464][ T5777]  ? assign_work+0x3d2/0x5d0
[  233.075397][ T5777]  worker_thread+0xa55/0xfc0
[  233.081588][ T5777]  kthread+0x2fa/0x390
[  233.086038][ T5777]  ? pr_cont_work+0x560/0x560
[  233.091004][ T5777]  ? kthread_blkcg+0xd0/0xd0
[  233.096251][ T5777]  ret_from_fork+0x48/0x80
[  233.101321][ T5777]  ? kthread_blkcg+0xd0/0xd0
[  233.107026][ T5777]  ret_from_fork_asm+0x11/0x20
[  233.112242][ T5777]  </TASK>
[  233.131026][ T5777] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  233.146519][ T5777] Bluetooth: hci0: failed to register connection device
[  233.647431][ T9551] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1087'.
[  233.657705][ T9551] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1087'.
[  233.709897][ T9552] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1087'.
[  233.827511][ T9556] loop5: detected capacity change from 0 to 2048
[  233.878144][ T9556] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  233.978431][ T9562] loop4: detected capacity change from 0 to 164
[  234.255520][ T9566] loop5: detected capacity change from 0 to 1024
[  234.494834][  T746] hfsplus: b-tree write err: -5, ino 25
[  234.506996][  T746] hfsplus: b-tree write err: -5, ino 4
[  234.526287][  T746] hfsplus: b-tree write err: -5, ino 2
[  234.755204][ T9581] loop5: detected capacity change from 0 to 4096
[  234.894387][ T9581] NILFS error (device loop5): nilfs_readdir: zero-length directory entry
[  235.311655][ T9597] Falling back ldisc for ttyS3.
[  235.454251][ T9604] loop4: detected capacity change from 0 to 128
[  236.866180][ T9631] loop5: detected capacity change from 0 to 512
[  236.874591][ T9632] loop3: detected capacity change from 0 to 1024
[  236.889320][ T9630] loop4: detected capacity change from 0 to 1764
[  236.901780][ T9632] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  236.958648][ T9631] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  237.017838][ T9632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.055316][ T9632] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1229: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  237.071153][ T9631] EXT4-fs (loop5): 1 truncate cleaned up
[  237.081582][ T9631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.242658][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.266321][ T9631] overlayfs: upper fs needs to support d_type.
[  237.436975][ T9643] loop4: detected capacity change from 0 to 256
[  237.554713][   T28] audit: type=1800 audit(1773926072.695:23): pid=9643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1129" name="bus" dev="loop4" ino=1048641 res=0 errno=0
[  237.600049][ T8987] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  237.653823][ T8987] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  237.684466][ T9645] loop3: detected capacity change from 0 to 512
[  237.718336][ T8987] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  237.830424][ T5775] Bluetooth: hci2: command 0x0406 tx timeout
[  237.888722][ T9645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.907771][ T8987] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.943257][ T9645] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.996944][ T9645] EXT4-fs warning (device loop3): ext4_group_add:1722: Can't resize non-sparse filesystem further
[  238.170327][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.328291][ T9654] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1134'.
[  238.407251][ T9658] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1135'.
[  238.718172][ T9669] loop5: detected capacity change from 0 to 256
[  238.725727][ T9667] loop3: detected capacity change from 0 to 512
[  238.747508][ T9669] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  238.769986][ T9667] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  238.781647][ T9671] bridge0: entered promiscuous mode
[  238.808336][ T9671] macvlan2: entered promiscuous mode
[  238.829448][ T9667] EXT4-fs (loop3): 1 truncate cleaned up
[  238.838266][ T9667] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.903384][ T9667] overlayfs: upper fs needs to support d_type.
[  239.230843][ T5767] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  239.299689][ T5767] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  239.347257][ T5767] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  239.689956][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.052906][ T9687] loop4: detected capacity change from 0 to 4096
[  241.010320][ T9709] Falling back ldisc for ptm0.
[  241.236086][  T746] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.415574][  T746] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.565377][ T9725] program syz.4.1159 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.591801][  T746] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.838018][  T746] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.990373][ T9741] xt_hashlimit: size too large, truncated to 1048576
[  242.137119][ T9743] net veth1_virt_wifi ‚: renamed from virt_wifi0
[  242.259702][ T5775] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  242.291797][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  242.310390][ T5775] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  242.328251][ T5775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  242.339979][ T5775] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  242.361767][ T5775] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  243.356003][ T9772] loop3: detected capacity change from 0 to 736
[  243.417711][ T9747] chnl_net:caif_netlink_parms(): no params data found
[  243.434884][ T3461] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  243.470279][ T9775] loop4: detected capacity change from 0 to 736
[  244.138961][ T9747] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.157128][ T9747] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.208961][ T9747] bridge_slave_0: entered allmulticast mode
[  244.235620][ T9747] bridge_slave_0: entered promiscuous mode
[  244.306477][   T59] tipc: Subscription rejected, illegal request
[  244.388306][ T9747] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.409903][ T9747] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.470131][ T5777] Bluetooth: hci0: command tx timeout
[  244.471211][ T9747] bridge_slave_1: entered allmulticast mode
[  244.488623][ T9747] bridge_slave_1: entered promiscuous mode
[  244.728118][ T9747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.804981][ T9747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.849889][ T9803] loop5: detected capacity change from 0 to 7
[  244.868029][ T9804] loop4: detected capacity change from 0 to 1024
[  244.916731][ T9803] Dev loop5: unable to read RDB block 7
[  244.946238][ T9803]  loop5: AHDI p1
[  244.954828][ T9804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.981056][ T9803] loop5: partition table partially beyond EOD, truncated
[  245.131463][   T28] audit: type=1800 audit(1773926080.235:24): pid=9804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1177" name="file1" dev="loop4" ino=15 res=0 errno=0
[  245.291324][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.371702][ T9747] team0: Port device team_slave_0 added
[  245.398940][ T9814] loop3: detected capacity change from 0 to 4096
[  245.449297][ T9814] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  245.462030][  T746] hsr_slave_0: left promiscuous mode
[  245.476112][  T746] hsr_slave_1: left promiscuous mode
[  245.515987][  T746] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.539823][  T746] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.565521][  T746] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.574329][ T9818] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1180'.
[  245.596635][  T746] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.600671][ T9814] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  245.627761][  T746] bridge_slave_1: left allmulticast mode
[  245.651610][  T746] bridge_slave_1: left promiscuous mode
[  245.658405][  T746] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.687294][  T746] bridge_slave_0: left allmulticast mode
[  245.699564][  T746] bridge_slave_0: left promiscuous mode
[  245.706324][  T746] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.732611][ T9814] ntfs3: loop3: ino=1e, "file1" The size of extended attributes must not exceed 64KiB
[  246.286002][  T746] veth1_macvtap: left promiscuous mode
[  246.292519][  T746] veth0_macvtap: left promiscuous mode
[  246.298851][  T746] veth1_vlan: left promiscuous mode
[  246.307523][  T746] veth0_vlan: left promiscuous mode
[  246.549723][ T5777] Bluetooth: hci0: command tx timeout
[  247.653971][  T746] team0 (unregistering): Port device team_slave_1 removed
[  247.775119][  T746] team0 (unregistering): Port device team_slave_0 removed
[  247.866987][  T746] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.949316][  T746] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.480450][  T746] bond0 (unregistering): Released all slaves
[  248.629883][ T5777] Bluetooth: hci0: command tx timeout
[  248.694208][ T9747] team0: Port device team_slave_1 added
[  248.770276][ T9747] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.778495][ T9747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.896677][ T9747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.971964][ T9747] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.994701][   T28] audit: type=1326 audit(1773926084.135:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.008793][ T9747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.049634][   T28] audit: type=1326 audit(1773926084.165:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.095411][   T28] audit: type=1326 audit(1773926084.165:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.137384][ T9747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.199656][   T28] audit: type=1326 audit(1773926084.175:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.321696][   T28] audit: type=1326 audit(1773926084.175:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.355773][   T28] audit: type=1326 audit(1773926084.175:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.386898][   T28] audit: type=1326 audit(1773926084.175:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.437381][ T9747] hsr_slave_0: entered promiscuous mode
[  249.452496][   T28] audit: type=1326 audit(1773926084.175:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.499381][   T28] audit: type=1326 audit(1773926084.175:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9839 comm="syz.3.1187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25b5d9c799 code=0x7ffc0000
[  249.530768][ T9747] hsr_slave_1: entered promiscuous mode
[  249.974594][ T9832] loop4: detected capacity change from 0 to 32768
[  250.710932][ T5777] Bluetooth: hci0: command tx timeout
[  251.227674][ T9747] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  251.260429][ T9747] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  251.301008][ T9747] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  251.346571][ T9747] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  251.364393][   T11] wlan1: Trigger new scan to find an IBSS to join
[  251.420253][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  251.420268][   T28] audit: type=1326 audit(1773926086.565:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.467873][ T9872] loop3: detected capacity change from 0 to 32768
[  251.495919][   T28] audit: type=1326 audit(1773926086.565:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.555892][   T28] audit: type=1326 audit(1773926086.595:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.582445][   T28] audit: type=1326 audit(1773926086.625:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.624888][ T9872] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  251.633371][ T9747] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.643279][   T28] audit: type=1326 audit(1773926086.625:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.687531][   T28] audit: type=1326 audit(1773926086.625:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.741147][ T9747] 8021q: adding VLAN 0 to HW filter on device team0
[  251.760901][   T28] audit: type=1326 audit(1773926086.625:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.6.1201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f8cfe79c799 code=0x7ffc0000
[  251.786638][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.788919][ T9872] XFS (loop3): Ending clean mount
[  251.794106][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.797320][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.817069][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.898458][ T9872] XFS (loop3): Quotacheck needed: Please wait.
[  251.943891][ T9747] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  252.047953][ T9872] XFS (loop3): Quotacheck: Done.
[  252.053299][ T9910] program syz.4.1204 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  252.255175][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  252.604735][ T9747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  253.487730][ T9747] veth0_vlan: entered promiscuous mode
[  253.553271][ T9747] veth1_vlan: entered promiscuous mode
[  253.645743][ T9960] loop3: detected capacity change from 0 to 1024
[  253.672167][ T9747] veth0_macvtap: entered promiscuous mode
[  253.707704][ T9960] EXT4-fs: Ignoring removed orlov option
[  253.734660][ T9747] veth1_macvtap: entered promiscuous mode
[  253.773941][ T9960] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  253.835569][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  253.849023][ T9960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.889433][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.932996][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  253.969032][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.997063][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  254.040743][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.083387][ T9747] batman_adv: batadv0: Interface activated: batadv_slave_0
[  254.169266][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.192787][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.213022][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.221133][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.235560][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.301610][ T9747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.363629][ T9747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.389668][  T746] wlan1: Trigger new scan to find an IBSS to join
[  254.400884][ T9747] batman_adv: batadv0: Interface activated: batadv_slave_1
[  254.442703][ T9747] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.464361][ T9747] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.488160][ T9747] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.518273][ T9747] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.736925][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.779745][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.815340][ T3461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.845543][ T3461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.843547][ T9972] loop3: detected capacity change from 0 to 131072
[  255.866242][ T9972] F2FS-fs (loop3): invalid crc value
[  255.914630][ T9972] F2FS-fs (loop3): Found nat_bits in checkpoint
[  255.955064][ T9993] mmap: syz.6.1227 (9993) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  255.977578][ T9972] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  256.250043][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  256.256681][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  256.675082][T10002] loop5: detected capacity change from 0 to 2048
[  256.717665][T10002] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  256.745820][T10002] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  256.808075][T10002] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  257.275202][T10010] loop5: detected capacity change from 0 to 164
[  257.353675][ T5761] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  257.430193][   T12] wlan1: Creating new IBSS network, BSSID 46:71:3a:d2:af:c2
[  257.591000][T10014] loop5: detected capacity change from 0 to 1024
[  257.691888][T10014] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.844014][   T28] audit: type=1800 audit(1773926092.975:50): pid=10014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1236" name="file1" dev="loop5" ino=15 res=0 errno=0
[  257.964311][ T9747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.179750][ T7305] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  258.236697][T10029] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1242'.
