last executing test programs:

4m16.275808945s ago: executing program 0 (id=1663):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000680)={0x40, 0xe, 0x1, "01"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m14.660404194s ago: executing program 0 (id=1687):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001c00)=[&(0x7f0000000400)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

4m14.529963698s ago: executing program 0 (id=1688):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000001600000095"], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)

4m14.529530586s ago: executing program 0 (id=1689):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4m14.416548034s ago: executing program 0 (id=1692):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000000300), 0x4)

4m14.109908997s ago: executing program 0 (id=1695):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)

4m13.94291498s ago: executing program 32 (id=1695):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)

2m22.87708436s ago: executing program 3 (id=3345):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
readlinkat(r0, &(0x7f0000000140)='./mnt\x00', &(0x7f0000000180)=""/10, 0xa)

2m22.876795658s ago: executing program 3 (id=3346):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000001c0), 0x8801, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x1000, 0xf, 0x0, 0x0, 0xfc, "f6a6756c9832488c"})
writev(r0, &(0x7f0000000080)=[{&(0x7f00000003c0)="1876d433b8c266f9be2257e7c12fc9ea10343a19c358547a9357a174911e926c57b51eab3d0a4a2297653ac0c62201010000881a8789adddd1ca89ebd8632972a4f65ad1505ed06b6785508eb1dee994d18b084ef189ce72b079ed03ef849c46e3dedf604c01fae7c32f782dd9a45993a0798444d6ba181f2546b88893bf12575b27c1af55a55c55ca8855d5dc89db3e110430d10f429cc423ff64acc9fdb59a76caf809ce3c954f8a9618ebe5c3253e888feae6cc381ecb4a64085e24c48cf5ae9c5125d58d78ab2b70ec9216b42cf69b0cd34aa9a9b8e32e1841f19a7d38ce8de4d6d24b1a239ccfbb0935e4db5f50c9b8ebdf158eb582b914857522de035110521a268d3fa0888ebd65ab713338b2fa1029851d62af03f2bcf6034cf0287f10c84c967bae32a79fbf90122d41a622c0fa8a0fae4ffa55df5ec7ebb07080bb6148f2cde6d128018a0efa8598fa29ac80c6642d52c6f6b979e8fe5e1fbe7615ca1bc31f2bc541b3f67f129a490900000004ab65b661139a2d66fbe14888b28fb681b11cd33e07a04cee7fa4454f6b4520963c5d21b889764986530174051ddeca7547b3aeb0ed720e20099fbeec90859a9f22b9229f72fb45e62fbac7048099eb484edac92717591a6467c38af94b14d4bf366d5fb232c24bc8a9d5361dd979a98ff5ea6a331cf27110b4457301454119173622e1ddef43e79842b3dcbce701ec9195770fd820823cd45fe00baa87d3000000000000570d", 0x218}], 0x1)

2m22.795118711s ago: executing program 3 (id=3348):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r3, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000340)={r1, @in6={{0xa, 0x4e23, 0x5, @empty, 0x2800}}, 0x3, 0x0, 0x43a99fb8, 0x7f, 0xa, 0x0, 0x4}, 0x9c)

2m22.794501741s ago: executing program 3 (id=3349):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x3810082, &(0x7f0000001880)={[{@noadinicb}, {@gid}, {@dmode={'dmode', 0x3d, 0x4}}, {@rootdir={'rootdir', 0x3d, 0x400}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@gid_forget}, {@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@longad}]}, 0xfd, 0xc32, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file1\x00', 0x4000, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000ac0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]})

2m22.677158302s ago: executing program 3 (id=3350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100280000000000000002"], 0x34}}, 0x0)

2m22.339143548s ago: executing program 3 (id=3351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r2, 0x201, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x804)

2m22.227854631s ago: executing program 33 (id=3351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r2, 0x201, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x804)

3.22560203s ago: executing program 4 (id=5590):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x2, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1b}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {}, 0x70bd28, 0x3500, 0x2, 0x4}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "217d66d38547aa140db8a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)

3.024611943s ago: executing program 4 (id=5595):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x3, 0x5eb, &(0x7f0000000600)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1Xi+qepyVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk71PGo1GI09LesutE5uXh2b6Hv17DEdPPP7lDccHL5ZWMWDXNZLWZzdQRYn4h4rK+wH5tf3q6+BaKb0SoBsenmkN4KyN/97W2GAMRF9E7H2UxMphnSQitjcy125fRNy/N3n7wr3J27FL43BAsaVbEfGPovhPmvFfj4GoN+O/1hb/ab/gXPacpr+0zfJXDxWLf+ieVvwPrBv/0SH+X0+fb7Zi+I1tll9/vPnmYFv8D273lAAAAAAAAKCy7p6JiP8V/f2/tjz/Jwrm/wxFxOkdKH9k1f7av//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P/1kmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK81bl/Rnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM30XPC312fmNJJuh3pVC86nw3T/T/s2cYL7Wb3M/ubzPJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoN2fAQAA///F/CTd")
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}}]})

2.613872679s ago: executing program 4 (id=5598):
r0 = io_uring_setup(0x1bc2, &(0x7f0000000340)={0x0, 0xd31, 0x100, 0x7, 0x18b})
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
close_range(r0, 0xffffffffffffffff, 0x0)

1.6604681s ago: executing program 4 (id=5604):
syz_mount_image$nilfs2(&(0x7f0000000a00), &(0x7f0000000a40)='./file0\x00', 0x0, &(0x7f000000b340)=ANY=[@ANYBLOB="009bf200000000000000000000000038"], 0x1, 0x9ec, &(0x7f0000000ac0)="$eJzs3U1sXEcBAOB56//addZQwDQ0MVAgFdQJtlUllzSGcq3UWxGnKqQhwk0h4dKqEilSxQ1FqnrsgaqHXBAFcekBqQIV0UukljsKhUpVUVArEBKgxCj2zHp37Nf9sb32+n2fNJ6dN7Nv5nl/3uzb2ZkAVFZt7e/S0mwRwkuvv/jIT99+5dtFCOFoo0S9qdx6aiSEULTcf8ONmHHro+fObhUXYWHtb0qHR2827jsZQrgS5sIboR4WP3h8/s3l5ZevXX/s0swLp9/ZpcMHAIBK+eHbt371wPtvfW3mv788ciaMNban/nk9pidjv/9E7N/n/f+iKS6a0sloVm4ohvzzw1BWbjirZ7ikvpFsPyMl5Ubb1DfUtG2r4wSAg2Djul5Rm29J12rz8+vn/TtujI0W8xcvrDx5eY8aCgDsmH89HEI4IwiCIAhClcLqob3ugQAAVZePF97kSj6yYHsaexvvrP6by7Wt7w87oN/Pf/UPVv2vPu8dh51zUJ9N6bjS6yiNY8jHEQ5l9+v29V/L9jPcZTvLxhUOynjDsnbm/9f9qqz93T6Oe6Ws/fl42P2qrP35ON39qqz9Y31uR6/K2j/e53b0qqz9E31ux6C6L8bp/3gky28+f+bv6YPyHg8AtPqP8X+CIAiCULnw473ugAAA+04+P85qlPLz+Xjy/Hwenjw/nxcozx9rkz/eJh8A2GzxN+d/cbXY+J5/u+Ph0riLu2I82WV78vGI3da/3XFP261/UMYtAVBtT/9s6VtvnVkeWp//d+Ncdjub/zfN1Xs1ptN4waks3Zj7d661nlpJuandOCgA4GOl82/Z/L93x/RsGCmevLBy7kRMT8f4j2MjY3e2f73P7QYAetfp/P+zoXX+/6nG9pFac7/g0Mb2orlfUM+2L5RsX4zpmRh/b2xibfv82adXvrvTBw8AFfX7b0y99uEfLob16/8b33+n6//pMn49jrX7MBZI/YR0fWDT9f9jrfVMl5U70VruUFm5k63l6lm5kRjyeTfy8YET2f3SOIU07iH1d9K4xpmy9mQTZIxm5YZjuDtrz3TWnk3He6K1Pfk8NKn+erY9H/eQys0EANjs8jPPfv+JlZVzl9xwww03Gjf2+p0J2G3Hf/TUD45ffubZBy889cT5c+fPXVxcWjh16qGlhaWHjq9d1z/efHUfADgINjr9e90SAAAAAAAAAAAAAACgTD9+TrzXxwgAtPrHwyGEM4IgCIIgVCmsruYr/gIA9Fe36+1vV2NvcT7/tO5Biqce/NPMnZCK3Vxu7S9Zv5id1O/nv/oHq/5Xn9/Z+hvri3T8/ldr3cFcb/Xe+PXJk8313zvcYf358R/rrf6/ZPV/JXRW/+rPs/p7nBr33az+uzqsf9Pxn+yt/r/G+u+J6WNf7LT+1sc/rbeTlsOZyI5nsqT+v2XHn9b26/r4x7s46CbvxfoBoIpqe92AXZJ6CakfnfohzevzhaZ19kJWvtP+fy3bT75eX6/SflM/6PMxnbo7ad3AfL3Dbtuf1ieczvZbdNivLXv+DMq3SmXt36nHcbeVtT9fD3K/Kmv/aJ/b0auy9uevy/2qrP09fqzqu7L2T/S5HYPqcIzLzofp/DMd81K6nqUnt3gsDmrfAgAG3TdPX7//6leHv7O+/v/ops+d6WPgZPxMfS2m88+9yUTWdyyy8l+I8U9i/EqMfxfjd7P97e63bQBQTe/7/Z8gCIIgVC5U/fd/ri9QZVV//lf9+Kv97u/xbyc9P/Lr+Mlwm/yRNvmjbfLHsvz88Rpvk39Ptt/VKOV/qk3+p9vkf6ZN/myb/ENt8u9tk3+4Tf7n2uQfaZN/tE0+AIPpszH2/g4A1ZF+9+X8DwDVkSbWcf4HgOr4RIzLzv/3tckHAAbPJ2Ps/A4AFVJsPdPjduftAQZHml86vc7jciDh/hh/KcZfjnFaL6XH5VeAfeB///7t368WG/P9Hc7yO51Pvqi1/vIuX//ngQ7bk/9+r9v57Osd1rNb9c9ss34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+qu29ndpabYI4aXXX3zkn6f+/F4RQjjaKFFvKreeGmlKz7XsJ4TXivX41kfPnW2Ob8e4CAuhCEVje3j0ZqOmyRDClTAX3gj1sPjB4/NvLi+/fO36Y5dmXjj9zi7+CwAAAODA+38AAAD//0D6PAw=")
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0x3000}])

1.348283564s ago: executing program 4 (id=5611):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007e3dc410cd0621013ddd0102030109021b000100094000090485000189fe1f0009058202"], 0x0)

1.17485014s ago: executing program 1 (id=5616):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, <r1=>0x0}, 0x2068)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x3, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000001240)={0x50, 0x0, r1, {0x7, 0x2b, 0xfff, 0x83120, 0x3, 0x7, 0x1ff, 0x9, 0x0, 0x0, 0x10, 0x8}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file0\x00', 0x4a300, 0xcd)
ioctl$FIBMAP(r2, 0x401070c9, 0x0)

1.074785271s ago: executing program 1 (id=5617):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)

1.074278444s ago: executing program 1 (id=5620):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000100)={0x0, 0x1, {0x11, 0x27, 0x1, 0x10, 0x7, 0xd, 0x3, 0xe, 0x1}})

984.59086ms ago: executing program 1 (id=5621):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000))
read$dsp(r0, &(0x7f0000000300)=""/79, 0x4f)

983.813444ms ago: executing program 1 (id=5623):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000b00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0xd6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x83, [{{0x9, 0x4, 0x0, 0x2a, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x6}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0x5, {[@global=@item_012={0x2, 0x1, 0xa, "1ac5"}, @global=@item_012={0x1, 0x1, 0xb, "17"}]}}, 0x0}, 0x0)

682.396691ms ago: executing program 2 (id=5630):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socket$kcm(0x2, 0x200000000000001, 0x106)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f000000000000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

681.928145ms ago: executing program 2 (id=5631):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f00000006c0)=[{{&(0x7f0000000780)={0x2, 0x4e23, @local}, 0x10, 0x0}}, {{&(0x7f0000000180)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="11000000000000000000000002"], 0x18}}], 0x2, 0x40000)

623.983938ms ago: executing program 2 (id=5632):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0xecf9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x1e)

574.117381ms ago: executing program 2 (id=5633):
r0 = io_uring_setup(0x37ae, &(0x7f00000003c0)={0x0, 0x800000, 0x0, 0x2, 0x22a})
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000740)={&(0x7f0000002000)={[{0x0, 0x0, 0x3}, {0x0}, {0x0, 0x0, 0xfffe}, {0x0}]}, 0x4}, 0x1)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000280)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x2}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000780)={0x0, 0x0, 0x2}, 0x1)

573.876252ms ago: executing program 2 (id=5634):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

434.319713ms ago: executing program 1 (id=5635):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000300), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
r1 = epoll_create1(0x0)
ppoll(&(0x7f0000000040)=[{r0}, {r1, 0xbaf03d8f7cf92877}], 0x2, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, 0x0, 0x0)
r3 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r3, 0x83, 0x10, &(0x7f0000000000)=@ready={0x0, 0x0, 0x8, 'BBBB'})
syz_emit_ethernet(0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)={0xc0000008})

2.139157ms ago: executing program 2 (id=5636):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa0835c, &(0x7f0000000340)={[{@nojournal_checksum}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@dioread_nolock}, {@usrjquota}, {@oldalloc}, {@sysvgroups}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x58)

0s ago: executing program 4 (id=5637):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r0, 0x540a, 0x3)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100))

kernel console output (not intermixed with test programs):

