last executing test programs:

4.698187855s ago: executing program 1 (id=986):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b80000001900010000f8722ed876cc17cf464b58874f3e2400000000000000e0000002000000000000000000000000fc0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/108], 0xb8}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r3}, 0x8)
write(r2, &(0x7f0000000000)="240000005800410f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24)
syz_emit_ethernet(0x82, &(0x7f00000000c0)={@broadcast, @local, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "fec000", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4fa860", 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev, [@srh={0x2c}, @dstopts={0x6c, 0x0, '\x00', [@pad1]}]}}}}}}}, 0x0)

4.202608352s ago: executing program 1 (id=989):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r2, 0x200, 0x0, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x10000}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4008001)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000180)={[{@uid}, {}, {@nodecompose}, {}, {@nls={'nls', 0x3d, 'macgaelic'}}]}, 0x1, 0x5ce, &(0x7f0000000cc0)="$eJzs3cFvHFcdB/DvbGLHDlK6SZOmICSscgA1IlnvRiZISEApyEIVqsSlVyvZ1FY2aWRvkdsDMohz+y+Ugzlz4ISClANn/gWjHhHcfUs1s7PeTbJ1nCbxbtrPR5p9782befObn2dGM7OyNsA31up7mbufIquX3tku23u7nd7ebuf2sJ7kVJJGspCkKGf/PcnnyU4GU7497BgrH1N8unp9/d4nFwethXqqli8OW+9oDmJpDmKtyuc1XvuZxxvt4VKSc3UJU/dg6D8Tu5/xvAQAZlmRnJg0v5mcrm/Wy+eAwV3x4B77pbYz7QAAAADgGLyyn/1s58y04wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICXSf37/0U9NYb1pRTD3/+fr+dlZ1Cfaaee0H//mOIAAAAAAAAAgBfpe/vZz3bODNsPiuo7/zeqxvnq81v5MFvpZjOXs5219NPPZpaTNMcGmt9e6/c3l4+wZnvimu3j2V8AAAAAAAAA+Jr6U1ZH3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAsKJITg6Kazg/rzTROJllIMl8ut5PcG9ZfZvenHQAAAAAcg1f2s5/tnBm2HxTVM/9r1XP/Qj7MnfSzkX566eZG9S5g8NTf2Nvt9PZ2O7fL6fFxf/H/pwqjGjGDdw+Tt9yqlrhwsMZqfp3f5VKW8m42s5HfZy39dLOUt6vaWoo067cXzWGck+P9+UOtd58U6+tVJIu5mY0qtsu5ng/Sy400qn2oljl8i38ss1P8rHbEHN2oy3KPflOXs6FZZWTuICOtOvdlNs4enomnPE4e3dJyGgfvoM6/gJyfrssy12/PdM7bY0ffa4dnImm1/3d3vXfn1vrNrUuzs0tf0aOZ6Ixl4uI3KhPzdTYGV9Gnu1q+Ua17Jhv5bT7IjXRzLa1cy0quppOV/CQrY3m9cIRzrfF059r3f1hX5pL8qi5nQ5nXs2N5Hb/SNau+8TmjLJ17/lekk9+pK+XB+tbMXZHOPnJtHmbi1cMz8ZcH5edW786tzfW1u0fc3g/qsszAL2cqE+Xxcq78Y1Wth4+Osu/ViX3LVd/5g77GY30XDvqedKbO1/dwj4/UrvouTuzrVH2vj/VNussBYOadfvP0/OJ/F/+9+NninxfXF99ZeOvUtVPfnc/cv07+48TfGn9t/LR4M5/lD6PnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kvb+ujjW2u9XndTRUVF5aAy7SsT8KJd6d++e2Xro49/tHF77f3u+907V5dX2levtlZ+fO3KzY1etzX4nHaYAMBzNLrpn3YkAAAAAAAAAAAAAADAlzmOfyee9j4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfb6vvZe5+iiy3LrfK9t5up1dOw/poyYUkRVn5Z5LPk50MpjTHhiu+bDvFp6vX1+99cnE01sJw+eKw9Y7moVgaj8T0rOO1n3m80R4uJTlXlzB1XwQAAP//o+sD2g==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
renameat2(r3, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

4.159312198s ago: executing program 3 (id=990):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f00000005c0)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00w\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\a9\x14H}j&\v\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x83\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99\\\x0f\x00\x00\x00\x00\x00\x00\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r1, &(0x7f0000000740)=ANY=[], 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r1, 0x409, 0x8)
lseek(r1, 0x0, 0x3)
write(r1, 0x0, 0x0)

3.663759794s ago: executing program 3 (id=995):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_debug_messages', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d54549b})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.29911622s ago: executing program 0 (id=996):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335})
tkill(r1, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r2, 0xc0bc5310, &(0x7f0000002340))

3.273784385s ago: executing program 4 (id=997):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0xe}, 0x1)

3.260754307s ago: executing program 3 (id=998):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
r4 = dup(r2)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38)

3.11053845s ago: executing program 4 (id=999):
socket$packet(0x11, 0x4000000000002, 0x300)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080), 0x48)
r0 = syz_io_uring_setup(0x6438, &(0x7f0000000340), &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.swap.current\x00', 0x275a, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x6, 0x0, @fd_index})
write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000080)=ANY=[@ANYBLOB='\"'], 0x22)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer)
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

3.11007941s ago: executing program 0 (id=1000):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3fffffffffffd, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x12, 0x1, 0x0, "18e889d15b38429faa8ff62438eaed752e68f3a6dc93829382b049e33958b16c"})

3.039838271s ago: executing program 0 (id=1001):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73, 0x7900000000000000}, 0x70)

2.995143338s ago: executing program 2 (id=1002):
r0 = timerfd_create(0x0, 0x0)
r1 = dup(r0)
read$FUSE(r1, 0x0, 0x0)

2.928904558s ago: executing program 4 (id=1003):
r0 = syz_open_dev$vbi(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f00000001c0)=@userptr={0x0, 0x6, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7f03f306"}, 0x0, 0x2, {0x0}})

2.928348208s ago: executing program 1 (id=1004):
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet(0x2, 0x6, 0x0)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0xf0, 0x0)

2.875047166s ago: executing program 0 (id=1005):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, <r1=>0x0}, &(0x7f0000000080)=0xc)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140)={[{@resuid={'resuid', 0x3d, r1}}, {@background_gc_off}, {@nodiscard}, {@grpjquota={'grpjquota', 0x3d, '\xf6\x00\x00'}}, {@usrjquota={'usrjquota', 0x3d, '\\A'}}, {@jqfmt_vfsv1}, {@two_active_logs}, {@nouser_xattr}, {@grpjquota}, {@nodiscard}, {@noinline_dentry}, {}, {@user_xattr}]}, 0x0, 0x551a, &(0x7f0000000280)="$eJzs3M1rI/UfB/BP2u22+/DbXxEP3nZgEVrYhKYPi96q7uIDdimrHjxpmqQh3SRTmjStPXnwKB78T0TBk0f/Bg+evYkHxZugZGYqW11Bbdq429cLJu+ZbyaffL9DKHwmJQFcWPPJzz+W4kZciYjpiLgeke2Xii2znsdzEXEzIqYe2UrF+O8DlyPiakTcGBXPa5aKpz69Pby19sMbP331zeyla599+e3kVg1M2vMR0d3N9w+6eaatPHeK8dqwnWV3dVhk/kT3YXGc5nnQ3MoqHNSOz6tludLKz0939/uj3O7U6qNstbez8d1e/ob9Yeu4TvaCndpedtxobmXZ7qdZto7yeR0e5X/bjvqDvE6jqPdBVj4Gg+PMx5uHzXw9uw+zrPcGxXheN200D0c5LLJ4u6innUY2j63TXOn/tjfbvf3DZNjc67fTXrJWqb5Qqd4pV/fSRnPQXC3Xuo07q8lCqzM6rTxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXFYu928ur9d5JOI1kY5cvt3v6g3ekn2+lekr9iMVmurLy4mNyqJm9tbCabD+7d29h8+727795/aeP1V4qT/jStZGF5aXm5XF0qL1cXL9D6Pyom/fj1l053JeBf8KkD+Mf0/8AknF3/v/cg4uz7/9D/j8UT1f9e9P7/DNYPp6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sL6b+fy1bGc+P75WjP+vGHqmOC5FxFRE/PoY03H5RM3pos7MX5w/84c5fF2KrMLoPWaL7WpErBfbL/8/66sAAAAAT68vPrz5Sd6t5w/zk54Q56dU3LSZuv7+2CpGzMx/P6ZqU6OHZ8dULPt8X4rDMVXLbmDNjalYfsvt0riq/S3TJ2LukSjFXOyc61wAAIDzcrITON8uBAAAgPP08aQnwGSU4virzDj+B/7ZPIovBK+cOAIAAACeQKVJTwAAAAA4c1n/7/f/AAAA4OmW//4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793aYRw3EA/93BFfpPRV2gq/QN3rtAR6j61MeKAboEI9AVugAz0LeMEEGUs4NCRKJE+O4U9PlIh7HFfbER92BbMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCl/8168ff3lz/n5uz25ykzGgAAAOCUbbNetG9mqf4+t3/MTZ9zvYqIOiJOzd1H8eYoc5Rzmkc+3zzow7+INuH2Oyb5ehcRX/N1/anrXwEAAAAu12a5mqfZenqZDd0h+pQWbeoP3wvlVRHRzK4KpdXxs1BS5P/3OH4VSmsXsKaFwtKS27hU2rO0j/th1W56r6hSUT99f7GxAwAAPRodFf3OQgAAAOjTj6E7wDCquNvKPGwFTlKRt/feHtUAAACAV6gaugMAAABA59r5v/P/AAAA4LKl8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0rZZLzbL1fwl93w70bbbn6fciAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7Yn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLnfn6jqOIAgL+Z2dkCaqzV9FBjNPGgFykLgtyMB03jwf9Ak6YsWFn8AT0IISa9eNL0zMXo0RgTSb3xP3CGhAveOKwJJp4186t9IpKt1Zml+/kkb953Z4Z53zebkH5nXgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0xm/txlmxma/itN536/7VtaK//UBfuLF1Z6loRZy0mfTj4YX4Q7LYXSIAAADMjqyp70MId/PtlaJP58v6P2/OKWr+b5+q4qaef7Dub/qm9i/az9fvPbcz0Hw1TnHRs+uj4bG/p9L7/2Y53Z5uguv/dEavvPPls5es/ELSdzefHefl/Uy+vnnz7X4ZzrWVMQCwV0ebvg6an4eKftBlYgDMjF5UeDf1fzbfbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbRhvhiea+NcQwlKvipN63+37V9ce1t/YurPUtFPXrm3F1ywukYcQzq6PhsdanMu0u3T5yvnV0Wh4sf3gxRDCPq/z/r+dxZv1Pzz/wQQnh9DJ/RH8R0Faf9nTks9+g7lWxuroPyQAAA6svG5FXX83314p9iULIfzx3W79Xxx7JYrDhPX/vQ9P3YrHiuv/QWsznAbpI48ub1z4dPnS5SuvrV9YPTc8N/z49eODNwYnTp88eXq5fFay7IkJAAAA+9OvW1z/pwvR+/9D1bEj9fl7qf8/+2bwRTxWNrP1/6PtvvTrOhMAAIDZ9sxLv/+WPGR/0u+Hz1c3Ni4Oqu3O5+PVtoNU92yubnH9ny10nRUAAADQhvFm8pf1/2eiOEz4/v/J75//Mb5mFkI4XL//P7r2yehMe9OZam38xnLXcwQAAKBbh+sWv//Py/X/6c6ShzSE8OrLVVz/GcCJ6v/snS9/iMeK1/+faG+KUyldrO5H2S+G0FvsOiMAAAAOmq+i+FDdimL/l3x75aOfjrzXt/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG1/BgAA//9TJj43")

2.874911536s ago: executing program 2 (id=1006):
syz_mount_image$hfs(&(0x7f0000000240), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000680)={[{@gid}, {@umask={'umask', 0x3d, 0x3d}}, {@uid}, {@type={'type', 0x3d, "b4c8db05"}}]}, 0x1, 0x257, &(0x7f00000002c0)="$eJzs3U9u00AUx/HfOAEMqYr7ByGxLFRihdqyQWxAVQ7BCoGaIFVERYIiASvEGnEA9lyBQ7BCXKCsWHGA7IxmPG7c1I7d0mQg/X6kRG4943mvtjPzIqURgHNru3vw5e4v+zBSSy1J5nBnW9I1XY9f7+3v7g/6vUkHakmx3MP4nuZYm529flnXOB/LS+xPbS0Uf4fpSNM0/Rk6CATn7v4SkXTJ351ufzzzyKbjfegAAjNDDfVGi6HjAACE5ef/yM/zC379HkXSup/252r+H4YOILDC/O+qrNTY83vV7RrVe66Es/ujvEo8zVgXlV1ZRxaYpq6qdLFEl5/tDvp3dl4MepE+6IFXaLbqnnvZpZuriXatpDad4PS5d1wOF2wOWxXxr5ztiPXMN/PdPDaJPqt3uP5rp8aeJnemkrEzlcW/UX1El2WStarIcskNcsOP4NVkGZdXJMqvqCUdfYMgqYvT9Voe65Vlt1nTa6W011ZNr9XxXqOrubrntJlP5pFZ0299Vbew/o/sX3tdTe5M28a19FfGxHzarmXSILDoRGng73xUp3VPi6/evnv+dDDov2Rj5hsPG7TJ11v/SsyVG/mMelYHzCeK0Hmd241Ar0uYqdFJDx0JArHrLpPVf4V6ZcO9oNunZMI6Pa07eOGImxW1wbJ7vnKiCq5TXcE1rblu3pZuNR8x8XHOCdPVDz3h/X8AAAAAAAAAAAAAAAAAAID/zSw+TpCP1eRDYAAAAAAAAAAAAAAAAAAAAAAA4Ljt7kE89v2/97P/xB3z/b/AnPsTAAD//3gZdnY=")

2.802410348s ago: executing program 4 (id=1007):
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x1, 0xf9, 0x1, 0x8, 0x5ac, 0x247, 0x1313, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0xc7, 0x2}}]}}]}}, 0x0)

2.666907228s ago: executing program 1 (id=1008):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_debug_messages', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d54549b})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b80a0000000f23c80f21f866350c00a0000f23f866b9800000c00f326635000400000f300fc76a002e0f080f23742e3b5753baf80c66b8f494f78e66efbafc0c66b83ac8000066efda6509", 0x4f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.567105584s ago: executing program 3 (id=1009):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0xe}, 0x1)

2.52806199s ago: executing program 2 (id=1010):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000280)=@id, 0x10)

2.510703613s ago: executing program 3 (id=1011):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3fffffffffffd, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x12, 0x1, 0x0, "18e889d15b38429faa8ff62438eaed752e68f3a6dc93829382b049e33958b16c"})

2.390463671s ago: executing program 2 (id=1012):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x10, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
syz_open_dev$dmmidi(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r3, 0x9)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r4, 0x10d, 0x5, &(0x7f00000000c0)="02906239f52def4f63cfb0f019f3e043d7e8abdc0f70d5d7125929a83c1e2180dd", 0x21)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r4, &(0x7f0000003500)=[{{0x0, 0x7, &(0x7f0000000500)=[{&(0x7f00000001c0)="e7", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}}], 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xb)

2.389937731s ago: executing program 3 (id=1013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r6, 0x29, 0x17, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c)
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000400)='./file0\x00', 0x809, &(0x7f00000004c0)=ANY=[], 0x10, 0x21a, &(0x7f0000000c80)="$eJzsmb9rFEEUx7+zu9lNggRsLGxSeGCEZH9FJY2FglgJQhS1PMwmnG5yctkiCQgXbGysRdDSf8DCIo2NnZ0gFlqoIAiaUrA4GJnZ2dvZvd3zDk5BfB+42bdv3sybNzv7LW5BEMR/y+dPPz4+vLBydRHAETTgKP9XM48xtPgPjzkHLj55/v7Zq625ewfl+aYB8N78yPkZ0MV5W5hvq/obonlU9F2DgVPKvg47c/e4JL2JwHBTddzW7PaMMuLIvdWO19ZbceSLJhBNKJpvc1ouC8DhPsNaVhvnnGn927t7d5pxHHXKxhTP8hS7svzVoyqNIdvXzYxz6irWJ57XjQf398W9q/w+jHQvAQQwECh7GQyryl6BA9d18y3R6j9u5fM3XlbVb45T0p8z2M/0GAjP0aWJpzAxzqinqD4E/76x+A4oerhTiBFl1w23C69N9kb8tcWzsofp2Y8dHrweHPVlItmF3A12OZOpi9UdNilc0J7XJRXzZjaOL4+++G5ZuexhWiY6ZqR+MAs4qemTBauvH16yedfb3t1bam02N6KNaCsMl8/6p33/TOittxz4npSjWgG0MC31aVabf6om1mY2dppJ0gl2gKQT9O/DtNUUd/VF+7scY0j9M7BwIp1DbLIs26nOwdTPkFdhLZi1iycIgiAIgiAIgiAIgiAIgvgt+Z+RjM2DIf0EIj9U8RrCKzL+VwAAAP//6zlYaw==")
socket$rds(0x15, 0x5, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]})
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, 0x0, 0x0)
r8 = socket$inet(0x2, 0x80003, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000140)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc000000000000007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ddffffff00000000726564697265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000030000000000000080357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000005000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000380100006367726f757000000000000000000000000000000000000000000000000000000800000000000000000000000000000061727000000000000000000000000000000000000000000000000000000000003800000000000000000000000000000000000000000000007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff00000000"]}, 0x3a8)