[  258.252044][T10029] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1242'.
[  258.422885][ T7305] usb 4-1: unable to get BOS descriptor or descriptor too short
[  258.443594][T10035] loop4: detected capacity change from 0 to 256
[  258.451710][ T7305] usb 4-1: config 129 has an invalid interface number: 135 but max is 0
[  258.463465][T10035] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  258.471263][ T7305] usb 4-1: config 129 has an invalid interface number: 5 but max is 0
[  258.507365][ T7305] usb 4-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  258.529065][ T7305] usb 4-1: config 129 has no interface number 0
[  258.559274][ T7305] usb 4-1: config 129 has no interface number 1
[  258.585704][ T7305] usb 4-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  258.619985][ T7305] usb 4-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  258.650790][ T7305] usb 4-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  258.680012][ T7305] usb 4-1: config 129 interface 135 has no altsetting 0
[  258.688315][ T7305] usb 4-1: config 129 interface 5 has no altsetting 0
[  258.713439][ T7305] usb 4-1: string descriptor 0 read error: -22
[  258.723999][ T7305] usb 4-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  258.749599][ T7305] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.783808][ T7305] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  258.829627][ T7305] usb 4-1: MIDIStreaming interface descriptor not found
[  259.172106][ T5757] usb 4-1: USB disconnect, device number 18
[  260.460868][T10074] loop3: detected capacity change from 0 to 512
[  260.501414][T10074] EXT4-fs: Ignoring removed nobh option
[  260.544791][T10079] loop5: detected capacity change from 0 to 256
[  260.552242][T10074] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1261: invalid indirect mapped block 256 (level 2)
[  260.565073][T10074] EXT4-fs (loop3): Remounting filesystem read-only
[  260.576010][T10074] EXT4-fs (loop3): 2 truncates cleaned up
[  260.583777][T10074] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.630477][T10079] exfat: Deprecated parameter 'utf8'
[  260.680744][T10079] exfat: Deprecated parameter 'namecase'
[  260.717918][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.722490][ T5775] Bluetooth: hci0: command tx timeout
[  260.742250][T10079] exfat: Deprecated parameter 'namecase'
[  260.748708][T10079] exfat: Deprecated parameter 'utf8'
[  260.872774][T10079] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  261.420326][T10084] loop3: detected capacity change from 0 to 32768
[  261.458906][T10084] JBD2: Ignoring recovery information on journal
[  261.584007][T10084] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  261.948666][ T5767] ocfs2: Unmounting device (7,3) on (node local)
[  262.495581][T10129] loop3: detected capacity change from 0 to 2048
[  262.518064][T10130] hub 9-0:1.0: USB hub found
[  262.527179][T10129]  loop3: p1 < > p3
[  262.535279][T10133] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1285'.
[  262.543160][T10130] hub 9-0:1.0: 1 port detected
[  262.551873][T10129] loop3: p3 size 134217728 extends beyond EOD, truncated
[  262.953383][T10145] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1289'.
[  263.206886][T10139] loop5: detected capacity change from 0 to 32768
[  263.295314][T10139] JBD2: Ignoring recovery information on journal
[  263.373922][T10139] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  263.471095][   T28] audit: type=1800 audit(1773926098.605:51): pid=10139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1286" name="file1" dev="loop5" ino=17058 res=0 errno=0
[  263.584452][T10164] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1295'.
[  263.629827][T10164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1295'.
[  263.657224][T10164] netlink: 'syz.4.1295': attribute type 6 has an invalid length.
[  263.724907][ T9747] ocfs2: Unmounting device (7,5) on (node local)
[  263.913512][T10169] loop3: detected capacity change from 0 to 1024
[  264.248088][ T5807] hid-generic 0005:0C45:1010.000E: item fetching failed at offset 0/1
[  264.260509][ T5807] hid-generic: probe of 0005:0C45:1010.000E failed with error -22
[  264.599219][T10171] loop4: detected capacity change from 0 to 32768
[  264.661090][T10171] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  264.736053][T10187] loop5: detected capacity change from 0 to 4096
[  264.840891][T10171] XFS (loop4): Ending clean mount
[  264.858952][T10187] ntfs3: loop5: ino=3, ntfs_set_state failed, -22.
[  264.872080][T10171] XFS (loop4): Quotacheck needed: Please wait.
[  264.879752][T10187] ntfs3: loop5: Failed to initialize $Extend/$ObjId.
[  265.016364][   T28] audit: type=1800 audit(1773926100.155:52): pid=10187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1306" name="file1" dev="loop5" ino=30 res=0 errno=0
[  265.044396][T10187] ntfs3: loop5: ino=1e, "file1" attr_set_size
[  265.121816][T10171] XFS (loop4): Quotacheck: Done.
[  265.162328][   T11] ntfs3: loop5: ino=3, ntfs3_write_inode failed, -22.
[  265.210087][ T9747] ntfs3: loop5: ino=3, ntfs_set_state failed, -22.
[  265.226559][ T9747] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  265.272987][ T9747] ntfs3: loop5: ino=3, ntfs_set_state failed, -22.
[  265.307154][ T3461] ntfs3: loop5: ino=3, ntfs3_write_inode failed, -22.
[  265.454119][ T6565] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  266.265810][T10203] loop5: detected capacity change from 0 to 32768
[  266.315310][T10203] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.1309 (10203)
[  266.367679][T10203] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.419687][T10203] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  266.446410][T10203] BTRFS info (device loop5): turning off barriers
[  266.487611][T10203] BTRFS info (device loop5): setting nodatasum
[  266.504540][T10203] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  266.544756][T10203] BTRFS info (device loop5): use zstd compression, level 3
[  266.567501][T10203] BTRFS info (device loop5): using free space tree
[  267.143959][ T9747] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  267.850611][ T7305] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  268.074153][ T7305] usb 5-1: config index 0 descriptor too short (expected 65298, got 18)
[  268.083477][ T7305] usb 5-1: config 0 has too many interfaces: 230, using maximum allowed: 32
[  268.118472][ T7305] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 230
[  268.163143][ T7305] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  268.179345][T10273] loop3: detected capacity change from 0 to 1024
[  268.194248][ T7305] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.222045][ T7305] usb 5-1: Product: syz
[  268.226452][ T7305] usb 5-1: Manufacturer: syz
[  268.241542][ T7305] usb 5-1: SerialNumber: syz
[  268.280543][   T28] audit: type=1800 audit(1773926103.415:53): pid=10273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1334" name="file1" dev="loop3" ino=20 res=0 errno=0
[  268.354783][ T7305] usb 5-1: config 0 descriptor??
[  268.423783][T10273] syz.3.1334: attempt to access beyond end of device
[  268.423783][T10273] loop3: rw=34817, sector=5778, nr_sectors = 2 limit=1024
[  268.570691][ T7305] usb 5-1: ignoring: probably an ADSL modem
[  268.809799][T10288] comedi comedi0: comedi_bond: 3:3 3:6 3:10 3:11 3:14 3:19 3:23  attached, 168 channels from 7 devices
[  268.980668][ T7305] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19!
[  269.189679][ T7305] usb 5-1: USB disconnect, device number 12
[  269.286477][T10299] loop5: detected capacity change from 0 to 128
[  269.317084][T10299] EXT4-fs: Ignoring removed nobh option
[  269.447157][T10299] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.489140][T10299] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  269.646425][T10299] fscrypt (loop5, inode 12): Reserved bits set in encryption policy
[  269.762862][ T9747] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.999646][ T7305] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  270.087276][T10310] loop5: detected capacity change from 0 to 512
[  270.129860][T10310] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  270.240293][T10310] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1349: invalid indirect mapped block 256 (level 2)
[  270.263722][ T7305] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  270.316380][ T7305] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  270.348360][ T7305] usb 4-1: config 0 has no interface number 0
[  270.392768][T10310] EXT4-fs (loop5): 2 truncates cleaned up
[  270.393072][T10314] loop4: detected capacity change from 0 to 2048
[  270.408252][ T7305] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  270.410755][T10310] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.418214][ T7305] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.471056][ T7305] usb 4-1: Product: syz
[  270.486035][T10314] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  270.503001][T10310] EXT4-fs error (device loop5): ext4_validate_block_bitmap:430: comm syz.5.1349: bg 0: block 5: invalid block bitmap
[  270.507593][ T7305] usb 4-1: Manufacturer: syz
[  270.553758][ T7305] usb 4-1: SerialNumber: syz
[  270.570268][T10310] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[  270.578681][ T7305] usb 4-1: config 0 descriptor??
[  270.597494][T10310] EXT4-fs (loop5): This should not happen!! Data will be lost
[  270.597494][T10310] 
[  270.623711][T10310] EXT4-fs (loop5): Total free blocks count 0
[  270.631616][T10310] EXT4-fs (loop5): Free/Dirty block details
[  270.638170][T10310] EXT4-fs (loop5): free_blocks=0
[  270.671817][T10310] EXT4-fs (loop5): dirty_blocks=2
[  270.677563][T10310] EXT4-fs (loop5): Block reservation details
[  270.706539][T10310] EXT4-fs (loop5): i_reserved_data_blocks=2
[  270.759999][   T12] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  271.031837][ T7305] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  271.049582][ T7305] usb 4-1: No valid video chain found.
[  271.263794][ T5824] usb 4-1: USB disconnect, device number 19
[  271.614976][T10348] program syz.4.1367 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  271.961498][ T7305] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  271.969903][ T5757] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  272.152239][ T5757] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  272.178930][ T5757] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  272.193445][ T5757] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.204523][ T5757] usb 5-1: Product: syz
[  272.209014][ T5757] usb 5-1: Manufacturer: syz
[  272.216823][ T5757] usb 5-1: SerialNumber: syz
[  272.226112][ T5757] usb 5-1: config 0 descriptor??
[  272.244891][ T5757] dm9601: probe of 5-1:0.0 failed with error -22
[  273.347039][T10384] loop3: detected capacity change from 0 to 256
[  273.354992][T10384] exfat: Deprecated parameter 'utf8'
[  273.362346][T10384] exfat: Deprecated parameter 'utf8'
[  273.391898][T10384] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  273.679575][ T5775] Bluetooth: hci3: command 0x0406 tx timeout
[  273.936605][T10387] loop3: detected capacity change from 0 to 32768
[  273.980482][T10387] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  274.000358][T10387] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  274.017512][T10387] BTRFS info (device loop3): force clearing of disk cache
[  274.033781][T10387] BTRFS info (device loop3): metadata ratio 0
[  274.041430][T10387] BTRFS info (device loop3): enabling ssd optimizations
[  274.049266][T10387] BTRFS info (device loop3): using spread ssd allocation scheme
[  274.058366][T10387] BTRFS info (device loop3): using free space tree
[  274.119031][T10387] BTRFS info (device loop3): auto enabling async discard
[  274.146351][T10387] BTRFS info (device loop3): rebuilding free space tree
[  274.289586][ T7305] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  274.337977][ T5767] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  274.525672][ T7305] usb 6-1: Using ep0 maxpacket: 16
[  274.536134][ T7305] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[  274.556129][ T7305] usb 6-1: config 0 has no interface number 0
[  274.579373][ T7305] usb 6-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.606961][ T7305] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  274.627959][ T7305] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.657403][ T7305] usb 6-1: config 0 descriptor??
