last executing test programs:

3.862057863s ago: executing program 2 (id=1565):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280)={[{@dots}, {@fat=@fmask={'fmask', 0x3d, 0x8000}}, {@dots}, {}, {@fat=@flush}, {@fat=@showexec}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x5}}]}, 0x5, 0x21a, &(0x7f0000000700)="$eJzs3M1qY2UYB/DXfjfSj5WgG190o5tDrVcQpAUxoNRG1IVwSlMNiUnJCZqIi65deR3FpTtB5gZ6F7OaMjB01dVkaJO0aacdZtHmdCa/H4T3Cf8c8pyEhOcE3hx///evtb0s2UvbYWohhqkQDsJpCKtn1cA7g3XqvJ4Low7Cp2u/nfz17Q8/flUslTa2Ytwsbn++HmNc/vD/3//856NH7Xe/+3f5v/lwtPrT8bP1x0fvHb1//Hz7l2oWq1lsNNsxjTvNZjvdqVfibjWrJTF+U6+kWSVWG1mldSXfqzf397sxbewuFfZblSyLaaMba5VubDdju9WN6c9ptRGTJIlLhTDBFl7vYeXDra20eFPS691xR+Sm1Sqm0yGExZeS8mEuDQEAuTL/T7Lb53/eHmfzf2Hw+b3K/A8AAAAAAAAAAAAAAG+C015vpdfrrQzX4W1+sIl8eD/vPrkf3v/JNrJxbyGEpwedcqfcX/v55peljbV4bvXyqJNOpzx9kX/Wz+PVfDYUBvn6MJ8dzefCJx/387Psi69L145fDLvjeAEAAABgAiTxwo3X90lyW96vRn4fuHb9PhM+mBnbaQAAAACvkHX/qKX1eqU13uJJHk96b8Xcw2hDobi7Iu9vJgAA4K5dDv15dwIAAAAAAAAAAAAAAAAAAACTaxx/J5b3OQIAAAAAAAAAAAAAAAAAAAAAAMBD8SIAAP//bWTStA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000380), 0x1040c)

3.700677378s ago: executing program 2 (id=1567):
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x42040)
close(0x4)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x48085)

2.084911726s ago: executing program 0 (id=1594):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x3c, 0x24, 0xf0b, 0x70bd29, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7ab}]}, 0x3c}}, 0x0)

2.021406437s ago: executing program 0 (id=1595):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$hiddev(r2, 0x0, 0x0)
preadv(r2, 0x0, 0x0, 0x10000, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x13, &(0x7f0000000000)=[0x9, 0x4], 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)