2.316391072s ago: executing program 1 (id=1014):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IP_PROTO={0x5, 0x1b, 0x3a}]}, 0x24}}, 0x0)

1.386824846s ago: executing program 2 (id=1015):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r2, 0x200, 0x0, 0x25dfdbfc, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x10000}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4008001)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000180)={[{@uid}, {}, {@nodecompose}, {}, {@nls={'nls', 0x3d, 'macgaelic'}}]}, 0x1, 0x5ce, &(0x7f0000000cc0)="$eJzs3cFvHFcdB/DvbGLHDlK6SZOmICSscgA1IlnvRiZISEApyEIVqsSlVyvZ1FY2aWRvkdsDMohz+y+Ugzlz4ISClANn/gWjHhHcfUs1s7PeTbJ1nCbxbtrPR5p9782befObn2dGM7OyNsA31up7mbufIquX3tku23u7nd7ebuf2sJ7kVJJGspCkKGf/PcnnyU4GU7497BgrH1N8unp9/d4nFwethXqqli8OW+9oDmJpDmKtyuc1XvuZxxvt4VKSc3UJU/dg6D8Tu5/xvAQAZlmRnJg0v5mcrm/Wy+eAwV3x4B77pbYz7QAAAADgGLyyn/1s58y04wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICXSf37/0U9NYb1pRTD3/+fr+dlZ1Cfaaee0H//mOIAAAAAAAAAgBfpe/vZz3bODNsPiuo7/zeqxvnq81v5MFvpZjOXs5219NPPZpaTNMcGmt9e6/c3l4+wZnvimu3j2V8AAAAAAAAA+Jr6U1ZH3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAsKJITg6Kazg/rzTROJllIMl8ut5PcG9ZfZvenHQAAAAAcg1f2s5/tnBm2HxTVM/9r1XP/Qj7MnfSzkX566eZG9S5g8NTf2Nvt9PZ2O7fL6fFxf/H/pwqjGjGDdw+Tt9yqlrhwsMZqfp3f5VKW8m42s5HfZy39dLOUt6vaWoo067cXzWGck+P9+UOtd58U6+tVJIu5mY0qtsu5ng/Sy400qn2oljl8i38ss1P8rHbEHN2oy3KPflOXs6FZZWTuICOtOvdlNs4enomnPE4e3dJyGgfvoM6/gJyfrssy12/PdM7bY0ffa4dnImm1/3d3vXfn1vrNrUuzs0tf0aOZ6Ixl4uI3KhPzdTYGV9Gnu1q+Ua17Jhv5bT7IjXRzLa1cy0quppOV/CQrY3m9cIRzrfF059r3f1hX5pL8qi5nQ5nXs2N5Hb/SNau+8TmjLJ17/lekk9+pK+XB+tbMXZHOPnJtHmbi1cMz8ZcH5edW786tzfW1u0fc3g/qsszAL2cqE+Xxcq78Y1Wth4+Osu/ViX3LVd/5g77GY30XDvqedKbO1/dwj4/UrvouTuzrVH2vj/VNussBYOadfvP0/OJ/F/+9+NninxfXF99ZeOvUtVPfnc/cv07+48TfGn9t/LR4M5/lD6PnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kvb+ujjW2u9XndTRUVF5aAy7SsT8KJd6d++e2Xro49/tHF77f3u+907V5dX2levtlZ+fO3KzY1etzX4nHaYAMBzNLrpn3YkAAAAAAAAAAAAAADAlzmOfyee9j4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfb6vvZe5+iiy3LrfK9t5up1dOw/poyYUkRVn5Z5LPk50MpjTHhiu+bDvFp6vX1+99cnE01sJw+eKw9Y7moVgaj8T0rOO1n3m80R4uJTlXlzB1XwQAAP//o+sD2g==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
renameat2(r3, &(0x7f0000000300)='./file0\x00', r3, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

1.343087953s ago: executing program 1 (id=1016):
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805848f"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1)

338.377797ms ago: executing program 4 (id=1017):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000e80), r0)
sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x14, r1, 0x1}, 0x14}}, 0x0)

269.689278ms ago: executing program 0 (id=1018):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100)
syz_io_uring_setup(0x6c98, &(0x7f0000000200)={0x0, 0xf734, 0x20, 0x3, 0x3db, 0x0, r1}, &(0x7f00000000c0), &(0x7f0000000180))
bind$tipc(r0, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r2 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000001b40)={&(0x7f0000001800)=@name={0x1e, 0x2, 0x0, {{0x42, 0x83f}}}, 0x10, 0x0}, 0x0)

91.078676ms ago: executing program 4 (id=1019):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x46e, 0x5578, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x5, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x10, 0xffffffffffffffff, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff})
clock_adjtime(0x4, &(0x7f0000000100)={0x9, 0xf, 0x6, 0x8000000000000001, 0x3, 0x1, 0x6, 0x442, 0x4, 0xc818, 0x400, 0xfffffffffffffff6, 0x8000000000000000, 0xfffffffffffffffc, 0x0, 0x5, 0x3, 0x8000000000000000, 0x5, 0x7, 0x1, 0x1, 0x4, 0x65, 0x9, 0x3})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000700)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)

79.268108ms ago: executing program 0 (id=1020):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x6)
r2 = socket$packet(0x11, 0x0, 0x300)
socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000040)=0x92c, 0x4)
recvfrom$packet(r2, 0x0, 0x0, 0x2000, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x200}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0)
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
read(r3, &(0x7f00000002c0)=""/200, 0x39)
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f00000006c0)={{r1}, "bed9391f6fa80b0163d7641a913dfeb2ae181f230a496bdf6d039ab047aadb41c0b97c8751241275b1e0d7822c49171bccd000c21cc42df55d93bdee043b4970e0a97165f5d7fce8ddbbae1ae269732fdac95399792d0d1801aefe5ed78046da00aaee41ddbf950416bd398b53db69ac98eeb335fa853eb35f00157806245ac8f23b5b9bc3fbcdddb53e030a6735886c088bdfb3995f55f542497a917bd43e5f427642e21b5c1ea4c645a0c01112cbef5f2137db1f9a2bdc66904be21e43b925af6f68ce175c6fcaa0212e88ea97986677e23d93f1f4a7fa2511a8a533e5164582a27af8d27ed91f1444da3d347e9697239d997c1fcb95be167cb56e4a25f4edc31c9e369dc73f97bee4dee3e4a1a0a6966fa0c061fa27c06296226b6382920668786478c8e804707586f0b66a91a5f2c049179a11172882acfe6b3c31740c56d8f25a5b7539dce5a3edc608baf50315234c484105b3d39aa41763505bd797e9eae76b4deba198edd7b4cb665fddc0723d36cb73d21aac1598035069212f38fb93fdc56ca07adc23fa8d90bda56661faf677861b2023add4bd8d36ea8dbc302d20d4bbe7e0f0147550f9556dd0e8e9baa174b785dbf81e029ec67752bd4f44f932059a4faf4d63bc02bacb5a8d14751393fedc12a20b787c9ce3774030894ec8c6f53ecac42904ada4a6ad7053f442eb9120bf8e1d8175d450ccf8d89c6e9e44c536a98958df2c5f842f2fdd92d0a4ea57a00360eeade134e917f9d874fb39404fac501d23cfe462be9f96b920b4c787a6bd1a657537aa0ade7ed13b94c1b9bbcd4b03efec19fd7c966eee5df6847ec7b1e4b5b0e5d12b209ed52eed365fe7c2ee5c6cb8e910b436720832f58e598a4601090a7697568006f0716413113a1e802bb9be1d98e5905df56f867cb2384a05cc93bfe130cd703ab6b87c95f9eed741a467dc7cf31c0b8b906ba7185400eb0af7736d3515ed0915234e582ded16c3ea6590b5944570fc34c0d751ca2e26fcdde8e63b95d4ed01c2bc1833d27ee8dd674eef9a9f0e6fe82ebb9feedf76b8f65754a5a8d72a191e46f71f38284592548461d403dbeb3b253c19f08c09ea675efe66fc12c92484bb92efcf124d214bf55359c06f1bbd5e77825618a0e36f0d62b0238d404111cac90a736645c99f36f94a2a21b5ece44f57be4fb9bb06ba2b59dd5966c822bb82d713f94cdd3882eb7142e44f1a52772568e9047cb9128ed6057d328f1dceb211d016cc947395772160f2be6682d35e9bc6f58de128cfa4b62cdfca4353cf35c0673c5c61abb8f1bf8f23f726ef351a0db313287dc0368afd03fa8eeca9e22fc6b7b0a2f3bb03f0ebe9d6f262c159d7aedbe0c9efb5b70aad890021310387aff1859538104073fa662190daae52db0fb110fc504cd5d839dfe3d4ded50bbac3bb44a6bbf18a7b9ba7e6162b108d89c83e8e6e404c8c09112e4cf5f81959ded3093ec402904349592f619103014bc2178740be4dbb29a062965e895235d3112636da1465cd58d06dbed529a56257046a15776eb121d798bee1228a6be9b0d26e5a23a78a47915875586f1e1402f02102e7e15b4328296f0926d5c9e3e8af09ff595a5201fe552d0ec717552982ac409d97738fb6624e934a3fa807afd9cbf70a08a6a5745f1cbc915e72fa2bcd3340e8323cfeab4abea23c6f864007acd6d506462d51e8566af79571bff257faa493f2e4fc29b8d4e8495c7a31ebe0fdd858af57b5cc522e02c7f2292eb5bae04e9b6c3f4f7b04bf8df3ab456bed24998f83a97febc7b4cde1cfc61020873bbb51fed7cf46d411630ade7c86b1dd8a9945a276d253b2bd997a7a20d419b285aead9e4ed03eff9b545b7170550c4a773e961faf184afcd6808da78940fead79ecd5e1810e6496b453accf89631529ce4e3a821e895c6f8eea491c2a1266835f6ec49b0e94973c9817517cc0d456d61a26cc14a5be7ad02a55764abbfe7a2f8952036d6877dcb06aa1e1c43a70783be269c4be0a67a1e7f6fb2cedca4389d32865c5b04662c7f55e2f65d6e7ea3bcb61f3f0efc2c045364a8983408eaeb26a8f22ff4efb6f2f32cea169f9cd9beff28274c857a4c3fbc9be2c6a606bbc6def5162d037f4764d42ad7bfda77e1f09f9f90eaf835cd47babdcb0787eb23b68631413ceaa905d93144475036cccca0baf73e59d81c48e7fe8c7cd66fbc9665da4404cf21c5151b21da273518428a9d53be389355c90d465760fdbc755d891e5e6f8ca1aa6d0c0149b49ac58c6876c14dd8284a7999cc5b41f883ecf4776707941395cd702c0adf79dbc1bf35b4b77085e9db84c98a44d5899ccdc61aaab21655ad866e9e39ce67cc78c54f5d9e11a88cc655c6329a3428c417ec2724e8310991e9d3a6e2fd482d65208cd94ebceeccef5bcd837330a690a523df087da2f57084fce5214f2d6a31b895f73f98c67647795523f2cffa856c1313023cf77c1e5f019742eb466ee1852b12c0cc0b49f14c31cc91c5adb409a1cc1a2c9378f05f11934c62c4e98b598d226f59a53b4ee387b7010ebe9d4f1beae7c6aaf6c99de8cbd62a918789065c1b838bdb017c275fa513da119a5a274061d054ba43a43ae565f901b3125a29bdf506a369dce739b447f0a80884dc426bc88c9692b7b1fd7a8f35098d4827e68e29ac682921c4bce284e04da7fff4ed41460b53636951330652a8e0d4a579b68e24cf3ee274dd100b76cdc996e8699fbe7e253471afc7e19dfc701b93b3de53807d940952a92fcb1993a686cd7bc8db830f1643c52eabffd34702d63817446c7a1a6a36a8e6c47ae862e23759a66bab1507446ded5beb48be19301e756ad947784072bd312e80ae83920d28339ecbfcd90ff48ad59f98af729e7ec828ecda13e08907bf107a01f7940bc7b27b71b1058fbcf1daf79dbe163a1a30b930f39e44421f07d1ed3a83a35cd7f40d772701c54618a76652710827fe3eaa3a072509919c149ca80494cb962b750589ecab58177178a2c1aae1c80af04a7931d4f33de21b9d0cc3f6d9848eae35767353655470de8cb6194e98ee6b22bcc8f50cc9b509f8731022888bbbebd06a00d1743a7e770cd595cceb67d2663e69e64a7b415575910832cffa0e084ea2ebd498660d4d9aaed27617e6571086d2bda74c544da7d3ab0cead7f30ae363706930de6b0191893203b737fcc39186914e006895f7e03a02d18009bd4afa0ce14aef95d4b7f50d703c685ee45606c1b8257bd0df168c142a3e208164144c876c61ea3c5b9c2d70b485acd6c78e2cf77828f8bcd3caaf2b474842e90a8054245da36f64bc00fe23b055221a1ed4b691f26e6f46e8cd85f34a712b78225dbb09643ffb3c0fa4e90343583eb94b8d851aa7ceb1784ec636b1a4a3d80c76e630ab92b74b77e0724249dd0353b7bab0676d5a7450180adc7bb08c5218912abab04e104686ea8f56f0f57bd8c7da663cc69151c96bb3e3de542c7c0378ff99d2a186ae3f01eedf5783b13e1d9ec577bbfb82cde7e561d08df3dbc44b4aaf39bb13f30bc2fb4f3c492af919a6505e31544de9b6194a0573d4c81fadf132a9bcd9d39cfd6f179750ff879eb8381601a9853c880961567349b30b858b0435caf8042120555ebc495c97e20f134081f5b010042fde7f4822539008a79b1ebc55bd8c09155a5a5052533f75b4329bb63044f5d9124d9dc1e4cf8548667423126338af833a240f8692d5b4ba6ef34f0bf107cb0d3d97d2f81428d9b8c98c5b074f234d7519167f713cea0fdbc66e967edfaa350c6ac5d3608c7b8ec68458d4e530f24e63c4454e71c74f0ca1c1c923c86b0222e2ae7cba708e0f98f88d1a0880dc6f31c2f2065743486f4be5d5952ed523e151ed91c11770e6d21d399f5e4ae1859f0c3aa9b8445b38c734fed2588a648938181636bfc4b80818f153136c39c8d8d9ed301e43b6eace4ff24bc4e543ce2e018f301206e3b982d8a6751896eb08000fb1c3ef63ddf9bc80874dba57f11c2c12189af3edfcab0086f46b9d1c0e188500937384890f4da323e5293aab4246b9195f12aa536ac2f64a43798895b2a5737b3ef2ca5d2d2396acc492c8a2ec71f6c94f613b6fafe055b951d8e4ad23d07015545279af821f53b0464a7d5f3931cedd5044ed421f2c4507992b231eb17f89600e596a1e25382c8d69b276d98afef415a8d06622a4856a94d4fffc42f49beac8cd3c46de67f67032f8ac4bd548b1cc59e44c6ab0c7cf921e95fd8a797d3b5c0a120d70491c8f6159145706a2a1f2ac460669952e185c561542f58b34711b8f43e866267d46bf476f19f6cefc34043f15908e81d7af6ade9c942ec7d86e3357f0b315ee5108c288da6c67a33635b08fcc0b4481c7593fda4a846311f5929055d7261b96b6e94be759a1ed85436c5c59d94e7d399dd314c187ec04c73bedfbf382fcfc10097b0213f5c1d221c0abb45ef8b7b6fc2bb3a07d49a84a1dcce8b77a0aea7fb69a1be93cfdab60ec252f298080297420e8e7a462f3b8fde58c0b9eff5ad665af4792718f847d4d6dbed4f1b47f491096f7d019f7b1d5d02699fbee279398e30465b9475b2f5f33e33b4ef5a3b5c5fac429d68c1f49fbb238a6ec97e519cefd62da31f4a9a1fa6c5c10f85cd581168cc353b9a90ae02f98bfeb87e2f4eaa9caaed3afef9b62c714ceaefcdc2db22696d2e0edd4ced0679710d77d006360d88294d92af7da1a7279b3e6ad8224b9de44e6f5c1ffa496140bb5fe27bb5f8c06a4fcd62282071f4956cb9c6a2bd87dfd6ccb6b7ee154d8bcc559cf1c452647195cc0e0889154b3c3b0fa1afa0bfd82c30ef2f3b2fdeaca6aea791cc8bbc400bc972aca257031049752921ee904c982a5ee5da3452c702169387cfa4da42a2403ae0d20269ac8581cf39937d2b4a84e7d80c91a0a98bbc30e05e31064487ce372037dc42b76b6bc449e73131bf2a776f4d452a4561f00bcf833e1171bbf0af8083f9a46492a4c6594690171d8bb65356ebc4f7206770c32cd2d8b1d9071ccd3ea70aaf88be62664a296724ada7bf8adbb1ffd53690a747052b357b34ae794eaee7d754ad75e07b77cb37c6989496a57bd43435c98bd1670080ce33112099c36c75e9e03852358b8fd2aae67f0c40155e59bc3153278a75a04c48b3cb7f96fc0d423da122ab6407ecf8bb18dc34b6ac6c59b34605b572df8d29b89585e520cb0a8a1500bb64bd847321e20bedd4877cf454e6e740a0fcab567b95834af3eebffae4ca536ef2c76221eee7be946978d68a14d4be044f812b45ce43f8723d647953a8d9a341c2e8e8d953fc69ed4b34124aa6e2f216498c06f06626b6bca860d91e6bb7e6e9d830cac2de4591030ac4f347c291871eabc1e056379f51d00c8164bab1df3e1f3860b89803aec500f54f105f481688b028397fc44d9306e29021f9190bf85a6aac439c3a445fe96a8fe9d5ad5b2975bc6f6a7f379b55a68f16e532945102d7551426f10dc642deb9de79aa2c39aa257ac80137851bd16264ae5bebb20947f62f4ddeb6e6ed3738808d5bb8657a704c7e6e986b805e0533e9e36bc33495a746f682571a062967236ea731beb058fa721fb5ae1fc42f80c586a2cc47e7442248106011f041c2355c25077bcd96c69b8141843f532e768ad983e7cee96c5622dc471a9abe67546ff298321590aa42d715d3206f8e9781e4c8f4a98b40dbbd53844a1a59d67c1a87144609408a370345eb38b0db465e49ade96c45ac052d289594f1cb3043b090ca1c7d1a90"})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)