[  274.774649][ T5757] usb 5-1: USB disconnect, device number 13
[  274.789771][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  274.940113][ T7222] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  275.084048][ T7305] mcp2221 0003:04D8:00DD.000F: unknown main item tag 0x0
[  275.125252][ T7305] mcp2221 0003:04D8:00DD.000F: unknown main item tag 0x0
[  275.143116][ T7305] mcp2221 0003:04D8:00DD.000F: unknown main item tag 0x0
[  275.174679][ T7305] mcp2221 0003:04D8:00DD.000F: unknown main item tag 0x0
[  275.198030][ T7305] mcp2221 0003:04D8:00DD.000F: unknown main item tag 0x0
[  275.230332][ T7305] mcp2221 0003:04D8:00DD.000F: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input2
[  275.292991][    C1] usb 6-1: input irq status -75 received
[  275.481146][ T5807] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  275.508460][ T6744] usb 6-1: USB disconnect, device number 7
[  275.710484][T10438] loop4: detected capacity change from 0 to 16
[  275.741260][T10438] erofs: (device loop4): mounted with root inode @ nid 36.
[  275.813529][T10438] syz.4.1399: attempt to access beyond end of device
[  275.813529][T10438] loop4: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  275.860559][T10438] syz.4.1399: attempt to access beyond end of device
[  275.860559][T10438] loop4: rw=524288, sector=16, nr_sectors = 40 limit=16
[  275.906404][T10438] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  275.946208][   T28] audit: type=1800 audit(1773926111.075:54): pid=10438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1399" name="file2" dev="loop4" ino=89 res=0 errno=0
[  276.008087][T10434] loop3: detected capacity change from 0 to 32768
[  276.077057][T10447] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1401'.
[  276.096697][T10434] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  276.371894][T10434] XFS (loop3): Ending clean mount
[  276.432943][T10434] XFS (loop3): Quotacheck needed: Please wait.
[  276.522682][T10434] XFS (loop3): Quotacheck: Done.
[  276.634132][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  276.838294][T10470] loop5: detected capacity change from 0 to 4096
[  278.671686][T10497] loop5: detected capacity change from 0 to 32768
[  278.812369][T10511] pim6reg: tun_chr_ioctl cmd 1074812117
[  278.869969][ T5777] Bluetooth: hci0: command tx timeout
[  279.328004][T10518] loop3: detected capacity change from 0 to 2048
[  279.375355][T10518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.390530][T10518] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.407688][T10518] EXT4-fs (loop3): shut down requested (2)
[  279.450131][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.906408][T10538] hsr0: entered promiscuous mode
[  279.932811][T10538] macsec1: entered allmulticast mode
[  279.956110][T10538] hsr0: entered allmulticast mode
[  279.970348][T10538] hsr_slave_0: entered allmulticast mode
[  279.989799][T10538] hsr_slave_1: entered allmulticast mode
[  280.017448][T10538] hsr0: left allmulticast mode
[  280.029901][T10538] hsr_slave_0: left allmulticast mode
[  280.045170][T10538] hsr_slave_1: left allmulticast mode
[  280.580484][T10539] loop5: detected capacity change from 0 to 32768
[  280.602253][T10539] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1441 (10539)
[  280.677202][T10539] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.712409][T10539] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  280.726977][T10552] loop4: detected capacity change from 0 to 4096
[  280.742558][T10539] BTRFS info (device loop5): using free space tree
[  280.753223][T10552] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  280.846933][T10552] ntfs3: loop4: ino=3, ntfs_set_state failed, -22.
[  280.874595][ T5777] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  280.886453][ T5777] Bluetooth: hci0: Injecting HCI hardware error event
[  280.886623][T10552] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  280.900004][ T5777] Bluetooth: hci0: hardware error 0x00
[  280.946123][T10539] BTRFS info (device loop5): enabling ssd optimizations
[  281.019552][T10539] BTRFS info (device loop5): auto enabling async discard
[  281.260329][ T9747] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  281.337943][   T49] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22.
[  281.395762][ T6565] ntfs3: loop4: ino=3, ntfs_set_state failed, -22.
[  281.413367][ T6565] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  281.457297][ T6565] ntfs3: loop4: ino=3, ntfs_set_state failed, -22.
[  281.474014][   T49] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22.
[  282.312549][T10592] loop3: detected capacity change from 0 to 4096
[  282.491197][T10585] loop5: detected capacity change from 0 to 32768
[  282.592760][T10585] JBD2: Ignoring recovery information on journal
[  282.657435][T10585] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  282.970232][ T5777] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  283.158745][T10585] syz.5.1454 (10585) used greatest stack depth: 17712 bytes left
[  283.241566][T10609] loop3: detected capacity change from 0 to 16
[  283.278274][ T9747] ocfs2: Unmounting device (7,5) on (node local)
[  283.378623][T10609] erofs: (device loop3): mounted with root inode @ nid 36.
[  283.494571][T10609] syz.3.1462: attempt to access beyond end of device
[  283.494571][T10609] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  283.623262][T10609] syz.3.1462: attempt to access beyond end of device
[  283.623262][T10609] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16
[  283.742529][T10609] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  283.809696][   T28] audit: type=1800 audit(1773926118.945:55): pid=10609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1462" name="file2" dev="loop3" ino=89 res=0 errno=0
[  284.103139][T10619] loop4: detected capacity change from 0 to 64
[  284.428273][T10626] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.1467'.
[  284.892618][T10640] 9pnet_fd: Insufficient options for proto=fd
[  285.008671][T10642] Invalid ELF header magic: != ELF
[  285.511116][ T3461] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  286.638427][T10669] loop5: detected capacity change from 0 to 40427
[  286.666366][T10669] F2FS-fs (loop5): invalid crc value
[  286.699704][T10669] F2FS-fs (loop5): Found nat_bits in checkpoint
[  286.802510][T10669] F2FS-fs (loop5): Start checkpoint disabled!
[  286.821632][T10669] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  286.968305][T10669] F2FS-fs (loop5): Stopped filesystem due to reason: 0
[  287.416167][T10697] hsr0: entered promiscuous mode
[  287.430731][T10697] macsec1: entered allmulticast mode
[  287.447674][T10697] hsr0: entered allmulticast mode
[  287.457972][T10697] hsr_slave_0: entered allmulticast mode
[  287.473806][T10697] hsr_slave_1: entered allmulticast mode
[  287.490959][T10697] hsr0: left allmulticast mode
[  287.498382][T10697] hsr_slave_0: left allmulticast mode
[  287.513111][T10697] hsr_slave_1: left allmulticast mode
[  287.593915][T10696] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1499'.
[  287.992166][T10708] program syz.5.1505 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.060625][T10695] loop3: detected capacity change from 0 to 32768
[  288.103840][T10695] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.1501 (10695)
[  288.173523][T10695] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  288.227997][T10695] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  288.265822][T10695] BTRFS info (device loop3): using free space tree
[  288.431567][T10695] BTRFS info (device loop3): enabling ssd optimizations
[  288.439234][T10695] BTRFS info (device loop3): auto enabling async discard
[  288.721858][ T5767] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  288.962941][ T5761] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 10 /dev/loop3 scanned by udevd (5761)
[  288.976915][T10734] loop5: detected capacity change from 0 to 8192
[  289.059761][T10734] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  289.088179][T10734] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  289.164144][T10734] REISERFS (device loop5): using ordered data mode
[  289.242181][T10734] reiserfs: using flush barriers
[  289.256003][T10734] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  289.309901][T10734] REISERFS (device loop5): checking transaction log (loop5)
[  289.400037][ T6744] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  289.714703][T10734] REISERFS (device loop5): Using tea hash to sort names
[  289.724767][T10734] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  289.949670][ T6744] usb 4-1: unable to get BOS descriptor or descriptor too short
[  289.983016][ T6744] usb 4-1: unable to read config index 0 descriptor/start: -71
[  289.999541][ T6744] usb 4-1: can't read configurations, error -71
[  290.122419][T10742] loop4: detected capacity change from 0 to 32768
[  290.212997][T10742] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  290.253079][T10757] netlink: 'syz.5.1515': attribute type 7 has an invalid length.
[  290.408384][T10742] XFS (loop4): Ending clean mount
[  290.417678][T10742] XFS (loop4): Quotacheck needed: Please wait.
[  290.464192][T10742] XFS (loop4): Quotacheck: Done.
[  290.635842][ T6565] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  291.066310][T10780] loop3: detected capacity change from 0 to 1024
[  291.136971][T10780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.184835][T10780] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.3.1524: bad entry in directory: rec_len is smaller than minimal - offset=16, inode=14, rec_len=8, size=56 fake=0
[  291.258779][T10780] EXT4-fs (loop3): Remounting filesystem read-only
[  291.377186][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.392234][T10789] loop5: detected capacity change from 0 to 128
[  291.502983][T10789] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  291.537310][T10789] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  291.791896][T10806] overlayfs: missing 'lowerdir'
[  292.366108][T10812] loop3: detected capacity change from 0 to 32768
[  292.413816][T10812] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  292.449188][T10812] JBD2: Ignoring recovery information on journal
[  292.503031][T10812] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  292.579398][T10812] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1
[  292.618998][T10812] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  292.646990][T10812] OCFS2: File system is now read-only.
[  292.670079][T10812] (syz.3.1537,10812,0):ocfs2_search_chain:1761 ERROR: status = -30
[  292.706188][T10812] (syz.3.1537,10812,0):ocfs2_search_chain:1871 ERROR: status = -30
[  292.729692][T10812] (syz.3.1537,10812,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30
[  292.750543][T10812] (syz.3.1537,10812,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  292.770046][T10812] (syz.3.1537,10812,0):__ocfs2_claim_clusters:2365 ERROR: status = -30
[  292.804520][T10812] (syz.3.1537,10812,0):__ocfs2_claim_clusters:2373 ERROR: status = -30
[  292.835116][T10812] (syz.3.1537,10812,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[  292.859512][T10812] (syz.3.1537,10812,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[  292.892012][T10812] (syz.3.1537,10812,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[  292.913324][T10812] (syz.3.1537,10812,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  292.957521][T10812] (syz.3.1537,10812,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  292.985650][T10812] (syz.3.1537,10812,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  293.009990][T10812] (syz.3.1537,10812,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  293.026681][T10812] (syz.3.1537,10812,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  293.038523][T10812] (syz.3.1537,10812,0):ocfs2_mknod:357 ERROR: status = -30
[  293.052693][T10812] (syz.3.1537,10812,0):ocfs2_mknod:502 ERROR: status = -30
[  293.069545][T10812] (syz.3.1537,10812,0):ocfs2_mkdir:659 ERROR: status = -30
[  293.133369][T10812] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1
[  293.173536][T10812] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  293.192141][T10812] (syz.3.1537,10812,0):ocfs2_search_chain:1761 ERROR: status = -30
[  293.207611][T10812] (syz.3.1537,10812,0):ocfs2_search_chain:1871 ERROR: status = -30
[  293.226408][T10812] (syz.3.1537,10812,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30
[  293.259644][T10812] (syz.3.1537,10812,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  293.289926][T10812] (syz.3.1537,10812,0):__ocfs2_claim_clusters:2365 ERROR: status = -30
[  293.304149][T10812] (syz.3.1537,10812,1):__ocfs2_claim_clusters:2373 ERROR: status = -30
[  293.329670][T10812] (syz.3.1537,10812,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[  293.356006][T10812] (syz.3.1537,10812,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[  293.366283][T10812] (syz.3.1537,10812,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[  293.392294][T10812] (syz.3.1537,10812,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  293.435373][T10812] (syz.3.1537,10812,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  293.457068][T10839] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1548'.