1.103116082s ago: executing program 0 (id=1598):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000140)='./bus\x00', 0x1008040, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRESDEC], 0xd3, 0x599, &(0x7f0000000b80)="$eJzs3cFvHFcZAPDvTbzOOk3abRISQgqyBBJREZHjpA7giBLqWkKKqNXEOXDCxE5qdWNHdoqSqoIcEFz4Hzj1AhKqBFyQOMCVA9wQqsQJccWgShUgEjST2Z3djcEO6429ze8nJTs7882bNyPb0vfem/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj46qsXJ86k3a4FAAAAMEhfv/z6xGRP/j+2W5UBAAAABuKK/n8AAAAAAAAAGHYpsvh+pLhzaCMdLL4/VL+0vPLWnfmZ2c1PG0vFmfuK+Pxf/czk2XMvTZ3/Quvzf5+/007Ea5evXBx/ZfXmrbWl9fWlxfH5leVrq4tL2y6h3/N7vVg8gPGbb761eP36+vjk6bNdh+80/rL/mWON6S++evRSK3Z+Znb2ckfMSO3/vvojjPAAAAB4uo1GFucixZWTP02HIiKL/nPhLdoOBm0sGnn+XdzE/MxscSPN5YWV2/nBuVYi3OjOiUdbOfITyMX70og4nNd1VEYPAADA9tUii09FihP3N9KzEbGvlQd/rpgYcOsCGk+gkpsYiYgjEXEqhiBnBwAAgF22P7J4PVL8qtmI58q8usj/vxIxvduVAwAAAHbESGRxPlJ8ML2RGsV4gIh4cX5mdvzS1fGvrVxf7YidS2WP+rC/H/AkGZsAAADAHlCPLA4VPf4b6fnHPvsfDx48GEi1AAAAgB00Fln8M1J89uVvF/PKRTEv/XPTXzp4YbZzhrnjW5STx56OiJPbfCe/Vs41OJfmUsoeKe3ejtwcAAAAUKinLP4cKT78Y734fqrMzdPIbtcMAAAA2DEpi+9Fii/PbaTUsy79vo71/duG/d3/wdZ/rP7K6q27a8s33ri96fED9YvfWr+9tnBt88MP1y7sGg6x1TqGAAAAsA21lMXfI8Vvm++1885yDYByBECVaL57ocpN66nnaNFu8GzRbtB+h+CZycnO7U1T1seYH69RXndf/7cNAAAAT5WUshiNFJ/5zcfLtf8PxCN90GXc7yLFhdUXyrhsNBrVXPqN4v/69eXm0kQeOxMpft5sxUYeG/vL2CNV7Jk89td5uQvdsfUy9mgRGnnsZB57P1K8sbZ57Meqcs/msWuR4ic/Gm/FHshjD5axx6rY09dWm4sDe8AAAACwB9RSFr+IFD/813j7lf/u/v+qt/3dd6r+/kcm6Psvff799v83OvbdK9sh9pftFSNbtFe8FilOPP9C636KtoLWsIKHax1U7RV/ixRr3+iOHS1jD1exZ7b9YAEAAGAPaY3///3VX7aH3Jc5cPl18/z/E73zAw4o/+9ckzC/5vrdt99caDaX1oZp47sR0bUn7ZGK2XisjfyHcA9UY2c2yl+qe3ulPv1u9PVnEAAAngp5/n81Utz54P12f3eZ/5dD5av8/8PvVPn/dG9BA8r/D3fsmy7nG6iNRNRv37xVOx5RX7/79ueXby7cWLqxtHJ26qWpiamp8+cma6Otzv1qq+9nBQAAAMMqz/8nIsVff/Dj9vv52+n/P9Bb0IDy/yMd+/JrVp1++Z4/9Xv7AAAA8FTI8/+fRYo/nHyvPY9ed/7fMf//O9V79qc+/XC0QLt1YED5/9GOfY3iulFNOggAAAAAAAAAAAAAAAAAAAAfEbWUxb8jxfv1kVRO+L+t+f8Wewsa0Pv/xzr2LcaTWf+v74cKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQyqLLJYjxSePb6SX8x3fjDjY+QkAAAAMvf8EAAD//1T3HVY=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

1.102922553s ago: executing program 0 (id=1599):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_GET_CHILD_SUBREAPER(0x25)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x101, 0x0)
write$vga_arbiter(r3, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4)
write(r5, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, &(0x7f0000000040)=0x1, 0x4)
recvmmsg(r5, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/75, 0x4b}, 0x1}, {{0x0, 0x0, 0xfffffffffffffffe}, 0x4}], 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x2040600)
unshare(0x2000400)
fsmount(0xffffffffffffffff, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

418.489981ms ago: executing program 2 (id=1601):
add_key$fscrypt_v1(&(0x7f0000005440), 0xffffffffffffffff, 0x0, 0x0, 0x0)

418.371095ms ago: executing program 2 (id=1602):
syz_mount_image$fuse(0xfffffffffffffffe, &(0x7f0000000000)='./file0\x00', 0x8000d4, 0x0, 0x0, 0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000080)={0x10}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x6)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081c11, 0x0, 0x1, 0x0, &(0x7f0000000080))
rename(&(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)='./bus/file0\x00')