6.165684][   T33] audit: type=1326 audit(1755245778.410:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  276.174893][   T33] audit: type=1326 audit(1755245778.410:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  276.186297][   T33] audit: type=1326 audit(1755245778.410:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  276.329100][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2706'.
[  276.333078][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2706'.
[  277.228818][T12303] loop3: detected capacity change from 0 to 32768
[  278.802347][T12372] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2746'.
[  279.172579][T12360] loop3: detected capacity change from 0 to 32768
[  279.179428][T12360] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2741 (12360)
[  279.189424][T12360] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  279.193661][T12360] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  279.197222][T12360] BTRFS info (device loop3): disk space caching is enabled
[  279.202347][T12360] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  279.239141][T12360] BTRFS info (device loop3): rebuilding free space tree
[  279.249775][T12360] BTRFS info (device loop3): disabling free space tree
[  279.252845][T12360] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  279.257498][T12360] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  279.316743][ T9947] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  279.646018][T12412] usb usb1: usbfs: process 12412 (syz.3.2758) did not claim interface 6 before use
[  279.937131][T12415] loop3: detected capacity change from 0 to 40427
[  279.943174][T12415] F2FS-fs (loop3): invalid crc value
[  279.997375][T12415] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  280.003849][T12415] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  280.053962][T12415] syz.3.2759: attempt to access beyond end of device
[  280.053962][T12415] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  280.089302][ T9947] syz-executor: attempt to access beyond end of device
[  280.089302][ T9947] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  280.099570][ T9947] CPU: 0 UID: 0 PID: 9947 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  280.099595][ T9947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  280.099603][ T9947] Call Trace:
[  280.099609][ T9947]  <TASK>
[  280.099616][ T9947]  dump_stack_lvl+0x189/0x250
[  280.099639][ T9947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.099655][ T9947]  ? __pfx_queue_work_on+0x10/0x10
[  280.099669][ T9947]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  280.099686][ T9947]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  280.099713][ T9947]  f2fs_handle_critical_error+0x37c/0x540
[  280.099738][ T9947]  f2fs_write_end_io+0x886/0xb60
[  280.099766][ T9947]  __submit_merged_bio+0x27a/0x6a0
[  280.099784][ T9947]  ? up_write+0x1c4/0x420
[  280.099803][ T9947]  __submit_merged_write_cond+0x44c/0x530
[  280.099826][ T9947]  f2fs_sync_node_pages+0x1479/0x15e0
[  280.099861][ T9947]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  280.099923][ T9947]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  280.099943][ T9947]  ? up_write+0x1c4/0x420
[  280.099956][ T9947]  ? do_raw_spin_unlock+0x4d/0x240
[  280.099976][ T9947]  f2fs_write_checkpoint+0xe6f/0x1df0
[  280.100010][ T9947]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  280.100066][ T9947]  ? kill_f2fs_super+0x298/0x6c0
[  280.100085][ T9947]  kill_f2fs_super+0x2c3/0x6c0
[  280.100105][ T9947]  ? __pfx_kill_f2fs_super+0x10/0x10
[  280.100117][ T9947]  ? radix_tree_delete_item+0x2b6/0x400
[  280.100142][ T9947]  ? shrinker_free+0x2ce/0x3e0
[  280.100160][ T9947]  deactivate_locked_super+0xbc/0x130
[  280.100178][ T9947]  cleanup_mnt+0x425/0x4c0
[  280.100194][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.100214][ T9947]  task_work_run+0x1d4/0x260
[  280.100235][ T9947]  ? __pfx_task_work_run+0x10/0x10
[  280.100251][ T9947]  ? __x64_sys_umount+0x122/0x160
[  280.100272][ T9947]  ? exit_to_user_mode_loop+0x40/0x110
[  280.100295][ T9947]  exit_to_user_mode_loop+0xec/0x110
[  280.100313][ T9947]  do_syscall_64+0x2bd/0x3b0
[  280.100331][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.100348][ T9947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.100362][ T9947]  ? exc_page_fault+0x9f/0xf0
[  280.100381][ T9947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.100394][ T9947] RIP: 0033:0x7f932af8ff17
[  280.100407][ T9947] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  280.100418][ T9947] RSP: 002b:00007ffc4842f518 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  280.100433][ T9947] RAX: 0000000000000000 RBX: 00007f932b011c05 RCX: 00007f932af8ff17
[  280.100467][ T9947] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4842f5d0
[  280.100475][ T9947] RBP: 00007ffc4842f5d0 R08: 0000000000000000 R09: 0000000000000000
[  280.100482][ T9947] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc48430660
[  280.100490][ T9947] R13: 00007f932b011c05 R14: 000000000004459b R15: 00007ffc484306a0
[  280.100514][ T9947]  </TASK>
[  280.237002][ T9947] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  280.243751][ T9947] CPU: 0 UID: 0 PID: 9947 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  280.243772][ T9947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  280.243780][ T9947] Call Trace:
[  280.243786][ T9947]  <TASK>
[  280.243792][ T9947]  dump_stack_lvl+0x189/0x250
[  280.243813][ T9947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.243828][ T9947]  ? __pfx_queue_work_on+0x10/0x10
[  280.243841][ T9947]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  280.243858][ T9947]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  280.243888][ T9947]  f2fs_handle_critical_error+0x37c/0x540
[  280.243914][ T9947]  f2fs_write_end_io+0x886/0xb60
[  280.243941][ T9947]  __submit_merged_bio+0x27a/0x6a0
[  280.243956][ T9947]  ? up_write+0x1c4/0x420
[  280.243975][ T9947]  __submit_merged_write_cond+0x44c/0x530
[  280.243999][ T9947]  f2fs_sync_node_pages+0x1479/0x15e0
[  280.244034][ T9947]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  280.244077][ T9947]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  280.244095][ T9947]  ? up_write+0x1c4/0x420
[  280.244108][ T9947]  ? do_raw_spin_unlock+0x4d/0x240
[  280.244128][ T9947]  f2fs_write_checkpoint+0xe6f/0x1df0
[  280.244163][ T9947]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  280.244218][ T9947]  ? kill_f2fs_super+0x298/0x6c0
[  280.244237][ T9947]  kill_f2fs_super+0x2c3/0x6c0
[  280.244257][ T9947]  ? __pfx_kill_f2fs_super+0x10/0x10
[  280.244268][ T9947]  ? radix_tree_delete_item+0x2b6/0x400
[  280.244292][ T9947]  ? shrinker_free+0x2ce/0x3e0
[  280.244310][ T9947]  deactivate_locked_super+0xbc/0x130
[  280.244329][ T9947]  cleanup_mnt+0x425/0x4c0
[  280.244345][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.244366][ T9947]  task_work_run+0x1d4/0x260
[  280.244387][ T9947]  ? __pfx_task_work_run+0x10/0x10
[  280.244402][ T9947]  ? __x64_sys_umount+0x122/0x160
[  280.244453][ T9947]  ? exit_to_user_mode_loop+0x40/0x110
[  280.244477][ T9947]  exit_to_user_mode_loop+0xec/0x110
[  280.244497][ T9947]  do_syscall_64+0x2bd/0x3b0
[  280.244515][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  280.244532][ T9947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.244546][ T9947]  ? exc_page_fault+0x9f/0xf0
[  280.244564][ T9947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.244577][ T9947] RIP: 0033:0x7f932af8ff17
[  280.244591][ T9947] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  280.244603][ T9947] RSP: 002b:00007ffc4842f518 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  280.244618][ T9947] RAX: 0000000000000000 RBX: 00007f932b011c05 RCX: 00007f932af8ff17
[  280.244627][ T9947] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4842f5d0
[  280.244635][ T9947] RBP: 00007ffc4842f5d0 R08: 0000000000000000 R09: 0000000000000000
[  280.244643][ T9947] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc48430660
[  280.244652][ T9947] R13: 00007f932b011c05 R14: 000000000004459b R15: 00007ffc484306a0
[  280.244677][ T9947]  </TASK>
[  280.244702][ T9947] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  280.261374][T12431] overlayfs: missing 'lowerdir'
[  280.496360][T12434] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.500177][T12434] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.523289][T12434] batman_adv: batadv0: Interface deactivated: dummy0
[  280.627993][T12434] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.643140][T12434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.168569][T12434] veth0_macvtap: left allmulticast mode
[  281.306578][ T5934] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.311385][ T5934] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.317894][ T5934] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.324610][ T5934] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.842456][T12478] loop3: detected capacity change from 0 to 32768
[  281.845899][T12478] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2784 (12478)
[  281.907146][T12478] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  281.913674][T12478] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  281.917093][T12478] BTRFS info (device loop3): using free-space-tree
[  281.956815][   T33] kauditd_printk_skb: 3 callbacks suppressed
[  281.956829][   T33] audit: type=1804 audit(1755245784.250:165): pid=12478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2784" name="/newroot/289/file1/bus" dev="loop3" ino=263 res=1 errno=0
[  282.263541][T12478] BTRFS info (device loop3): balance: start -s
[  282.282148][T12478] BTRFS info (device loop3): relocating block group 1048576 flags system
[  282.364047][T12478] BTRFS info (device loop3): balance: ended with status: 0
[  282.414820][ T9947] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  282.782849][T12526] netlink: 161716 bytes leftover after parsing attributes in process `syz.3.2798'.
[  282.912156][T12538] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2803'.
[  283.075612][T12553] loop3: detected capacity change from 0 to 256
[  283.078785][T12553] exfat: Deprecated parameter 'utf8'
[  283.083220][T12553] exfat: Deprecated parameter 'utf8'
[  283.091120][T12553] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  283.246736][T12561] netlink: 7 bytes leftover after parsing attributes in process `syz.2.2815'.
[  283.386846][T12558] loop3: detected capacity change from 0 to 32768
[  283.449429][T12558] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  283.449454][T12558]   allowing incompatible features above 0.0: (unknown version)
[  283.449464][T12558]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  283.467724][T12558] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  283.477006][T12558] bcachefs (loop3): initializing new filesystem
[  283.488480][T12558] bcachefs (loop3): going read-write
[  283.498981][T12558] bcachefs (loop3): marking superblocks
[  283.514885][T12558] bcachefs (loop3): initializing freespace
[  283.518716][T12558] bcachefs (loop3): done initializing freespace
[  283.546735][T12558] bcachefs (loop3): reading snapshots table
[  283.549193][T12558] bcachefs (loop3): reading snapshots done
[  283.580472][T12558] bcachefs (loop3): done starting filesystem
[  283.616530][ T9947] bcachefs (loop3): shutting down
[  283.618674][ T9947] bcachefs (loop3): going read-only
[  283.622895][ T9947] bcachefs (loop3): finished waiting for writes to stop
[  283.628218][ T9947] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[  283.669047][ T9947] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  283.676609][ T9947] bcachefs (loop3): clean shutdown complete, journal seq 4
[  283.681890][ T9947] bcachefs (loop3): marking filesystem clean
[  283.699626][ T9947] bcachefs (loop3): shutdown complete
[  284.977154][T12623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2838'.
[  284.986341][T12623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2838'.
[  286.299748][T12645] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  286.313157][T12638] loop3: detected capacity change from 0 to 32768
[  286.354540][T12651] netlink: 'syz.2.2849': attribute type 10 has an invalid length.
[  286.357739][T12651] veth0_vlan: left promiscuous mode
[  286.361923][T12651] veth0_vlan: entered promiscuous mode
[  286.365495][T12651] team0: Device veth0_vlan failed to register rx_handler
[  286.701851][T12659] loop3: detected capacity change from 0 to 16
[  286.707287][T12659] erofs (device loop3): mounted with root inode @ nid 36.
[  286.716182][T12659] erofs (device loop3): inline data across blocks @ nid 36
[  286.987187][T12661] loop3: detected capacity change from 0 to 32768
[  286.995375][T12661] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  287.011727][T12661] XFS (loop3): Ending clean mount
[  287.015748][T12661] XFS (loop3): Quotacheck needed: Please wait.
[  287.046266][T12661] XFS (loop3): Quotacheck: Done.
[  287.084336][ T9947] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  287.273265][T12682] Non-string source
[  287.311209][T12684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2861'.
[  287.318538][T12684] vlan0: entered promiscuous mode
[  291.006316][ T5950] Bluetooth: hci1: unexpected event for opcode 0x0419
[  291.184409][T12771] loop3: detected capacity change from 0 to 32768
[  291.351766][T12785] loop3: detected capacity change from 0 to 512
[  291.365951][T12785] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.369791][T12785] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.376705][T12785] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 3: comm syz.3.2902: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=393232, rec_len=0, size=2048 fake=0
[  291.387258][T12785] EXT4-fs (loop3): Remounting filesystem read-only
[  291.403707][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.214997][T12795] loop3: detected capacity change from 0 to 131072
[  292.219440][T12795] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name
[  292.280468][T12795] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  292.285911][T12795] F2FS-fs (loop3): Mounted with checkpoint version = 1b41e955
[  292.480541][   T47] IPVS: starting estimator thread 0...
[  292.570833][T12827] IPVS: using max 38 ests per chain, 91200 per kthread
[  293.062406][T12856] netlink: 'syz.1.2933': attribute type 1 has an invalid length.
[  293.073313][T12856] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.2933'.
[  293.128809][T12858] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  293.135104][T12858] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  293.750228][   T10] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  293.907148][   T10] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  293.911377][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.915003][   T10] usb 4-1: Product: syz
[  293.918142][   T10] usb 4-1: Manufacturer: syz
[  293.922274][   T10] usb 4-1: SerialNumber: syz
[  293.931323][   T10] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  293.983255][ T6008] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  294.213028][   T10] usb 4-1: USB disconnect, device number 10
[  294.329139][T12911] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2957'.
[  294.333214][T12911] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2957'.
[  294.426137][T12921] netlink: 'syz.2.2963': attribute type 10 has an invalid length.
[  294.428661][T12921] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2963'.
[  294.433903][T12921] dummy0: entered promiscuous mode
[  294.435613][T12921] dummy0: entered allmulticast mode
[  294.437810][T12921] batman_adv: batadv0: Interface activated: dummy0
[  294.442665][T12921] batadv0: mtu less than device minimum
[  294.446184][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.450126][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.454760][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.459681][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.464435][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.468292][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.472230][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.476157][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.480043][T12921] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  294.505136][T12921] batman_adv: batadv0: Interface deactivated: dummy0
[  294.507958][T12921] batman_adv: batadv0: Removing interface: dummy0
[  294.514297][T12921] bridge0: port 3(dummy0) entered blocking state
[  294.516460][T12921] bridge0: port 3(dummy0) entered disabled state
[  294.555453][T12929] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  294.560598][T12929] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  295.072605][ T5950] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  295.075434][ T5950] Bluetooth: hci1: Injecting HCI hardware error event
[  295.079559][ T5950] Bluetooth: hci1: hardware error 0x00
[  295.085816][ T6008] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  295.088161][ T6008] ath9k_htc: Failed to initialize the device
[  295.092682][   T10] usb 4-1: ath9k_htc: USB layer deinitialized
[  295.610099][   T47] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  295.779974][   T47] usb 4-1: Using ep0 maxpacket: 16
[  295.784481][   T47] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  295.792817][   T47] usb 4-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  295.796327][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.799507][   T47] usb 4-1: Product: syz
[  295.801549][   T47] usb 4-1: Manufacturer: syz
[  295.803656][   T47] usb 4-1: SerialNumber: syz
[  295.807659][   T47] usb 4-1: config 0 descriptor??
[  295.812784][   T47] hub 4-1:0.0: bad descriptor, ignoring hub
[  295.815343][   T47] hub 4-1:0.0: probe with driver hub failed with error -5
[  295.819854][   T47] uvcvideo 4-1:0.0: probe with driver uvcvideo failed with error -22
[  296.120493][   T10] usb 4-1: USB disconnect, device number 11
[  296.641474][   T33] audit: type=1800 audit(1755245798.930:166): pid=13021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3009" name="nullb0" dev="tmpfs" ino=2440 res=0 errno=0
[  297.150243][ T5950] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  298.259194][ T6008] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  298.431111][ T6008] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  298.434879][ T6008] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  298.439225][ T6008] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  298.442930][ T6008] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  298.445789][ T6008] usb 4-1: SerialNumber: syz
[  298.454373][ T6008] usb 4-1: 0:2 : does not exist
[  299.118968][ T6008] usb 4-1: USB disconnect, device number 12
[  299.940058][   T47] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  300.092304][   T47] usb 4-1: config 0 has an invalid interface number: 122 but max is 0
[  300.095667][   T47] usb 4-1: config 0 has no interface number 0
[  300.098152][   T47] usb 4-1: config 0 interface 122 has no altsetting 0
[  300.103824][   T47] usb 4-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67
[  300.107480][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.110940][   T47] usb 4-1: Product: syz
[  300.112946][   T47] usb 4-1: Manufacturer: syz
[  300.114842][   T47] usb 4-1: SerialNumber: syz
[  300.119275][   T47] usb 4-1: config 0 descriptor??
[  300.539750][   T10] usb 4-1: USB disconnect, device number 13
[  300.543116][   T10] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected.
[  301.136774][   T33] audit: type=1326 audit(1755245803.430:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13066 comm="syz.3.3030" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f932af8ebe9 code=0x0
[  302.476624][T13109] tmpfs: Bad value for 'mpol'
[  302.586274][T13113] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3050'.
[  303.065082][T13124] net_ratelimit: 10 callbacks suppressed
[  303.065099][T13124] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  303.744939][T13172] netlink: 'syz.2.3074': attribute type 21 has an invalid length.
[  303.747994][T13172] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3074'.
[  304.108780][T13194] loop3: detected capacity change from 0 to 4096
[  304.115109][T13194] EXT4-fs: Ignoring removed mblk_io_submit option
[  304.118618][T13194] EXT4-fs (loop3): Test dummy encryption mode enabled
[  304.127920][T13194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.169209][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.277330][T13207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3089'.
[  305.817026][T13240] loop3: detected capacity change from 0 to 256