[  293.464065][T10812] (syz.3.1537,10812,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  293.509627][T10812] (syz.3.1537,10812,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  293.539835][T10812] (syz.3.1537,10812,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  293.595664][T10843] loop4: detected capacity change from 0 to 256
[  293.602711][T10812] (syz.3.1537,10812,1):ocfs2_lock_allocators:2682 ERROR: status = -30
[  293.612540][T10812] (syz.3.1537,10812,1):ocfs2_extend_allocation:592 ERROR: status = -30
[  293.627382][T10812] (syz.3.1537,10812,1):ocfs2_extend_no_holes:1029 ERROR: status = -30
[  293.641405][T10812] (syz.3.1537,10812,1):ocfs2_expand_nonsparse_inode:1623 ERROR: status = -30
[  293.653159][T10812] (syz.3.1537,10812,1):ocfs2_write_begin_nolock:1690 ERROR: status = -30
[  293.679752][T10812] (syz.3.1537,10812,1):ocfs2_write_begin:1907 ERROR: status = -30
[  293.758511][T10843] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d)
[  293.851126][ T5767] ocfs2: Unmounting device (7,3) on (node local)
[  294.668365][T10856] loop4: detected capacity change from 0 to 40427
[  294.711696][T10856] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  294.747511][T10856] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  294.771159][T10856] F2FS-fs (loop4): invalid crc value
[  294.814103][T10856] F2FS-fs (loop4): Found nat_bits in checkpoint
[  294.971283][T10856] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  295.004188][T10856] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  295.655140][T10871] loop5: detected capacity change from 0 to 32768
[  295.728905][T10871] XFS (loop5): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  295.831766][ T5775] Bluetooth: hci3: command 0x0406 tx timeout
[  295.901347][T10871] XFS (loop5): Ending clean mount
[  296.047631][ T9747] XFS (loop5): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  296.409603][ T6744] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  296.482798][T10906] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  296.506583][ T7222] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  296.599552][ T6744] usb 4-1: Using ep0 maxpacket: 8
[  296.623824][ T6744] usb 4-1: too many endpoints for config 0 interface 0 altsetting 33: 193, using maximum allowed: 30
[  296.635428][ T6744] usb 4-1: config 0 interface 0 altsetting 33 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.659709][ T6744] usb 4-1: config 0 interface 0 altsetting 33 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.681910][ T6744] usb 4-1: config 0 interface 0 altsetting 33 has 1 endpoint descriptor, different from the interface descriptor's value: 193
[  296.709758][ T6744] usb 4-1: config 0 interface 0 has no altsetting 0
[  296.716666][ T6744] usb 4-1: New USB device found, idVendor=056a, idProduct=010e, bcdDevice= 0.00
[  296.728903][ T6744] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.740743][ T6744] usb 4-1: config 0 descriptor??
[  296.779999][ T7222] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  297.183465][ T6744] wacom 0003:056A:010E.0010: unbalanced collection at end of report description
[  297.220914][ T6744] wacom 0003:056A:010E.0010: parse failed
[  297.227351][ T6744] wacom: probe of 0003:056A:010E.0010 failed with error -22
[  297.383434][ T7222] usb 4-1: USB disconnect, device number 22
[  297.389257][T10918] 9pnet_fd: Insufficient options for proto=fd
[  297.888257][T10933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1584'.
[  297.924595][T10933] n: the hash_elasticity option has been deprecated and is always 16
[  297.949580][T10933] n: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  298.000151][T10934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1584'.
[  298.024528][T10934] n: the hash_elasticity option has been deprecated and is always 16
[  298.044827][T10934] n: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  298.228488][T10931] loop5: detected capacity change from 0 to 32768
[  298.256480][T10940] loop3: detected capacity change from 0 to 256
[  298.275830][T10931] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1583 (10931)
[  298.332047][T10940] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  298.356405][T10931] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  298.387710][T10931] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  298.417982][T10931] BTRFS info (device loop5): enabling auto defrag
[  298.446838][T10931] BTRFS info (device loop5): use no compression
[  298.474152][T10931] BTRFS info (device loop5): max_inline at 4096
[  298.501258][T10931] BTRFS info (device loop5): using free space tree
[  298.519739][ T6744] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  298.700194][T10931] BTRFS info (device loop5): enabling ssd optimizations
[  298.707559][T10931] BTRFS info (device loop5): auto enabling async discard
[  298.746473][ T6744] usb 5-1: Using ep0 maxpacket: 8
[  298.768020][T10967] autofs4:pid:10967:autofs_fill_super: could not open pipe file descriptor
[  298.781050][ T6744] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  298.808611][ T6744] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  298.829622][ T6744] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  298.849680][ T6744] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  298.902765][ T6744] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  298.927705][ T6744] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.150605][ T6744] usb 5-1: GET_CAPABILITIES returned 0
[  299.156863][ T6744] usbtmc 5-1:16.0: can't read capabilities
[  299.276607][ T9747] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  299.383228][ T7305] usb 5-1: USB disconnect, device number 14
[  299.477275][T10983] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1600'.
[  299.520668][ T6744] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  299.719671][ T6744] usb 4-1: Using ep0 maxpacket: 32
[  299.737694][ T6744] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  299.759216][ T6744] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  299.776106][ T6744] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  299.786295][ T6744] usb 4-1: config 1 has no interface number 0
[  299.793947][ T6744] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  299.811228][ T6744] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  299.829152][ T6744] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  299.847314][ T6744] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.871730][ T6744] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  300.045291][T10992] loop4: detected capacity change from 0 to 1024
[  300.121398][ T6744] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  300.367668][T10995] loop4: detected capacity change from 0 to 1024
[  300.380908][T10995] EXT4-fs: Ignoring removed mblk_io_submit option
[  300.441397][T10995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.513518][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.611084][ T7222] usb 4-1: USB disconnect, device number 23
[  300.626332][ T7222] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  301.486253][T11009] loop3: detected capacity change from 0 to 32768
[  301.500998][T11009] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1607 (11009)
[  301.541527][T11009] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  301.566807][T11009] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  301.579172][T11009] BTRFS info (device loop3): enabling auto defrag
[  301.619123][T11009] BTRFS info (device loop3): use no compression
[  301.648286][T11009] BTRFS info (device loop3): max_inline at 4096
[  301.674623][T11009] BTRFS info (device loop3): using free space tree
[  301.792602][T11009] BTRFS info (device loop3): enabling ssd optimizations
[  301.820259][T11009] BTRFS info (device loop3): auto enabling async discard
[  302.234623][ T5767] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  303.111026][T11066] loop4: detected capacity change from 0 to 256
[  303.669871][ T5775] Bluetooth: hci2: command 0x0406 tx timeout
[  303.760497][T11090] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.768667][T11090] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.158810][T11112] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1647'.
[  304.295194][T11119] loop4: detected capacity change from 0 to 256
[  304.311664][T11119] exfat: Deprecated parameter 'utf8'
[  304.332722][T11119] exfat: Deprecated parameter 'namecase'
[  304.367842][T11119] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  304.962846][T11115] loop5: detected capacity change from 0 to 32768
[  305.024811][T11115] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  305.165762][T11115] XFS (loop5): Ending clean mount
[  305.315262][ T9747] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  305.702762][T11150] loop3: detected capacity change from 0 to 32768
[  305.756814][T11150] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1660 (11150)
[  305.792182][T11138] loop4: detected capacity change from 0 to 32768
[  305.799221][T11150] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.820051][T11138] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1659 (11138)
[  305.846562][T11150] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  305.858506][T11150] BTRFS info (device loop3): turning off barriers
[  305.883136][T11138] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  305.904892][T11150] BTRFS info (device loop3): setting nodatasum
[  305.913780][T11138] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  305.929540][T11150] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  305.950226][T11138] BTRFS info (device loop4): enabling auto defrag
[  305.962246][T11150] BTRFS info (device loop3): use zstd compression, level 3
[  305.973060][T11138] BTRFS info (device loop4): use no compression
[  305.989690][T11150] BTRFS info (device loop3): using free space tree
[  306.001835][T11138] BTRFS info (device loop4): max_inline at 4096
[  306.030441][T11138] BTRFS info (device loop4): using free space tree
[  306.101520][ T6744] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  306.168013][T11138] BTRFS info (device loop4): enabling ssd optimizations
[  306.191151][T11138] BTRFS info (device loop4): auto enabling async discard
[  306.289856][ T6744] usb 6-1: Using ep0 maxpacket: 16
[  306.300736][ T6744] usb 6-1: config 0 has no interfaces?
[  306.308444][ T6744] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  306.339557][ T6744] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  306.369557][ T6744] usb 6-1: Manufacturer: syz
[  306.388911][ T6744] usb 6-1: config 0 descriptor??
[  306.458907][ T5767] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.589591][ T6565] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  306.801936][   T42] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  306.905607][T11159] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  307.061431][ T5824] usb 6-1: USB disconnect, device number 8
[  308.605563][T11227] loop5: detected capacity change from 0 to 32768
[  308.676478][T11227] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  308.809606][T11227] XFS (loop5): Ending clean mount
[  308.841238][T11227] XFS (loop5): Quotacheck needed: Please wait.
[  308.998149][T11227] XFS (loop5): Quotacheck: Done.
[  309.214046][ T9747] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  309.494385][T11266] program syz.3.1692 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  309.788619][T11275] loop5: detected capacity change from 0 to 1024
[  309.858541][T11275] EXT4-fs: Ignoring removed mblk_io_submit option
[  309.910337][T11275] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.036097][T11284] loop4: detected capacity change from 0 to 512
[  310.128010][T11284] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  310.172197][ T9747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.302571][T11284] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1696: invalid indirect mapped block 256 (level 2)
[  310.380150][T11284] EXT4-fs (loop4): 2 truncates cleaned up
[  310.395968][T11284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.507758][T11284] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm syz.4.1696: bg 0: block 5: invalid block bitmap
[  310.529174][T11284] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[  310.547997][T11284] EXT4-fs (loop4): This should not happen!! Data will be lost
[  310.547997][T11284] 
[  310.563752][T11284] EXT4-fs (loop4): Total free blocks count 0
[  310.576013][T11284] EXT4-fs (loop4): Free/Dirty block details
[  310.583093][T11284] EXT4-fs (loop4): free_blocks=0
[  310.588749][T11284] EXT4-fs (loop4): dirty_blocks=2
[  310.595500][T11284] EXT4-fs (loop4): Block reservation details
[  310.608009][T11284] EXT4-fs (loop4): i_reserved_data_blocks=2
[  310.710998][   T42] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  310.732746][T11299] loop5: detected capacity change from 0 to 512
[  310.741460][T11282] loop3: detected capacity change from 0 to 40427
[  310.774752][T11299] EXT4-fs: Ignoring removed oldalloc option
[  310.789805][T11282] F2FS-fs (loop3): heap/no_heap options were deprecated
[  310.810729][T11282] F2FS-fs (loop3): heap/no_heap options were deprecated
[  310.884311][T11282] F2FS-fs (loop3): invalid crc value
[  310.912896][T11299] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.1705: Parent and EA inode have the same ino 15
[  310.953135][T11282] F2FS-fs (loop3): Found nat_bits in checkpoint
[  310.983841][T11299] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.1705: Parent and EA inode have the same ino 15
[  311.050033][T11299] EXT4-fs (loop5): 1 orphan inode deleted
[  311.051166][T11282] F2FS-fs (loop3): Start checkpoint disabled!