363.931105ms ago: executing program 1 (id=1603):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="636865636b3d7374726963742c6e6f646f74732c6e6f646f74732c6e6f646f74732c6e6f646f74732c007db9b87a3b22e5cdbfd3408bf7f26c6f9e2e5a33a3de79757cd012da0fa08b018021308de4ff8e18c85136d66ca70f9e0202d9f4ae6ea8be44247a411f017b3641e72534ed28887e107245165398cb2190b1c94e503b949600a547d22bd1f5389f7d4c9888f5cf2358d4258a2647e5563c5bf7447ab02ee8751259a8c6ee852e305393a69052893580c4820d1ce2dcfccf9b1f8250ea0de206b8ef12366ebe20bc74087f57f579b70bd08afcf902e41a55b58f624e5ce5a03cf74baddfb64769c330584e79449ff96c074b0065a305dd039b056c50c00d1d6a"], 0x1, 0x241, &(0x7f0000002000)="$eJzs3c9qE1EUB+Bjm7QhG7sWFwNuXBX1DYJUEAeESBa6cqC6aUWYbkZX8xg+g4/kY2TV3chkouk/3Wh7O53vg5BDfhk4N4TcLO5J3j/8dHT4+eRj8+NbTCZZjCLqOI3Yi63Yjs699f3Wqt6Js+oAAPpmPi9mqXvgepXlrBhHxO6lZPE9SUMAAAAAAAAAAAD8M+f/AWB4nP+/+8pyVkzX39/Oc/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASOe0ae43f7ml7g8A+P/s/wAwPPZ/ABge+z8ADM+bt+9ezfL8YJ5lk4hlXTXto8u6WkRMI+LFy/zgSbayt7lqWVWL7VXV5k+7PDufj39f/+zKfCceP+ryNnv+Or+Q78bhTbwAAAAAAAAAAAAAAAAAAAAAcAvsr2fzx3+Y79//9YRLeVed+X2AC/P7o3gwurFlAAAAAAAAAAAAAAAAAAAAQK+dfPl6VBwffygVil4W7bv4FrTR62J6RZT6kwkAAAAAAAAAAAAAAAAAAIZnM/SbuhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASGfz///XV6ReIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMPwMAAP//91yRpw==")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002840)={&(0x7f0000002700)=ANY=[], &(0x7f0000000000)=""/142, 0x3b, 0x8e, 0x1, 0x10}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

361.793908ms ago: executing program 2 (id=1604):
r0 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
pread64(r0, &(0x7f0000000100)=""/253, 0xfd, 0xadc)

299.422284ms ago: executing program 1 (id=1605):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)

299.171406ms ago: executing program 2 (id=1606):
statfs(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000815}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x282, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3, 0x0, 0xff, 0x0, 0xffc0, 0x3}, &(0x7f0000000180)=0x20)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cd0606000000000000006b943e8bb0ac60081e33dff8150835f7519d5f73b4f5d80e000000e1f440994bb1d212fd0400b5063087117502d8c24f1fe97f61fd27a06d6a38a7004000"}, 0xd8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7ffeffff}]})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r4, &(0x7f0000000080)="c5cd3c7e3800"/20}, 0x20)
keyctl$join(0x1, 0x0)

299.071052ms ago: executing program 1 (id=1607):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4000000084002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0x1, 0x5, 0x9, 0x8, 0xe, "837d7efefe3a0fe297c3bbce37165879ad489b", 0x8, 0x11})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)

192.887326ms ago: executing program 1 (id=1608):
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e1e}, 0x10)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x12160)

110.775704ms ago: executing program 0 (id=1609):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0004000500000000000072000000000000000000", 0x39}], 0x1)