0s ago: executing program 2 (id=1021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000001240)={@val={0xc, 0xf6}, @val, @mpls={[], @ipv4=@generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast2}}}}, 0x22)

kernel console output (not intermixed with test programs):

5 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.394" name="/root/syzkaller.l6TWTh/89/file2/bus" dev="loop3" ino=1048594 res=1 errno=0
[  118.397652][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.413592][ T4934] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop2 scanned by syz.2.326 (4934)
[  118.464883][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.465015][   T26] audit: type=1804 audit(1719601423.131:12): pid=4949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.394" name="/root/syzkaller.l6TWTh/89/file2/bus" dev="loop3" ino=1048594 res=1 errno=0
[  118.539120][ T4934] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  118.558643][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.589406][ T4958] loop4: detected capacity change from 0 to 8
[  118.599825][ T4934] BTRFS info (device loop2): use zlib compression, level 3
[  118.620663][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.657118][ T4934] BTRFS info (device loop2): turning on sync discard
[  118.665267][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.695845][ T4958] SQUASHFS error: lzo decompression failed, data probably corrupt
[  118.700216][ T4934] BTRFS info (device loop2): max_inline at 0
[  118.717525][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.727942][ T4934] BTRFS info (device loop2): enabling ssd optimizations
[  118.730649][ T4958] SQUASHFS error: Failed to read block 0xcd: -5
[  118.736146][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.752130][ T4934] BTRFS info (device loop2): using spread ssd allocation scheme
[  118.760176][ T4934] BTRFS info (device loop2): using free space tree
[  118.777625][ T4934] BTRFS info (device loop2): has skinny extents
[  118.790774][ T4958] SQUASHFS error: Unable to read metadata cache entry [cb]
[  118.798205][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.820024][ T4958] SQUASHFS error: Unable to read directory block [cb:26]
[  118.824827][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.844469][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.855923][ T4732] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.876666][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  118.888486][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  118.906606][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.978661][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.041783][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.052798][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.063836][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.086771][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.101443][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.113105][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.121223][ T4985] netlink: 'syz.3.401': attribute type 29 has an invalid length.
[  119.124366][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.142249][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.156765][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.167038][ T4732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.179826][ T4732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.213158][ T4732] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.338292][   T26] audit: type=1804 audit(1719601424.051:13): pid=4934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.326" name="/root/syzkaller.UChcnN/0/file0/bus" dev="loop2" ino=263 res=1 errno=0
[  119.340810][ T4985] netlink: 'syz.3.401': attribute type 29 has an invalid length.
[  119.446651][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  119.480750][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  119.519069][ T4732] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.551185][ T4732] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.602057][ T4732] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.605599][ T5002] loop3: detected capacity change from 0 to 1024
[  119.621890][ T3691] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  119.641378][ T4732] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.723232][ T5002] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  119.775397][ T5002] EXT4-fs (loop3): invalid journal inode
[  119.783161][ T5002] EXT4-fs (loop3): can't get journal size
[  119.833101][ T5002] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  119.990431][ T3587] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.035684][ T3587] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.057280][ T3787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.081886][ T3787] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.096010][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  120.131320][ T3643] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  120.368294][ T5020] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 42171 - 0
[  120.407848][ T5020] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 42171 - 0
[  120.417871][ T5018] loop2: detected capacity change from 0 to 4096
[  120.434535][ T5020] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 42171 - 0
[  120.444282][ T5022] loop4: detected capacity change from 0 to 256
[  120.451341][ T5020] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 42171 - 0
[  120.464024][ T5020] netdevsim netdevsim1 netdevsim0: set [1, 2] type 2 family 0 port 55601 - 0
[  120.473856][ T5020] netdevsim netdevsim1 netdevsim1: set [1, 2] type 2 family 0 port 55601 - 0
[  120.483822][ T5020] netdevsim netdevsim1 netdevsim2: set [1, 2] type 2 family 0 port 55601 - 0
[  120.494787][ T5020] netdevsim netdevsim1 netdevsim3: set [1, 2] type 2 family 0 port 55601 - 0
[  120.505201][ T5020] device geneve2 entered promiscuous mode
[  120.513366][ T5020] netdevsim netdevsim1 netdevsim0: unset [1, 2] type 2 family 0 port 55601 - 0
[  120.523050][ T5020] netdevsim netdevsim1 netdevsim1: unset [1, 2] type 2 family 0 port 55601 - 0
[  120.564579][ T5018] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  120.594103][ T5020] netdevsim netdevsim1 netdevsim2: unset [1, 2] type 2 family 0 port 55601 - 0
[  120.594618][ T5022] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  120.637142][ T5020] netdevsim netdevsim1 netdevsim3: unset [1, 2] type 2 family 0 port 55601 - 0
[  120.668045][ T5020] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 42171 - 0
[  120.677865][ T5020] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 42171 - 0
[  120.688782][ T5020] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 42171 - 0
[  120.696046][ T5026] loop0: detected capacity change from 0 to 128
[  120.707109][ T5018] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  120.749289][ T5020] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 42171 - 0
[  120.771931][   T26] audit: type=1804 audit(1719601425.491:14): pid=5022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.411" name="/root/syzkaller.tpPTXp/93/file2/bus" dev="loop4" ino=1048597 res=1 errno=0
[  120.819388][   T26] audit: type=1804 audit(1719601425.491:15): pid=5022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.411" name="/root/syzkaller.tpPTXp/93/file2/bus" dev="loop4" ino=1048597 res=1 errno=0
[  120.982810][ T5031] netlink: 'syz.3.414': attribute type 29 has an invalid length.
[  121.085889][ T5031] netlink: 'syz.3.414': attribute type 29 has an invalid length.
[  121.115717][ T5037] loop1: detected capacity change from 0 to 8
[  121.212168][ T5037] squashfs image failed sanity check
[  121.330132][ T5054] loop3: detected capacity change from 0 to 1024
[  121.514683][ T5061] loop2: detected capacity change from 0 to 256
[  121.590901][ T5054] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  121.614283][ T5061] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  121.647130][ T5054] EXT4-fs (loop3): invalid journal inode
[  121.684137][ T5054] EXT4-fs (loop3): can't get journal size
[  121.715874][ T5066] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 59299 - 0
[  121.724789][   T26] audit: type=1804 audit(1719601426.441:16): pid=5061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.425" name="/root/syzkaller.UChcnN/4/file2/bus" dev="loop2" ino=1048598 res=1 errno=0
[  121.749020][ T5054] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  121.831433][ T5066] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 59299 - 0
[  121.866657][   T26] audit: type=1804 audit(1719601426.441:17): pid=5061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.425" name="/root/syzkaller.UChcnN/4/file2/bus" dev="loop2" ino=1048598 res=1 errno=0
[  121.931933][ T5066] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 59299 - 0
[  121.951168][ T5066] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 59299 - 0
[  121.980439][ T5066] netdevsim netdevsim4 netdevsim0: set [1, 2] type 2 family 0 port 46091 - 0
[  122.030023][ T5066] netdevsim netdevsim4 netdevsim1: set [1, 2] type 2 family 0 port 46091 - 0
[  122.077988][ T5066] netdevsim netdevsim4 netdevsim2: set [1, 2] type 2 family 0 port 46091 - 0
[  122.191622][ T5066] netdevsim netdevsim4 netdevsim3: set [1, 2] type 2 family 0 port 46091 - 0
[  122.231657][ T5066] device geneve2 entered promiscuous mode
[  122.252675][ T5066] netdevsim netdevsim4 netdevsim0: unset [1, 2] type 2 family 0 port 46091 - 0
[  122.270012][ T5066] netdevsim netdevsim4 netdevsim1: unset [1, 2] type 2 family 0 port 46091 - 0
[  122.289236][ T5066] netdevsim netdevsim4 netdevsim2: unset [1, 2] type 2 family 0 port 46091 - 0
[  122.309524][ T5066] netdevsim netdevsim4 netdevsim3: unset [1, 2] type 2 family 0 port 46091 - 0
[  122.344989][ T5037] loop1: detected capacity change from 0 to 32768
[  122.351743][ T5066] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 59299 - 0
[  122.378247][ T5037] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop1 scanned by syz.1.416 (5037)
[  122.403073][ T5066] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 59299 - 0
[  122.419265][ T5066] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 59299 - 0
[  122.435811][ T5037] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  122.449236][ T5066] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 59299 - 0
[  122.466116][ T5037] BTRFS info (device loop1): use zlib compression, level 3
[  122.475281][ T5037] BTRFS info (device loop1): turning on sync discard
[  122.508817][ T5037] BTRFS info (device loop1): max_inline at 0
[  122.526493][ T5037] BTRFS info (device loop1): enabling ssd optimizations
[  122.535199][ T5037] BTRFS info (device loop1): using spread ssd allocation scheme
[  122.593161][ T5037] BTRFS info (device loop1): using free space tree
[  122.599694][ T5037] BTRFS info (device loop1): has skinny extents
[  122.684357][ T5086] netlink: 'syz.3.431': attribute type 29 has an invalid length.
[  122.730281][ T5092] Zero length message leads to an empty skb
[  122.736940][ T5086] netlink: 'syz.3.431': attribute type 29 has an invalid length.
[  122.848023][ T5086] netlink: 'syz.3.431': attribute type 29 has an invalid length.
[  122.898079][ T5086] netlink: 'syz.3.431': attribute type 29 has an invalid length.
[  122.940786][ T5086] netlink: 'syz.3.431': attribute type 29 has an invalid length.
[  123.733072][ T5115] loop2: detected capacity change from 0 to 256
[  123.861011][ T5126] loop0: detected capacity change from 0 to 256
[  123.894874][ T5115] FAT-fs (loop2): Unrecognized mount option "iocharset×Âso8859-3" or missing value
[  123.935496][   T26] audit: type=1804 audit(1719601428.651:18): pid=5037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.416" name="/root/syzkaller.M2SEEj/89/file0/bus" dev="loop1" ino=263 res=1 errno=0
[  124.056220][ T5126] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  124.088516][ T3542] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  124.186181][   T26] audit: type=1804 audit(1719601428.901:19): pid=5126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.440" name="/root/syzkaller.ikXIA0/12/file2/bus" dev="loop0" ino=1048599 res=1 errno=0
[  124.257232][ T5135] loop4: detected capacity change from 0 to 1024
[  124.286129][ T5136] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 51860 - 0
[  124.293986][   T26] audit: type=1804 audit(1719601428.931:20): pid=5126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.440" name="/root/syzkaller.ikXIA0/12/file2/bus" dev="loop0" ino=1048599 res=1 errno=0
[  124.299868][ T5136] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 51860 - 0
[  124.330676][ T5136] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 51860 - 0
[  124.343063][ T5136] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 51860 - 0
[  124.355806][ T5136] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 57707 - 0
[  124.380072][ T5135] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  124.422963][ T5135] EXT4-fs (loop4): invalid journal inode
[  124.430631][ T5136] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 57707 - 0
[  124.433650][ T5135] EXT4-fs (loop4): can't get journal size
[  124.439420][ T5136] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 57707 - 0
[  124.439452][ T5136] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 57707 - 0
[  124.439527][ T5136] device geneve2 entered promiscuous mode
[  124.448870][ T5135] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  124.711548][ T5136] netdevsim netdevsim2 netdevsim0: unset [1, 2] type 2 family 0 port 57707 - 0
[  124.759515][ T5136] netdevsim netdevsim2 netdevsim1: unset [1, 2] type 2 family 0 port 57707 - 0
[  124.789073][ T5136] netdevsim netdevsim2 netdevsim2: unset [1, 2] type 2 family 0 port 57707 - 0
[  124.816028][ T5136] netdevsim netdevsim2 netdevsim3: unset [1, 2] type 2 family 0 port 57707 - 0
[  124.862974][ T5136] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 51860 - 0
[  124.890459][ T5136] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 51860 - 0
[  124.933213][ T5136] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 51860 - 0
[  124.937947][ T5150] loop0: detected capacity change from 0 to 128
[  124.955695][ T5136] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 51860 - 0
[  124.964989][ T5153] netlink: 'syz.1.448': attribute type 29 has an invalid length.
[  125.049620][ T5153] netlink: 'syz.1.448': attribute type 29 has an invalid length.
[  125.060350][ T5155] netlink: 'syz.1.448': attribute type 29 has an invalid length.
[  125.115953][ T5153] netlink: 'syz.1.448': attribute type 29 has an invalid length.
[  125.166167][ T5157] netlink: 'syz.1.448': attribute type 29 has an invalid length.
[  125.488258][   T26] audit: type=1800 audit(1719601430.201:21): pid=5173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.454" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  125.522886][ T5175] loop1: detected capacity change from 0 to 8
[  125.553669][   T26] audit: type=1800 audit(1719601430.241:22): pid=5173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.454" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  125.609283][ T5175] squashfs image failed sanity check
[  125.641907][ T5180] loop0: detected capacity change from 0 to 256
[  125.656295][   T26] audit: type=1800 audit(1719601430.251:23): pid=5173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.454" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  125.820517][ T5187] loop4: detected capacity change from 0 to 4096
[  125.838589][ T5180] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  125.874793][   T26] audit: type=1804 audit(1719601430.591:24): pid=5180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.457" name="/root/syzkaller.ikXIA0/15/file2/bus" dev="loop0" ino=1048602 res=1 errno=0
[  125.910432][ T5187] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  125.917755][   T26] audit: type=1804 audit(1719601430.591:25): pid=5180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.457" name="/root/syzkaller.ikXIA0/15/file2/bus" dev="loop0" ino=1048602 res=1 errno=0
[  125.957519][   T26] audit: type=1326 audit(1719601430.671:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5156 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7fc00000
[  126.000102][   T26] audit: type=1326 audit(1719601430.671:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5156 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2cd83ebb99 code=0x7fc00000
[  126.071306][   T26] audit: type=1326 audit(1719601430.671:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5156 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7fc00000
[  126.096884][   T26] audit: type=1326 audit(1719601430.671:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5156 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7fc00000
[  126.186063][   T26] audit: type=1326 audit(1719601430.671:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5156 comm="syz.3.449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7fc00000
[  126.302186][ T5196] loop4: detected capacity change from 0 to 1024
[  126.393919][ T5196] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  126.448416][ T5196] EXT4-fs (loop4): invalid journal inode
[  126.458484][ T5196] EXT4-fs (loop4): can't get journal size
[  126.466962][ T5196] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  126.513828][ T5205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.468'.
[  126.668480][ T5175] loop1: detected capacity change from 0 to 32768
[  126.721172][ T5175] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop1 scanned by syz.1.455 (5175)
[  126.793682][ T5175] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  126.822210][ T5175] BTRFS info (device loop1): use zlib compression, level 3
[  126.835849][ T5224] loop2: detected capacity change from 0 to 256
[  126.848494][ T5175] BTRFS info (device loop1): turning on sync discard
[  126.867313][ T5175] BTRFS info (device loop1): max_inline at 0
[  126.873897][ T5175] BTRFS info (device loop1): enabling ssd optimizations
[  126.889270][ T5175] BTRFS info (device loop1): using spread ssd allocation scheme
[  126.964536][ T5175] BTRFS info (device loop1): using free space tree
[  126.988553][ T5175] BTRFS info (device loop1): has skinny extents
[  127.098305][ T5229] loop0: detected capacity change from 0 to 4096
[  127.171236][ T5229] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  127.314976][ T5229] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  127.500857][ T5229] ntfs3: loop0: ino=1e, "file1" encrypted i/o not supported
[  127.549994][ T3514] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  127.668783][  T144] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  127.910211][ T3514] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  127.941738][ T3514] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.982745][ T3514] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  128.010128][ T3514] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.032355][ T5284] loop4: detected capacity change from 0 to 512
[  128.037362][ T3514] usb 4-1: config 0 descriptor??
[  128.077631][ T5281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'.
[  128.091115][ T3514] hub 4-1:0.0: USB hub found
[  128.176529][ T5284] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.490: bad orphan inode 15
[  128.199959][ T5284] ext4_test_bit(bit=14, block=5) = 0
[  128.208414][ T5284] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,auto_da_alloc=0x000000000000007f,noload,nobarrier,nodiscard,,errors=continue. Quota mode: none.
[  128.249530][ T5284] capability: warning: `syz.4.490' uses deprecated v2 capabilities in a way that may be insecure
[  128.269401][ T5289] loop2: detected capacity change from 0 to 1024