[  311.057466][T11299] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.097088][T11299] EXT4-fs error (device loop5): ext4_rename:3859: inode #15: comm syz.5.1705: target of rename is already freed
[  311.121367][T11282] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  311.248365][ T9747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.362800][   T49] kworker/u4:3: attempt to access beyond end of device
[  311.362800][   T49] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  311.387503][   T49] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  311.402132][   T49] kworker/u4:3: attempt to access beyond end of device
[  311.402132][   T49] loop3: rw=2049, sector=40992, nr_sectors = 8 limit=40427
[  311.436256][   T49] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  311.576321][T11316] loop5: detected capacity change from 0 to 128
[  311.648976][T11316] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  311.677153][T11316] hpfs: filesystem error: improperly stopped
[  311.714735][T11316] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  311.755204][T11316] hpfs: You really don't want any checks? You are crazy...
[  311.772735][T11316] hpfs: hpfs_map_sector(): read error
[  311.794736][T11316] hpfs: code page support is disabled
[  311.817629][T11316] hpfs: hpfs_map_4sectors(): unaligned read
[  311.840048][T11316] hpfs: hpfs_map_4sectors(): unaligned read
[  311.857335][T11316] hpfs: filesystem error: unable to find root dir
[  311.941427][T11316] hpfs: hpfs_map_4sectors(): unaligned read
[  312.248542][T11328] netlink: 'syz.6.1716': attribute type 21 has an invalid length.
[  312.264602][T11328] netlink: 156 bytes leftover after parsing attributes in process `syz.6.1716'.
[  312.295331][T11328] netlink: 'syz.6.1716': attribute type 21 has an invalid length.
[  312.328854][T11328] netlink: 156 bytes leftover after parsing attributes in process `syz.6.1716'.
[  312.404627][T11335] loop3: detected capacity change from 0 to 128
[  312.430189][T11335] EXT4-fs (loop3): Test dummy encryption mode enabled
[  312.467799][T11335] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[  312.493909][T11341] sp0: Synchronizing with TNC
[  312.499638][T11335] System zones: 1-3, 19-19, 35-36
[  312.506901][T11335] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  312.522462][T11335] ext4 filesystem being mounted at /421/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.720405][T11335] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  312.832373][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  313.201730][T11369] loop5: detected capacity change from 0 to 16
[  313.269563][T11369] erofs: (device loop5): mounted with root inode @ nid 36.
[  313.795115][T11363] loop4: detected capacity change from 0 to 32768
[  313.807680][T11386] fuse: Bad value for 'fd'
[  314.177705][T11399] loop5: detected capacity change from 0 to 16
[  314.206709][T11399] erofs: (device loop5): mounted with root inode @ nid 36.
[  314.250291][T11399] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  314.797321][   T42] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.041414][   T42] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.172517][   T42] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.342796][   T42] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.386205][T11407] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1751'.
[  315.881318][ T5777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  315.908224][T11426] ªªªªªª: renamed from vlan0 (while UP)
[  315.918697][ T5777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  315.935485][ T5777] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  315.985269][ T5777] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  316.015018][ T5777] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  316.029213][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  316.529024][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  316.856971][T11432] loop4: detected capacity change from 0 to 32768
[  316.949221][T11432] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  317.055932][ T7222] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  317.088793][T11432] XFS (loop4): Ending clean mount
[  317.279526][ T7222] usb 4-1: Using ep0 maxpacket: 32
[  317.335502][ T7222] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  317.359916][ T7222] usb 4-1: config 0 has no interface number 0
[  317.362174][ T6565] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  317.368911][ T7222] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  317.405666][ T7222] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.421682][ T7222] usb 4-1: Product: syz
[  317.441848][ T7222] usb 4-1: Manufacturer: syz
[  317.448096][ T7222] usb 4-1: SerialNumber: syz
[  317.480674][ T7222] usb 4-1: config 0 descriptor??
[  317.492397][ T7222] smsc95xx v2.0.0
[  317.657203][T11422] chnl_net:caif_netlink_parms(): no params data found
[  317.688383][ T1283] ieee802154 phy0 wpan0: encryption failed: -22
[  317.695193][ T1283] ieee802154 phy1 wpan1: encryption failed: -22
[  318.070922][ T5777] Bluetooth: hci0: command tx timeout
[  318.307746][   T42] hsr_slave_0: left promiscuous mode
[  318.340748][   T42] hsr_slave_1: left promiscuous mode
[  318.346516][ T7222] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  318.385080][ T7222] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  318.398583][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.406619][   T42] batman_adv: batadv0: Removing interface: batadv_slave_0
[  318.419828][ T7222] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  318.450227][ T7222] smsc95xx: probe of 4-1:0.67 failed with error -71
[  318.473348][   T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  318.486944][ T7222] usb 4-1: USB disconnect, device number 24
[  318.505346][   T42] batman_adv: batadv0: Removing interface: batadv_slave_1
[  318.526600][   T42] bridge_slave_1: left allmulticast mode
[  318.536475][   T42] bridge_slave_1: left promiscuous mode
[  318.546041][   T42] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.565745][   T42] bridge_slave_0: left allmulticast mode
[  318.573546][   T42] bridge_slave_0: left promiscuous mode
[  318.585179][   T42] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.653069][   T42] veth1_macvtap: left promiscuous mode
[  318.659285][   T42] veth0_macvtap: left promiscuous mode
[  318.666687][   T42] veth1_vlan: left promiscuous mode
[  318.679951][   T42] veth0_vlan: left promiscuous mode
[  319.967532][   T42] team0 (unregistering): Port device team_slave_1 removed
[  320.057307][   T42] team0 (unregistering): Port device team_slave_0 removed
[  320.137300][   T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.149719][ T5777] Bluetooth: hci0: command tx timeout
[  320.221637][   T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  320.812223][   T42] bond0 (unregistering): Released all slaves
[  321.042203][T11422] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.072177][T11422] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.088797][T11422] bridge_slave_0: entered allmulticast mode
[  321.099133][T11422] bridge_slave_0: entered promiscuous mode
[  321.130136][T11422] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.151508][T11422] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.174441][T11422] bridge_slave_1: entered allmulticast mode
[  321.221202][T11422] bridge_slave_1: entered promiscuous mode
[  321.304110][T11422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.338283][T11527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1789'.
[  321.352318][T11422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.478626][T11422] team0: Port device team_slave_0 added
[  321.557527][T11422] team0: Port device team_slave_1 added
[  321.608544][T11536] loop4: detected capacity change from 0 to 128
[  321.667147][T11536] EXT4-fs (loop4): Test dummy encryption mode enabled
[  321.733688][T11422] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.748550][T11536] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[  321.784974][T11422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.789256][T11536] System zones: 
[  321.835022][T11422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.863943][T11536] 1-3, 19-19, 35-36
[  321.903315][T11536] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  321.907053][T11422] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.959654][T11536] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.989507][T11422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.117428][T11422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.181098][T11549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1793'.
[  322.232886][ T5777] Bluetooth: hci0: command tx timeout
[  322.244536][ T6565] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  322.298405][T11422] hsr_slave_0: entered promiscuous mode
[  322.310518][T11422] hsr_slave_1: entered promiscuous mode
[  323.043134][T11422] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  323.085785][T11422] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  323.179572][T11422] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  323.207470][T11422] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  323.529470][T11422] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.556915][T11422] 8021q: adding VLAN 0 to HW filter on device team0
[  323.601601][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.609229][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.662286][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.670160][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.821118][T11422] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  323.872667][T11422] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  324.311322][ T5777] Bluetooth: hci0: command tx timeout
[  324.378588][T11422] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.508574][T11619] netlink: 'syz.6.1814': attribute type 6 has an invalid length.
[  325.256283][T11422] veth0_vlan: entered promiscuous mode
[  325.311472][T11422] veth1_vlan: entered promiscuous mode
[  325.412621][T11422] veth0_macvtap: entered promiscuous mode
[  325.449209][T11422] veth1_macvtap: entered promiscuous mode
[  325.512180][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.550100][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.593802][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.646223][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.683623][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.698211][T11662] program syz.4.1826 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  325.720214][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.751269][T11422] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.826950][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.872871][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.917728][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.957227][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.970968][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.983910][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.006594][T11422] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.140079][T11422] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.169682][T11422] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.198234][T11422] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.220410][T11422] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.424469][ T3461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.454037][ T3461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.582351][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.613491][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.746370][T11674] loop3: detected capacity change from 0 to 32768
[  326.831499][T11674] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  327.089914][T11674] XFS (loop3): Ending clean mount
[  327.236031][T11714] loop4: detected capacity change from 0 to 512
[  327.261919][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  327.310048][T11714] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  327.385983][T11714] EXT4-fs (loop4): 1 truncate cleaned up
[  327.408366][T11714] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.688106][ T6565] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.343517][T11743] loop3: detected capacity change from 0 to 136
[  328.395358][T11743] Attempt to read inode for relocated directory
[  329.251949][T11763] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1853'.
[  329.753766][T11745] loop7: detected capacity change from 0 to 32768
[  329.847371][T11745] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  329.857778][T11745] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  329.943933][T11777] loop4: detected capacity change from 0 to 64
[  329.994936][T11745] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 1ms
[  330.105821][T11777] syz.4.1855: attempt to access beyond end of device
[  330.105821][T11777] loop4: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  330.199150][T11777] Buffer I/O error on dev loop4, logical block 134217734, async page read
[  330.224557][T11745] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  330.272462][T11777] Trying to free block not in datazone
[  330.483068][ T5774] kernel write not supported for file /bluetooth/6lowpan_control (pid: 5774 comm: kworker/1:4)
[  330.760979][T11803] input: syz1 as /devices/virtual/input/input15
[  331.309741][ T7305] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  331.517293][ T7305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  331.539955][ T7305] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  331.566834][ T7305] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  331.599543][ T7305] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.631267][ T7305] usb 5-1: config 0 descriptor??