607.005µs ago: executing program 1 (id=1610):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x5865, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="2703020001f314000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000002b21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722475ca5", 0x72}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b700c9e37eed5653ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d33330e2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb00"/135, 0xfca6}, {&(0x7f0000001400)="7f4ba13c5a27118dc920175650f0c9ba1809dd13a6e2d5b38f40adfa278c09e0e3bd05add4d780cd753b50f06f3b51f43761c7783f38ceaefc2dad57889d8b3a2d21314410f64ec2fa92e3a14b0141b39c020021d1edd011fbccb808a317fff4cf49aab12da619d67102048ec43c76cdb9d395e8b7b6e589d788aeeecb5080fc3d5ec6ccd656e49c0a642671d3fc363b46240bbc46ad965399b71db3c8f2b269b20870a3d2a6a8de5213b0f9d41c510c827056b7284391da244ec7653648b670f9a3483b314d861992ed7fb369eda093e1643c300b94d996fc592adb22c379be070ce5cd806da85a492dd4199cceb4c5b750222485325cf1073bf87e93bdf7da8af8f5f626541afd142e24ee8f4be9f038453c0edf500deabfe4d1a7a9de51df012bc2f3b767b3c03be6ace8c37ad571323cd363116e01f98a8ff8148d3900a65b788e99ddf9d9a2383f1730c7868d2dd031034bce5a77bd1ef3385105968be7bd830bde788092f657be36f89ea55ced486e18982d01339ed04a934a43c7b3be5e6bd03cbe773a938f621809345ec07cfceb013e3d76d500d97c8bee6ff54980ac3d221fcb35724ba64adb29ae8db909e097d78ff9542196635a14266944b850c9d436e96cc806a88090cbfc9db7ce83231bc043ded67966cfd68b800f6030a85f6bb070a2a5b372be2dacea7884b42e76e164af04e47f90ce0694623dce23cd1471f1a6029f68331317073e1a2d8cfb16f821c867d35a609649cf36aa781fa0a381f934844366d4e3ab8dd239c6ec35c15f307a7ed07869aacec38d787fd9c08e9dda1a28bf1a15b004bb1d88aa429ee8e927f5a1e1445685d8923cad92c90c79726d5e73dfe741de35498842cf51a4f09b97b1c14d33213705b95e84a8853fab4e1ced6faecea9d9203b038594bceb202a9d47f862c4f1853db9a0a7bf98ed9d2e3012358b38d092bd1ed7efb1a9e582ac5ef30c9b476e185f537f40ae8189528b480436122a939967e8d862e01172245ebced9f5251dd302e7e974c1db40be1e9e79799c27384caf6485e7c469b77cd6b28f71e39f84d2adbe074dd2bed6636e6853655adc3d1a47eff697e8edba53e6b281aea94798d82da7d3e86d09d869e5e345316eeeced4e15fc39234a0b0104e0b205c95eda632d0e86b095b284f441a62cb0e7262bc1967ee75f5c2d459011b0c15f4c85b02150a8834eda7f84cc96dde04e4abbdf5985a9c7218797820251b5804cae80c9a726afddf36793ae52cfb38e4e19740d6e07e4ed7c01001ab87b7fb12d5b70a75938d234c83d863b1763aec37b41d204fc319c6e802734ed681ea179fe6cad4857c3ca0e236e7b9867688d8bd7749e919f2d4f57f2249c9ccaf76a23760569b0fbde2db12ca0169e74982c1f4f0494aae13f4838b3f50d9ab0f6e328250d6fc34c0156e4b754c5c648b4ef8af32c91859f9706048f029634cefd0d767e8b7743262cb8a468ad37dfa47a745495e3f03cfa1d4ed71af55453c0a25fa1122a9054bcc4d9960c9a54f36b6db55154ab7dd19890d9f8ff3549e0fbd5a655319566b7f9c72be0242e7ffb59020356c3ffb5b9c43858e69d7b677a9bc5b8a64721a51b75a254e07199a73726834bea05901455ad53b38116b953c970b2002d0d1f91deb73ccb7266fbb21aa8555599daed7585575ef3efbd737f2523018ba4645d862889d5c3d91b12f04166db8bffecde54ee278d0d