[  305.827059][T13240] exfat: Deprecated parameter 'utf8'
[  305.829035][T13240] exfat: Deprecated parameter 'utf8'
[  305.833929][T13240] exfat: Deprecated parameter 'utf8'
[  305.845201][T13240] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  305.869039][   T33] audit: type=1800 audit(1755245808.160:168): pid=13240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3105" name="file2" dev="loop3" ino=1048646 res=0 errno=0
[  305.975447][T13252] loop3: detected capacity change from 0 to 1024
[  306.108660][T13256] loop3: detected capacity change from 0 to 512
[  306.114377][T13256] EXT4-fs: Ignoring removed orlov option
[  306.117902][T13256] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  306.121979][T13256] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  306.127770][T13256] EXT4-fs (loop3): orphan cleanup on readonly fs
[  306.132512][T13256] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3113: Invalid inode bitmap blk 0 in block_group 0
[  306.139421][T13256] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  306.164268][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.198766][T13259] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3114'.
[  306.871568][   T33] audit: type=1326 audit(1755245809.170:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.886324][   T33] audit: type=1326 audit(1755245809.180:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.899224][   T33] audit: type=1326 audit(1755245809.180:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.912853][   T33] audit: type=1326 audit(1755245809.180:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.922679][   T33] audit: type=1326 audit(1755245809.180:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.929117][   T33] audit: type=1326 audit(1755245809.180:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.937401][   T33] audit: type=1326 audit(1755245809.180:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13280 comm="syz.2.3122" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  306.944728][T13285] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3124'.
[  307.133417][T13303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3133'.
[  307.140423][T13303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3133'.
[  307.541981][T13335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3147'.
[  307.659492][T13345] loop3: detected capacity change from 0 to 512
[  307.662381][T13345] EXT4-fs: Ignoring removed bh option
[  307.666928][T13345] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  307.682607][T13345] EXT4-fs (loop3): 1 truncate cleaned up
[  307.687568][T13345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.840372][T13358] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  307.912178][T13363] 9pnet_fd: Insufficient options for proto=fd
[  308.605350][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.125808][T13396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3167'.
[  309.129846][T13396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3167'.
[  309.177801][T13400] loop3: detected capacity change from 0 to 1024
[  309.181593][T13400] EXT4-fs: Ignoring removed orlov option
[  309.184976][T13400] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  309.194624][T13400] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  309.201678][T13400] EXT4-fs (loop3): invalid journal inode
[  309.204158][T13400] EXT4-fs (loop3): can't get journal size
[  309.210196][T13400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  310.086237][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.295729][T13462] loop3: detected capacity change from 0 to 512
[  311.304792][T13462] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.3197: corrupted in-inode xattr: invalid ea_ino
[  311.315963][T13462] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3197: couldn't read orphan inode 15 (err -117)
[  311.322527][T13462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.519670][T13467] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3198'.
[  311.528058][T13467] vlan3: entered promiscuous mode
[  311.530797][T13467] bridge0: entered promiscuous mode
[  312.027169][T13482] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3205'.
[  312.033810][   T10] IPVS: starting estimator thread 0...
[  312.218873][T13484] IPVS: using max 41 ests per chain, 98400 per kthread
[  312.281724][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.890263][  T974] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  313.008969][T13507] bridge_slave_0: left allmulticast mode
[  313.012551][T13507] bridge_slave_0: left promiscuous mode
[  313.014896][T13507] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.045570][  T974] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  313.049521][  T974] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  313.054708][  T974] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  313.058244][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  313.061752][  T974] usb 4-1: SerialNumber: syz
[  313.274079][  T974] usb 4-1: 0:2 : does not exist
[  313.284873][  T974] usb 4-1: USB disconnect, device number 14
[  313.530696][T13521] overlayfs: failed to clone upperpath
[  313.672620][T13525] overlayfs: failed to clone upperpath
[  313.823663][   T33] audit: type=1326 audit(1755245816.120:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.3.3231" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f932af8ebe9 code=0x0
[  313.897374][T13544] kAFS: unparsable volume name
[  314.267361][T13563] tipc: Started in network mode
[  314.270955][T13563] tipc: Node identity 4, cluster identity 4711
[  314.276185][T13563] tipc: Node number set to 4
[  314.858544][T13579] loop3: detected capacity change from 0 to 512
[  315.475391][T13614] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode broadcast(3)
[  315.667682][T13630] loop3: detected capacity change from 0 to 512
[  315.694497][T13630] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.707743][T13630] ext4 filesystem being mounted at /415/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.799610][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.395346][T13654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3278'.
[  316.988595][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  317.022004][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  317.613086][T13688] bridge: RTM_NEWNEIGH with invalid ether address
[  317.681491][  T974] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  317.833359][  T974] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  317.837311][  T974] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  317.842137][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.847420][  T974] usb 4-1: config 0 descriptor??
[  317.853272][  T974] pwc: Askey VC010 type 2 USB webcam detected.
[  318.257343][  T974] pwc: recv_control_msg error -32 req 02 val 2b00
[  318.262416][  T974] pwc: recv_control_msg error -32 req 02 val 2700
[  318.265791][  T974] pwc: recv_control_msg error -32 req 02 val 2c00
[  318.269017][  T974] pwc: recv_control_msg error -32 req 04 val 1000
[  318.275728][  T974] pwc: recv_control_msg error -32 req 04 val 1300
[  318.279243][  T974] pwc: recv_control_msg error -32 req 04 val 1400
[  318.283004][  T974] pwc: recv_control_msg error -32 req 02 val 2000
[  318.286558][  T974] pwc: recv_control_msg error -32 req 02 val 2100
[  318.289810][  T974] pwc: recv_control_msg error -32 req 04 val 1500
[  318.298241][  T974] pwc: recv_control_msg error -32 req 02 val 2500
[  318.302303][  T974] pwc: recv_control_msg error -32 req 02 val 2400
[  318.507257][  T974] pwc: recv_control_msg error -71 req 02 val 2900
[  318.513730][  T974] pwc: recv_control_msg error -71 req 02 val 2800
[  318.517422][  T974] pwc: recv_control_msg error -71 req 04 val 1100
[  318.521484][  T974] pwc: recv_control_msg error -71 req 04 val 1200
[  318.529027][  T974] pwc: Registered as video103.
[  318.535470][  T974] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input14
[  318.546171][  T974] usb 4-1: USB disconnect, device number 15
[  318.998549][T13732] bridge0: entered allmulticast mode
[  319.121955][T13738] loop3: detected capacity change from 0 to 4096
[  319.129630][T13738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.152369][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.633799][T13747] loop3: detected capacity change from 0 to 4096
[  319.637021][T13747] ntfs3: Unknown parameter ''
[  319.662975][T13745] loop3: detected capacity change from 0 to 512
[  319.679494][T13745] EXT4-fs (loop3): orphan cleanup on readonly fs
[  319.683414][T13745] Quota error (device loop3): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[  319.686571][T13745] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  319.689650][T13745] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3319: Failed to acquire dquot type 1
[  319.701032][T13745] EXT4-fs (loop3): 1 truncate cleaned up
[  319.705887][T13745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  320.047204][ T9947] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.187977][   T33] audit: type=1326 audit(1755245823.480:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13781 comm="syz.3.3337" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f932af8ebe9 code=0x7fc00000
[  321.279401][T13803] [U] V3Fپ"W/4:XTZWTLW=
[  321.285784][T13803] [U] J"E:"
[  321.394158][T13809] loop3: detected capacity change from 0 to 2048
[  321.405283][T13809] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  321.427580][T13809] overlayfs: upper fs needs to support d_type.
[  321.431703][T13809] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  321.434517][T13809] overlayfs: failed to set xattr on upper
[  321.436893][T13809] overlayfs: ...falling back to redirect_dir=nofollow.
[  321.439595][T13809] overlayfs: ...falling back to index=off.
[  321.475703][ T9947] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[  321.481030][ T9947] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[  322.070897][ T5234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  322.079162][ T5234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  322.132760][ T5234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  322.135906][ T5234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  322.138851][ T5234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  322.263488][T13825] /dev/nullb0: Can't lookup blockdev
[  322.383628][T13819] chnl_net:caif_netlink_parms(): no params data found
[  322.459831][T13819] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.462994][T13819] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.465750][T13819] bridge_slave_0: entered allmulticast mode
[  322.469479][T13819] bridge_slave_0: entered promiscuous mode
[  322.478170][T13819] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.481371][T13819] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.483924][T13819] bridge_slave_1: entered allmulticast mode
[  322.487187][T13819] bridge_slave_1: entered promiscuous mode
[  322.521783][T13819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.526743][T13819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.548147][T13819] team0: Port device team_slave_0 added
[  322.553364][T13819] team0: Port device team_slave_1 added
[  322.704751][T13819] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.712925][T13819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.737845][T13819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.811620][T13819] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.868015][T13819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.876774][T13819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.921295][T13819] hsr_slave_0: entered promiscuous mode
[  322.923836][T13819] hsr_slave_1: entered promiscuous mode
[  322.926647][T13819] debugfs: 'hsr0' already exists in 'hsr'
[  322.928597][T13819] Cannot create hsr debugfs directory
[  323.185990][T13819] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  323.193359][T13819] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  323.204611][T13819] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  323.213899][T13819] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  323.584748][T13819] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.601501][T13819] 8021q: adding VLAN 0 to HW filter on device team0
[  323.607140][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.609435][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.624330][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.626694][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.773216][T13819] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.905210][T13870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3368'.
[  323.911693][T13870] netlink: 'syz.2.3368': attribute type 30 has an invalid length.
[  323.926691][T13870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3368'.
[  323.926720][ T5973] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  323.930062][T13870] netlink: 'syz.2.3368': attribute type 30 has an invalid length.
[  323.943133][ T5973] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  323.953407][ T5973] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  323.958131][ T5973] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  324.081579][T13819] veth0_vlan: entered promiscuous mode
[  324.089818][T13819] veth1_vlan: entered promiscuous mode
[  324.119029][T13819] veth0_macvtap: entered promiscuous mode
[  324.134299][T13819] veth1_macvtap: entered promiscuous mode
[  324.156738][T13819] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.173412][T13819] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.184181][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.190410][ T5950] Bluetooth: hci0: command tx timeout
[  324.197659][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.214859][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.218509][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.255680][   T33] audit: type=1326 audit(1755245826.540:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13879 comm="syz.2.3373" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x0
[  324.347229][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.359488][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.407345][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.412327][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.584972][T13894] usb usb7: usbfs: process 13894 (syz.4.3352) did not claim interface 0 before use
[  324.590988][T13894] usb usb7: usbfs: process 13894 (syz.4.3352) did not claim interface 0 before use
[  326.270801][ T5950] Bluetooth: hci0: command tx timeout
[  327.160137][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  327.755596][T13986] netlink: 'syz.2.3419': attribute type 21 has an invalid length.
[  327.759058][T13986] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3419'.
[  328.091828][T13999] netlink: 'syz.2.3425': attribute type 17 has an invalid length.
[  328.094407][T13999] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3425'.
[  328.138611][ T5973] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  328.142324][ T5973] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  328.147793][ T5973] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  328.161322][ T5973] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  328.350410][ T5950] Bluetooth: hci0: command tx timeout
[  329.223897][T14024] loop4: detected capacity change from 0 to 2048
[  329.283070][T14024]  loop4: p3 p4 < >
[  329.284606][T14024] loop4: p3 start 301989888 is beyond EOD, truncated
[  329.614467][T14054] netlink: 'syz.2.3452': attribute type 12 has an invalid length.
[  329.618290][T14054] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3452'.
[  329.693436][T14060] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3454'.
[  329.723279][ T5312] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  329.875825][ T5312] usb 5-1: unable to get BOS descriptor or descriptor too short
[  329.880695][ T5312] usb 5-1: not running at top speed; connect to a high speed hub
[  329.888629][ T5312] usb 5-1: config 2 has an invalid interface number: 212 but max is 1
[  329.895112][ T5312] usb 5-1: config 2 has an invalid interface number: 226 but max is 1
[  329.898518][ T5312] usb 5-1: config 2 has no interface number 0
[  329.901584][ T5312] usb 5-1: config 2 has no interface number 1
[  329.904252][ T5312] usb 5-1: config 2 interface 212 altsetting 9 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  329.908822][ T5312] usb 5-1: config 2 interface 226 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  329.914368][ T5312] usb 5-1: config 2 interface 226 altsetting 0 endpoint 0x85 has invalid maxpacket 37745, setting to 64
[  329.924598][ T5312] usb 5-1: config 2 interface 226 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  329.928408][ T5312] usb 5-1: config 2 interface 226 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  329.935700][ T5312] usb 5-1: config 2 interface 212 has no altsetting 0
[  329.943264][ T5312] usb 5-1: New USB device found, idVendor=0738, idProduct=4540, bcdDevice=c6.ce
[  329.947199][ T5312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.953200][ T5312] usb 5-1: Product: syz
[  329.954965][ T5312] usb 5-1: Manufacturer: syz
[  329.956869][ T5312] usb 5-1: SerialNumber: syz
[  330.179444][ T5312] input: Mad Catz Beat Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:2.226/input/input15
[  330.197277][ T5312] usb 5-1: USB disconnect, device number 2
[  330.460156][ T5950] Bluetooth: hci0: command tx timeout
[  331.258892][T14098] futex_wake_op: syz.1.3471 tries to shift op by -1; fix this program
[  332.585021][T14141] loop4: detected capacity change from 0 to 32768
[  332.593720][T14141] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3491 (14141)
[  332.614787][T14141] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.618981][T14141] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  332.622776][T14141] BTRFS info (device loop4): using free-space-tree
[  332.727408][T14163] macvlan2: entered promiscuous mode
[  332.737157][T13819] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.921504][T14169] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3497'.
[  332.925179][T14169] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3497'.
[  333.201569][T14191] loop4: detected capacity change from 0 to 8
[  333.205209][T14191] squashfs image failed sanity check
[  333.444235][   T33] audit: type=1800 audit(1755245835.740:179): pid=14214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3518" name="nullb0" dev="tmpfs" ino=2440 res=0 errno=0
[  333.734438][T14237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.764179][T14240] loop4: detected capacity change from 0 to 512
[  333.798327][T14240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.806436][T14240] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.883569][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.899865][T14252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3535'.
[  333.999342][T14264] mac80211_hwsim hwsim6 `: renamed from wlan1 (while UP)
[  334.045890][T14268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3542'.
[  334.088395][   T33] audit: type=1326 audit(1755245836.370:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.2.3545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  334.102781][   T33] audit: type=1326 audit(1755245836.370:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.2.3545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  334.114272][   T33] audit: type=1326 audit(1755245836.370:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.2.3545" exe="/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  334.127694][   T33] audit: type=1326 audit(1755245836.370:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.2.3545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  334.139712][   T33] audit: type=1326 audit(1755245836.370:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.2.3545" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  334.453333][T14300] loop4: detected capacity change from 0 to 256
[  334.580512][T14309] loop4: detected capacity change from 0 to 64
[  334.767135][T14320] netlink: 'syz.4.3566': attribute type 7 has an invalid length.
[  334.786620][T14320] : entered promiscuous mode
[  334.828950][T14322] loop4: detected capacity change from 0 to 512
[  334.836309][T14322] EXT4-fs (loop4): Test dummy encryption mode enabled
[  334.841782][T14322] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  334.845715][T14322] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[  334.848949][T14322] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.869501][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.