[  128.417822][ T5284] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  128.427395][ T3514] hub 4-1:0.0: 1 port detected
[  128.435959][ T5289] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  128.459800][ T5289] EXT4-fs (loop2): invalid journal inode
[  128.466943][ T5289] EXT4-fs (loop2): can't get journal size
[  128.479796][ T5289] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  128.883580][ T3514] usb 4-1: USB disconnect, device number 11
[  129.458266][ T5315] loop1: detected capacity change from 0 to 8
[  129.552405][ T5315] squashfs image failed sanity check
[  129.682573][ T5327] loop3: detected capacity change from 0 to 128
[  130.340341][ T5312] loop4: detected capacity change from 0 to 32768
[  130.404275][ T5312] ERROR: (device loop4): diNewExt: no free extents
[  130.404275][ T5312] 
[  130.455528][ T5312] ERROR: (device loop4): remounting filesystem as read-only
[  130.487849][ T5312] ialloc: diAlloc returned -5!
[  130.535676][ T5315] loop1: detected capacity change from 0 to 32768
[  130.577372][ T5348] loop2: detected capacity change from 0 to 1764
[  130.594332][ T5315] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop1 scanned by syz.1.498 (5315)
[  130.647236][ T5315] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  130.707450][ T5315] BTRFS info (device loop1): use zlib compression, level 3
[  130.715298][ T5348] iso9660: Corrupted directory entry in block 2 of inode 1920
[  130.753540][ T5315] BTRFS info (device loop1): turning on sync discard
[  130.787963][ T5315] BTRFS info (device loop1): max_inline at 0
[  130.840018][ T5315] BTRFS info (device loop1): enabling ssd optimizations
[  130.846983][ T5315] BTRFS info (device loop1): using spread ssd allocation scheme
[  130.899279][ T5315] BTRFS info (device loop1): using free space tree
[  130.938472][ T5315] BTRFS info (device loop1): has skinny extents
[  131.218021][ T5380] loop4: detected capacity change from 0 to 1024
[  131.290455][ T5380] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  131.327804][ T5380] EXT4-fs (loop4): invalid journal inode
[  131.336838][ T5380] EXT4-fs (loop4): can't get journal size
[  131.344447][ T5397] loop2: detected capacity change from 0 to 1764
[  131.352709][ T5380] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  131.460843][ T5397] iso9660: Corrupted directory entry in block 2 of inode 1920
[  131.486879][   T26] kauditd_printk_skb: 65 callbacks suppressed
[  131.486892][   T26] audit: type=1804 audit(1719601436.201:96): pid=5315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.498" name="/root/syzkaller.M2SEEj/97/file0/bus" dev="loop1" ino=263 res=1 errno=0
[  131.625207][ T3691] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  131.824642][ T5418] loop0: detected capacity change from 0 to 1024
[  132.204267][ T5432] loop4: detected capacity change from 0 to 1764
[  132.283640][ T5432] iso9660: Corrupted directory entry in block 2 of inode 1920
[  132.543413][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  132.549953][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  133.333706][ T5455] loop3: detected capacity change from 0 to 1024
[  133.465173][ T5469] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  133.534042][ T5471] loop0: detected capacity change from 0 to 1764
[  133.775150][ T5426] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  133.795494][ T5471] iso9660: Corrupted directory entry in block 2 of inode 1920
[  134.150424][ T5426] usb 3-1: config index 0 descriptor too short (expected 106, got 36)
[  134.233609][ T5426] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.499972][ T5426] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.575270][ T5426] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  134.593332][ T5426] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.679398][ T5426] usb 3-1: config 0 descriptor??
[  134.699288][ T5498] loop4: detected capacity change from 0 to 1024
[  135.226786][ T5519] loop4: detected capacity change from 0 to 1764
[  135.321611][ T5426] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[  135.329624][ T5426] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[  135.341792][ T5519] iso9660: Corrupted directory entry in block 2 of inode 1920
[  135.590987][ T1193] Bluetooth: hci3: command 0x2016 tx timeout
[  136.015573][ T5534] loop0: detected capacity change from 0 to 1024
[  136.087899][ T5426] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[  136.095819][ T5426] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[  136.103534][ T5426] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[  136.117876][ T5426] corsair 0003:1B1C:1B3E.0002: failed to start in urb: -90
[  136.126964][ T5426] corsair 0003:1B1C:1B3E.0002: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.2-1/input0
[  136.141072][ T5426] usb 3-1: USB disconnect, device number 6
[  136.312447][ T5555] qrtr: Invalid version 107
[  136.364827][ T5560] loop3: detected capacity change from 0 to 64
[  136.478047][ T5563] loop0: detected capacity change from 0 to 1764
[  136.555499][ T5563] iso9660: Corrupted directory entry in block 2 of inode 1920
[  136.740786][ T5573] loop0: detected capacity change from 0 to 1024
[  136.770472][ T5426] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  136.849789][ T5579] loop3: detected capacity change from 0 to 8
[  136.988552][ T3510] SQUASHFS error: Unable to read directory block [631:72]
[  137.085947][ T3510] SQUASHFS error: Unable to read directory block [631:72]
[  137.140141][ T5426] usb 5-1: config index 0 descriptor too short (expected 106, got 36)
[  137.150642][ T5426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.162722][ T5426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.206651][ T5426] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  137.253377][ T5426] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.298716][ T5426] usb 5-1: config 0 descriptor??
[  137.801651][ T5426] corsair 0003:1B1C:1B3E.0003: unknown main item tag 0x0
[  137.830230][ T5426] corsair 0003:1B1C:1B3E.0003: unknown main item tag 0x0
[  137.837281][ T5426] corsair 0003:1B1C:1B3E.0003: unknown main item tag 0x0
[  137.854671][ T5599] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  137.880111][ T5426] corsair 0003:1B1C:1B3E.0003: unknown main item tag 0x0
[  137.897304][ T5426] corsair 0003:1B1C:1B3E.0003: unknown main item tag 0x0
[  137.926527][ T5426] corsair 0003:1B1C:1B3E.0003: failed to start in urb: -90
[  138.023002][ T5426] corsair 0003:1B1C:1B3E.0003: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.4-1/input0
[  138.049373][ T5592] loop2: detected capacity change from 0 to 32768
[  138.088550][ T5426] usb 5-1: USB disconnect, device number 11
[  138.107837][ T5594] loop3: detected capacity change from 0 to 32768
[  138.160789][ T5611] nbd: must specify at least one socket
[  138.353611][ T5594] XFS (loop3): Mounting V5 Filesystem
[  138.552575][ T5592] 9pnet: Insufficient options for proto=fd
[  138.560473][ T5142] Bluetooth: hci1: command 0x2016 tx timeout
[  138.630089][ T5604] loop0: detected capacity change from 0 to 32768
[  138.671399][ T5594] XFS (loop3): Ending clean mount
[  139.322049][ T5594] XFS (loop3): Quotacheck needed: Please wait.
[  139.393652][ T5604] blk_update_request: I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.433480][ T5594] XFS (loop3): Quotacheck: Done.
[  139.500550][ T5604] lbmIODone: I/O error in JFS log
[  139.551960][ T5604] *** Log Format Error ! ***
[  139.565512][ T5604] lmLogInit: exit(-22)
[  139.602327][ T5604] lmLogOpen: exit(-22)
[  139.630613][ T5634] loop1: detected capacity change from 0 to 128
[  139.897850][ T5642] loop4: detected capacity change from 0 to 64
[  139.900743][ T3510] XFS (loop3): Unmounting Filesystem
[  140.144031][ T5653] trusted_key: encrypted_key: insufficient parameters specified
[  140.187953][ T5653] loop0: detected capacity change from 0 to 16
[  140.391320][ T5653] erofs: (device loop0): mounted with root inode @ nid 36.
[  140.625861][ T5654] device bond_slave_0 entered promiscuous mode
[  140.632530][ T5654] device bond_slave_1 entered promiscuous mode
[  140.865526][ T5654] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  141.174648][ T5669] netlink: 20 bytes leftover after parsing attributes in process `syz.2.631'.
[  141.267740][ T5669] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.275254][ T5669] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.408717][ T5674] loop0: detected capacity change from 0 to 128
[  141.592087][ T5663] loop4: detected capacity change from 0 to 32768
[  141.721999][ T5650] loop1: detected capacity change from 0 to 40427
[  141.738580][ T5663] blk_update_request: I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  141.757904][ T5663] lbmIODone: I/O error in JFS log
[  141.774002][ T5663] *** Log Format Error ! ***
[  141.779234][ T5663] lmLogInit: exit(-22)
[  141.795474][ T5650] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  141.803107][ T5663] lmLogOpen: exit(-22)
[  141.809611][ T5650] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  141.893938][ T5650] F2FS-fs (loop1): Found nat_bits in checkpoint
[  142.023253][ T5650] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  142.062970][ T5676] loop2: detected capacity change from 0 to 32768
[  142.104789][ T5650] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  142.140144][ T5650] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  142.195252][ T5676] XFS (loop2): Mounting V5 Filesystem
[  142.308923][ T5650] F2FS-fs (loop1): Can't enable fs-verity on inode 10: the verity feature is not enabled on this filesystem
[  142.347162][ T5704] trusted_key: encrypted_key: insufficient parameters specified
[  142.392072][ T5704] loop3: detected capacity change from 0 to 16
[  142.602761][ T5676] XFS (loop2): Ending clean mount
[  142.714005][ T5676] XFS (loop2): Quotacheck needed: Please wait.
[  142.985795][ T5704] erofs: (device loop3): mounted with root inode @ nid 36.
[  143.033513][ T5676] XFS (loop2): Quotacheck: Done.
[  143.236147][ T5711] loop0: detected capacity change from 0 to 8
[  143.399531][ T5711] squashfs image failed sanity check
[  143.615105][ T5713] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  143.626648][ T5726] device bond_slave_0 entered promiscuous mode
[  143.632890][ T5726] device bond_slave_1 entered promiscuous mode
[  143.660988][ T5726] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  143.789386][ T4705] XFS (loop2): Unmounting Filesystem
[  144.406466][ T5750] trusted_key: encrypted_key: insufficient parameters specified
[  144.451263][ T5750] loop3: detected capacity change from 0 to 16
[  144.569069][ T5750] erofs: (device loop3): mounted with root inode @ nid 36.
[  145.303203][ T5759] loop1: detected capacity change from 0 to 8
[  145.327224][ T5761] loop3: detected capacity change from 0 to 64
[  145.371327][ T5759] squashfs image failed sanity check
[  145.543464][ T5740] loop4: detected capacity change from 0 to 40427
[  145.610594][ T5740] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  145.618344][ T5740] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  145.714549][ T5740] F2FS-fs (loop4): Found nat_bits in checkpoint
[  145.800366][ T5766] loop3: detected capacity change from 0 to 512
[  145.826810][ T5772] mmap: syz.1.660 (5772) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  145.864624][ T5740] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  145.885593][ T5766] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #2: comm syz.3.659: corrupted xattr block 255
[  145.931962][ T5740] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  145.940048][ T5740] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  145.957659][ T5766] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  145.989245][ T5766] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback.
[  146.085359][ T5746] loop2: detected capacity change from 0 to 32768
[  146.101892][ T5779] loop1: detected capacity change from 0 to 1024
[  146.116184][ T5740] F2FS-fs (loop4): Can't enable fs-verity on inode 10: the verity feature is not enabled on this filesystem
[  146.130171][ T5766] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #2: comm syz.3.659: corrupted xattr block 255
[  146.156548][ T5779] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  146.180521][ T5779] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869)
[  146.261725][ T5746] blk_update_request: I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  146.290992][ T5746] lbmIODone: I/O error in JFS log
[  146.296425][ T5746] *** Log Format Error ! ***
[  146.312285][ T5746] lmLogInit: exit(-22)
[  146.320876][ T5779] EXT4-fs (loop1): journal inode is deleted
[  146.360213][ T5746] lmLogOpen: exit(-22)
[  146.808793][ T5798] trusted_key: encrypted_key: insufficient parameters specified
[  146.862468][ T5798] loop0: detected capacity change from 0 to 16
[  146.888922][ T5797] loop1: detected capacity change from 0 to 8
[  146.974442][ T5798] erofs: (device loop0): mounted with root inode @ nid 36.
[  147.248104][ T5797] squashfs image failed sanity check
[  147.580522][ T5801] loop4: detected capacity change from 0 to 128
[  147.754897][ T5806] netlink: 494 bytes leftover after parsing attributes in process `syz.2.666'.
[  148.086207][ T1193] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  148.182035][ T5818] loop1: detected capacity change from 0 to 512
[  148.337592][ T5818] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #2: comm syz.1.676: corrupted xattr block 255
[  148.359963][ T1193] usb 1-1: Using ep0 maxpacket: 16
[  148.377894][ T5818] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  148.410289][ T5818] EXT4-fs (loop1): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback.
[  148.515505][ T5818] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #2: comm syz.1.676: corrupted xattr block 255
[  148.610429][ T1193] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.901172][   T26] audit: type=1326 audit(1719601453.381:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  148.992801][ T1193] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  149.146417][   T26] audit: type=1326 audit(1719601453.381:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.189721][   T26] audit: type=1326 audit(1719601453.391:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.260365][ T1193] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  149.270291][ T1193] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.282555][ T1193] usb 1-1: config 0 descriptor??
[  149.300142][   T26] audit: type=1326 audit(1719601453.391:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.361022][   T26] audit: type=1326 audit(1719601453.391:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.437562][   T26] audit: type=1326 audit(1719601453.401:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.512867][   T26] audit: type=1326 audit(1719601453.401:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.566464][ T5837] loop3: detected capacity change from 0 to 128
[  149.584038][   T26] audit: type=1326 audit(1719601453.401:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.625838][ T5814] loop2: detected capacity change from 0 to 40427
[  149.633797][   T26] audit: type=1326 audit(1719601453.411:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.665069][   T26] audit: type=1326 audit(1719601453.411:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5828 comm="syz.3.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  149.696511][ T5814] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  149.709566][ T5814] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  149.772551][ T5814] F2FS-fs (loop2): Found nat_bits in checkpoint
[  149.840193][ T1193] usbhid 1-1:0.0: can't add hid device: -71
[  149.846299][ T1193] usbhid: probe of 1-1:0.0 failed with error -71
[  149.896972][ T1193] usb 1-1: USB disconnect, device number 9
[  149.965404][ T5814] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  150.040667][ T5814] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  150.047817][ T5814] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  150.151573][ T5814] F2FS-fs (loop2): Can't enable fs-verity on inode 10: the verity feature is not enabled on this filesystem
[  150.261124][ T5857] netlink: 20 bytes leftover after parsing attributes in process `syz.1.688'.
[  150.510075][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.692694][ T5865] loop0: detected capacity change from 0 to 512
[  150.803274][ T5865] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.693: corrupted xattr block 255
[  150.827532][ T5865] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  150.835435][ T5870] loop1: detected capacity change from 0 to 4096
[  150.837259][ T5876] loop3: detected capacity change from 0 to 16
[  150.849776][ T5865] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.nouid32,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback.
[  150.877113][ T5865] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.693: corrupted xattr block 255
[  150.935412][ T5876] erofs: (device loop3): mounted with root inode @ nid 36.
[  150.994284][ T5870] ntfs: volume version 3.1.
[  152.163167][ T5894] loop3: detected capacity change from 0 to 1024
[  152.285338][ T5894] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  152.319421][ T5899] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  152.361217][ T5894] hfsplus: filesystem is marked journaled, leaving read-only.
[  152.793083][ T5889] loop2: detected capacity change from 0 to 32768
[  152.878726][ T5919] loop3: detected capacity change from 0 to 16
[  152.928636][ T5889] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.689 (5889)
[  152.963738][ T5919] erofs: (device loop3): mounted with root inode @ nid 36.
[  152.999567][ T5889] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  153.029554][ T5889] BTRFS info (device loop2): using free space tree
[  153.039748][ T5889] BTRFS info (device loop2): has skinny extents
[  153.062255][ T5887] loop0: detected capacity change from 0 to 32768
[  153.328636][ T5889] BTRFS info (device loop2): enabling ssd optimizations
[  153.542886][ T5937] loop3: detected capacity change from 0 to 32768
[  153.557197][ T5904] loop4: detected capacity change from 0 to 32768
[  153.697175][ T5937] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.714 (5937)
[  153.786046][ T5886] 9pnet: Insufficient options for proto=fd
[  153.830654][ T5904] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.707 (5904)
[  153.865098][ T5946] tun0: tun_chr_ioctl cmd 2148553947
[  153.927847][ T4135] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by udevd (4135)
[  153.930250][ T5904] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  154.010632][ T5904] BTRFS info (device loop4): setting nodatasum
[  154.048419][ T5904] BTRFS info (device loop4): max_inline at 4096
[  154.083457][ T5904] BTRFS info (device loop4): using free space tree
[  154.170112][ T5904] BTRFS info (device loop4): has skinny extents
[  154.306927][ T5962] loop3: detected capacity change from 0 to 16
[  154.503334][ T5986] loop3: detected capacity change from 0 to 16
[  154.517403][ T5952] chnl_net:caif_netlink_parms(): no params data found
[  154.602676][ T5986] erofs: (device loop3): mounted with root inode @ nid 36.
[  154.721434][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.813589][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.859058][ T5952] device bridge_slave_0 entered promiscuous mode
[  154.920988][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.937510][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.958818][ T6000] hub 9-0:1.0: USB hub found
[  154.986144][ T5952] device bridge_slave_1 entered promiscuous mode
[  155.031102][ T6000] hub 9-0:1.0: 8 ports detected