[  332.453439][ T7305] hid-led: probe of 0003:27B8:01ED.0011 failed with error -71
[  332.478847][ T7305] usb 5-1: USB disconnect, device number 15
[  332.491491][T11845] program syz.7.1874 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  332.673407][T11849] loop7: detected capacity change from 0 to 2048
[  332.718912][T11850] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  333.850391][T11894] 
[  333.853295][T11894] =====================================================
[  333.861455][T11894] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  333.869801][T11894] syzkaller #0 Not tainted
[  333.874667][T11894] -----------------------------------------------------
[  333.882356][T11894] syz.3.1896/11894 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  333.890674][T11894] ffff88807cbfb210 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x192/0x4b0
[  333.899856][T11894] 
[  333.899856][T11894] and this task is already holding:
[  333.908273][T11894] ffff88805b671028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0
[  333.919537][T11894] which would create a new lock dependency:
[  333.927113][T11894]  (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){....}-{2:2}
[  333.935862][T11894] 
[  333.935862][T11894] but this new dependency connects a HARDIRQ-irq-safe lock:
[  333.946541][T11894]  (&dev->event_lock#2){-...}-{2:2}
[  333.946579][T11894] 
[  333.946579][T11894] ... which became HARDIRQ-irq-safe at:
[  333.961405][T11894]   lock_acquire+0x19e/0x420
[  333.966648][T11894]   _raw_spin_lock_irqsave+0xb4/0x100
[  333.972389][T11894]   input_event+0x7a/0xc0
[  333.977607][T11894]   psmouse_report_standard_packet+0x53/0x200
[  333.984570][T11894]   psmouse_process_byte+0x478/0x670
[  333.990894][T11894]   psmouse_handle_byte+0x43/0x490
[  333.996911][T11894]   ps2_interrupt+0x164/0x980
[  334.001892][T11894]   serio_interrupt+0x8b/0x130
[  334.007213][T11894]   i8042_interrupt+0x385/0x710
[  334.012885][T11894]   __handle_irq_event_percpu+0x271/0x940
[  334.019255][T11894]   handle_irq_event+0x8b/0x1e0
[  334.024758][T11894]   handle_edge_irq+0x247/0xb30
[  334.030134][T11894]   __common_interrupt+0x13b/0x230
[  334.035536][T11894]   common_interrupt+0xb4/0xd0
[  334.040585][T11894]   asm_common_interrupt+0x26/0x40
[  334.045954][T11894]   unwind_next_frame+0x642/0x2970
[  334.051303][T11894]   arch_stack_walk+0x144/0x190
[  334.056739][T11894]   stack_trace_save+0xaa/0x100
[  334.061971][T11894]   save_stack+0x125/0x230
[  334.066757][T11894]   __set_page_owner+0x1d/0x60
[  334.072387][T11894]   post_alloc_hook+0x1c1/0x200
[  334.077785][T11894]   get_page_from_freelist+0x1951/0x19e0
[  334.085511][T11894]   __alloc_pages+0x1f0/0x460
[  334.090998][T11894]   __get_free_pages+0xc/0x30
[  334.096219][T11894]   kasan_populate_vmalloc_pte+0x35/0x100
[  334.102671][T11894]   __apply_to_page_range+0x860/0xdd0
[  334.108474][T11894]   alloc_vmap_area+0x1d0c/0x1e30
[  334.113920][T11894]   __get_vm_area_node+0x162/0x370
[  334.119322][T11894]   __vmalloc_node_range+0x36e/0x1330
[  334.125801][T11894]   dup_task_struct+0x3d0/0x7c0
[  334.132430][T11894]   copy_process+0x586/0x3d80
[  334.137828][T11894]   kernel_clone+0x24b/0x8a0
[  334.142536][T11894]   user_mode_thread+0x111/0x180
[  334.148318][T11894]   call_usermodehelper_exec_work+0x5c/0x220
[  334.156159][T11894]   process_scheduled_works+0xa5d/0x15d0
[  334.163645][T11894]   worker_thread+0xa55/0xfc0
[  334.170356][T11894]   kthread+0x2fa/0x390
[  334.175164][T11894]   ret_from_fork+0x48/0x80
[  334.180298][T11894]   ret_from_fork_asm+0x11/0x20
[  334.186485][T11894] 
[  334.186485][T11894] to a HARDIRQ-irq-unsafe lock:
[  334.195086][T11894]  (tasklist_lock){.+.+}-{2:2}
[  334.195118][T11894] 
[  334.195118][T11894] ... which became HARDIRQ-irq-unsafe at:
[  334.208545][T11894] ...
[  334.208557][T11894]   lock_acquire+0x19e/0x420
[  334.216310][T11894]   _raw_read_lock+0x36/0x50
[  334.221090][T11894]   do_wait+0x294/0xae0
[  334.225444][T11894]   kernel_wait+0xd7/0x1c0
[  334.229889][T11894]   call_usermodehelper_exec_work+0xb9/0x220
[  334.236426][T11894]   process_scheduled_works+0xa5d/0x15d0
[  334.242699][T11894]   worker_thread+0xa55/0xfc0
[  334.248275][T11894]   kthread+0x2fa/0x390
[  334.252806][T11894]   ret_from_fork+0x48/0x80
[  334.257863][T11894]   ret_from_fork_asm+0x11/0x20
[  334.263281][T11894] 
[  334.263281][T11894] other info that might help us debug this:
[  334.263281][T11894] 
[  334.275283][T11894] Chain exists of:
[  334.275283][T11894]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[  334.275283][T11894] 
[  334.290869][T11894]  Possible interrupt unsafe locking scenario:
[  334.290869][T11894] 
[  334.299814][T11894]        CPU0                    CPU1
[  334.305895][T11894]        ----                    ----
[  334.311717][T11894]   lock(tasklist_lock);
[  334.316483][T11894]                                local_irq_disable();
[  334.324076][T11894]                                lock(&dev->event_lock#2);
[  334.332093][T11894]                                lock(&client->buffer_lock);
[  334.340619][T11894]   <Interrupt>
[  334.344349][T11894]     lock(&dev->event_lock#2);
[  334.349779][T11894] 
[  334.349779][T11894]  *** DEADLOCK ***
[  334.349779][T11894] 
[  334.358869][T11894] 7 locks held by syz.3.1896/11894:
[  334.364541][T11894]  #0: ffff8881447d5110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x180/0x490
[  334.374275][T11894]  #1: ffff88801b381230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xab/0x320
[  334.385629][T11894]  #2: ffffffff8d132060 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0xbc/0x320
[  334.396375][T11894]  #3: ffffffff8d132060 (rcu_read_lock){....}-{1:2}, at: input_pass_values+0xa3/0x12f0
[  334.407433][T11894]  #4: ffffffff8d132060 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x79/0x330
[  334.417831][T11894]  #5: ffff88805b671028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0
[  334.429967][T11894]  #6: ffffffff8d132060 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x53/0x4b0
[  334.440097][T11894] 
[  334.440097][T11894] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  334.452176][T11894]  -> (&dev->event_lock#2){-...}-{2:2} {
[  334.458641][T11894]     IN-HARDIRQ-W at:
[  334.464556][T11894]                       lock_acquire+0x19e/0x420
[  334.472040][T11894]                       _raw_spin_lock_irqsave+0xb4/0x100
[  334.479973][T11894]                       input_event+0x7a/0xc0
[  334.487021][T11894]                       psmouse_report_standard_packet+0x53/0x200
[  334.495744][T11894]                       psmouse_process_byte+0x478/0x670
[  334.503925][T11894]                       psmouse_handle_byte+0x43/0x490
[  334.511032][T11894]                       ps2_interrupt+0x164/0x980
[  334.518526][T11894]                       serio_interrupt+0x8b/0x130
[  334.525654][T11894]                       i8042_interrupt+0x385/0x710
[  334.533223][T11894]                       __handle_irq_event_percpu+0x271/0x940
[  334.541661][T11894]                       handle_irq_event+0x8b/0x1e0
[  334.549853][T11894]                       handle_edge_irq+0x247/0xb30
[  334.557381][T11894]                       __common_interrupt+0x13b/0x230
[  334.564711][T11905] loop4: detected capacity change from 0 to 32768
[  334.565014][T11894]                       common_interrupt+0xb4/0xd0
[  334.580155][T11894]                       asm_common_interrupt+0x26/0x40
[  334.589202][T11894]                       unwind_next_frame+0x642/0x2970
[  334.596964][T11894]                       arch_stack_walk+0x144/0x190
[  334.604292][T11894]                       stack_trace_save+0xaa/0x100
[  334.611418][T11894]                       save_stack+0x125/0x230
[  334.617601][T11894]                       __set_page_owner+0x1d/0x60
[  334.624662][T11894]                       post_alloc_hook+0x1c1/0x200
[  334.632144][T11894]                       get_page_from_freelist+0x1951/0x19e0
[  334.640159][T11894]                       __alloc_pages+0x1f0/0x460
[  334.647216][T11894]                       __get_free_pages+0xc/0x30
[  334.653995][T11894]                       kasan_populate_vmalloc_pte+0x35/0x100
[  334.662443][T11894]                       __apply_to_page_range+0x860/0xdd0
[  334.669751][T11894]                       alloc_vmap_area+0x1d0c/0x1e30
[  334.677005][T11894]                       __get_vm_area_node+0x162/0x370
[  334.685097][T11894]                       __vmalloc_node_range+0x36e/0x1330
[  334.692745][T11894]                       dup_task_struct+0x3d0/0x7c0
[  334.700187][T11894]                       copy_process+0x586/0x3d80
[  334.707411][T11894]                       kernel_clone+0x24b/0x8a0
[  334.714771][T11894]                       user_mode_thread+0x111/0x180
[  334.722180][T11894]                       call_usermodehelper_exec_work+0x5c/0x220
[  334.730696][T11894]                       process_scheduled_works+0xa5d/0x15d0
[  334.738431][T11894]                       worker_thread+0xa55/0xfc0
[  334.745374][T11894]                       kthread+0x2fa/0x390
[  334.751882][T11894]                       ret_from_fork+0x48/0x80
[  334.758966][T11894]                       ret_from_fork_asm+0x11/0x20
[  334.765911][T11894]     INITIAL USE at:
[  334.770239][T11894]                      lock_acquire+0x19e/0x420
[  334.776985][T11894]                      _raw_spin_lock_irqsave+0xb4/0x100
[  334.784461][T11894]                      input_inject_event+0xab/0x320
[  334.791830][T11894]                      led_trigger_event+0x133/0x210
[  334.799565][T11894]                      kbd_led_trigger_activate+0xbd/0x100
[  334.808003][T11894]                      led_trigger_set+0x52c/0x950
[  334.815419][T11894]                      led_trigger_set_default+0x1a0/0x1e0
[  334.823983][T11894]                      led_classdev_register_ext+0x733/0x9b0
[  334.833883][T11894]                      input_leds_connect+0x4eb/0x6b0
[  334.841702][T11894]                      input_register_device+0xcdc/0x1070
[  334.851148][T11894]                      atkbd_connect+0x70a/0x9b0
[  334.859218][T11894]                      serio_driver_probe+0x7a/0xa0
[  334.867586][T11894]                      really_probe+0x25b/0xb20
[  334.874578][T11894]                      __driver_probe_device+0x18c/0x330
[  334.882181][T11894]                      driver_probe_device+0x4f/0x420
[  334.889564][T11894]                      __driver_attach+0x44e/0x6e0
[  334.896765][T11894]                      bus_for_each_dev+0x235/0x2b0
[  334.903989][T11894]                      serio_handle_event+0x1a2/0x860
[  334.911451][T11894]                      process_scheduled_works+0xa5d/0x15d0
[  334.919252][T11894]                      worker_thread+0xa55/0xfc0
[  334.926222][T11894]                      kthread+0x2fa/0x390
[  334.932531][T11894]                      ret_from_fork+0x48/0x80
[  334.940283][T11894]                      ret_from_fork_asm+0x11/0x20
[  334.947394][T11894]   }
[  334.950514][T11894]   ... key      at: [<ffffffff9762ca80>] input_allocate_device.__key.5+0x0/0x20
[  334.960780][T11894] -> (&client->buffer_lock){....}-{2:2} {
[  334.967413][T11894]    INITIAL USE at:
[  334.971837][T11894]                    lock_acquire+0x19e/0x420
[  334.978712][T11894]                    _raw_spin_lock+0x2e/0x40