syzkaller
syzkaller login: [  335.451512][T14359] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3584'.
[  335.794498][T14384] loop6: detected capacity change from 0 to 63
[  335.812283][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.816026][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.835758][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.839069][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.845791][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.849242][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.852503][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.855860][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.859106][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  335.865184][T14384] Buffer I/O error on dev loop6, logical block 0, async page read
[  336.425117][   T33] audit: type=1326 audit(1755245838.720:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14401 comm="syz.2.3595" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x0
[  337.010159][ T6008] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  337.170665][ T6008] usb 5-1: Using ep0 maxpacket: 32
[  337.213266][ T6008] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  337.267290][ T6008] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  337.279048][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.291813][ T6008] usb 5-1: Product: syz
[  337.297018][ T6008] usb 5-1: Manufacturer: syz
[  337.305687][ T6008] usb 5-1: SerialNumber: syz
[  337.370925][ T6008] usb 5-1: config 0 descriptor??
[  337.373874][T14413] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  337.380806][ T6008] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input16
[  337.598376][ T6008] usb 5-1: USB disconnect, device number 3
[  337.601019][    C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  338.487894][T14474] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3625'.
[  338.496611][T14474] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3625'.
[  339.653482][T14510] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3642'.
[  340.382772][T14524] netlink: 4280 bytes leftover after parsing attributes in process `syz.1.3647'.
[  340.387491][T14524] netlink: 4280 bytes leftover after parsing attributes in process `syz.1.3647'.
[  341.138106][T14548] sctp: [Deprecated]: syz.2.3659 (pid 14548) Use of struct sctp_assoc_value in delayed_ack socket option.
[  341.138106][T14548] Use struct sctp_sack_info instead
[  342.695889][T14604] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3685'.
[  342.699690][T14604] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3685'.
[  342.709749][T14604] erspan0: entered promiscuous mode
[  342.716003][T14604] gretap0: entered promiscuous mode
[  342.741454][ T6008] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  342.756764][ T6008] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  342.800596][T14609] 9pnet_fd: Insufficient options for proto=fd
[  343.789768][T14636] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.797529][T14636] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.835307][T14636] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.842890][T14636] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.937719][T14641] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0
[  343.939244][T14640] IPVS: stopping backup sync thread 14641 ...
[  344.115687][T14652] Bluetooth: MGMT ver 1.23
[  344.157335][T14656] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.3708' sets config #1
[  344.422116][T14675] 9pnet_fd: Insufficient options for proto=fd
[  344.987847][T14701] loop4: detected capacity change from 0 to 1024
[  345.005842][T14701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.032767][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.118430][   T33] audit: type=1326 audit(1755245847.410:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.132239][   T33] audit: type=1326 audit(1755245847.410:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.139799][   T33] audit: type=1326 audit(1755245847.430:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.162600][   T33] audit: type=1326 audit(1755245847.430:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.170391][   T33] audit: type=1326 audit(1755245847.430:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.178244][   T33] audit: type=1326 audit(1755245847.430:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.199317][   T33] audit: type=1326 audit(1755245847.430:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.214202][   T33] audit: type=1326 audit(1755245847.430:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.222957][   T33] audit: type=1326 audit(1755245847.430:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.233076][   T33] audit: type=1326 audit(1755245847.450:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz.4.3736" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  345.409037][T14731] macsec1: entered allmulticast mode
[  345.411293][T14731] hsr0: entered allmulticast mode
[  345.413183][T14731] hsr_slave_0: entered allmulticast mode
[  345.415284][T14731] hsr_slave_1: entered allmulticast mode
[  345.419194][T14731] hsr0: left allmulticast mode
[  345.421976][T14731] hsr_slave_0: left allmulticast mode
[  345.424106][T14731] hsr_slave_1: left allmulticast mode
[  345.879690][T14763] IPv6: sit1: Disabled Multicast RS
[  345.883884][T14763] sit1: entered allmulticast mode
[  346.051812][T14774] futex_wake_op: syz.2.3762 tries to shift op by 32; fix this program
[  346.282648][T14792] bridge2: entered promiscuous mode
[  346.284639][T14792] bridge2: entered allmulticast mode
[  346.663234][T14812] loop4: detected capacity change from 0 to 8192
[  346.668700][T14812] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  346.751903][T14815] loop4: detected capacity change from 0 to 256
[  346.758258][T14815] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  346.764229][T14815] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  346.772669][T14815] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  347.137687][T14794] orangefs_mount: mount request failed with -4
[  347.643304][T14832] netlink: 6 bytes leftover after parsing attributes in process `syz.2.3787'.
[  349.336243][T14898] loop4: detected capacity change from 0 to 512
[  349.356683][T14898] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.361871][T14898] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  349.521350][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.624999][T14909] netlink: 'syz.4.3821': attribute type 12 has an invalid length.
[  350.003128][T14943] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  350.056891][T14949] loop4: detected capacity change from 0 to 1024
[  350.064042][T14949] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  350.199631][T14962] netlink: 'syz.2.3845': attribute type 32 has an invalid length.
[  350.265537][T14964] loop4: detected capacity change from 0 to 256
[  350.273352][T14964] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  350.281452][T14968] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3848'.
[  350.342025][T14964] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3846'.
[  350.504109][T14987] netlink: 312 bytes leftover after parsing attributes in process `syz.1.3857'.
[  350.544637][T14993] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3859'.
[  350.820235][ T6008] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  350.975477][ T6008] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  350.979284][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.982671][ T6008] usb 5-1: Product: syz
[  350.984447][ T6008] usb 5-1: Manufacturer: syz
[  350.986328][ T6008] usb 5-1: SerialNumber: syz
[  350.992948][ T6008] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  351.008845][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  351.424252][  T974] usb 5-1: USB disconnect, device number 4
[  352.033420][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  352.043007][   T10] ath9k_htc: Failed to initialize the device
[  352.045894][  T974] usb 5-1: ath9k_htc: USB layer deinitialized
[  352.241932][T15034] loop4: detected capacity change from 0 to 32768
[  352.249648][T15034] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  352.278456][T15034] XFS (loop4): Ending clean mount
[  352.358679][T13819] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  352.773773][   T33] kauditd_printk_skb: 10 callbacks suppressed
[  352.773788][   T33] audit: type=1326 audit(1755245855.070:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.1.3902" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb0698ebe9 code=0x0
[  352.793563][T15095] overlayfs: failed to clone upperpath
[  353.655196][T15110] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3908'.
[  353.822034][T15112] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  353.865512][T15114] loop4: detected capacity change from 0 to 512
[  353.878543][T15114] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  353.895623][T15114] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  353.904342][T15114] EXT4-fs (loop4): failed to initialize system zone (-117)
[  353.923374][T15114] EXT4-fs (loop4): mount failed
[  354.264785][T15131] netlink: 'syz.1.3917': attribute type 1 has an invalid length.
[  354.311851][T15131] 8021q: adding VLAN 0 to HW filter on device bond2
[  354.341786][T15131] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.361760][T15131] bond2: (slave batadv0): making interface the new active one
[  354.371467][T15131] bond2: (slave batadv0): Enslaving as an active interface with an up link
[  354.992488][T15162] netlink: 'syz.1.3931': attribute type 7 has an invalid length.
[  356.137939][T15200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3948'.
[  356.162753][T15203] 9pnet_fd: p9_fd_create_tcp (15203): problem connecting socket to 127.0.0.1
[  356.358164][T15221] loop4: detected capacity change from 0 to 1024
[  356.386801][T15221] hfsplus: bad catalog entry type
[  356.434281][   T26] hfsplus: b-tree write err: -5, ino 4
[  356.590790][ T5950] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  356.598392][ T5950] Bluetooth: hci0: Injecting HCI hardware error event
[  356.605752][ T5234] Bluetooth: hci0: hardware error 0x00
[  357.497371][T15258] smc: net device bond0 applied user defined pnetid SYZ2
[  357.503895][T15258] smc: net device bond0 erased user defined pnetid SYZ2
[  358.180211][T15285] bridge0: port 3(dummy0) entered disabled state
[  358.599262][T15285] bridge_slave_1: left allmulticast mode
[  358.602867][T15285] bridge_slave_1: left promiscuous mode
[  358.605403][T15285] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.616601][T15285] bond0: (slave bond_slave_0): Releasing backup interface
[  358.623402][T15285] bond0: (slave bond_slave_1): Releasing backup interface
[  358.630880][T15285] team0: Port device team_slave_0 removed
[  358.634934][T15285] team0: Port device team_slave_1 removed
[  358.645148][T15285] batman_adv: batadv0: Removing interface: batadv_slave_0
[  358.648900][T15285] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.654283][T15285] bond1: (slave vlan2): Releasing active interface
[  358.671150][ T5234] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  358.865634][T15298] bond3: entered promiscuous mode
[  358.867298][T15298] bond3: entered allmulticast mode
[  358.869246][T15298] 8021q: adding VLAN 0 to HW filter on device bond3
[  359.202510][T15332] netlink: 'syz.1.4011': attribute type 10 has an invalid length.
[  359.217229][T15332] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  359.238631][T15334] loop4: detected capacity change from 0 to 2048
[  359.249152][T15334] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  360.598771][   T33] audit: type=1326 audit(1755245862.890:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.611474][   T33] audit: type=1326 audit(1755245862.890:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.622618][   T33] audit: type=1326 audit(1755245862.890:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.633193][   T33] audit: type=1326 audit(1755245862.890:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.642491][   T33] audit: type=1326 audit(1755245862.890:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.661046][   T33] audit: type=1326 audit(1755245862.890:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.4.4037" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  360.930746][T15410] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  360.933451][T15410] IPv6: NLM_F_CREATE should be set when creating new route
[  360.938618][T15410] IPv6: NLM_F_CREATE should be set when creating new route
[  361.217341][T15426] loop4: detected capacity change from 0 to 4096
[  361.243594][T15430] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  361.293852][   T33] audit: type=1326 audit(1755245863.590:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15432 comm="syz.4.4052" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  361.303015][   T33] audit: type=1326 audit(1755245863.590:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15432 comm="syz.4.4052" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  361.313978][   T33] audit: type=1326 audit(1755245863.590:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15432 comm="syz.4.4052" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  361.328100][   T33] audit: type=1326 audit(1755245863.590:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15432 comm="syz.4.4052" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x7ffc0000
[  361.519682][T15437] loop4: detected capacity change from 0 to 32768
[  361.719253][T15437] ERROR: (device loop4): dbAdjCtl: the maximum free buddy is not the old root
[  361.719253][T15437] 
[  361.725308][T15437] ERROR: (device loop4): remounting filesystem as read-only
[  362.038783][T15462] loop4: detected capacity change from 0 to 2048
[  362.050584][T15462] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  362.077274][T15464] RDS: rds_bind could not find a transport for fe88::2, load rds_tcp or rds_rdma?
[  362.237746][T15476] netlink: 'syz.2.4071': attribute type 11 has an invalid length.
[  362.418732][T15466] loop4: detected capacity change from 0 to 40427
[  362.422899][T15466] F2FS-fs (loop4): Image doesn't support compression
[  362.428481][T15466] F2FS-fs (loop4): invalid crc value
[  362.432906][T15466] F2FS-fs (loop4): SIT is corrupted node# 2 vs 7
[  362.444010][T15466] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117)
[  363.226770][T15516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4089'.
[  363.523192][T15513] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.4088'.
[  363.685294][T15528] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4094'.
[  363.746393][T15532] bridge3: entered allmulticast mode
[  364.570391][   T10] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  364.744452][   T10] usb 5-1: config 9 has an invalid interface number: 1 but max is 0
[  364.747869][   T10] usb 5-1: config 9 has no interface number 0
[  364.751699][   T10] usb 5-1: config 9 interface 1 has no altsetting 0
[  364.758400][   T10] usb 5-1: string descriptor 0 read error: -22
[  364.763495][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=b140, bcdDevice=75.36
[  364.767118][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.776490][   T10] cx231xx 5-1:9.1: New device   @ 1.5 Mbps (2040:b140) with 1 interfaces
[  364.779868][   T10] cx231xx 5-1:9.1: Not found matching IAD interface
[  364.984377][   T10] usb 5-1: USB disconnect, device number 5
[  365.551218][ T5950] Bluetooth: hci2: command 0x0406 tx timeout
[  365.690526][T15575] netlink: 'syz.1.4114': attribute type 10 has an invalid length.
[  366.043801][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  366.043812][   T33] audit: type=1326 audit(1755245868.340:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15607 comm="syz.4.4128" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x0
[  366.554381][T15632] nftables ruleset with unbound set
[  367.053339][T15642] loop4: detected capacity change from 0 to 1024