[  155.178222][ T6001] loop0: detected capacity change from 0 to 1024
[  155.251079][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.298405][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.305330][ T6001] EXT4-fs (loop0): Ignoring removed orlov option
[  155.344732][ T6001] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  155.392948][ T6001] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[  155.416422][ T6001] System zones: 0-1, 3-36
[  155.460095][ T5142] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  155.503952][ T6001] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[  155.536212][ T5952] team0: Port device team_slave_0 added
[  155.586086][ T5952] team0: Port device team_slave_1 added
[  155.676415][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  155.676427][   T26] audit: type=1800 audit(1719601460.391:130): pid=6001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.728" name="bus" dev="loop0" ino=18 res=0 errno=0
[  155.712765][ T5999] loop2: detected capacity change from 0 to 32768
[  155.743173][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.760349][ T5142] usb 5-1: Using ep0 maxpacket: 8
[  155.769086][   T26] audit: type=1800 audit(1719601460.481:131): pid=6001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.728" name="bus" dev="loop0" ino=18 res=0 errno=0
[  155.790038][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.823381][ T5999] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.727 (5999)
[  155.842090][ T6009] loop3: detected capacity change from 0 to 512
[  155.884210][ T5999] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  155.911202][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.930044][ T5142] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  155.953740][ T5142] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  155.962782][ T6009] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,noload,noblock_validity,,errors=continue. Quota mode: none.
[  155.964707][ T5999] BTRFS info (device loop2): using free space tree
[  156.005252][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.012939][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.029265][ T5142] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.039005][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.049671][ T6009] EXT4-fs warning (device loop3): dx_probe:868: inode #2: comm syz.3.729: Unimplemented hash flags: 0x0001
[  156.074994][ T5999] BTRFS info (device loop2): has skinny extents
[  156.096886][ T6009] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.729: Corrupt directory, running e2fsck is recommended
[  156.130246][ T5142] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.217997][ T6023] netlink: 'syz.0.730': attribute type 11 has an invalid length.
[  156.268301][ T5142] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  156.277410][ T5142] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.550019][    T7] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  156.596606][ T5999] BTRFS info (device loop2): enabling ssd optimizations
[  156.631944][ T3653] Bluetooth: hci2: command 0x0409 tx timeout
[  156.709145][ T5952] device hsr_slave_0 entered promiscuous mode
[  156.764822][ T5952] device hsr_slave_1 entered promiscuous mode
[  156.790860][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.821674][ T5952] Cannot create hsr debugfs directory
[  156.876626][ T6041] loop0: detected capacity change from 0 to 16
[  156.891330][ T5142] usb 5-1: usb_control_msg returned -32
[  156.899289][ T5142] usbtmc 5-1:16.0: can't read capabilities
[  156.940396][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.974332][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.004712][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  157.067905][    T7] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  157.099271][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.141531][    T7] usb 4-1: config 0 descriptor??
[  157.270065][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.280951][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.290258][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.299566][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.308824][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.318101][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.327354][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.336605][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.345853][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.355116][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.364376][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.373635][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.382890][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.392260][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.401527][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.410776][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  157.430270][ T6050] usbtmc 5-1:16.0: Unable to send data, error -71
[  157.534031][ T6009] netlink: 4 bytes leftover after parsing attributes in process `syz.3.729'.
[  157.549689][ T6009] device wireguard0 entered promiscuous mode
[  157.684853][ T5952] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.830268][    T7] usbhid 4-1:0.0: can't add hid device: -71
[  157.836450][    T7] usbhid: probe of 4-1:0.0 failed with error -71
[  157.863554][    T7] usb 4-1: USB disconnect, device number 12
[  157.899574][ T5952] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.050601][ T5952] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.144531][ T5952] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.328877][ T5952] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  158.347825][ T5952] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  158.373477][ T5952] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  158.409586][ T5952] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  158.493405][ T3545] usb 5-1: USB disconnect, device number 12
[  158.660410][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.704653][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.713414][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.723521][ T6073] loop2: detected capacity change from 0 to 1024
[  158.737348][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[  158.746048][ T3653] Bluetooth: hci2: command 0x041b tx timeout
[  158.760423][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  158.770774][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.777152][ T6060] loop0: detected capacity change from 0 to 32768
[  158.781747][ T3645] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.792251][ T3645] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.817773][ T5142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  158.825995][ T5142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  158.834848][ T5142] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  158.843580][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.850661][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.856371][ T6060] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.736 (6060)
[  158.874235][ T6073] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  158.902008][ T5142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  158.907673][ T6073] hfsplus: filesystem is marked journaled, leaving read-only.
[  158.947600][ T6060] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  158.960049][ T3545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  158.987884][ T3545] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  159.000270][ T6060] BTRFS info (device loop0): setting nodatasum
[  159.006464][ T6060] BTRFS info (device loop0): max_inline at 4096
[  159.011925][ T3545] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  159.030604][ T6060] BTRFS info (device loop0): using free space tree
[  159.035428][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  159.051204][ T6060] BTRFS info (device loop0): has skinny extents
[  159.063314][ T3545] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  159.076681][ T3545] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  159.143363][ T5952] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  159.167928][ T5952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  159.205345][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  159.214398][ T6084] loop2: detected capacity change from 0 to 16
[  159.224146][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  159.251244][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  159.270533][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  159.309707][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  159.473570][ T6104] loop4: detected capacity change from 0 to 64
[  159.573190][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  159.593756][ T3866] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  159.641500][ T6104] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  159.656132][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.752785][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  159.829573][ T6111] netlink: 'syz.2.747': attribute type 11 has an invalid length.
[  159.895229][ T6112] netlink: 'syz.2.747': attribute type 11 has an invalid length.
[  159.948811][ T3644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  160.024423][ T6115] loop2: detected capacity change from 0 to 256
[  160.101862][ T6115] exfat: Deprecated parameter 'codepage'
[  160.107532][ T6115] exfat: Bad value for 'codepage'
[  160.210499][ T6111] loop2: detected capacity change from 0 to 1024
[  160.559297][ T5296] hfsplus: b-tree write err: -5, ino 4
[  160.582324][ T6116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  160.621456][ T6116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  160.648639][ T5952] device veth0_vlan entered promiscuous mode
[  160.671606][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  160.700627][ T3544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  160.729798][ T5952] device veth1_vlan entered promiscuous mode
[  160.743578][   T26] audit: type=1804 audit(1719601465.461:132): pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.748" name="/root/syzkaller.tpPTXp/153/cgroup.controllers" dev="sda1" ino=1981 res=1 errno=0
[  160.788504][ T3653] Bluetooth: hci2: command 0x040f tx timeout
[  160.825004][ T5952] device veth0_macvtap entered promiscuous mode
[  160.861335][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  160.869856][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  160.892881][ T5952] device veth1_macvtap entered promiscuous mode
[  160.906996][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  160.915802][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  160.957540][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.975925][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.995763][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.008974][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.010042][ T6116] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  161.019258][ T3644] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  161.073362][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.094375][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.113992][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.125428][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.136775][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.147549][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.157814][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.168700][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.184815][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.196957][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  161.210667][ T3645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  161.222916][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.232560][ T6129] loop4: detected capacity change from 0 to 16
[  161.237490][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.250919][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.262120][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.272547][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.283891][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.294324][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.305236][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.315433][ T3644] usb 3-1: Using ep0 maxpacket: 16
[  161.322650][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.334972][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.347146][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.358110][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.368760][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.379561][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.396744][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.406272][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  161.420368][ T6116] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.435894][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  161.444796][ T3644] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.450055][ T6116] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.473283][ T6129] erofs: (device loop4): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  161.487143][ T3644] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.500349][ T5952] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.506303][ T6116] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  161.525511][ T3644] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  161.525610][ T5952] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.548435][ T3644] usb 3-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  161.557884][ T3644] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.557966][ T6116] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  161.585900][ T3644] usb 3-1: config 0 descriptor??
[  161.591140][ T5952] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.622577][ T5952] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.629709][ T6116] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.656865][ T6116] usb 1-1: config 0 descriptor??
[  161.781415][   T26] audit: type=1326 audit(1719601466.501:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.752" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff3a2e77b99 code=0x0
[  161.869135][ T6131] loop3: detected capacity change from 0 to 16
[  161.876596][ T4392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.911422][ T4392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.952040][ T6118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.746'.
[  161.985326][ T6118] device wireguard0 entered promiscuous mode
[  162.014862][ T3653] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  162.033965][ T5296] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.086635][ T5296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.096841][ T3644] ryos 0003:1E7D:31CE.0004: unknown main item tag 0x0
[  162.126668][ T3644] ryos 0003:1E7D:31CE.0004: unbalanced delimiter at end of report description
[  162.182495][ T6114] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  162.221762][ T3644] ryos 0003:1E7D:31CE.0004: parse failed
[  162.227756][ T3644] ryos: probe of 0003:1E7D:31CE.0004 failed with error -22
[  162.280152][ T6116] usbhid 1-1:0.0: can't add hid device: -71
[  162.286136][ T6116] usbhid: probe of 1-1:0.0 failed with error -71
[  162.298438][ T3645] usb 3-1: USB disconnect, device number 7
[  162.328476][ T6116] usb 1-1: USB disconnect, device number 10
[  163.382242][ T3653] Bluetooth: hci2: command 0x0419 tx timeout
[  163.655021][ T6155] loop1: detected capacity change from 0 to 1024
[  163.784075][ T6155] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  164.101469][ T6166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.762'.
[  164.140670][ T6169] loop4: detected capacity change from 0 to 2048
[  164.197264][ T6169] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  164.245774][ T6169] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.290432][ T6173] loop2: detected capacity change from 0 to 512
[  164.423785][ T6173] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x0000000000000000,noload,noblock_validity,,errors=continue. Quota mode: none.
[  164.576058][ T6173] EXT4-fs warning (device loop2): dx_probe:868: inode #2: comm syz.2.765: Unimplemented hash flags: 0x0001
[  164.602812][ T6173] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.765: Corrupt directory, running e2fsck is recommended
[  164.745863][ T6150] loop3: detected capacity change from 0 to 32768
[  164.793787][ T6150] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.756 (6150)
[  164.854415][ T6150] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  164.885204][ T6150] BTRFS info (device loop3): setting nodatasum
[  164.892012][ T6116] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  164.905131][ T6150] BTRFS info (device loop3): max_inline at 4096
[  164.974361][ T6150] BTRFS info (device loop3): using free space tree
[  164.989381][ T6150] BTRFS info (device loop3): has skinny extents
[  165.041636][ T6209] loop0: detected capacity change from 0 to 512
[  165.260226][ T6116] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.324600][ T6116] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.359230][ T6116] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  165.407363][ T6116] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  165.464135][ T6116] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.531736][ T6116] usb 3-1: config 0 descriptor??
[  165.797048][ T6231] loop1: detected capacity change from 0 to 16
[  165.809400][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  165.831473][ T6173] device wireguard0 entered promiscuous mode
[  165.892134][ T6231] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  165.955265][ T6236] loop3: detected capacity change from 0 to 4096
[  166.053867][ T6231] cramfs: bad root offset 24652
[  166.160050][ T6116] usbhid 3-1:0.0: can't add hid device: -71
[  166.169643][ T6116] usbhid: probe of 3-1:0.0 failed with error -71
[  166.200917][ T6231] netlink: 60 bytes leftover after parsing attributes in process `syz.1.778'.
[  166.207924][ T6116] usb 3-1: USB disconnect, device number 8
[  166.251518][ T6231] netlink: 172 bytes leftover after parsing attributes in process `syz.1.778'.
[  166.275716][ T6231] Cannot find add_set index 0 as target
[  166.694920][ T6259] loop3: detected capacity change from 0 to 256
[  166.804707][ T6259] FAT-fs (loop3): Directory bread(block 64) failed
[  166.837211][ T6259] FAT-fs (loop3): Directory bread(block 65) failed
[  166.861944][ T6259] FAT-fs (loop3): Directory bread(block 66) failed
[  166.883168][ T6257] loop1: detected capacity change from 0 to 8192
[  166.909382][ T6259] FAT-fs (loop3): Directory bread(block 67) failed
[  166.934377][ T6259] FAT-fs (loop3): Directory bread(block 68) failed
[  166.950564][ T6257] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  166.978962][ T6259] FAT-fs (loop3): Directory bread(block 69) failed
[  167.006081][ T6259] FAT-fs (loop3): Directory bread(block 70) failed
[  167.028908][ T6259] FAT-fs (loop3): Directory bread(block 71) failed
[  167.049484][ T6259] FAT-fs (loop3): Directory bread(block 72) failed
[  167.057540][ T6259] FAT-fs (loop3): Directory bread(block 73) failed
[  167.352275][ T6269] netlink: 'syz.0.791': attribute type 11 has an invalid length.
[  167.362135][ T6269] netlink: 'syz.0.791': attribute type 11 has an invalid length.
[  167.402183][ T6269] loop0: detected capacity change from 0 to 256
[  167.434478][ T6269] exfat: Deprecated parameter 'codepage'
[  167.440417][ T6269] exfat: Bad value for 'codepage'