5351f3bf1f8902ff3f4c24a8c0c8a4e6addc9baadc471813589324d3128a1b193137c15c01be9f367317b1c885301ff8e9df728efa37df27f65eb0464055091f2ed469fdab48f413e3978f73ff9dffeb85453e841f86594612ac91b50add8d14910748bfa903033662f3e735ce6d299ce52338a96035aa89f63bd59d151fb20c38125236cbc0d795ac6f8da4cafc74714ed62a23b017e15adcaade58385b78c6945fb30a2539c42b1e415879433b9fb6966c6d19ed19f9f90cbd360d936a8b9f8e03bca5a83c063651b4636a7783bbda6417c83e470a16dfb115344a527436242ace9341432b5816b5e6609d97d600e142ca3cf74cbc00e1d9ee203cdfad339ce460b294f3931c5bd8ae6da8fc14d66a01bae4a212ef3d914e58c13217c8ad91628636b56257c7ca41b404cc2d4b5d50e26ebefc74656c62b1b4e9b6c5b6cc8d79101460f719d95925630bf99e042018439c50026513d680ea573620132ded57dea9e2da4e16f17dbc171642b1e80a3f41311ee73441302285668792160db6614fdb30d25a5719d2ae03ab98ea167597c48dd8197e7faf6189d801134462027901506c5ff1ae2558d96722217f65131d2f429693ae9fae19c101319473608976d08cc1c0d98f789b0c364e8aca574321ab2857af1015f1588afd313503085db4d99961a9391db06c10477ceb44199f1648594e8f9b452fafdab49b1962d02ee77ebd31b7931174a729fa943cb18102130e7e08eaba77df066069c2c3564fc85881ba0dad12c4f06a9e6dea9fea53931ff85e38505eb7ad60a52e2a8a248b3f4d0d55eee31f75f110c70e3b12409a79a5a98b0156c6d2a5d94604b8fa202b12746a365c708c671316cc0ffff6e9b7139b337953be22672a4910e1eb28cccc023b77028e20a6d377a339372f0dc235069f41c2692b0a3a7e0f315f4aebeef435a46b2e8b8462739293f9184c01b1434e87bf3fd48be54bf437056a1d2cff0c7aa52578013f96b1d5100ca936ff029cfd6f9a093621f684196ed7e1d363a97c647c34fe5f2370e7ab9dc718a1fc317779ab8a04bc12c01b778d17eea0b546bce03475fc6373c860714df0322dde550186c553ebd61ed18c0b80655f0827a63d209117ca23b026c1ad30bac4d43a4611292c7049f855b829a3a17fd2b83c142078beed8ca07b7cb7cd624705ccc160246c81174a4d3a9f2057caffe84b1ac073375e065c1ff4e9e22e7d87b3adb40ff796132e4ed86e5fc9f9616f8e4116be96497621692fb516e9316cfd15ad01742a1de4aa35fe02861236295823edf4c48fc37faf55226044e393a3733d58e8ef0f0c7941bc30f09739f37dea2f395f2e9e9b2c31a11923a2d6c9b14f1bacce15094cbbd6445f3581c6d45b76943b4d0db8fd4d4acbdb91780f57c872827abd7a1f13290a0d17dda220493476c92ce65e33f07afcf763aec0e67450f547101f1a5ada0f760c8f12137679324e22c7a13fdf78575115acb0ae4a2818b7b3ead27eea5eccba6f7a34c61819382eebfad742a3c603c6d2f332726996b3e8fcbdfd56b436c1173b1b3bc1ab66a717e31f2f918f0bea3f4801e04c14c881c59324fd9bc38745dd0e47da6bc8e98fe74a760304d74f17cd3cfceb33503397cf592d2b6a51b641d559ba8d6dc449e19b289fd1a4b3772b3998181e787723fe3893362d8f3e346c0ab0abe933e9bdd9a82b377914018377af9d2cbc58ab4fc08cea2623174239cea585603b8acd20da923a44799b1745c3bd65640508f96a0d92a6a2fd8314573f10b4f6e6cbf61e8828bd6e69b1b0c47f5795917a5035b3424dc3cadd2aadbbafb9d18349fab41d79ba13660f2c9400ff87784b26c3e88785db8522c93d3d4f12608736a235c8b9fff98a17934fe36792cb1992ea1b72b5e151cfe82b4ebc4f510882e4b34ee9f6ada188b104ba36e8acbd7bafe39b32f957da45c2743017545fd61667d36d58952de0cdbacb3abc549e1001bf6d9b19f9a353bb84bd152e04c061c691b514d6f1b36a8895424ce210a4cd75d537443a2791dc68e9fff510358f7586d3b73ed04223e683adf6a1c79d3bc92aa595cc6167", 0xa91}], 0x3}, 0x0)