[  367.076195][   T26] hfsplus: b-tree write err: -5, ino 4
[  367.286482][T15656] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4150'.
[  367.355604][T15660] loop4: detected capacity change from 0 to 1764
[  367.854584][T15683] loop4: detected capacity change from 0 to 8
[  367.871629][T15683] SQUASHFS error: xz decompression failed, data probably corrupt
[  367.874921][T15683] SQUASHFS error: Failed to read block 0x108: -5
[  367.877429][T15683] SQUASHFS error: Unable to read metadata cache entry [106]
[  367.887284][T15683] SQUASHFS error: Unable to read inode 0x11f
[  368.596330][T15690] loop4: detected capacity change from 0 to 131072
[  368.603581][T15690] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  368.606810][T15690] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  368.612444][T15690] F2FS-fs (loop4): invalid crc value
[  368.671502][T15690] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  368.676569][T15690] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  368.679305][T15690] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  369.111909][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4187'.
[  369.817271][T15764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4197'.
[  369.826022][T15764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4197'.
[  369.829542][T15764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4197'.
[  370.722316][   T47] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  370.873989][   T47] usb 5-1: Using ep0 maxpacket: 8
[  370.892983][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  370.896966][   T47] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  370.907079][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.933626][   T47] usb 5-1: config 0 descriptor??
[  371.167446][   T47] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  371.372540][T15777] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  371.376405][T15777] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  371.787729][ T6007] usb 5-1: USB disconnect, device number 6
[  372.710520][ T6007] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  372.862013][ T6007] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  372.872642][ T6007] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  372.882441][ T6007] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  372.893556][ T6007] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  372.896898][ T6007] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.915975][ T6007] usb 5-1: Product: syz
[  372.917607][ T6007] usb 5-1: Manufacturer: syz
[  372.919367][ T6007] usb 5-1: SerialNumber: syz
[  372.929513][ T6007] usb 5-1: config 0 descriptor??
[  372.935671][T15833] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  372.938568][T15833] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  372.945773][ T6007] usb 5-1: ucan: probing device on interface #0
[  373.039807][T15853] overlayfs: failed to clone upperpath
[  373.247244][ T6007] usb 5-1: ucan: could not read protocol version, ret=-32
[  373.251956][ T6007] usb 5-1: ucan: probe failed; try to update the device firmware
[  373.264749][ T6007] usb 5-1: USB disconnect, device number 7
[  375.246749][ T6008] Process accounting resumed
[  377.682157][T15988] loop4: detected capacity change from 0 to 32768
[  377.684658][T15988] jfs: Unknown parameter ''
[  378.011880][T16007] loop4: detected capacity change from 0 to 2048
[  378.016180][T16007] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  378.028598][T16010] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  378.352616][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  378.354602][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  379.264067][T16066] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  380.423629][T16087] loop4: detected capacity change from 0 to 512
[  380.426905][T16087] EXT4-fs: Ignoring removed oldalloc option
[  380.452050][T16087] EXT4-fs (loop4): 1 truncate cleaned up
[  380.455478][T16087] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.484543][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.196781][T16117] loop4: detected capacity change from 0 to 256
[  381.204346][T16117] MINIX-fs: mounting file system with errors, running fsck is recommended
[  381.248634][T16119] loop4: detected capacity change from 0 to 2048
[  381.254588][T16119] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  381.267899][   T33] audit: type=1800 audit(1755245883.560:222): pid=16119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4351" name="file1" dev="loop4" ino=1346 res=0 errno=0
[  381.402463][    T9] libceph: connect (1)[c::]:6789 error -101
[  381.405718][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  381.421864][    T9] libceph: connect (1)[c::]:6789 error -101
[  381.428208][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  381.506878][T16131] overlayfs: failed to clone upperpath
[  381.706864][    T9] libceph: connect (1)[c::]:6789 error -101
[  381.712057][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  382.017650][T16153] dvmrp0: entered allmulticast mode
[  382.165322][T16121] ceph: No mds server is up or the cluster is laggy
[  383.945593][T16206] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  383.948355][    T9] IPVS: starting estimator thread 0...
[  384.040646][T16209] IPVS: using max 38 ests per chain, 91200 per kthread
[  384.773179][T16250] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4406'.
[  384.778148][T16250] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4406'.
[  385.097499][   T33] audit: type=1326 audit(1755245887.390:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  385.105800][   T33] audit: type=1326 audit(1755245887.390:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  385.117231][   T33] audit: type=1326 audit(1755245887.410:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  385.129745][   T33] audit: type=1326 audit(1755245887.410:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbaf998ec23 code=0x7ffc0000
[  385.138705][   T33] audit: type=1326 audit(1755245887.430:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbaf998d69f code=0x7ffc0000
[  385.148458][   T33] audit: type=1326 audit(1755245887.430:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbaf998ec77 code=0x7ffc0000
[  385.167848][   T33] audit: type=1326 audit(1755245887.430:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbaf998d550 code=0x7ffc0000
[  385.176353][   T33] audit: type=1326 audit(1755245887.430:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbaf998d84a code=0x7ffc0000
[  385.187102][   T33] audit: type=1326 audit(1755245887.430:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.2.4409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  385.255670][T16265] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4412'.
[  385.740902][T16271] loop4: detected capacity change from 0 to 32768
[  385.798068][T16271] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  385.798091][T16271]   allowing incompatible features above 0.0: (unknown version)
[  385.798099][T16271]   features: lz4
[  385.811465][T16271] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  385.814579][T16271] bcachefs (loop4): initializing new filesystem
[  385.824443][T16271] bcachefs (loop4): going read-write
[  385.838392][T16271] bcachefs (loop4): marking superblocks
[  385.851582][T16271] bcachefs (loop4): initializing freespace
[  385.857088][T16271] bcachefs (loop4): done initializing freespace
[  385.863284][T16271] bcachefs (loop4): reading snapshots table
[  385.865698][T16271] bcachefs (loop4): reading snapshots done
[  385.884782][T16285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4416'.
[  385.920468][T16271] bcachefs (loop4): done starting filesystem
[  386.309839][T13819] bcachefs (loop4): shutting down
[  386.314631][T13819] bcachefs (loop4): going read-only
[  386.316662][T13819] bcachefs (loop4): finished waiting for writes to stop
[  386.329020][T13819] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  386.355947][T13819] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  386.362436][T13819] bcachefs (loop4): clean shutdown complete, journal seq 4
[  386.365794][T13819] bcachefs (loop4): marking filesystem clean
[  386.386026][T13819] bcachefs (loop4): shutdown complete
[  386.862121][T16335] netlink: 'syz.2.4443': attribute type 1 has an invalid length.
[  386.865132][T16335] netlink: 'syz.2.4443': attribute type 1 has an invalid length.
[  387.849227][T16350] netlink: 'syz.2.4447': attribute type 4 has an invalid length.
[  387.929437][T16356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4451'.
[  388.428366][T16395] loop4: detected capacity change from 0 to 8192
[  388.582602][ T6007] kernel write not supported for file /snd/seq (pid: 6007 comm: kworker/1:6)
[  388.673601][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.762929][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.839360][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.037848][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.144999][T16428] futex_wake_op: syz.1.4484 tries to shift op by 32; fix this program
[  389.205879][   T13] bridge_slave_1: left allmulticast mode
[  389.207688][   T13] bridge_slave_1: left promiscuous mode
[  389.210995][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.222289][   T13] bridge_slave_0: left allmulticast mode
[  389.224173][   T13] bridge_slave_0: left promiscuous mode
[  389.227348][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.739271][T16442] loop4: detected capacity change from 0 to 512
[  389.742779][T16442] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  389.769064][T16442] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.4492: bad orphan inode 16
[  389.780716][T16442] ext4_test_bit(bit=15, block=4) = 0
[  389.782416][T16442] EXT4-fs (loop4): 1 orphan inode deleted
[  389.785158][T16442] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.839637][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.923219][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  389.927461][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  389.932909][   T13] bond0 (unregistering): Released all slaves
[  390.032063][   T13] tipc: Disabling bearer <udp:syz0>
[  390.038061][   T13] tipc: Left network mode
[  390.188475][T16466] __vm_enough_memory: pid: 16466, comm: syz.2.4501, bytes: 4503599627366400 not enough memory for the allocation
[  390.306979][   T13] hsr_slave_0: left promiscuous mode
[  390.309683][   T13] hsr_slave_1: left promiscuous mode
[  390.317346][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  390.322012][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.327219][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  390.331431][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.363101][   T13] veth1_macvtap: left promiscuous mode
[  390.365221][   T13] veth0_macvtap: left promiscuous mode
[  390.367340][   T13] veth1_vlan: left promiscuous mode
[  390.995660][   T13] team0 (unregistering): Port device team_slave_1 removed
[  391.036794][   T13] team0 (unregistering): Port device team_slave_0 removed
[  393.300235][ T5950] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  393.592118][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  393.592133][   T33] audit: type=1326 audit(1755245895.890:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.606187][   T33] audit: type=1326 audit(1755245895.890:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.614973][   T33] audit: type=1326 audit(1755245895.900:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.625476][   T33] audit: type=1326 audit(1755245895.900:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.634541][   T33] audit: type=1326 audit(1755245895.900:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.646948][   T33] audit: type=1326 audit(1755245895.940:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.707438][   T33] audit: type=1326 audit(1755245896.000:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  393.722333][   T33] audit: type=1326 audit(1755245896.000:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16534 comm="syz.1.4531" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  394.412142][T16560] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  394.612875][T16568] IPv6: sit1: Disabled Multicast RS
[  394.780683][T16572] loop4: detected capacity change from 0 to 32768
[  394.849446][T16572] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  394.849461][T16572]   allowing incompatible features above 0.0: (unknown version)
[  394.849466][T16572]   features: 
[  394.862381][T16572] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  394.865289][T16572] bcachefs (loop4): initializing new filesystem
[  395.164879][T16572] bcachefs (loop4): going read-write
[  395.178749][T16572] bcachefs (loop4): marking superblocks
[  395.201548][T16572] bcachefs (loop4): initializing freespace
[  395.208820][T16572] bcachefs (loop4): done initializing freespace
[  395.220639][T16572] bcachefs (loop4): reading snapshots table
[  395.223190][T16572] bcachefs (loop4): reading snapshots done
[  395.262393][T16572] bcachefs (loop4): done starting filesystem
[  395.331355][T13819] bcachefs (loop4): shutting down
[  395.334315][T13819] bcachefs (loop4): going read-only
[  395.337025][T13819] bcachefs (loop4): finished waiting for writes to stop
[  395.341476][T13819] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  395.402787][T13819] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  395.407538][T13819] bcachefs (loop4): clean shutdown complete, journal seq 4
[  395.412784][T13819] bcachefs (loop4): marking filesystem clean
[  395.447371][T13819] bcachefs (loop4): shutdown complete
[  396.723371][T16610] 9pnet_fd: Insufficient options for proto=fd
[  396.921600][T16625] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4566'.
[  398.163357][T16669] loop4: detected capacity change from 0 to 4096
[  398.268423][T16669] ntfs3(loop4): try to read out of volume at offset 0x3fffffc7000
[  398.273784][T16669] ntfs3(loop4): ino=21, The size of extended attributes must not exceed 64KiB
[  399.020142][    T9] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  399.181923][    T9] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  399.185007][    T9] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  399.188144][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  399.192343][    T9] usb 5-1: config 1 has no interface number 0
[  399.194802][    T9] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  399.198882][    T9] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  399.204804][    T9] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  399.208280][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.218176][    T9] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  399.833846][T16711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4598'.
[  399.903142][    T9] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[  400.120756][ T6007] usb 5-1: USB disconnect, device number 8
[  400.127201][ T6007] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  401.214187][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  401.380199][    T9] usb 5-1: Using ep0 maxpacket: 8
[  401.384262][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  401.388269][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3
[  401.396415][    T9] usb 5-1: New USB device found, idVendor=05c6, idProduct=9215, bcdDevice=29.ac
[  401.401795][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.407446][    T9] usb 5-1: config 0 descriptor??
[  401.491502][    T9] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  401.623462][ T5312] usb 5-1: USB disconnect, device number 9