[  167.536577][ T6269] loop0: detected capacity change from 0 to 1024
[  168.109205][ T6271] hfsplus: b-tree write err: -5, ino 4
[  168.127987][   T26] audit: type=1804 audit(1719601472.841:134): pid=6272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.790" name="/root/syzkaller.l6TWTh/180/cgroup.controllers" dev="sda1" ino=1962 res=1 errno=0
[  168.204674][ T6278] loop1: detected capacity change from 0 to 16
[  168.271193][ T6278] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  168.298140][ T6278] cramfs: bad root offset 24652
[  168.415043][ T6292] loop2: detected capacity change from 0 to 2048
[  168.415043][ T6296] loop4: detected capacity change from 0 to 64
[  168.455236][ T6278] netlink: 60 bytes leftover after parsing attributes in process `syz.1.792'.
[  168.498544][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.537299][ T6278] netlink: 172 bytes leftover after parsing attributes in process `syz.1.792'.
[  168.551037][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.558151][ T6297] loop0: detected capacity change from 0 to 512
[  168.588636][ T6278] Cannot find add_set index 0 as target
[  168.611313][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.650099][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.651967][ T6295] delete_channel: no stack
[  168.717511][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.752284][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.835508][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.878885][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.897045][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.909862][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.949801][ T6292] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=385, location=385
[  168.973956][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.987337][ T6292] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  168.998570][ T6292] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  169.130105][ T6116] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  169.269370][ T6307] loop2: detected capacity change from 0 to 512
[  169.330851][ T6307] EXT4-fs (loop2): 1 truncate cleaned up
[  169.348051][ T6307] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  169.380008][ T6116] usb 2-1: Using ep0 maxpacket: 16
[  169.500141][ T6116] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.520027][ T6116] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.546044][ T6116] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  169.604698][ T6116] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  169.627354][ T6305] loop4: detected capacity change from 0 to 32768
[  169.645515][ T6116] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  169.665744][ T6116] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  169.744495][ T6305] XFS (loop4): Mounting V5 Filesystem
[  169.910105][ T6116] usb 2-1: language id specifier not provided by device, defaulting to English
[  170.026345][ T6305] XFS (loop4): Ending clean mount
[  170.108921][ T6305] XFS (loop4): Quotacheck needed: Please wait.
[  170.120245][ T6116] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  170.171926][ T6116] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.195874][ T6305] XFS (loop4): Quotacheck: Done.
[  170.250067][ T6116] usb 2-1: Product: syz
[  170.264553][ T6116] usb 2-1: SerialNumber: syz
[  170.360759][ T6332] loop2: detected capacity change from 0 to 8192
[  170.519514][   T26] audit: type=1326 audit(1719601475.221:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  170.519552][ T5142] Bluetooth: hci1: command 0x0406 tx timeout
[  171.208592][   T26] audit: type=1326 audit(1719601475.221:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.262706][ T6116] cdc_ncm 2-1:1.0: bind() failure
[  171.272811][ T6116] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  171.294672][ T6116] cdc_ncm 2-1:1.1: bind() failure
[  171.412986][   T26] audit: type=1326 audit(1719601475.221:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.428418][ T6337] overlayfs: failed to resolve './file1': -2
[  171.442530][   T26] audit: type=1326 audit(1719601475.221:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.483288][ T6116] usb 2-1: USB disconnect, device number 11
[  171.527358][   T26] audit: type=1326 audit(1719601475.221:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.549787][   T26] audit: type=1326 audit(1719601475.221:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.635212][   T26] audit: type=1326 audit(1719601475.221:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.690803][   T26] audit: type=1326 audit(1719601475.221:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  171.714071][   T26] audit: type=1326 audit(1719601475.231:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6329 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2cd83ebb99 code=0x7ffc0000
[  172.352161][ T3506] XFS (loop4): Unmounting Filesystem
[  172.360112][ T6345] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  172.670059][ T6359] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  172.755902][ T6359] device syzkaller0 entered promiscuous mode
[  172.826466][ T6367] loop1: detected capacity change from 0 to 512
[  172.934298][ T3516] Bluetooth: Wrong link type (-22)
[  173.086506][ T6374] loop3: detected capacity change from 0 to 1024
[  173.137141][ T6376] loop4: detected capacity change from 0 to 16
[  173.201313][ T6376] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  173.209836][ T6370] loop2: detected capacity change from 0 to 512
[  173.219073][ T6374] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  173.262037][ T6376] cramfs: bad root offset 24652
[  173.334689][ T6370] EXT4-fs (loop2): quotafile must be on filesystem root
[  173.359437][ T6374] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  173.420264][ T6374] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  173.462919][ T6376] netlink: 60 bytes leftover after parsing attributes in process `syz.4.815'.
[  173.490696][ T6374] EXT4-fs (loop3): This should not happen!! Data will be lost
[  173.490696][ T6374] 
[  173.562724][ T6374] EXT4-fs (loop3): Total free blocks count 0
[  173.604491][ T6376] netlink: 172 bytes leftover after parsing attributes in process `syz.4.815'.
[  173.630109][ T6374] EXT4-fs (loop3): Free/Dirty block details
[  173.661293][ T6376] Cannot find add_set index 0 as target
[  173.697047][ T6374] EXT4-fs (loop3): free_blocks=68451041280
[  173.823759][ T6374] EXT4-fs (loop3): dirty_blocks=16
[  173.835660][ T6374] EXT4-fs (loop3): Block reservation details
[  173.854673][ T6374] EXT4-fs (loop3): i_reserved_data_blocks=1
[  174.543058][  T144] device hsr_slave_0 left promiscuous mode
[  174.578600][  T144] device hsr_slave_1 left promiscuous mode
[  174.595073][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.621218][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.667052][  T144] device bridge_slave_1 left promiscuous mode
[  174.695028][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.728926][  T144] device bridge_slave_0 left promiscuous mode
[  174.741792][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.770953][  T144] device veth1_macvtap left promiscuous mode
[  174.820577][  T144] device veth0_macvtap left promiscuous mode
[  174.853684][  T144] device veth1_vlan left promiscuous mode
[  174.880127][  T144] device veth0_vlan left promiscuous mode
[  175.580048][ T3644] Bluetooth: hci4: command 0x0406 tx timeout
[  175.648789][  T144] team0 (unregistering): Port device team_slave_1 removed
[  175.697493][  T144] team0 (unregistering): Port device team_slave_0 removed
[  175.719435][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.777522][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  175.940120][ T6432] netlink: 'syz.0.843': attribute type 11 has an invalid length.
[  176.135130][  T144] bond0 (unregistering): Released all slaves
[  176.199011][ T6410] loop2: detected capacity change from 0 to 32768
[  176.551125][ T6410] XFS (loop2): Mounting V5 Filesystem
[  176.561932][ T6449] loop0: detected capacity change from 0 to 512
[  176.749984][ T6116] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  176.996632][ T6410] XFS (loop2): Ending clean mount
[  177.035181][ T6410] XFS (loop2): Quotacheck needed: Please wait.
[  177.049971][ T6116] usb 5-1: Using ep0 maxpacket: 16
[  177.087957][ T3587] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x39/0xc0, xfs_bnobt block 0x8 
[  177.130177][ T3587] XFS (loop2): Unmount and run xfs_repair
[  177.139664][ T3587] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  177.154269][ T3587] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  177.175085][ T3587] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  177.187056][ T3587] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab  ..*.w.B.......K.
[  177.202836][ T3587] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01  ....[.O.........
[  177.218925][ T3587] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00  ...6............
[  177.234074][ T3587] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  177.246219][ T3587] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  177.292933][ T3587] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  177.340476][ T6116] usb 5-1: New USB device found, idVendor=0b05, idProduct=1736, bcdDevice= d.b1
[  177.351381][ T3587] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x8 len 8 error 74
[  177.368051][ T6116] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.383509][ T6459] loop1: detected capacity change from 0 to 512
[  177.408022][ T6116] usb 5-1: Product: syz
[  177.415075][ T6410] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  177.454696][ T6116] usb 5-1: Manufacturer: syz
[  177.459304][ T6116] usb 5-1: SerialNumber: syz
[  177.506160][ T6116] usb 5-1: config 0 descriptor??
[  177.510435][ T3653] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  177.529459][ T4705] XFS (loop2): Unmounting Filesystem
[  177.619761][ T6459] EXT4-fs (loop1): quotafile must be on filesystem root
[  177.770082][ T3653] usb 4-1: Using ep0 maxpacket: 32
[  177.860191][ T6116] dvb-usb: found a 'Asus My Cinema-U3000Hybrid' in cold state, will try to load a firmware
[  177.921075][ T3653] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.952209][ T6116] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  177.959918][ T3653] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.011472][ T6116] dib0700: firmware download failed at 7 with -22
[  178.049626][ T3653] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  178.067915][ T3653] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.115668][ T6116] usb 5-1: USB disconnect, device number 13
[  178.125378][ T3653] usb 4-1: config 0 descriptor??
[  178.279482][ T3653] hub 4-1:0.0: USB hub found
[  178.531681][ T3653] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  178.830032][ T3653] usbhid 4-1:0.0: can't add hid device: -71
[  178.830118][ T3653] usbhid: probe of 4-1:0.0 failed with error -71
[  178.900719][ T3653] usb 4-1: USB disconnect, device number 13
[  179.074621][ T6482] loop4: detected capacity change from 0 to 512
[  179.086580][ T6484] loop1: detected capacity change from 0 to 512
[  179.156375][ T6482] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  179.184289][ T6482] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  179.247473][ T6482] EXT4-fs error (device loop4): __ext4_iget:4861: inode #2: block 256: comm syz.4.858: invalid block
[  179.270339][ T6482] EXT4-fs (loop4): get root inode failed
[  179.275995][ T6482] EXT4-fs (loop4): mount failed
[  179.393614][ T6484] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.857: invalid indirect mapped block 256 (level 2)
[  179.532794][ T6484] EXT4-fs (loop1): Remounting filesystem read-only
[  179.566002][ T6484] EXT4-fs (loop1): 2 truncates cleaned up
[  179.575791][ T6484] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,debug_want_extra_isize=0x0000000000000008,data_err=ignore,. Quota mode: writeback.
[  179.875025][ T6491] loop3: detected capacity change from 0 to 4096
[  179.907387][ T6491] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  179.931003][ T6474] loop0: detected capacity change from 0 to 32768
[  179.943254][ T6491] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  180.000609][ T6480] loop2: detected capacity change from 0 to 32768
[  180.045212][ T6480] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.856 (6480)
[  180.076325][ T6474] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  180.119993][ T6474] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  180.132474][ T6498] loop4: detected capacity change from 0 to 8192
[  180.158620][ T6480] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  180.189293][ T3587] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22.
[  180.226290][ T3510] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  180.229070][ T6480] BTRFS info (device loop2): turning off barriers
[  180.252285][ T6498] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  180.272195][ T6480] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  180.280931][ T6474] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  180.284714][ T6498] REISERFS (device loop4): using ordered data mode
[  180.307070][ T3868] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  180.327030][ T3868] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  180.352770][ T6480] BTRFS info (device loop2): force lzo compression, level 0
[  180.360922][ T6480] BTRFS info (device loop2): doing ref verification
[  180.372317][ T6480] BTRFS info (device loop2): doing ref verification
[  180.378924][ T6480] BTRFS info (device loop2): using free space tree
[  180.385987][ T6480] BTRFS info (device loop2): has skinny extents
[  180.389987][ T6498] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  180.392342][ T6480] workqueue: max_active 1733 requested for btrfs-worker is out of range, clamping between 1 and 512
[  180.419926][ T6480] workqueue: max_active 1733 requested for btrfs-worker-high is out of range, clamping between 1 and 512
[  180.450909][ T6480] workqueue: max_active 1733 requested for btrfs-delalloc is out of range, clamping between 1 and 512
[  180.451556][ T6498] REISERFS (device loop4): checking transaction log (loop4)
[  180.514524][ T6480] workqueue: max_active 1733 requested for btrfs-endio is out of range, clamping between 1 and 512
[  180.560459][ T6480] workqueue: max_active 1733 requested for btrfs-endio-meta is out of range, clamping between 1 and 512
[  180.563749][ T6498] REISERFS (device loop4): Using r5 hash to sort names
[  180.581568][ T6498] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  180.597547][ T6498] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  180.617657][ T6480] workqueue: max_active 1733 requested for btrfs-endio-meta-write is out of range, clamping between 1 and 512
[  180.640029][ T6480] workqueue: max_active 1733 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512
[  180.659684][ T3868] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 332ms
[  180.670734][ T6480] workqueue: max_active 1733 requested for btrfs-rmw is out of range, clamping between 1 and 512
[  180.697320][ T3868] gfs2: fsid=syz:syz.0: jid=0: Done
[  180.701469][ T6480] workqueue: max_active 1733 requested for btrfs-endio-write is out of range, clamping between 1 and 512
[  180.735112][ T6474] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  180.743524][ T6480] workqueue: max_active 1733 requested for btrfs-readahead is out of range, clamping between 1 and 512
[  180.802536][ T6496] loop1: detected capacity change from 0 to 32768
[  180.878392][ T6496] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz.1.862 (6496)
[  181.002372][ T6496] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  181.046017][ T6480] BTRFS info (device loop2): enabling ssd optimizations
[  181.066639][ T6527] loop3: detected capacity change from 0 to 16
[  181.081236][ T6496] BTRFS info (device loop1): using free space tree
[  181.119809][ T6496] BTRFS info (device loop1): has skinny extents
[  181.131318][ T6527] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  181.179961][ T6527] cramfs: bad root offset 24652
[  181.227142][ T6540] loop4: detected capacity change from 0 to 128
[  181.384060][ T6527] netlink: 60 bytes leftover after parsing attributes in process `syz.3.866'.
[  181.522305][ T6527] netlink: 172 bytes leftover after parsing attributes in process `syz.3.866'.
[  181.650879][ T6528] Cannot find add_set index 0 as target
[  181.879720][ T6496] BTRFS info (device loop1): enabling ssd optimizations
[  181.962251][ T6496] BTRFS warning (device loop1): can't clear the skinny_metadata,no_holes feature bits while mounted
[  182.609269][ T6558] loop2: detected capacity change from 0 to 32768
[  182.631732][ T3560] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  182.672259][ T6558] XFS: attr2 mount option is deprecated.
[  182.682763][ T6558] XFS: noikeep mount option is deprecated.
[  182.801169][ T6558] XFS (loop2): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  182.820110][ T3543] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  182.855716][ T6558] XFS (loop2): Quotacheck needed: Please wait.
[  182.896628][ T1065] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 
[  182.910066][ T3560] usb 5-1: Using ep0 maxpacket: 16
[  182.917749][ T1065] XFS (loop2): Unmount and run xfs_repair
[  182.928669][ T6581] loop0: detected capacity change from 0 to 512
[  182.935188][ T1065] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  182.944280][ T1065] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  182.953438][ T1065] 00000010: 00 00 02 00 00 00 00 14 00 00 00 01 00 00 00 80  ................
[  182.962714][ T1065] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  182.971787][ T1065] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  182.980958][ T1065] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  182.990032][ T1065] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  182.998881][ T1065] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  183.008124][ T1065] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  183.017242][ T6271] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74
[  183.053057][ T6581] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.872: invalid indirect mapped block 256 (level 2)
[  183.066781][ T6271] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x659/0xa60 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  183.093180][ T6581] EXT4-fs (loop0): Remounting filesystem read-only
[  183.102594][ T6581] EXT4-fs (loop0): 2 truncates cleaned up
[  183.115440][ T6271] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  183.126937][ T6581] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,debug_want_extra_isize=0x0000000000000008,data_err=ignore,. Quota mode: writeback.
[  183.155055][ T6558] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  183.207537][ T6571] loop1: detected capacity change from 0 to 32768
[  183.238384][ T4705] XFS (loop2): Unmounting Filesystem
[  183.255349][ T3543] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  183.266945][ T6571] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop1 scanned by syz.1.874 (6571)
[  183.270037][ T3560] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  183.303516][ T3543] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.322027][ T3560] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.330381][ T3543] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.344511][ T3560] usb 5-1: Product: syz
[  183.349392][ T3560] usb 5-1: Manufacturer: syz
[  183.355223][ T3543] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  183.355247][ T6571] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  183.368220][ T3560] usb 5-1: SerialNumber: syz