376.252µs ago: executing program 0 (id=1611):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000140)={0x18, 0x1, 0x0, 0x204, 0x0, 0x1})

0s ago: executing program 1 (id=1612):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001200010025bd70000400000000000000000000000000000000000000000004d502006c000c0015"], 0x34}, 0x1, 0x0, 0x0, 0x14040015}, 0x24004040)

kernel console output (not intermixed with test programs):

af block 0
[  111.153209][ T8163] loop0: detected capacity change from 0 to 32768
[  111.170958][ T8163] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  111.176639][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:0' failed: Read-only file system
[  111.201569][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:0' failed: Read-only file system
[  111.593539][ T5839] ocfs2: Unmounting device (7,0) on (node local)
[  111.607885][ T5846] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  111.741382][ T8176] loop0: detected capacity change from 0 to 4096
[  111.746988][ T8176] ntfs3: Unknown parameter 'fma00000002007'
[  111.970794][   T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  112.024696][ T8193] loop0: detected capacity change from 0 to 4096
[  112.038264][ T8193] ntfs3(loop0): Failed to initialize $Extend/$ObjId.
[  112.151165][   T24] usb 3-1: Using ep0 maxpacket: 16
[  112.154318][   T24] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  112.156859][   T24] usb 3-1: config 0 has no interface number 0
[  112.158802][   T24] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  112.162868][   T24] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  112.167748][   T24] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  112.170536][   T24] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  112.173998][   T24] usb 3-1: Product: syz
[  112.175382][   T24] usb 3-1: SerialNumber: syz
[  112.181710][   T24] usb 3-1: config 0 descriptor??
[  112.195446][   T24] cm109 3-1:0.8: invalid payload size 0, expected 4
[  112.198416][   T24] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input9
[  112.247064][ T5865] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  112.418060][ T5865] usb 2-1: Using ep0 maxpacket: 16
[  112.424454][ T5865] usb 2-1: config 0 has an invalid interface number: 34 but max is 0
[  112.427056][ T5865] usb 2-1: config 0 has no interface number 0
[  112.437722][ T5865] usb 2-1: config 0 interface 34 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.437737][ T5865] usb 2-1: config 0 interface 34 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.437754][ T5865] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  112.437764][ T5865] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.439509][ T5865] usb 2-1: config 0 descriptor??
[  112.470775][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.474728][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.477110][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.479493][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.481914][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.484432][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.486834][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.489198][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.491652][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.494381][    C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  112.502275][ T5905] usb 3-1: USB disconnect, device number 12
[  112.504338][    C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  112.508222][ T5905] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  112.984917][ T5865] uclogic 0003:28BD:0071.0008: interface is invalid, ignoring
[  113.203183][   T10] usb 2-1: USB disconnect, device number 18
[  113.462637][ T8224] netlink: 'syz.0.848': attribute type 3 has an invalid length.
[  113.499915][   T33] audit: type=1804 audit(2000000037.911:18): pid=8226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.849" name="/newroot/298/bus/file0" dev="overlay" ino=1593 res=1 errno=0
[  113.784812][ T8237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.853'.