[  401.720559][   T33] audit: type=1326 audit(1755245904.020:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16764 comm="syz.1.4621" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  401.728139][   T33] audit: type=1326 audit(1755245904.020:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16764 comm="syz.1.4621" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  401.736620][   T33] audit: type=1326 audit(1755245904.020:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16764 comm="syz.1.4621" exe="/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  401.745499][   T33] audit: type=1326 audit(1755245904.020:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16764 comm="syz.1.4621" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  401.755043][   T33] audit: type=1326 audit(1755245904.020:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16764 comm="syz.1.4621" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0698ebe9 code=0x7ffc0000
[  401.957053][T16777] 9pnet_fd: Insufficient options for proto=fd
[  402.381070][T16798] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  402.844144][T16809] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4642'.
[  403.533571][T16834] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4652'.
[  404.242535][ T6008] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  404.425238][ T6008] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  404.429538][ T6008] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  404.434327][ T6008] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  404.437783][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.652140][ T6008] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  404.656733][ T6008] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input18
[  404.664926][ T6008] input: failed to attach handler kbd to device input18, error: -5
[  404.680748][ T6008] usb 5-1: USB disconnect, device number 10
[  405.480492][ T5312] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  405.630555][ T5312] usb 5-1: Using ep0 maxpacket: 8
[  405.634594][ T5312] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  405.638063][ T5312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.647829][ T5312] pvrusb2: Hardware description: Terratec Grabster AV400
[  405.651232][ T5312] pvrusb2: **********
[  405.652849][ T5312] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  405.656750][ T5312] pvrusb2: Important functionality might not be entirely working.
[  405.661364][ T5312] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  405.665722][ T5312] pvrusb2: **********
[  405.853500][ T2397] pvrusb2: Invalid write control endpoint
[  405.880856][T16942] netlink: 'syz.2.4701': attribute type 29 has an invalid length.
[  405.906650][ T2397] pvrusb2: Invalid write control endpoint
[  405.909057][ T2397] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  405.915052][ T2397] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  405.917788][ T2397] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  405.923656][ T2397] pvrusb2: Device being rendered inoperable
[  405.932362][ T2397] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  405.936590][ T2397] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  405.958210][ T2397] pvrusb2: Attached sub-driver cx25840
[  405.966409][ T2397] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  405.971757][ T2397] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  406.074406][ T5312] usb 5-1: USB disconnect, device number 11
[  406.273161][T16964] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4711'.
[  406.276783][T16964] netlink: 'syz.1.4711': attribute type 3 has an invalid length.
[  406.625217][T16986] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4721'.
[  406.950518][ T5312] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  407.100449][ T5312] usb 5-1: Using ep0 maxpacket: 16
[  407.104941][ T5312] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  407.108954][ T5312] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  407.116845][ T5312] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  407.121940][ T5312] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  407.125097][ T5312] usb 5-1: Manufacturer: syz
[  407.129176][ T5312] usb 5-1: config 0 descriptor??
[  407.421386][ T6008] usb 5-1: USB disconnect, device number 12
[  407.474215][T17012] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  407.566703][T17020] 9pnet_virtio: no channels available for device syz
[  408.052622][ T6008] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  408.060633][ T6008] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  408.509504][T17079] loop4: detected capacity change from 0 to 32768
[  408.536980][T17079] JBD2: Ignoring recovery information on journal
[  408.541686][T17079] jbd2_journal_bmap: journal block not found at offset 32 on loop4-75
[  408.544791][T17079] JBD2: bad block at offset 32
[  408.555779][T17079] (syz.4.4765,17079,1):ocfs2_load_local_alloc:312 ERROR: Invalid local alloc inode, 75
[  408.559554][T17079] (syz.4.4765,17079,1):ocfs2_load_local_alloc:356 ERROR: status = -22
[  408.563206][T17079] (syz.4.4765,17079,1):ocfs2_check_volume:2404 ERROR: status = -22
[  408.566283][T17079] (syz.4.4765,17079,1):ocfs2_check_volume:2432 ERROR: status = -22
[  408.569412][T17079] (syz.4.4765,17079,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  408.581018][T17079] (syz.4.4765,17079,1):ocfs2_fill_super:1177 ERROR: status = -22
[  409.500368][ T6008] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  409.577869][T17109] netlink: 'syz.2.4778': attribute type 3 has an invalid length.
[  409.672403][ T6008] usb 5-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66
[  409.675937][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.684391][ T6008] usb 5-1: config 0 descriptor??
[  409.694645][ T6008] usb 5-1: invalid MIDI EP
[  409.696785][ T6008] usb 5-1: snd-bcd2000: error during probing
[  409.705160][ T6008] snd-bcd2000 5-1:0.0: probe with driver snd-bcd2000 failed with error -22
[  409.895846][ T6007] usb 5-1: USB disconnect, device number 13
[  411.069713][T17150] netlink: 'syz.2.4795': attribute type 63 has an invalid length.
[  411.238562][T17163] netlink: 'syz.1.4802': attribute type 1 has an invalid length.
[  411.276162][T17166] overlayfs: failed to clone upperpath
[  411.646082][T17181] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  411.657453][T17181] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  412.059408][T17192] gre1: entered promiscuous mode
[  412.062089][T17192] gre1: entered allmulticast mode
[  412.722790][T17231] loop4: detected capacity change from 0 to 4096
[  412.739299][T17232] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  412.751661][T17231] NILFS (loop4): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed
[  413.538672][T17255] overlayfs: failed to clone upperpath
[  414.829211][T17288] 9pnet_fd: Insufficient options for proto=fd
[  415.032379][T17311] netlink: 'syz.2.4867': attribute type 5 has an invalid length.
[  415.090337][ T5312] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  415.240404][ T5312] usb 5-1: Using ep0 maxpacket: 16
[  415.244671][ T5312] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  415.249371][ T5312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  415.258520][ T5312] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  415.262635][ T5312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.265788][ T5312] usb 5-1: Product: syz
[  415.267443][ T5312] usb 5-1: Manufacturer: syz
[  415.269309][ T5312] usb 5-1: SerialNumber: syz
[  415.273062][ T5312] usb 5-1: config 0 descriptor??
[  415.276722][ T5312] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  415.279675][ T5312] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  415.883131][ T5312] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  415.885848][ T5312] em28xx 5-1:0.0: Config register raw data: 0xfa
[  415.888015][ T5312] em28xx 5-1:0.0: I2S Audio (3 sample rate(s))
[  415.890762][ T5312] em28xx 5-1:0.0: No AC97 audio processor
[  416.294484][ T5312] usb 5-1: USB disconnect, device number 14
[  416.579551][T17332] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4876'.
[  418.562991][T17411] bridge5: entered promiscuous mode
[  418.565304][T17411] bridge5: entered allmulticast mode
[  420.642379][ T6008] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  420.822118][ T6008] usb 5-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  420.830249][ T6008] usb 5-1: config 1 interface 0 has no altsetting 0
[  420.835299][ T6008] usb 5-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.40
[  420.838919][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.844336][ T6008] usb 5-1: Product: syz
[  420.846052][ T6008] usb 5-1: Manufacturer: syz
[  420.847939][ T6008] usb 5-1: SerialNumber: syz
[  421.061214][ T6008] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input19
[  421.070700][ T5279] bcm5974 5-1:1.0: could not read from device
[  421.080543][ T5279] bcm5974 5-1:1.0: could not read from device
[  421.088252][ T5279] bcm5974 5-1:1.0: could not read from device
[  421.090209][ T6008] usb 5-1: USB disconnect, device number 15
[  421.093916][ T5279] bcm5974 5-1:1.0: could not read from device
[  421.222708][   T33] audit: type=1326 audit(1755245929.526:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17506 comm="syz.2.4956" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbaf998ebe9 code=0x0
[  421.619629][T17527] netlink: 'syz.4.4965': attribute type 4 has an invalid length.
[  422.578098][T17568] loop4: detected capacity change from 0 to 1024
[  423.614021][T17594] loop4: detected capacity change from 0 to 131072
[  423.619874][T17596] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  423.622891][T17596] IPv6: NLM_F_CREATE should be set when creating new route
[  423.668812][T17594] F2FS-fs (loop4): Invalid log sectorsize (67108873)
[  423.671587][T17594] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  423.686490][T17594] F2FS-fs (loop4): invalid crc value
[  423.902083][T17594] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  423.909560][T17594] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  423.912689][T17594] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  424.287056][T17614] netlink: 'syz.2.5004': attribute type 7 has an invalid length.
[  424.299438][T17614] : entered promiscuous mode
[  424.420120][T17624] netlink: 'syz.2.5008': attribute type 12 has an invalid length.
[  424.422902][T17624] netlink: 120 bytes leftover after parsing attributes in process `syz.2.5008'.
[  424.423448][T17622] loop4: detected capacity change from 0 to 2048
[  424.433993][T17622] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  425.086785][T17639] loop4: detected capacity change from 0 to 4096
[  425.495854][T17664] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5027'.
[  425.654186][T17652] loop4: detected capacity change from 0 to 32768
[  425.666245][T17652] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  425.691487][T17652] XFS (loop4): Ending clean mount
[  425.770340][T13819] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  427.212387][T17714] loop4: detected capacity change from 0 to 32768
[  427.215552][T17714] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section journal_v2: journal bucket at sector 0
[  427.215552][T17714] journal_v2 (size 40):
[  427.215552][T17714] Buckets:  0-7 24-25
[  427.215552][T17714] 
[  427.225190][T17714] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  427.409288][T17741] netlink: 5348 bytes leftover after parsing attributes in process `syz.4.5059'.
[  427.591562][T17758] ip6erspan0: entered promiscuous mode
[  427.740230][ T6008] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  427.890276][ T6008] usb 5-1: Using ep0 maxpacket: 8
[  427.894648][ T6008] usb 5-1: config 8 has an invalid interface number: 125 but max is 0
[  427.898427][ T6008] usb 5-1: config 8 has no interface number 0
[  427.903620][ T6008] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=26.ec
[  427.910572][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.913802][ T6008] usb 5-1: Product: syz
[  427.915454][ T6008] usb 5-1: Manufacturer: syz
[  427.917254][ T6008] usb 5-1: SerialNumber: syz
[  427.933483][ T6008] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[  428.134479][ T6008] gspca_m5602: Failed to find a sensor
[  428.136355][ T6008] ALi m5602 5-1:8.125: ALi m5602 webcam failed
[  428.139584][ T6008] usb 5-1: USB disconnect, device number 16
[  428.932822][T17804] loop4: detected capacity change from 0 to 256
[  428.963931][T17804] FAT-fs (loop4): Directory bread(block 64) failed
[  428.970038][T17804] FAT-fs (loop4): Directory bread(block 65) failed
[  428.976839][T17804] FAT-fs (loop4): Directory bread(block 66) failed
[  428.979410][T17804] FAT-fs (loop4): Directory bread(block 67) failed
[  428.990048][T17804] FAT-fs (loop4): Directory bread(block 68) failed
[  429.000444][T17804] FAT-fs (loop4): Directory bread(block 69) failed
[  429.003180][T17804] FAT-fs (loop4): Directory bread(block 70) failed
[  429.005807][T17804] FAT-fs (loop4): Directory bread(block 71) failed
[  429.008918][T17804] FAT-fs (loop4): Directory bread(block 72) failed
[  429.020310][T17804] FAT-fs (loop4): Directory bread(block 73) failed
[  429.409735][T17819] loop4: detected capacity change from 0 to 32768
[  429.417335][T17819] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5097 (17819)
[  429.426375][T17819] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  429.433442][T17819] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  429.437000][T17819] BTRFS info (device loop4): disk space caching is enabled
[  429.440461][T17819] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  429.560867][T17819] BTRFS info (device loop4): rebuilding free space tree
[  429.569197][T17819] BTRFS info (device loop4): disabling free space tree
[  429.572279][T17819] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  429.575458][T17819] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  429.624361][T13819] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  429.772790][T17842] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5102'.
[  430.062671][   T33] audit: type=1326 audit(1755245938.366:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17864 comm="syz.4.5109" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23e298ebe9 code=0x0
[  430.302471][T17891] loop4: detected capacity change from 0 to 256
[  430.306907][T17891] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  430.313366][T17891] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  430.316925][T17891] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  430.319619][T17891] UDF-fs: Scanning with blocksize 512 failed
[  430.325232][T17891] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  430.331167][T17891] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  430.343749][   T33] audit: type=1800 audit(1755245938.646:251): pid=17891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5120" name="file2" dev="loop4" ino=66 res=0 errno=0
[  430.363220][T17889] UDF-fs: error (device loop4): udf_truncate_tail_extent: Extent after EOF in inode 66
[  430.509331][T17907] QAT: failed to copy from user.
[  430.654002][T17916] loop4: detected capacity change from 0 to 128
[  430.834910][T17926] loop4: detected capacity change from 0 to 512
[  430.838879][T17926] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  430.850428][T17926] EXT4-fs (loop4): 1 truncate cleaned up
[  430.854051][T17926] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.214079][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.310914][T17938] netlink: 'syz.4.5142': attribute type 15 has an invalid length.
[  431.934299][T17957] netlink: 'syz.2.5150': attribute type 1 has an invalid length.
[  431.937503][T17957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5150'.
[  432.415067][T17983] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5161'.
[  432.564215][T17997] loop4: detected capacity change from 0 to 512
[  432.576774][T17997] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  432.582981][T17997] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[  432.587440][T17997] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.5168: Corrupt directory, running e2fsck is recommended
[  432.595426][T17997] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  432.599050][T17997] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.5168: corrupted in-inode xattr: invalid ea_ino