[  183.382970][ T3560] usb 5-1: config 0 descriptor??
[  183.392168][ T6571] BTRFS info (device loop1): use zlib compression, level 3
[  183.399382][ T6571] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  183.439976][ T6571] BTRFS info (device loop1): use zstd compression, level 3
[  183.462220][  T144] device hsr_slave_0 left promiscuous mode
[  183.479738][ T6571] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  183.490332][ T3543] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  183.499378][ T3543] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  183.507782][ T6571] BTRFS info (device loop1): use lzo compression, level 0
[  183.509381][ T3543] usb 4-1: Manufacturer: syz
[  183.515156][  T144] device hsr_slave_1 left promiscuous mode
[  183.538634][ T6571] BTRFS info (device loop1): using free space tree
[  183.546974][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.555983][ T3543] usb 4-1: config 0 descriptor??
[  183.572998][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.580794][ T6571] BTRFS info (device loop1): has skinny extents
[  183.602573][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.619692][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.640125][ T3560] usb 5-1: Cannot retrieve CPort count: -71
[  183.646446][ T3560] usb 5-1: Cannot retrieve CPort count: -71
[  183.654751][  T144] device bridge_slave_0 left promiscuous mode
[  183.662251][ T3560] es2_ap_driver: probe of 5-1:0.0 failed with error -71
[  183.662938][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.688325][ T3560] usb 5-1: USB disconnect, device number 14
[  183.758449][  T144] device bond_slave_0 left promiscuous mode
[  183.764689][  T144] device bond_slave_1 left promiscuous mode
[  183.812695][  T144] device veth1_macvtap left promiscuous mode
[  183.820270][  T144] device veth0_macvtap left promiscuous mode
[  183.826444][  T144] device veth1_vlan left promiscuous mode
[  183.832834][  T144] device veth0_vlan left promiscuous mode
[  183.900783][ T6571] BTRFS info (device loop1): enabling ssd optimizations
[  184.015091][  T144] bond3 (unregistering): Released all slaves
[  184.081024][ T3543] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  184.092110][  T144] bond2 (unregistering): Released all slaves
[  184.103248][ T3543] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[  184.107170][  T144] bond1 (unregistering): Released all slaves
[  184.160303][ T3543] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  184.492953][ T6621] loop1: detected capacity change from 0 to 512
[  184.670909][ T6621] EXT4-fs (loop1): orphan cleanup on readonly fs
[  184.773231][ T6621] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.879: bg 0: block 248: padding at end of block bitmap is not set
[  184.791286][ T6612] loop2: detected capacity change from 0 to 32768
[  184.810039][ T6621] __quota_error: 23 callbacks suppressed
[  184.810052][ T6621] Quota error (device loop1): write_blk: dquota write failed
[  184.825315][ T6621] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  184.837243][ T6621] EXT4-fs error (device loop1): ext4_acquire_dquot:6196: comm syz.1.879: Failed to acquire dquot type 1
[  184.865173][  T144] team0 (unregistering): Port device team_slave_1 removed
[  184.869856][ T6621] EXT4-fs (loop1): 1 truncate cleaned up
[  184.918019][ T6621] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,,errors=continue. Quota mode: writeback.
[  184.941979][ T6116] usb 4-1: USB disconnect, device number 14
[  184.954347][  T144] team0 (unregistering): Port device team_slave_0 removed
[  184.989083][ T6612] XFS (loop2): Mounting V5 Filesystem
[  185.013029][ T6621] EXT4-fs error (device loop1): ext4_lookup:1859: inode #2: comm syz.1.879: deleted inode referenced: 12
[  185.041749][ T6610] loop0: detected capacity change from 0 to 32768
[  185.058169][ T6621] syz.1.879 (6621) used greatest stack depth: 19200 bytes left
[  185.074615][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.086899][ T6610] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.878 (6610)
[  185.116258][ T6610] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  185.125974][ T6610] BTRFS info (device loop0): turning off barriers
[  185.132683][ T6610] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  185.142595][ T6610] BTRFS info (device loop0): force lzo compression, level 0
[  185.167781][ T6610] BTRFS info (device loop0): doing ref verification
[  185.181834][ T6610] BTRFS info (device loop0): doing ref verification
[  185.188435][ T6610] BTRFS info (device loop0): using free space tree
[  185.209825][ T6610] BTRFS info (device loop0): has skinny extents
[  185.216985][ T6610] workqueue: max_active 1733 requested for btrfs-worker is out of range, clamping between 1 and 512
[  185.217266][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.303012][ T6610] workqueue: max_active 1733 requested for btrfs-worker-high is out of range, clamping between 1 and 512
[  185.320695][ T6612] XFS (loop2): Ending clean mount
[  185.337995][ T6612] XFS (loop2): Quotacheck needed: Please wait.
[  185.348943][ T6610] workqueue: max_active 1733 requested for btrfs-delalloc is out of range, clamping between 1 and 512
[  185.430882][ T6610] workqueue: max_active 1733 requested for btrfs-endio is out of range, clamping between 1 and 512
[  185.462912][ T6610] workqueue: max_active 1733 requested for btrfs-endio-meta is out of range, clamping between 1 and 512
[  185.493347][ T6612] XFS (loop2): Quotacheck: Done.
[  185.547076][ T6610] workqueue: max_active 1733 requested for btrfs-endio-meta-write is out of range, clamping between 1 and 512
[  185.600203][ T6610] workqueue: max_active 1733 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512
[  185.646216][  T144] bond0 (unregistering): Released all slaves
[  185.662802][ T6610] workqueue: max_active 1733 requested for btrfs-rmw is out of range, clamping between 1 and 512
[  185.703607][ T6610] workqueue: max_active 1733 requested for btrfs-endio-write is out of range, clamping between 1 and 512
[  185.757255][ T6610] workqueue: max_active 1733 requested for btrfs-readahead is out of range, clamping between 1 and 512
[  185.771745][ T4705] XFS (loop2): Unmounting Filesystem
[  185.777742][ T6663] netlink: 'syz.3.886': attribute type 3 has an invalid length.
[  185.786036][ T6116] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  185.904854][ T6610] BTRFS info (device loop0): enabling ssd optimizations
[  186.040291][ T6116] usb 2-1: Using ep0 maxpacket: 16
[  186.190331][ T6116] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  186.220122][ T6116] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  186.257023][ T6116] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  186.289368][ T6116] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  186.411647][ T6116] usb 2-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  186.430027][ T6116] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  186.446949][ T6667] loop3: detected capacity change from 0 to 32768
[  186.449984][ T6116] usb 2-1: SerialNumber: syz
[  186.525325][ T6116] usb-storage 2-1:1.0: USB Mass Storage device detected
[  186.621917][ T6116] usb-storage 2-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  186.666316][ T6667] XFS (loop3): Mounting V5 Filesystem
[  186.687984][ T6116] scsi host1: usb-storage 2-1:1.0
[  186.801595][ T6671] loop4: detected capacity change from 0 to 32768
[  186.850209][ T6671] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop4 scanned by syz.4.889 (6671)
[  186.921787][ T6667] XFS (loop3): Ending clean mount
[  186.982002][ T6667] XFS (loop3): Quotacheck needed: Please wait.
[  187.005600][ T5893] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x39/0xc0, xfs_bnobt block 0x8 
[  187.031859][ T5893] XFS (loop3): Unmount and run xfs_repair
[  187.038490][ T5893] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  187.057122][ T6695] loop0: detected capacity change from 0 to 512
[  187.065717][ T6671] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  187.085784][ T6671] BTRFS info (device loop4): use zlib compression, level 3
[  187.092469][ T6691] loop2: detected capacity change from 0 to 512
[  187.115920][ T5893] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  187.130169][ T6671] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  187.138322][ T6116] usb 2-1: USB disconnect, device number 12
[  187.156796][ T5893] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  187.180617][ T6671] BTRFS info (device loop4): use zstd compression, level 3
[  187.190089][ T5893] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab  ..*.w.B.......K.
[  187.219202][ T6671] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  187.228931][ T5893] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01  ....[.O.........
[  187.261574][ T6695] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  187.290609][ T6671] BTRFS info (device loop4): use lzo compression, level 0
[  187.316658][ T5893] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00  ...6............
[  187.330129][ T6671] BTRFS info (device loop4): using free space tree
[  187.346453][ T6671] BTRFS info (device loop4): has skinny extents
[  187.363229][ T6695] EXT4-fs (loop0): 1 truncate cleaned up
[  187.389178][ T5893] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  187.400159][ T6695] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,nouid32,init_itable,noload,minixdf,usrjquota=,,errors=continue. Quota mode: none.
[  187.425230][ T5893] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  187.434528][ T6691] EXT4-fs (loop2): quotafile must be on filesystem root
[  187.434555][ T5893] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  187.451520][ T5893] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x8 len 8 error 74
[  187.522923][ T6667] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  187.670182][ T6671] BTRFS info (device loop4): enabling ssd optimizations
[  187.832277][ T3510] XFS (loop3): Unmounting Filesystem
[  189.280111][ T6743] loop4: detected capacity change from 0 to 512
[  190.117086][ T6732] loop1: detected capacity change from 0 to 32768
[  190.134292][ T6743] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,,errors=continue. Quota mode: writeback.
[  190.160197][ T6743] ext4 filesystem being mounted at /root/syzkaller.tpPTXp/190/file0 supports timestamps until 2038 (0x7fffffff)
[  190.589597][ T6749] loop3: detected capacity change from 0 to 16
[  190.661513][ T6754] input: syz0 as /devices/virtual/input/input5
[  191.135953][ T6732] XFS (loop1): Mounting V5 Filesystem
[  191.450180][ T6732] XFS (loop1): Ending clean mount
[  191.485845][ T6732] XFS (loop1): Quotacheck needed: Please wait.
[  191.631355][ T6732] XFS (loop1): Quotacheck: Done.
[  191.662570][ T6749] erofs: (device loop3): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  191.741224][ T5952] XFS (loop1): Unmounting Filesystem
[  192.086111][   T26] audit: type=1326 audit(1719601496.801:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6748 comm="syz.3.902" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x0
[  192.953411][ T6802] loop4: detected capacity change from 0 to 256
[  193.007187][ T6804] sctp: [Deprecated]: syz.3.918 (pid 6804) Use of int in max_burst socket option deprecated.
[  193.007187][ T6804] Use struct sctp_assoc_value instead
[  193.148245][ T6807] loop3: detected capacity change from 0 to 512
[  193.226750][ T6807] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  193.268609][ T6810] loop0: detected capacity change from 0 to 16
[  193.280117][ T6807] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  193.351616][ T6779] loop1: detected capacity change from 0 to 32768
[  193.351728][ T6807] EXT4-fs (loop3): 1 orphan inode deleted
[  193.438143][ T6810] erofs: (device loop0): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  193.459574][ T6807] EXT4-fs (loop3): 1 truncate cleaned up
[  193.466975][ T6807] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,block_validity,. Quota mode: none.
[  193.495074][ T6779] XFS (loop1): Mounting V5 Filesystem
[  193.783097][ T6794] loop2: detected capacity change from 0 to 32768
[  193.787758][ T6779] XFS (loop1): Ending clean mount
[  193.828341][ T6779] XFS (loop1): Quotacheck needed: Please wait.
[  193.921202][ T3542] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x39/0xc0, xfs_bnobt block 0x8 
[  193.955621][ T3542] XFS (loop1): Unmount and run xfs_repair
[  193.970035][ T3542] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  193.982205][ T3542] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  193.993878][ T6835] loop4: detected capacity change from 0 to 1764
[  193.994545][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  194.001124][ T3542] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  194.006571][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  194.018082][ T3542] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab  ..*.w.B.......K.
[  194.031996][ T3542] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01  ....[.O.........
[  194.041520][ T3542] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00  ...6............
[  194.155439][ T3542] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  194.166392][ T3542] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  194.190181][   T26] audit: type=1326 audit(1719601498.911:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6808 comm="syz.0.920" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f630ce84b99 code=0x0
[  194.255762][ T3542] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  194.280906][ T6794] XFS (loop2): Mounting V5 Filesystem
[  194.309088][ T3542] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x8 len 8 error 74
[  194.362294][ T6779] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  194.479038][ T6794] XFS (loop2): Ending clean mount
[  194.488502][ T6794] XFS (loop2): Quotacheck needed: Please wait.
[  194.600862][ T6794] XFS (loop2): Quotacheck: Done.
[  194.610562][ T5952] XFS (loop1): Unmounting Filesystem
[  194.822917][ T6830] loop3: detected capacity change from 0 to 512
[  194.955782][ T4705] XFS (loop2): Unmounting Filesystem
[  195.082069][ T6830] EXT4-fs (loop3): quotafile must be on filesystem root
[  195.696280][ T6853] loop1: detected capacity change from 0 to 512
[  195.813430][ T6853] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5
[  195.813430][ T6853] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  195.813430][ T6853] 
[  195.926501][ T6853] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #3: comm syz.1.930: corrupted inode contents
[  195.990207][ T6853] EXT4-fs (loop1): Remounting filesystem read-only
[  195.996781][ T6853] EXT4-fs error (device loop1): ext4_dirty_inode:5993: inode #3: comm syz.1.930: mark_inode_dirty error
[  196.040549][ T6853] EXT4-fs error (device loop1): ext4_do_update_inode:5160: inode #3: comm syz.1.930: corrupted inode contents
[  196.071071][ T6853] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.930: mark_inode_dirty error
[  196.193515][ T6846] loop4: detected capacity change from 0 to 40427
[  196.248249][ T6853] Quota error (device loop1): write_blk: dquota write failed
[  196.257340][ T6853] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  196.268216][ T6846] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  196.269220][ T6853] EXT4-fs error (device loop1): ext4_acquire_dquot:6196: comm syz.1.930: Failed to acquire dquot type 0
[  196.287744][ T6853] EXT4-fs (loop1): 1 truncate cleaned up
[  196.289200][ T6846] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  196.305084][ T6853] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,. Quota mode: writeback.
[  196.313772][ T6846] F2FS-fs (loop4): invalid crc value
[  196.317661][ T6853] ext4 filesystem being mounted at /root/syzkaller.f8F5mP/30/file1 supports timestamps until 2038 (0x7fffffff)
[  196.698377][ T6846] F2FS-fs (loop4): Found nat_bits in checkpoint
[  197.168453][ T6846] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  197.199945][ T6846] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  197.252435][ T6885] loop0: detected capacity change from 0 to 512
[  197.273235][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  197.358592][ T6891] loop2: detected capacity change from 0 to 1024
[  197.499758][ T6891] hfsplus: xattr searching failed
[  197.572235][ T6891] hfsplus: xattr searching failed
[  197.609005][ T6885] EXT4-fs (loop0): Test dummy encryption mode enabled
[  197.647840][ T6896] loop3: detected capacity change from 0 to 16
[  197.656444][ T6891] hfsplus: xattr searching failed
[  197.678255][ T6885] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz.0.938: inline data xattr refers to an external xattr inode
[  197.754712][ T6885] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.938: couldn't read orphan inode 12 (err -117)
[  197.800160][ T6896] erofs: (device loop3): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  197.856304][ T6885] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,inode_readahead_blks=0x0000000000200000,sb=0x0000000000000001,prjquota,usrjquota=,usrjquota=,nojournal_checksum,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  197.902388][ T5296] hfsplus: b-tree write err: -5, ino 3
[  198.083672][ T6904] loop2: detected capacity change from 0 to 256
[  198.129392][   T26] audit: type=1326 audit(1719601502.841:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6893 comm="syz.3.940" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x0
[  198.154494][ T6885] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  198.517618][ T6913] loop0: detected capacity change from 0 to 512
[  198.543426][ T6887] loop1: detected capacity change from 0 to 32768
[  198.615323][ T6887] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.937 (6887)
[  198.647352][ T6917] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  198.656206][ T6917] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  198.681329][ T6913] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  198.721014][ T6887] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  198.893670][ T6913] EXT4-fs (loop0): orphan cleanup on readonly fs
[  198.927521][ T6913] EXT4-fs error (device loop0): __ext4_iget:4861: inode #15: block 1627517706: comm syz.0.943: invalid block
[  198.961108][ T6887] BTRFS info (device loop1): turning off barriers
[  199.049532][ T6887] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  199.062739][ T6887] BTRFS info (device loop1): force lzo compression, level 0
[  199.066129][ T6913] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.943: couldn't read orphan inode 15 (err -117)
[  199.096699][ T6913] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  199.151340][ T6887] BTRFS info (device loop1): doing ref verification
[  199.158044][ T6887] BTRFS info (device loop1): doing ref verification
[  199.310145][ T6887] BTRFS info (device loop1): using free space tree
[  199.318304][ T6887] BTRFS info (device loop1): has skinny extents
[  199.346740][ T6887] workqueue: max_active 1733 requested for btrfs-worker is out of range, clamping between 1 and 512
[  199.392978][ T6887] workqueue: max_active 1733 requested for btrfs-worker-high is out of range, clamping between 1 and 512
[  199.424658][ T6887] workqueue: max_active 1733 requested for btrfs-delalloc is out of range, clamping between 1 and 512
[  199.534966][ T6887] workqueue: max_active 1733 requested for btrfs-endio is out of range, clamping between 1 and 512
[  199.563401][ T6934] loop4: detected capacity change from 0 to 512
[  199.628990][ T6887] workqueue: max_active 1733 requested for btrfs-endio-meta is out of range, clamping between 1 and 512