[  334.986522][T11894]                    evdev_pass_values+0xcb/0xab0
[  334.993824][T11894]                    evdev_events+0x1d8/0x330
[  335.000502][T11894]                    input_pass_values+0x905/0x12f0
[  335.007807][T11894]                    input_event_dispose+0x346/0x6c0
[  335.015216][T11894]                    input_inject_event+0x1f9/0x320
[  335.022679][T11894]                    evdev_write+0x35f/0x490
[  335.028750][T11894]                    vfs_write+0x296/0x990
[  335.034842][T11894]                    ksys_write+0x150/0x260
[  335.041353][T11894]                    do_syscall_64+0x55/0xa0
[  335.047950][T11894]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.056236][T11894]  }
[  335.059197][T11894]  ... key      at: [<ffffffff9762cd20>] evdev_open.__key.28+0x0/0x20
[  335.068365][T11894]  ... acquired at:
[  335.072731][T11894]    _raw_spin_lock+0x2e/0x40
[  335.077834][T11894]    evdev_pass_values+0xcb/0xab0
[  335.083210][T11894]    evdev_events+0x1d8/0x330
[  335.088761][T11894]    input_pass_values+0x905/0x12f0
[  335.095186][T11894]    input_event_dispose+0x346/0x6c0
[  335.102231][T11894]    input_inject_event+0x1f9/0x320
[  335.107534][T11894]    evdev_write+0x35f/0x490
[  335.112314][T11894]    vfs_write+0x296/0x990
[  335.117160][T11894]    ksys_write+0x150/0x260
[  335.122561][T11894]    do_syscall_64+0x55/0xa0
[  335.127511][T11894]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.135161][T11894] 
[  335.137830][T11894] 
[  335.137830][T11894] the dependencies between the lock to be acquired
[  335.137837][T11894]  and HARDIRQ-irq-unsafe lock:
[  335.153404][T11894]   -> (tasklist_lock){.+.+}-{2:2} {
[  335.159745][T11894]      HARDIRQ-ON-R at:
[  335.164570][T11894]                         lock_acquire+0x19e/0x420
[  335.173165][T11894]                         _raw_read_lock+0x36/0x50
[  335.180719][T11894]                         do_wait+0x294/0xae0
[  335.187582][T11894]                         kernel_wait+0xd7/0x1c0
[  335.194298][T11894]                         call_usermodehelper_exec_work+0xb9/0x220
[  335.202466][T11894]                         process_scheduled_works+0xa5d/0x15d0
[  335.211022][T11894]                         worker_thread+0xa55/0xfc0
[  335.218318][T11894]                         kthread+0x2fa/0x390
[  335.225259][T11894]                         ret_from_fork+0x48/0x80
[  335.232382][T11894]                         ret_from_fork_asm+0x11/0x20
[  335.239515][T11894]      SOFTIRQ-ON-R at:
[  335.243852][T11894]                         lock_acquire+0x19e/0x420
[  335.250909][T11894]                         _raw_read_lock+0x36/0x50
[  335.257764][T11894]                         do_wait+0x294/0xae0
[  335.264018][T11894]                         kernel_wait+0xd7/0x1c0
[  335.270533][T11894]                         call_usermodehelper_exec_work+0xb9/0x220
[  335.279900][T11894]                         process_scheduled_works+0xa5d/0x15d0
[  335.288665][T11894]                         worker_thread+0xa55/0xfc0
[  335.295979][T11894]                         kthread+0x2fa/0x390
[  335.303023][T11894]                         ret_from_fork+0x48/0x80
[  335.310431][T11894]                         ret_from_fork_asm+0x11/0x20
[  335.318508][T11894]      INITIAL USE at:
[  335.322835][T11894]                        lock_acquire+0x19e/0x420
[  335.329615][T11894]                        _raw_write_lock_irq+0xaf/0xf0
[  335.337076][T11894]                        copy_process+0x2275/0x3d80
[  335.344024][T11894]                        kernel_clone+0x24b/0x8a0
[  335.350983][T11894]                        user_mode_thread+0x111/0x180
[  335.358204][T11894]                        rest_init+0x27/0x300
[  335.365105][T11894]                        arch_call_rest_init+0xe/0x10
[  335.372659][T11894]                        start_kernel+0x459/0x4e0
[  335.379426][T11894]                        x86_64_start_reservations+0x2a/0x30
[  335.386902][T11894]                        copy_bootdata+0x0/0xe0
[  335.393689][T11894]                        secondary_startup_64_no_verify+0x179/0x17b
[  335.402186][T11894]      INITIAL READ USE at:
[  335.406863][T11894]                             lock_acquire+0x19e/0x420
[  335.413723][T11894]                             _raw_read_lock+0x36/0x50
[  335.421003][T11894]                             do_wait+0x294/0xae0
[  335.427623][T11894]                             kernel_wait+0xd7/0x1c0
[  335.434852][T11894]                             call_usermodehelper_exec_work+0xb9/0x220
[  335.444139][T11894]                             process_scheduled_works+0xa5d/0x15d0
[  335.452645][T11894]                             worker_thread+0xa55/0xfc0
[  335.460464][T11894]                             kthread+0x2fa/0x390
[  335.467481][T11894]                             ret_from_fork+0x48/0x80
[  335.475339][T11894]                             ret_from_fork_asm+0x11/0x20
[  335.483068][T11894]    }
[  335.486081][T11894]    ... key      at: [<ffffffff8ce0a058>] tasklist_lock+0x18/0x40
[  335.494241][T11894]    ... acquired at:
[  335.498426][T11894]    _raw_read_lock+0x36/0x50
[  335.503546][T11894]    send_sigurg+0xf0/0x3c0
[  335.508684][T11894]    sk_send_sigurg+0x6f/0xc0
[  335.513645][T11894]    queue_oob+0x3f1/0x4f0
[  335.519109][T11894]    unix_stream_sendmsg+0xaf0/0xbf0
[  335.524956][T11894]    ____sys_sendmsg+0x5ba/0x960
[  335.530153][T11894]    ___sys_sendmsg+0x2a6/0x360
[  335.535256][T11894]    __sys_sendmmsg+0x2ca/0x510
[  335.540270][T11894]    __x64_sys_sendmmsg+0xa0/0xb0
[  335.545737][T11894]    do_syscall_64+0x55/0xa0
[  335.551111][T11894]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.557968][T11894] 
[  335.560565][T11894]  -> (&f->f_owner.lock){...-}-{2:2} {
[  335.566440][T11894]     IN-SOFTIRQ-R at:
[  335.570989][T11894]                       lock_acquire+0x19e/0x420
[  335.577761][T11894]                       _raw_read_lock_irqsave+0xbc/0x100
[  335.586122][T11894]                       send_sigurg+0x29/0x3c0
[  335.593156][T11894]                       sk_send_sigurg+0x6f/0xc0
[  335.601621][T11894]                       tcp_check_urg+0x200/0x750
[  335.609347][T11894]                       tcp_urg+0x164/0x410
[  335.616032][T11894]                       tcp_rcv_established+0xa34/0x1d20
[  335.623817][T11894]                       tcp_v4_do_rcv+0x4ed/0xb80
[  335.631204][T11894]                       tcp_v4_rcv+0x23bf/0x2af0
[  335.638339][T11894]                       ip_protocol_deliver_rcu+0x20e/0x3f0
[  335.646164][T11894]                       ip_local_deliver_finish+0x2ca/0x510
[  335.655021][T11894]                       NF_HOOK+0x32d/0x3b0
[  335.661994][T11894]                       NF_HOOK+0x32d/0x3b0
[  335.669409][T11894]                       __netif_receive_skb+0xcc/0x290
[  335.677377][T11894]                       process_backlog+0x391/0x6f0
[  335.685361][T11894]                       __napi_poll+0xc0/0x460
[  335.692242][T11894]                       net_rx_action+0x616/0xc40
[  335.699446][T11894]                       handle_softirqs+0x280/0x820
[  335.707652][T11894]                       do_softirq+0xfa/0x1a0
[  335.714773][T11894]                       __local_bh_enable_ip+0x184/0x1c0
[  335.722520][T11894]                       sk_stream_wait_memory+0x6e3/0xee0
[  335.730212][T11894]                       tcp_sendmsg_locked+0x15cd/0x4bd0
[  335.737847][T11894]                       tcp_sendmsg+0x2f/0x50
[  335.744095][T11894]                       __sys_sendto+0x4a9/0x6b0
[  335.750926][T11894]                       __x64_sys_sendto+0xde/0xf0
[  335.758211][T11894]                       do_syscall_64+0x55/0xa0
[  335.765233][T11894]                       entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.773830][T11894]     INITIAL USE at:
[  335.778544][T11894]                      lock_acquire+0x19e/0x420
[  335.785225][T11894]                      _raw_write_lock_irq+0xaf/0xf0
[  335.792775][T11894]                      __f_setown+0x3b/0x330
[  335.799173][T11894]                      fcntl_dirnotify+0x6e2/0x8d0
[  335.806455][T11894]                      do_fcntl+0x390/0x1490
[  335.813229][T11894]                      __se_sys_fcntl+0xc9/0x1a0
[  335.820170][T11894]                      do_syscall_64+0x55/0xa0
[  335.826575][T11894]                      entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.835093][T11894]     INITIAL READ USE at:
[  335.840424][T11894]                           lock_acquire+0x19e/0x420
[  335.847784][T11894]                           _raw_read_lock_irqsave+0xbc/0x100
[  335.856298][T11894]                           send_sigurg+0x29/0x3c0
[  335.863490][T11894]                           sk_send_sigurg+0x6f/0xc0
[  335.871156][T11894]                           tcp_check_urg+0x200/0x750
[  335.878207][T11894]                           tcp_urg+0x164/0x410
[  335.884792][T11894]                           tcp_rcv_established+0xa34/0x1d20
[  335.893282][T11894]                           tcp_v4_do_rcv+0x4ed/0xb80
[  335.900569][T11894]                           __release_sock+0x1e5/0x460
[  335.908091][T11894]                           release_sock+0x5f/0x1c0
[  335.915638][T11894]                           sk_stream_wait_memory+0x6e3/0xee0
[  335.924163][T11894]                           tcp_sendmsg_locked+0x15cd/0x4bd0
[  335.933069][T11894]                           tcp_sendmsg+0x2f/0x50
[  335.940238][T11894]                           __sys_sendto+0x4a9/0x6b0
[  335.948004][T11894]                           __x64_sys_sendto+0xde/0xf0
[  335.955481][T11894]                           do_syscall_64+0x55/0xa0
[  335.962888][T11894]                           entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.971826][T11894]   }
[  335.974519][T11894]   ... key      at: [<ffffffff97332ea0>] init_file.__key+0x0/0x20
[  335.982936][T11894]   ... acquired at:
[  335.987614][T11894]    _raw_read_lock_irqsave+0xbc/0x100
[  335.994123][T11894]    send_sigio+0x33/0x360
[  335.999175][T11894]    kill_fasync+0x228/0x4b0
[  336.003946][T11894]    pipe_read+0xa6e/0x1310
[  336.008993][T11894]    vfs_read+0x46a/0x970
[  336.014289][T11894]    ksys_read+0x150/0x260
[  336.019637][T11894]    do_syscall_64+0x55/0xa0
[  336.024497][T11894]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.031132][T11894] 
[  336.033661][T11894] -> (&new->fa_lock){....}-{2:2} {
[  336.039926][T11894]    INITIAL USE at:
[  336.044085][T11894]                    lock_acquire+0x19e/0x420
[  336.051032][T11894]                    _raw_write_lock_irq+0xaf/0xf0
[  336.058405][T11894]                    fasync_remove_entry+0xf4/0x1c0
[  336.066307][T11894]                    sock_fasync+0x88/0xf0
[  336.072682][T11894]                    __fput+0x7f3/0x970
[  336.079000][T11894]                    task_work_run+0x1d4/0x260
[  336.086657][T11894]                    exit_to_user_mode_loop+0xe6/0x110
[  336.095119][T11894]                    exit_to_user_mode_prepare+0xee/0x180
[  336.103413][T11894]                    syscall_exit_to_user_mode+0x1a/0x50
[  336.111499][T11894]                    do_syscall_64+0x61/0xa0
[  336.118082][T11894]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.126179][T11894]    INITIAL READ USE at:
[  336.131424][T11894]                         lock_acquire+0x19e/0x420
[  336.139244][T11894]                         _raw_read_lock_irqsave+0xbc/0x100