[  432.605501][T17997] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.5168: couldn't read orphan inode 15 (err -117)
[  432.612524][T17997] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.634320][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.683111][T18005] loop4: detected capacity change from 0 to 512
[  432.687061][T18005] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  432.708566][T18005] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.716361][T18005] ext4 filesystem being mounted at /451/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  432.743539][T18005] EXT4-fs (loop4): resizing filesystem from 256 to 1 blocks
[  432.746544][T18005] EXT4-fs warning (device loop4): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  432.796047][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.133202][T18048] overlayfs: failed to clone upperpath
[  434.170411][T18052] rdma_op ffff8880236a91f0 conn xmit_rdma 0000000000000000
[  434.814543][T18097] geneve4: entered promiscuous mode
[  434.816501][T18097] geneve4: entered allmulticast mode
[  434.912961][T18101] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  434.941554][T18104] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5215'.
[  434.944740][ T5312] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  435.112454][ T5312] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  435.116079][ T5312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.126453][ T5312] usb 5-1: config 0 descriptor??
[  435.547922][ T5312] ath6kl: Failed to submit usb control message: -71
[  435.550942][ T5312] ath6kl: unable to send the bmi data to the device: -71
[  435.553549][ T5312] ath6kl: Unable to send get target info: -71
[  435.573449][ T5312] ath6kl: Failed to init ath6kl core: -71
[  435.576780][ T5312] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  435.598743][ T5312] usb 5-1: USB disconnect, device number 17
[  436.417619][T18133] loop4: detected capacity change from 0 to 65536
[  436.530503][T18133] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  436.573730][T18133] XFS (loop4): Ending clean mount
[  436.924787][T18159] XFS (loop4): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  436.929501][T18159] XFS (loop4): Unmount and run xfs_repair
[  436.931562][T18159] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  436.933933][T18159] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  436.936760][T18159] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  436.939452][T18159] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  436.942217][T18159] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  436.944877][T18159] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  436.947484][T18159] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  436.950880][T18159] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  436.953478][T18159] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  436.956078][T18159] XFS (loop4): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  436.989193][T18159] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  436.994458][T18159] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  437.195388][T13819] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  437.816543][T18170] loop4: detected capacity change from 0 to 32768
[  437.829223][T18170] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  437.851280][T18170] XFS (loop4): Ending clean mount
[  437.858840][T18170] XFS (loop4): Quotacheck needed: Please wait.
[  437.901686][T18170] XFS (loop4): Quotacheck: Done.
[  437.934296][T13819] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  438.373526][T18214] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  438.403336][T18214] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  438.717332][T18234] veth3: entered promiscuous mode
[  438.790077][ T6008] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  438.831620][ T5950] Bluetooth: hci2: unexpected event for opcode 0x0c5a
[  438.934064][T18241] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5269'.
[  438.940081][ T6008] usb 5-1: Using ep0 maxpacket: 8
[  438.947397][ T6008] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  438.954712][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.957813][ T6008] usb 5-1: Product: syz
[  438.959437][ T6008] usb 5-1: Manufacturer: syz
[  438.964859][ T6008] usb 5-1: SerialNumber: syz
[  438.972423][ T6008] usb 5-1: config 0 descriptor??
[  438.977895][ T6008] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244)
[  439.056692][T18245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.597767][ T6008] radio-usb-si4713 5-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  439.606644][ T6008] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  439.615719][ T6008] usb 5-1: USB disconnect, device number 18
[  439.795287][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  439.797359][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  441.220201][T18416] ./file0: Can't open blockdev
[  441.460174][ T6008] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  441.751034][ T6008] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  441.759391][ T6008] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  441.767532][ T6008] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  441.775259][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.785252][ T6008] usb 5-1: config 0 descriptor??
[  442.060671][ T6008] ath6kl: Failed to submit usb control message: -71
[  442.064378][ T6008] ath6kl: unable to send the bmi data to the device: -71
[  442.067286][ T6008] ath6kl: Unable to send get target info: -71
[  442.073721][ T6008] ath6kl: Failed to init ath6kl core: -71
[  442.076961][ T6008] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  442.083010][ T6008] usb 5-1: USB disconnect, device number 19
[  442.604749][T18442] netlink: 'syz.1.5304': attribute type 8 has an invalid length.
[  442.828972][T18456] input: syz1 as /devices/virtual/input/input20
[  443.803690][T18489] loop4: detected capacity change from 0 to 512
[  443.824709][T18489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.831264][T18489] ext4 filesystem being mounted at /478/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  443.850456][T18489] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 7: comm syz.4.5326: lblock 12 mapped to illegal pblock 7 (length 22)
[  443.855407][T18489] EXT4-fs (loop4): Remounting filesystem read-only
[  443.870337][T13819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.969575][ T6008] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[  443.974224][ T6008] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  444.225590][T18508] sctp: [Deprecated]: syz.4.5334 (pid 18508) Use of int in maxseg socket option.
[  444.225590][T18508] Use struct sctp_assoc_value instead
[  444.574160][T18513] loop4: detected capacity change from 0 to 32768
[  444.579309][T18513] 
[  444.579309][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.579309][T18513] 
[  444.594814][T18513] 
[  444.594814][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.594814][T18513] 
[  444.599520][T18513] 
[  444.599520][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.599520][T18513] 
[  444.613797][T18513] 
[  444.613797][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.613797][T18513] 
[  444.618043][T18513] 
[  444.618043][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.618043][T18513] 
[  444.623901][T18513] 
[  444.623901][T18513]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.623901][T18513] 
[  444.642611][  T115] 
[  444.642611][  T115]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.642611][  T115] 
[  444.660244][T13819] 
[  444.660244][T13819]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.660244][T13819] 
[  444.670523][T13819] 
[  444.670523][T13819]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  444.670523][T13819] 
[  444.788640][T18521] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  444.804650][T18521] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  445.029464][T18537] loop4: detected capacity change from 0 to 256
[  446.528122][T18577] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5363'.
[  446.908347][T18587] netlink: 'syz.2.5367': attribute type 10 has an invalid length.
[  446.914120][T18587] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  447.134639][T18597] netlink: 'syz.4.5366': attribute type 1 has an invalid length.
[  447.591247][T18611] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5378'.
[  447.631184][T18611] vlan3: entered allmulticast mode
[  447.633407][T18611] bond5: entered allmulticast mode
[  448.671050][T18639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5391'.
[  448.861176][T18656] IPv6: sit1: Disabled Multicast RS
[  451.349036][T18757] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5442'.
[  451.518540][   T33] audit: type=1326 audit(1755245959.816:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.531138][   T33] audit: type=1326 audit(1755245959.826:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.546283][   T33] audit: type=1326 audit(1755245959.846:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.559111][   T33] audit: type=1326 audit(1755245959.846:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.576518][   T33] audit: type=1326 audit(1755245959.846:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.584553][   T33] audit: type=1326 audit(1755245959.846:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.591747][   T33] audit: type=1326 audit(1755245959.846:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18769 comm="syz.2.5448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbaf998ebe9 code=0x7ffc0000
[  451.773927][T18786] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  451.784414][T18786] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  452.211403][T18817] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5470'.
[  452.214528][T18817] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5470'.
[  452.377205][T18830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5473'.
[  452.508222][T18840] random: crng reseeded on system resumption
[  453.194308][T18850] overlayfs: missing 'lowerdir'
[  453.546329][T18857] loop4: detected capacity change from 0 to 2048
[  453.874586][T18877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5490'.
[  454.380135][ T5312] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  454.530358][ T5312] usb 5-1: Using ep0 maxpacket: 8
[  454.535331][ T5312] usb 5-1: unable to get BOS descriptor or descriptor too short
[  454.543626][ T5312] usb 5-1: config 3 has an invalid interface number: 35 but max is 0
[  454.550359][ T5312] usb 5-1: config 3 has no interface number 0
[  454.552888][ T5312] usb 5-1: config 3 interface 35 altsetting 128 bulk endpoint 0x5 has invalid maxpacket 1024
[  454.569497][ T5312] usb 5-1: config 3 interface 35 has no altsetting 0
[  454.575247][ T5312] usb 5-1: New USB device found, idVendor=07b4, idProduct=0f02, bcdDevice=57.12
[  454.578809][ T5312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.584232][ T5312] usb 5-1: Product: syz
[  454.586259][ T5312] usb 5-1: Manufacturer: syz
[  454.588140][ T5312] usb 5-1: SerialNumber: syz
[  454.598919][T18900] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  454.812270][ T5312] usb 5-1: bad CDC descriptors
[  454.831856][ T5312] usb 5-1: USB disconnect, device number 20
[  456.335801][T18970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5533'.
[  458.339649][T19022] loop4: detected capacity change from 0 to 256
[  458.345340][   T33] audit: type=1800 audit(1755245966.646:259): pid=19022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5555" name="file1" dev="loop4" ino=1048670 res=0 errno=0
[  458.354020][T19022] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  458.360252][T19022] FAT-fs (loop4): Filesystem has been set read-only
[  458.372755][T19022] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  458.390237][T19022] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  458.394443][T19022] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  458.682917][T19030] loop4: detected capacity change from 0 to 32768
[  458.685767][T19030] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5558 (19030)
[  458.693820][T19030] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  458.697571][T19030] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  458.701177][T19030] BTRFS info (device loop4): using free-space-tree
[  458.824526][T13819] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  459.513728][T19072] loop4: detected capacity change from 0 to 128
[  459.525214][T19074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5571'.
[  459.528903][T19074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5571'.
[  460.094956][T19086] netlink: 'syz.2.5576': attribute type 1 has an invalid length.
[  460.219181][T19092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5579'.
[  461.136976][T19130] loop4: detected capacity change from 0 to 1024
[  461.160895][T19130] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  461.164356][T19130] EXT4-fs (loop4): group descriptors corrupted!
[  461.321632][T19130] tmpfs: Bad value for 'mpol'
[  462.538078][T19152] loop4: detected capacity change from 0 to 2048
[  462.584194][T19156] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  462.670547][T19152] loop4: detected capacity change from 2048 to 64
[  462.678065][T19160] syz.4.5604: attempt to access beyond end of device
[  462.678065][T19160] loop4: rw=0, sector=132, nr_sectors = 4 limit=64
[  462.686419][T19160] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=0)
[  462.797339][T13819] syz-executor: attempt to access beyond end of device
[  462.797339][T13819] loop4: rw=0, sector=148, nr_sectors = 4 limit=64
[  462.810991][T13819] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=130)
[  462.814709][T13819] syz-executor: attempt to access beyond end of device
[  462.814709][T13819] loop4: rw=0, sector=148, nr_sectors = 4 limit=64
[  462.819099][T13819] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=130)
[  462.830044][T13819] NILFS error (device loop4): nilfs_readdir: bad page in #12
[  462.833694][T13819] syz-executor: attempt to access beyond end of device
[  462.833694][T13819] loop4: rw=395265, sector=2040, nr_sectors = 4 limit=64
[  462.843475][T13819] buffer_io_error: 4334 callbacks suppressed
[  462.843486][T13819] Buffer I/O error on dev loop4, logical block 510, lost sync page write
[  462.848485][T13819] NILFS (loop4): unable to write superblock: err=-5
[  462.854780][T13819] Remounting filesystem read-only
[  462.867223][T13819] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  463.130624][T19190] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5622'.
[  463.153870][   T10] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  463.333458][   T10] usb 5-1: config 0 has an invalid interface number: 133 but max is 0
[  463.336809][   T10] usb 5-1: config 0 has no interface number 0
[  463.339127][   T10] usb 5-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  463.346198][   T10] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  463.349546][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.352551][   T10] usb 5-1: Product: syz
[  463.354293][   T10] usb 5-1: Manufacturer: syz
[  463.356008][   T10] usb 5-1: SerialNumber: syz
[  463.359832][   T10] usb 5-1: config 0 descriptor??
[  463.574118][   T10] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected
[  463.578243][   T10] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81
[  463.583450][   T10] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1
[  463.586470][   T10] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2
[  463.593555][   T10] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  463.603265][   T10] usb 5-1: USB disconnect, device number 21
[  463.608780][   T10] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  463.613715][   T10] keyspan 5-1:0.133: device disconnected
[  464.175045][T19223] ==================================================================