[  199.679084][ T6934] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5
[  199.679084][ T6934] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  199.679084][ T6934] 
[  199.697371][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.719606][ T6887] workqueue: max_active 1733 requested for btrfs-endio-meta-write is out of range, clamping between 1 and 512
[  199.752440][ T6934] EXT4-fs error (device loop4): ext4_do_update_inode:5160: inode #3: comm syz.4.947: corrupted inode contents
[  199.778182][ T6934] EXT4-fs (loop4): Remounting filesystem read-only
[  199.798906][ T6887] workqueue: max_active 1733 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512
[  199.815447][ T6887] workqueue: max_active 1733 requested for btrfs-rmw is out of range, clamping between 1 and 512
[  199.827752][ T6934] EXT4-fs error (device loop4): ext4_dirty_inode:5993: inode #3: comm syz.4.947: mark_inode_dirty error
[  199.854397][ T6934] EXT4-fs error (device loop4): ext4_do_update_inode:5160: inode #3: comm syz.4.947: corrupted inode contents
[  199.867122][ T6887] workqueue: max_active 1733 requested for btrfs-endio-write is out of range, clamping between 1 and 512
[  199.880518][ T6934] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.947: mark_inode_dirty error
[  199.967871][ T6934] Quota error (device loop4): write_blk: dquota write failed
[  200.053678][ T6934] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  200.077151][ T6887] workqueue: max_active 1733 requested for btrfs-readahead is out of range, clamping between 1 and 512
[  200.141458][ T6934] EXT4-fs error (device loop4): ext4_acquire_dquot:6196: comm syz.4.947: Failed to acquire dquot type 0
[  200.156884][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  200.194615][ T6934] EXT4-fs (loop4): 1 truncate cleaned up
[  200.200963][ T6934] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,. Quota mode: writeback.
[  200.201710][ T6887] BTRFS info (device loop1): enabling ssd optimizations
[  200.231066][ T6934] ext4 filesystem being mounted at /root/syzkaller.tpPTXp/205/file1 supports timestamps until 2038 (0x7fffffff)
[  201.109041][ T6967] loop3: detected capacity change from 0 to 512
[  201.123719][ T6969] loop0: detected capacity change from 0 to 256
[  201.230663][ T6967] EXT4-fs (loop3): Test dummy encryption mode enabled
[  201.316248][ T6967] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:163: inode #12: comm syz.3.954: inline data xattr refers to an external xattr inode
[  201.399687][ T6967] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.954: couldn't read orphan inode 12 (err -117)
[  201.483110][ T6967] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,inode_readahead_blks=0x0000000000200000,sb=0x0000000000000001,prjquota,usrjquota=,usrjquota=,nojournal_checksum,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  201.741120][ T6984] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  201.749522][ T6984] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  202.063398][ T6987] loop4: detected capacity change from 0 to 1024
[  202.369523][ T5295] hfsplus: b-tree write err: -5, ino 4
[  202.524066][ T6995] loop1: detected capacity change from 0 to 4096
[  203.396482][ T6995] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  203.419843][ T6976] loop2: detected capacity change from 0 to 32768
[  203.467445][ T6995] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  203.508731][ T7007] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  203.550747][ T6976] XFS (loop2): Mounting V5 Filesystem
[  203.634784][ T5296] device hsr_slave_0 left promiscuous mode
[  203.652134][ T5296] device hsr_slave_1 left promiscuous mode
[  203.693557][ T5296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.756019][ T5296] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.756339][ T1128] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[  203.772108][ T5296] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.788238][ T5296] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.789453][ T6976] XFS (loop2): Ending clean mount
[  203.804592][ T5296] device bridge_slave_1 left promiscuous mode
[  203.811078][ T5296] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.813871][ T5952] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  203.827516][ T5296] device bridge_slave_0 left promiscuous mode
[  203.834849][ T7034] loop0: detected capacity change from 0 to 512
[  203.836206][ T6976] XFS (loop2): Quotacheck needed: Please wait.
[  203.842861][ T5296] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.864884][ T5296] device veth1_macvtap left promiscuous mode
[  203.871814][ T5296] device veth0_macvtap left promiscuous mode
[  203.877959][ T5296] device veth1_vlan left promiscuous mode
[  203.884198][ T5296] device veth0_vlan left promiscuous mode
[  203.907407][ T7034] EXT4-fs (loop0): Test dummy encryption mode enabled
[  203.924534][ T6976] XFS (loop2): Quotacheck: Done.
[  203.961545][ T7034] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz.0.973: inline data xattr refers to an external xattr inode
[  203.990238][ T7034] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.973: couldn't read orphan inode 12 (err -117)
[  204.030013][ T7034] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,user_xattr,inode_readahead_blks=0x0000000000200000,sb=0x0000000000000001,prjquota,usrjquota=,usrjquota=,nojournal_checksum,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  204.110375][ T4705] XFS (loop2): Unmounting Filesystem
[  204.291584][ T7040] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  204.300207][ T7040] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  204.890962][ T7049] loop2: detected capacity change from 0 to 256
[  204.913524][ T5296] team0 (unregistering): Port device team_slave_1 removed
[  204.921175][ T7049] exfat: Unknown parameter 'ÿÿ18446744073709551615ÿÿ'
[  204.968869][ T5296] team0 (unregistering): Port device team_slave_0 removed
[  205.161505][ T5296] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.404309][ T5296] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.870106][ T5296] bond0 (unregistering): Released all slaves
[  206.929109][ T7086] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  206.937526][ T7086] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  207.022110][ T7084] loop1: detected capacity change from 0 to 1024
[  207.491779][ T7097] device syzkaller1 entered promiscuous mode
[  208.147207][ T7123] loop2: detected capacity change from 0 to 64
[  208.234635][ T7123] hfs: bad allocation block size 0
[  208.251699][ T7123] hfs: can't find a HFS filesystem on dev loop2
[  208.470074][ T3648] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  208.725369][ T3648] usb 5-1: Using ep0 maxpacket: 8
[  209.634452][ T7145] loop3: detected capacity change from 0 to 16
[  209.710223][ T3648] usb 5-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice=13.13
[  209.730267][ T7145] erofs: (device loop3): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  209.764241][ T3648] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.803762][ T3648] usb 5-1: config 0 descriptor??
[  209.833142][ T7152] loop2: detected capacity change from 0 to 1024
[  209.875112][ T3648] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input6
[  209.919950][ T6116] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  210.080713][ T2947] bcm5974 5-1:0.0: could not read from device
[  210.118279][ T3648] usb 5-1: USB disconnect, device number 15
[  210.126998][ T4135] bcm5974 5-1:0.0: could not read from device
[  210.152206][   T26] audit: type=1326 audit(1719601514.871:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7138 comm="syz.3.1013" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2cd83ebb99 code=0x0
[  210.189974][ T6116] usb 2-1: Using ep0 maxpacket: 8
[  210.206121][ T4135] bcm5974 5-1:0.0: could not read from device
[  210.229097][ T4135] udevd[4135]: Error opening device "/dev/input/event4": Input/output error
[  210.258592][ T4135] udevd[4135]: Unable to EVIOCGABS device "/dev/input/event4"
[  210.310145][ T6116] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  210.342982][ T4135] udevd[4135]: Unable to EVIOCGABS device "/dev/input/event4"
[  210.357781][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  210.401456][ T4135] udevd[4135]: Unable to EVIOCGABS device "/dev/input/event4"
[  210.438614][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  210.456973][ T4135] udevd[4135]: Unable to EVIOCGABS device "/dev/input/event4"
[  210.487113][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  210.531899][ T7120] loop0: detected capacity change from 0 to 40427
[  210.630031][ T6116] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  210.637437][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  210.716670][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  210.776023][ T6116] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  316.869949][    C1] ------------[ cut here ]------------
[  316.876366][    C1] WARNING: CPU: 1 PID: 7160 at kernel/rcu/tree_stall.h:937 rcu_check_gp_start_stall+0x2c8/0x450
[  316.886865][    C1] Modules linked in:
[  316.890772][    C1] CPU: 1 PID: 7160 Comm: syz.0.1020 Not tainted 5.15.161-syzkaller #0
[  316.898903][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  316.908951][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2c8/0x450
[  316.915271][    C1] Code: c7 c7 60 5c 43 91 be 04 00 00 00 e8 22 93 5e 00 b8 01 00 00 00 87 05 a7 c4 d7 0f 85 c0 0f 85 1c ff ff ff 48 c7 c0 80 3a 92 8c <0f> 0b 49 39 c7 74 47 48 c7 c0 c4 9f e4 8d 48 c1 e8 03 42 0f b6 04
[  316.934865][    C1] RSP: 0018:ffffc90000dd0bd8 EFLAGS: 00010046
[  316.940917][    C1] RAX: ffffffff8c923a80 RBX: 00000001000005a9 RCX: ffffffff816b97ae
[  316.948870][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff91435c60
[  316.956821][    C1] RBP: ffffc90000dd0e10 R08: dffffc0000000000 R09: 0000000000000003
[  316.964795][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  316.972752][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: ffffffff8c923a80
[  316.980705][    C1] FS:  0000555556e5b500(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
[  316.989639][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.996201][    C1] CR2: 000000110c322029 CR3: 000000006736a000 CR4: 00000000003506e0
[  317.004158][    C1] DR0: 0000000000000000 DR1: 000000000000000a DR2: 0000000000000000
[  317.012224][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  317.020196][    C1] Call Trace:
[  317.023457][    C1]  <IRQ>
[  317.026286][    C1]  ? __warn+0x15b/0x300
[  317.030430][    C1]  ? rcu_check_gp_start_stall+0x2c8/0x450
[  317.036130][    C1]  ? report_bug+0x1b7/0x2e0
[  317.040620][    C1]  ? handle_bug+0x3d/0x70
[  317.044935][    C1]  ? exc_invalid_op+0x16/0x40
[  317.049597][    C1]  ? asm_exc_invalid_op+0x16/0x20
[  317.054611][    C1]  ? rcu_check_gp_start_stall+0x2ae/0x450
[  317.060340][    C1]  ? rcu_check_gp_start_stall+0x2c8/0x450
[  317.066040][    C1]  ? rcu_check_gp_start_stall+0x2ae/0x450
[  317.071740][    C1]  rcu_core+0x657/0x1650
[  317.075965][    C1]  ? rcu_lock_acquire+0x30/0x30
[  317.080798][    C1]  ? local_bh_disable+0x20/0x20
[  317.085632][    C1]  ? rebalance_domains+0x942/0xab0
[  317.090733][    C1]  ? distribute_cfs_runtime+0x540/0x540
[  317.096281][    C1]  handle_softirqs+0x3a7/0x930
[  317.101082][    C1]  ? __irq_exit_rcu+0x157/0x240
[  317.105915][    C1]  ? do_softirq+0x240/0x240
[  317.110412][    C1]  ? hrtimer_interrupt+0x76b/0x980
[  317.115505][    C1]  ? irqtime_account_irq+0xd0/0x1e0
[  317.120899][    C1]  __irq_exit_rcu+0x157/0x240
[  317.125568][    C1]  ? irq_exit_rcu+0x20/0x20
[  317.130059][    C1]  irq_exit_rcu+0x5/0x20
[  317.134283][    C1]  sysvec_apic_timer_interrupt+0x91/0xb0
[  317.139905][    C1]  </IRQ>
[  317.142820][    C1]  <TASK>
[  317.145731][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  317.151702][    C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[  317.157497][    C1] Code: 21 80 f6 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 be 11 3b f7 48 89 df e8 96 65 3c f7 e8 b1 1d 5f f7 fb bf 01 00 00 00 <e8> d6 ab 2f f7 65 8b 05 57 b2 da 75 85 c0 74 02 5b c3 e8 24 cf d8
[  317.177098][    C1] RSP: 0018:ffffc90002ef7bc0 EFLAGS: 00000282
[  317.183149][    C1] RAX: 061bb82f85f93400 RBX: ffff8880654adc80 RCX: ffffffff913f0f03
[  317.191125][    C1] RDX: dffffc0000000000 RSI: ffffffff8a8b2a00 RDI: 0000000000000001
[  317.199081][    C1] RBP: 0000000000000000 R08: ffffffff8186db40 R09: ffffed100ca95b91
[  317.207037][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000021
[  317.214995][    C1] R13: dffffc0000000000 R14: ffff8880654ae118 R15: ffff8880654adc80
[  317.222961][    C1]  ? trace_hardirqs_on+0x30/0x80
[  317.227896][    C1]  get_signal+0x13ee/0x14e0
[  317.232412][    C1]  arch_do_signal_or_restart+0xc3/0x1890
[  317.238034][    C1]  ? __do_compat_sys_x32_rt_sigreturn+0x250/0x250
[  317.244439][    C1]  ? __might_fault+0xb4/0x110
[  317.249104][    C1]  ? _copy_from_user+0x10f/0x170
[  317.254027][    C1]  ? restore_altstack+0x274/0x400
[  317.259038][    C1]  ? get_sigframe_size+0x10/0x10
[  317.263975][    C1]  ? __ia32_sys_sigaltstack+0x60/0x60
[  317.269339][    C1]  ? __do_sys_rt_sigreturn+0x19d/0x250
[  317.274786][    C1]  ? exit_to_user_mode_loop+0x39/0x130
[  317.280233][    C1]  exit_to_user_mode_loop+0x97/0x130
[  317.285571][    C1]  exit_to_user_mode_prepare+0xb1/0x140
[  317.291111][    C1]  syscall_exit_to_user_mode+0x5d/0x240
[  317.296646][    C1]  do_syscall_64+0x47/0xb0
[  317.301042][    C1]  ? clear_bhb_loop+0x15/0x70
[  317.305714][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  317.311590][    C1] RIP: 0033:0x7f630ce84b9f
[  317.315991][    C1] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff <73> 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e
[  317.335579][    C1] RSP: 002b:00007ffda3cf1bb8 EFLAGS: 00000202
[  317.341645][    C1] RAX: fffffffffffffffc RBX: 0000000000033838 RCX: 00007f630ce84b99
[  317.349598][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f630d012fac
[  317.357550][    C1] RBP: 0000000000033806 R08: 0000000000000010 R09: 00000011a3cf1ecf
[  317.365506][    C1] R10: 00007ffda3cf1ca0 R11: 0000000000000246 R12: 00007f630d012fac
[  317.373458][    C1] R13: 0000000000000032 R14: 00007ffda3cf1cc0 R15: 00007ffda3cf1ca0
[  317.381420][    C1]  </TASK>
[  317.384434][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  317.391694][    C1] CPU: 1 PID: 7160 Comm: syz.0.1020 Not tainted 5.15.161-syzkaller #0
[  317.399843][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  317.409906][    C1] Call Trace:
[  317.413172][    C1]  <IRQ>
[  317.416002][    C1]  dump_stack_lvl+0x1e3/0x2d0
[  317.420682][    C1]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  317.426297][    C1]  ? panic+0x860/0x860
[  317.430369][    C1]  ? rcu_check_gp_start_stall+0x200/0x450
[  317.436071][    C1]  ? rcu_check_gp_start_stall+0x200/0x450
[  317.441769][    C1]  panic+0x318/0x860
[  317.445644][    C1]  ? __warn+0x16a/0x300
[  317.449779][    C1]  ? fb_is_primary_device+0xd0/0xd0
[  317.454975][    C1]  ? rcu_check_gp_start_stall+0x2c8/0x450
[  317.460693][    C1]  __warn+0x2b2/0x300
[  317.464662][    C1]  ? rcu_check_gp_start_stall+0x2c8/0x450
[  317.470365][    C1]  report_bug+0x1b7/0x2e0
[  317.474689][    C1]  handle_bug+0x3d/0x70
[  317.478831][    C1]  exc_invalid_op+0x16/0x40
[  317.483318][    C1]  asm_exc_invalid_op+0x16/0x20
[  317.488164][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2c8/0x450
[  317.494473][    C1] Code: c7 c7 60 5c 43 91 be 04 00 00 00 e8 22 93 5e 00 b8 01 00 00 00 87 05 a7 c4 d7 0f 85 c0 0f 85 1c ff ff ff 48 c7 c0 80 3a 92 8c <0f> 0b 49 39 c7 74 47 48 c7 c0 c4 9f e4 8d 48 c1 e8 03 42 0f b6 04
[  317.514161][    C1] RSP: 0018:ffffc90000dd0bd8 EFLAGS: 00010046
[  317.520215][    C1] RAX: ffffffff8c923a80 RBX: 00000001000005a9 RCX: ffffffff816b97ae
[  317.528167][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff91435c60
[  317.536115][    C1] RBP: ffffc90000dd0e10 R08: dffffc0000000000 R09: 0000000000000003
[  317.544069][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[  317.552040][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: ffffffff8c923a80
[  317.560001][    C1]  ? rcu_check_gp_start_stall+0x2ae/0x450
[  317.565714][    C1]  ? rcu_check_gp_start_stall+0x2ae/0x450
[  317.571421][    C1]  rcu_core+0x657/0x1650
[  317.575646][    C1]  ? rcu_lock_acquire+0x30/0x30
[  317.580486][    C1]  ? local_bh_disable+0x20/0x20
[  317.585333][    C1]  ? rebalance_domains+0x942/0xab0
[  317.590432][    C1]  ? distribute_cfs_runtime+0x540/0x540
[  317.595968][    C1]  handle_softirqs+0x3a7/0x930
[  317.600719][    C1]  ? __irq_exit_rcu+0x157/0x240
[  317.605553][    C1]  ? do_softirq+0x240/0x240
[  317.610037][    C1]  ? hrtimer_interrupt+0x76b/0x980
[  317.615133][    C1]  ? irqtime_account_irq+0xd0/0x1e0
[  317.620330][    C1]  __irq_exit_rcu+0x157/0x240
[  317.625013][    C1]  ? irq_exit_rcu+0x20/0x20
[  317.629522][    C1]  irq_exit_rcu+0x5/0x20
[  317.633778][    C1]  sysvec_apic_timer_interrupt+0x91/0xb0
[  317.639421][    C1]  </IRQ>
[  317.642339][    C1]  <TASK>
[  317.645272][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  317.651237][    C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[  317.657029][    C1] Code: 21 80 f6 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 be 11 3b f7 48 89 df e8 96 65 3c f7 e8 b1 1d 5f f7 fb bf 01 00 00 00 <e8> d6 ab 2f f7 65 8b 05 57 b2 da 75 85 c0 74 02 5b c3 e8 24 cf d8
[  317.676616][    C1] RSP: 0018:ffffc90002ef7bc0 EFLAGS: 00000282
[  317.682663][    C1] RAX: 061bb82f85f93400 RBX: ffff8880654adc80 RCX: ffffffff913f0f03
[  317.690634][    C1] RDX: dffffc0000000000 RSI: ffffffff8a8b2a00 RDI: 0000000000000001
[  317.698587][    C1] RBP: 0000000000000000 R08: ffffffff8186db40 R09: ffffed100ca95b91
[  317.706545][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000021
[  317.714502][    C1] R13: dffffc0000000000 R14: ffff8880654ae118 R15: ffff8880654adc80
[  317.722478][    C1]  ? trace_hardirqs_on+0x30/0x80
[  317.727417][    C1]  get_signal+0x13ee/0x14e0
[  317.731926][    C1]  arch_do_signal_or_restart+0xc3/0x1890
[  317.737561][    C1]  ? __do_compat_sys_x32_rt_sigreturn+0x250/0x250
[  317.743967][    C1]  ? __might_fault+0xb4/0x110
[  317.748674][    C1]  ? _copy_from_user+0x10f/0x170
[  317.753814][    C1]  ? restore_altstack+0x274/0x400
[  317.758834][    C1]  ? get_sigframe_size+0x10/0x10
[  317.763777][    C1]  ? __ia32_sys_sigaltstack+0x60/0x60
[  317.769144][    C1]  ? __do_sys_rt_sigreturn+0x19d/0x250
[  317.774592][    C1]  ? exit_to_user_mode_loop+0x39/0x130
[  317.780044][    C1]  exit_to_user_mode_loop+0x97/0x130
[  317.785339][    C1]  exit_to_user_mode_prepare+0xb1/0x140
[  317.790869][    C1]  syscall_exit_to_user_mode+0x5d/0x240
[  317.796406][    C1]  do_syscall_64+0x47/0xb0
[  317.800803][    C1]  ? clear_bhb_loop+0x15/0x70
[  317.805466][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  317.811344][    C1] RIP: 0033:0x7f630ce84b9f
[  317.815748][    C1] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff <73> 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e
[  317.835356][    C1] RSP: 002b:00007ffda3cf1bb8 EFLAGS: 00000202
[  317.841410][    C1] RAX: fffffffffffffffc RBX: 0000000000033838 RCX: 00007f630ce84b99
[  317.849366][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f630d012fac
[  317.857321][    C1] RBP: 0000000000033806 R08: 0000000000000010 R09: 00000011a3cf1ecf
[  317.865275][    C1] R10: 00007ffda3cf1ca0 R11: 0000000000000246 R12: 00007f630d012fac
[  317.873231][    C1] R13: 0000000000000032 R14: 00007ffda3cf1cc0 R15: 00007ffda3cf1ca0
[  317.881197][    C1]  </TASK>
[  317.884415][    C1] Kernel Offset: disabled
[  317.889822][    C1] Rebooting in 86400 seconds..