[  336.148358][T11894]                         kill_fasync+0x192/0x4b0
[  336.156316][T11894]                         pipe_read+0xa6e/0x1310
[  336.163419][T11894]                         vfs_read+0x46a/0x970
[  336.170366][T11894]                         ksys_read+0x150/0x260
[  336.179037][T11894]                         do_syscall_64+0x55/0xa0
[  336.186593][T11894]                         entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.194928][T11894]  }
[  336.198016][T11894]  ... key      at: [<ffffffff97333b20>] fasync_insert_entry.__key+0x0/0x20
[  336.208285][T11894]  ... acquired at:
[  336.212345][T11894]    _raw_read_lock_irqsave+0xbc/0x100
[  336.218428][T11894]    kill_fasync+0x192/0x4b0
[  336.223455][T11894]    evdev_pass_values+0x54b/0xab0
[  336.229793][T11894]    evdev_events+0x1d8/0x330
[  336.235534][T11894]    input_pass_values+0x905/0x12f0
[  336.241339][T11894]    input_event_dispose+0x346/0x6c0
[  336.247347][T11894]    input_inject_event+0x1f9/0x320
[  336.252899][T11894]    evdev_write+0x35f/0x490
[  336.258004][T11894]    vfs_write+0x296/0x990
[  336.262635][T11894]    ksys_write+0x150/0x260
[  336.267514][T11894]    do_syscall_64+0x55/0xa0
[  336.272373][T11894]    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.279028][T11894] 
[  336.281504][T11894] 
[  336.281504][T11894] stack backtrace:
[  336.287846][T11894] CPU: 0 PID: 11894 Comm: syz.3.1896 Not tainted syzkaller #0
[  336.296204][T11894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  336.307456][T11894] Call Trace:
[  336.310989][T11894]  <TASK>
[  336.314426][T11894]  dump_stack_lvl+0x18c/0x250
[  336.319218][T11894]  ? load_image+0x400/0x400
[  336.324088][T11894]  ? show_regs_print_info+0x20/0x20
[  336.329478][T11894]  ? load_image+0x400/0x400
[  336.334522][T11894]  ? print_shortest_lock_dependencies+0xf4/0x160
[  336.340935][T11894]  __lock_acquire+0x6851/0x7d40
[  336.346153][T11894]  ? verify_lock_unused+0x140/0x140
[  336.351531][T11894]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  336.358110][T11894]  ? verify_lock_unused+0x140/0x140
[  336.364139][T11894]  lock_acquire+0x19e/0x420
[  336.369089][T11894]  ? kill_fasync+0x192/0x4b0
[  336.373864][T11894]  ? read_lock_is_recursive+0x20/0x20
[  336.379598][T11894]  _raw_read_lock_irqsave+0xbc/0x100
[  336.386800][T11894]  ? kill_fasync+0x192/0x4b0
[  336.391846][T11894]  ? _raw_read_lock+0x50/0x50
[  336.396880][T11894]  kill_fasync+0x192/0x4b0
[  336.401657][T11894]  ? kill_fasync+0x53/0x4b0
[  336.406605][T11894]  evdev_pass_values+0x54b/0xab0
[  336.411914][T11894]  ? evdev_pass_values+0x561/0xab0
[  336.417381][T11894]  evdev_events+0x1d8/0x330
[  336.422322][T11894]  ? evdev_events+0x79/0x330
[  336.427738][T11894]  ? evdev_event+0xf0/0xf0
[  336.432642][T11894]  input_pass_values+0x905/0x12f0
[  336.439004][T11894]  ? input_pass_values+0xa3/0x12f0
[  336.444317][T11894]  input_event_dispose+0x346/0x6c0
[  336.449892][T11894]  input_inject_event+0x1f9/0x320
[  336.455087][T11894]  ? input_inject_event+0xbc/0x320
[  336.460549][T11894]  evdev_write+0x35f/0x490
[  336.465754][T11894]  ? evdev_read+0xba0/0xba0
[  336.470594][T11894]  ? common_file_perm+0x198/0x1f0
[  336.475712][T11894]  ? fsnotify_perm+0x5d/0x5e0
[  336.480993][T11894]  ? security_file_permission+0x79/0xa0
[  336.487325][T11894]  ? evdev_read+0xba0/0xba0
[  336.492572][T11894]  vfs_write+0x296/0x990
[  336.497098][T11894]  ? file_end_write+0x250/0x250
[  336.501982][T11894]  ? __fget_files+0x28/0x4b0
[  336.506900][T11894]  ? __fget_files+0x28/0x4b0
[  336.511494][T11894]  ? __fget_files+0x43d/0x4b0
[  336.516430][T11894]  ? __fdget_pos+0x1d8/0x330
[  336.521274][T11894]  ? ksys_write+0x75/0x260
[  336.526180][T11894]  ksys_write+0x150/0x260
[  336.531587][T11894]  ? __ia32_sys_read+0x90/0x90
[  336.537302][T11894]  ? lockdep_hardirqs_on+0x98/0x150
[  336.544692][T11894]  do_syscall_64+0x55/0xa0
[  336.549991][T11894]  ? clear_bhb_loop+0x40/0x90
[  336.555028][T11894]  ? clear_bhb_loop+0x40/0x90
[  336.560228][T11894]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.566812][T11894] RIP: 0033:0x7f25b5d9c799
[  336.574018][T11894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.595022][T11894] RSP: 002b:00007f25b6cae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  336.604027][T11894] RAX: ffffffffffffffda RBX: 00007f25b6015fa0 RCX: 00007f25b5d9c799
SYZFAIL: failed to send rpc
fd=3 want=64 sent=0 n=-1 (errno 32: Broken pipe)
[  336.612634][T11894] RDX: 0000000000000037 RSI: 0000200000000040 RDI: 0000000000000004
[  336.621203][T11894] RBP: 00007f25b5e32c99 R08: 0000000000000000 R09: 0000000000000000
[  336.629521][T11894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.638804][T11894] R13: 00007f25b6016038 R14: 00007f25b6015fa0 R15: 00007ffd2d874788
[  336.647395][T11894]  </TASK>
[  337.023135][   T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.214845][   T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.311757][   T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.401954][   T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.385226][   T12] hsr_slave_0: left promiscuous mode
[  338.400659][   T12] hsr_slave_1: left promiscuous mode
[  338.407016][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.416029][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.425569][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.434262][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.443575][   T12] bridge_slave_1: left allmulticast mode
[  338.450739][   T12] bridge_slave_1: left promiscuous mode
[  338.456862][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.468116][   T12] bridge_slave_0: left allmulticast mode
[  338.476070][   T12] bridge_slave_0: left promiscuous mode
[  338.483038][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.497396][   T12] bridge0: left promiscuous mode
[  338.503433][   T12] veth1_macvtap: left promiscuous mode
[  338.509458][   T12] veth0_macvtap: left promiscuous mode
[  338.519653][   T12] veth1_vlan: left promiscuous mode
[  338.525605][   T12] veth0_vlan: left promiscuous mode
[  338.773472][   T12] team0 (unregistering): Port device team_slave_1 removed
[  338.790955][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  338.832999][   T12] team0 (unregistering): Port device team_slave_0 removed
[  338.883966][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.928290][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  339.007582][   T12] bond0 (unregistering): Released all slaves
[  339.425738][   T12] IPVS: stop unused estimator thread 0...
[  339.497800][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.579532][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.626302][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.677397][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.794040][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.856537][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.917369][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.985716][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.106185][   T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.165859][   T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.224784][   T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.272531][   T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.580075][   T12] hsr_slave_0: left promiscuous mode
[  341.586559][   T12] hsr_slave_1: left promiscuous mode
[  341.603665][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.612883][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.621959][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.631411][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.640260][   T12] bridge_slave_1: left allmulticast mode
[  341.646123][   T12] bridge_slave_1: left promiscuous mode
[  341.653496][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.663557][   T12] bridge_slave_0: left allmulticast mode
[  341.670935][   T12] bridge_slave_0: left promiscuous mode
[  341.677124][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.698907][   T12] hsr_slave_0: left promiscuous mode
[  341.707224][   T12] hsr_slave_1: left promiscuous mode
[  341.719389][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.728066][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.737855][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.746974][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.757705][   T12] bridge_slave_1: left allmulticast mode
[  341.764470][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.774711][   T12] bridge_slave_0: left allmulticast mode
[  341.782173][   T12] bridge_slave_0: left promiscuous mode
[  341.788330][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.800524][   T12] hsr_slave_0: left promiscuous mode
[  341.807198][   T12] hsr_slave_1: left promiscuous mode
[  341.815504][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.824396][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.836126][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.844873][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.853326][   T12] bridge_slave_1: left allmulticast mode
[  341.859727][   T12] bridge_slave_1: left promiscuous mode
[  341.866268][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.875530][   T12] bridge_slave_0: left allmulticast mode
[  341.881887][   T12] bridge_slave_0: left promiscuous mode
[  341.887804][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.901331][   T12] veth1_macvtap: left promiscuous mode
[  341.907932][   T12] veth0_macvtap: left promiscuous mode
[  341.915558][   T12] veth1_vlan: left promiscuous mode
[  341.922906][   T12] veth0_vlan: left promiscuous mode
[  341.931245][   T12] veth1_macvtap: left promiscuous mode
[  341.937592][   T12] veth0_macvtap: left promiscuous mode
[  341.945553][   T12] veth1_vlan: left promiscuous mode
[  341.952107][   T12] veth0_vlan: left promiscuous mode
[  341.958883][   T12] veth1_macvtap: left promiscuous mode
[  341.965657][   T12] veth0_macvtap: left promiscuous mode
[  341.971711][   T12] veth1_vlan: left promiscuous mode
[  341.977673][   T12] veth0_vlan: left promiscuous mode
[  342.321642][   T12] team0 (unregistering): Port device team_slave_1 removed
[  342.361108][   T12] team0 (unregistering): Port device team_slave_0 removed
[  342.374561][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  342.390114][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  342.470924][   T12] bond0 (unregistering): Released all slaves
[  342.543896][   T12] bond1 (unregistering): Released all slaves
[  342.554462][   T12] team0 (unregistering): Port device batadv1 removed
[  342.748942][   T12] team0 (unregistering): Port device team_slave_1 removed
[  342.791586][   T12] team0 (unregistering): Port device team_slave_0 removed
[  342.830578][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  342.878111][   T12] team0 (unregistering): Port device bond_slave_0 removed
[  342.943946][   T12] bond0 (unregistering): Released all slaves
[  343.188280][   T12] team0 (unregistering): Port device team_slave_1 removed
[  343.226667][   T12] team0 (unregistering): Port device team_slave_0 removed
[  343.265960][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.308710][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  343.375846][   T12] bond0 (unregistering): Released all slaves