[  464.178237][T19223] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  464.181270][T19223] Read of size 4 at addr ffff8881109a7244 by task syz.2.5638/19223
[  464.184109][T19223] 
[  464.185323][T19223] CPU: 1 UID: 0 PID: 19223 Comm: syz.2.5638 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  464.185336][T19223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  464.185343][T19223] Call Trace:
[  464.185348][T19223]  <TASK>
[  464.185354][T19223]  dump_stack_lvl+0x189/0x250
[  464.185368][T19223]  ? __kasan_check_byte+0x12/0x40
[  464.185382][T19223]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.185391][T19223]  ? lock_release+0x4b/0x3e0
[  464.185408][T19223]  ? __virt_addr_valid+0x4a5/0x5c0
[  464.185419][T19223]  print_report+0xca/0x240
[  464.185427][T19223]  ? xfrm_alloc_spi+0x570/0xf30
[  464.185436][T19223]  kasan_report+0x118/0x150
[  464.185446][T19223]  ? xfrm_alloc_spi+0x570/0xf30
[  464.185456][T19223]  xfrm_alloc_spi+0x570/0xf30
[  464.185465][T19223]  ? xfrm_alloc_spi+0x2a0/0xf30
[  464.185476][T19223]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  464.185484][T19223]  ? xfrm_find_acq+0x87/0xa0
[  464.185493][T19223]  xfrm_alloc_userspi+0x70b/0xc90
[  464.185505][T19223]  ? apparmor_capable+0x137/0x1b0
[  464.185514][T19223]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  464.185524][T19223]  ? __nla_parse+0x40/0x60
[  464.185536][T19223]  xfrm_user_rcv_msg+0x7a3/0xab0
[  464.185548][T19223]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  464.185563][T19223]  ? __pfx___mutex_trylock_common+0x10/0x10
[  464.185572][T19223]  ? rcu_is_watching+0x15/0xb0
[  464.185580][T19223]  ? trace_contention_end+0x39/0x120
[  464.185588][T19223]  ? __mutex_lock+0x335/0x1360
[  464.185601][T19223]  netlink_rcv_skb+0x208/0x470
[  464.185613][T19223]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  464.185622][T19223]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  464.185635][T19223]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.185645][T19223]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.185656][T19223]  xfrm_netlink_rcv+0x79/0x90
[  464.185664][T19223]  netlink_unicast+0x82f/0x9e0
[  464.185675][T19223]  ? __pfx_netlink_unicast+0x10/0x10
[  464.185685][T19223]  ? netlink_sendmsg+0x642/0xb30
[  464.185696][T19223]  ? skb_put+0x11b/0x210
[  464.185703][T19223]  netlink_sendmsg+0x805/0xb30
[  464.185716][T19223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.185727][T19223]  ? aa_sock_msg_perm+0xf1/0x1d0
[  464.185734][T19223]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  464.185743][T19223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.185754][T19223]  __sock_sendmsg+0x21c/0x270
[  464.185765][T19223]  ____sys_sendmsg+0x505/0x830
[  464.185774][T19223]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.185783][T19223]  ? import_iovec+0x74/0xa0
[  464.185792][T19223]  ___sys_sendmsg+0x21f/0x2a0
[  464.185800][T19223]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.186033][T19223]  ? __fget_files+0x2a/0x420
[  464.186041][T19223]  ? __fget_files+0x3a0/0x420
[  464.186050][T19223]  __x64_sys_sendmsg+0x19b/0x260
[  464.186059][T19223]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  464.186070][T19223]  ? rcu_is_watching+0x15/0xb0
[  464.186078][T19223]  ? do_syscall_64+0xbe/0x3b0
[  464.186091][T19223]  do_syscall_64+0xfa/0x3b0
[  464.186101][T19223]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.186112][T19223]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.186120][T19223]  ? exc_page_fault+0x9f/0xf0
[  464.186154][T19223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.186163][T19223] RIP: 0033:0x7fbaf998ebe9
[  464.186172][T19223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.186179][T19223] RSP: 002b:00007fbafa84c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.186189][T19223] RAX: ffffffffffffffda RBX: 00007fbaf9bb5fa0 RCX: 00007fbaf998ebe9
[  464.186195][T19223] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000003
[  464.186200][T19223] RBP: 00007fbaf9a11e19 R08: 0000000000000000 R09: 0000000000000000
[  464.186205][T19223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.186210][T19223] R13: 00007fbaf9bb6038 R14: 00007fbaf9bb5fa0 R15: 00007ffc297f3868
[  464.186220][T19223]  </TASK>
[  464.186223][T19223] 
[  464.320780][T19223] Allocated by task 13894:
[  464.322355][T19223]  kasan_save_track+0x3e/0x80
[  464.323808][T19223]  __kasan_slab_alloc+0x6c/0x80
[  464.325354][T19223]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  464.327042][T19223]  xfrm_state_alloc+0x24/0x2f0
[  464.328548][T19223]  xfrm_state_find+0x37d4/0x5400
[  464.330141][T19223]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  464.331999][T19223]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  464.333574][T19223]  xfrm_lookup_route+0x3c/0x1c0
[  464.335104][T19223]  rawv6_sendmsg+0xdab/0x1820
[  464.336653][T19223]  __sock_sendmsg+0x19c/0x270
[  464.338168][T19223]  ____sys_sendmsg+0x52d/0x830
[  464.339724][T19223]  ___sys_sendmsg+0x21f/0x2a0
[  464.341510][T19223]  __sys_sendmmsg+0x227/0x430
[  464.343281][T19223]  __x64_sys_sendmmsg+0xa0/0xc0
[  464.344872][T19223]  do_syscall_64+0xfa/0x3b0
[  464.346528][T19223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.348612][T19223] 
[  464.349429][T19223] Freed by task 5312:
[  464.350870][T19223]  kasan_save_track+0x3e/0x80
[  464.352496][T19223]  kasan_save_free_info+0x46/0x50
[  464.354362][T19223]  __kasan_slab_free+0x5b/0x80
[  464.356135][T19223]  kmem_cache_free+0x18f/0x400
[  464.357767][T19223]  xfrm_state_gc_task+0x52d/0x6b0
[  464.359292][T19223]  process_scheduled_works+0xae1/0x17b0
[  464.361162][T19223]  worker_thread+0x8a0/0xda0
[  464.362759][T19223]  kthread+0x711/0x8a0
[  464.364264][T19223]  ret_from_fork+0x3fc/0x770
[  464.365957][T19223]  ret_from_fork_asm+0x1a/0x30
[  464.367453][T19223] 
[  464.368240][T19223] The buggy address belongs to the object at ffff8881109a7180
[  464.368240][T19223]  which belongs to the cache xfrm_state of size 928
[  464.372799][T19223] The buggy address is located 196 bytes inside of
[  464.372799][T19223]  freed 928-byte region [ffff8881109a7180, ffff8881109a7520)
[  464.377773][T19223] 
[  464.378710][T19223] The buggy address belongs to the physical page:
[  464.381018][T19223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881109a4480 pfn:0x1109a4
[  464.384938][T19223] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  464.387881][T19223] flags: 0x57ff00000000240(workingset|head|node=1|zone=2|lastcpupid=0x7ff)
[  464.390607][T19223] page_type: f5(slab)
[  464.391971][T19223] raw: 057ff00000000240 ffff888104f4b780 ffff8881051ac288 ffffea000448c010
[  464.395088][T19223] raw: ffff8881109a4480 00000000000e0001 00000000f5000000 0000000000000000
[  464.398222][T19223] head: 057ff00000000240 ffff888104f4b780 ffff8881051ac288 ffffea000448c010
[  464.401399][T19223] head: ffff8881109a4480 00000000000e0001 00000000f5000000 0000000000000000
[  464.404622][T19223] head: 057ff00000000002 ffffea0004426901 00000000ffffffff 00000000ffffffff
[  464.407849][T19223] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  464.411059][T19223] page dumped because: kasan: bad access detected
[  464.413305][T19223] page_owner tracks the page as allocated
[  464.415556][T19223] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8038, tgid 8031 (syz.2.900), ts 143433932859, free_ts 143147976083
[  464.423049][T19223]  post_alloc_hook+0x240/0x2a0
[  464.424987][T19223]  get_page_from_freelist+0x21e4/0x22c0
[  464.427194][T19223]  __alloc_frozen_pages_noprof+0x181/0x370
[  464.429545][T19223]  alloc_pages_mpol+0x232/0x4a0
[  464.431512][T19223]  allocate_slab+0x8a/0x370
[  464.433335][T19223]  ___slab_alloc+0xbeb/0x1410
[  464.435239][T19223]  kmem_cache_alloc_noprof+0x283/0x3c0
[  464.437432][T19223]  xfrm_state_alloc+0x24/0x2f0
[  464.439379][T19223]  pfkey_add+0x6e4/0x2e00
[  464.441044][T19223]  pfkey_sendmsg+0xbfe/0x1090
[  464.442843][T19223]  __sock_sendmsg+0x21c/0x270
[  464.444696][T19223]  ____sys_sendmsg+0x505/0x830
[  464.446644][T19223]  ___sys_sendmsg+0x21f/0x2a0
[  464.448508][T19223]  __x64_sys_sendmsg+0x19b/0x260
[  464.450384][T19223]  do_syscall_64+0xfa/0x3b0
[  464.452135][T19223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.454449][T19223] page last free pid 8031 tgid 8031 stack trace:
[  464.456883][T19223]  __free_frozen_pages+0xbc4/0xd30
[  464.458818][T19223]  __slab_free+0x303/0x3c0
[  464.460646][T19223]  qlist_free_all+0x97/0x140
[  464.462431][T19223]  kasan_quarantine_reduce+0x148/0x160
[  464.464498][T19223]  __kasan_slab_alloc+0x22/0x80
[  464.466410][T19223]  __kmalloc_noprof+0x224/0x4f0
[  464.468364][T19223]  tomoyo_encode+0x28b/0x550
[  464.470226][T19223]  tomoyo_path_perm+0x2b3/0x4b0
[  464.472070][T19223]  tomoyo_path_symlink+0xa3/0xe0
[  464.473982][T19223]  security_path_symlink+0x177/0x380
[  464.475974][T19223]  do_symlinkat+0x107/0x3f0
[  464.477708][T19223]  __x64_sys_symlinkat+0x95/0xb0
[  464.479610][T19223]  do_syscall_64+0xfa/0x3b0
[  464.481405][T19223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.483731][T19223] 
[  464.484702][T19223] Memory state around the buggy address:
[  464.486942][T19223]  ffff8881109a7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  464.489905][T19223]  ffff8881109a7180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.492865][T19223] >ffff8881109a7200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.495458][T19223]                                            ^
[  464.497216][T19223]  ffff8881109a7280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.499588][T19223]  ffff8881109a7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.501901][T19223] ==================================================================
[  464.504860][T19223] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  464.507646][T19223] CPU: 1 UID: 0 PID: 19223 Comm: syz.2.5638 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  464.512079][T19223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  464.515734][T19223] Call Trace:
[  464.517012][T19223]  <TASK>
[  464.518203][T19223]  dump_stack_lvl+0x99/0x250
[  464.520043][T19223]  ? __asan_memcpy+0x40/0x70
[  464.521883][T19223]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.523509][T19223]  ? __pfx__printk+0x10/0x10
[  464.525056][T19223]  vpanic+0x281/0x750
[  464.526399][T19223]  ? __pfx_vpanic+0x10/0x10
[  464.527805][T19223]  ? irqentry_exit+0x74/0x90
[  464.529519][T19223]  panic+0xb9/0xc0
[  464.530839][T19223]  ? __pfx_panic+0x10/0x10
[  464.532325][T19223]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  464.534317][T19223]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  464.536521][T19223]  ? xfrm_alloc_spi+0x570/0xf30
[  464.538374][T19223]  check_panic_on_warn+0x89/0xb0
[  464.540164][T19223]  ? xfrm_alloc_spi+0x570/0xf30
[  464.541776][T19223]  end_report+0x78/0x160
[  464.543374][T19223]  kasan_report+0x129/0x150
[  464.545035][T19223]  ? xfrm_alloc_spi+0x570/0xf30
[  464.546894][T19223]  xfrm_alloc_spi+0x570/0xf30
[  464.548722][T19223]  ? xfrm_alloc_spi+0x2a0/0xf30
[  464.550556][T19223]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  464.552587][T19223]  ? xfrm_find_acq+0x87/0xa0
[  464.554336][T19223]  xfrm_alloc_userspi+0x70b/0xc90
[  464.556231][T19223]  ? apparmor_capable+0x137/0x1b0
[  464.558214][T19223]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  464.560313][T19223]  ? __nla_parse+0x40/0x60
[  464.562144][T19223]  xfrm_user_rcv_msg+0x7a3/0xab0
[  464.564160][T19223]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  464.566349][T19223]  ? __pfx___mutex_trylock_common+0x10/0x10
[  464.568697][T19223]  ? rcu_is_watching+0x15/0xb0
[  464.570610][T19223]  ? trace_contention_end+0x39/0x120
[  464.572701][T19223]  ? __mutex_lock+0x335/0x1360
[  464.574596][T19223]  netlink_rcv_skb+0x208/0x470
[  464.576530][T19223]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  464.578710][T19223]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  464.580751][T19223]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.582796][T19223]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.584862][T19223]  xfrm_netlink_rcv+0x79/0x90
[  464.586746][T19223]  netlink_unicast+0x82f/0x9e0
[  464.588604][T19223]  ? __pfx_netlink_unicast+0x10/0x10
[  464.590660][T19223]  ? netlink_sendmsg+0x642/0xb30
[  464.592623][T19223]  ? skb_put+0x11b/0x210
[  464.594314][T19223]  netlink_sendmsg+0x805/0xb30
[  464.596247][T19223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.598356][T19223]  ? aa_sock_msg_perm+0xf1/0x1d0
[  464.600329][T19223]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  464.602401][T19223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.604570][T19223]  __sock_sendmsg+0x21c/0x270
[  464.606504][T19223]  ____sys_sendmsg+0x505/0x830
[  464.608468][T19223]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.610586][T19223]  ? import_iovec+0x74/0xa0
[  464.612373][T19223]  ___sys_sendmsg+0x21f/0x2a0
[  464.614279][T19223]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.616407][T19223]  ? __fget_files+0x2a/0x420
[  464.618303][T19223]  ? __fget_files+0x3a0/0x420
[  464.620237][T19223]  __x64_sys_sendmsg+0x19b/0x260
[  464.622235][T19223]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  464.624400][T19223]  ? rcu_is_watching+0x15/0xb0
[  464.626245][T19223]  ? do_syscall_64+0xbe/0x3b0
[  464.628114][T19223]  do_syscall_64+0xfa/0x3b0
[  464.629895][T19223]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.631934][T19223]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.634366][T19223]  ? exc_page_fault+0x9f/0xf0
[  464.636245][T19223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.638542][T19223] RIP: 0033:0x7fbaf998ebe9
[  464.640274][T19223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.647794][T19223] RSP: 002b:00007fbafa84c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.651117][T19223] RAX: ffffffffffffffda RBX: 00007fbaf9bb5fa0 RCX: 00007fbaf998ebe9
[  464.654178][T19223] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000003
[  464.657448][T19223] RBP: 00007fbaf9a11e19 R08: 0000000000000000 R09: 0000000000000000
[  464.660676][T19223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.663866][T19223] R13: 00007fbaf9bb6038 R14: 00007fbaf9bb5fa0 R15: 00007ffc297f3868
[  464.667045][T19223]  </TASK>
[  464.668909][T19223] Kernel Offset: disabled
[  464.670640][T19223] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:15:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000013 RBX=1ffff920000d5de8 RCX=c8497e557cf4d100 RDX=0000000000000008
RSI=ffffffff8dba6108 RDI=ffff8881012d0000 RBP=ffffc900006aefd0 RSP=ffffc900006aef40
R8 =0000000000000015 R9 =ffffffff8172c195 R10=ffffc900006aeef8 R11=ffffffff81ac3870
R12=dffffc0000000000 R13=ffff88801a497400 R14=dffffc0000000000 R15=ffffc900006aefe0
RIP=ffffffff81ac3839 RFL=00000092 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f23e3898d58 CR3=0000000035c18000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff820b7ae2 ffffffff820b7a62
XMM02=ffffffff82345cc2 ffffffff820b7ae2 XMM03=ffffffff820b7a62 ffffffff81688a1f
XMM04=00007fcb076ed100 00007fcb06b87460 XMM05=00007fcb06b87478 00007fcb06b874c0
XMM06=00007fcb06b874b8 00007fcb06b874b0 XMM07=00007fcb06b874a8 00007fcb06b874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fcb06a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff8b757630 RBX=0000000000000025 RCX=ffff8881083e8000 RDX=ffffc90023a6d000
RSI=000000000000ec1c RDI=000000000000ec1d RBP=ffffffff8da5c3f1 RSP=ffffc900031ee8e8
R8 =ffff8881083e8000 R9 =0000000000000002 R10=0000000000000025 R11=0000000000000002
R12=ffffffff8da5c3f1 R13=ffffc900031ee998 R14=0000000000000000 R15=ffffffff8da5c3f1
RIP=ffffffff81bfabda RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fbafa84c6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c3016ef CR3=000000010df26000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fbaf9b87498 00007fbaf9b87470 XMM03=00007fbaf9b874a8 00007fbaf9b874a0
XMM04=00007fbafa6ed100 00007fbaf9b87460 XMM05=00007fbaf9b87478 00007fbaf9b874c0
XMM06=00007fbaf9b874b8 00007fbaf9b874b0 XMM07=00007fbaf9b874a8 00007fbaf9b874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fbaf9a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