[  113.832562][ T8241] netlink: 'syz.0.855': attribute type 1 has an invalid length.
[  113.835555][ T8241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.855'.
[  113.879089][ T8244] loop0: detected capacity change from 0 to 128
[  113.889004][ T8244] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.898814][ T8244] ext4 filesystem being mounted at /302/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  113.921009][ T5839] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.038704][ T8256] loop1: detected capacity change from 0 to 164
[  114.066127][ T8256] Unable to read rock-ridge attributes
[  114.079784][ T8256] Unable to read rock-ridge attributes
[  114.083564][ T8256] iso9660: Corrupted directory entry in block 4 of inode 1792
[  114.224693][ T5865] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  114.233175][ T8272] loop2: detected capacity change from 0 to 8
[  114.237543][ T8272] squashfs image failed sanity check
[  114.397373][ T5865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  114.402529][ T5865] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  114.405416][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.408100][ T5865] usb 1-1: Product: syz
[  114.409548][ T5865] usb 1-1: Manufacturer: syz
[  114.411057][ T5865] usb 1-1: SerialNumber: syz
[  114.413967][ T5865] usb 1-1: config 0 descriptor??
[  114.511965][ T5865] hid_parser_main: 78 callbacks suppressed
[  114.511978][ T5865] hid-generic 0000:0004:0034.0009: unknown main item tag 0x0
[  114.516434][ T5905] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  114.518986][ T5865] hid-generic 0000:0004:0034.0009: unknown main item tag 0x0
[  114.521510][ T5865] hid-generic 0000:0004:0034.0009: unknown main item tag 0x0
[  114.525253][ T5865] hid-generic 0000:0004:0034.0009: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  114.633978][ T5865] usb 1-1: USB disconnect, device number 11
[  114.716974][ T5905] usb 3-1: Using ep0 maxpacket: 8
[  114.721199][ T5905] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  114.726147][ T5905] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.731043][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  114.734393][ T5905] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  114.741548][ T5905] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.748518][ T5905] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  114.751819][ T5905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.835953][ T8304] netlink: 224 bytes leftover after parsing attributes in process `syz.1.884'.
[  114.979292][ T5905] usb 3-1: GET_CAPABILITIES returned 0
[  114.981060][ T5905] usbtmc 3-1:16.0: can't read capabilities
[  115.144077][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  115.196419][    T9] usb 3-1: USB disconnect, device number 13
[  115.301408][ T8321] loop0: detected capacity change from 0 to 128
[  115.304259][ T8321] FAT-fs (loop0): bogus number of reserved sectors
[  115.306479][   T10] usb 2-1: Using ep0 maxpacket: 32
[  115.307925][   T10] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[  115.308749][ T8321] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  115.313141][   T10] usb 2-1: config 0 has no interface number 0
[  115.313755][ T8321] FAT-fs (loop0): Can't find a valid FAT filesystem
[  115.318553][   T10] usb 2-1: config 0 interface 89 has no altsetting 0
[  115.338866][   T10] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  115.341761][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.344452][   T10] usb 2-1: Product: syz
[  115.345804][   T10] usb 2-1: Manufacturer: syz
[  115.350699][   T10] usb 2-1: SerialNumber: syz
[  115.353878][   T10] usb 2-1: config 0 descriptor??
[  115.357600][   T10] em28xx 2-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  115.361493][   T10] em28xx 2-1:0.89: Video interface 89 found: bulk
[  115.403384][ T8325] netlink: 91 bytes leftover after parsing attributes in process `syz.0.894'.
[  115.406377][ T8325] netlink: 91 bytes leftover after parsing attributes in process `syz.0.894'.
[  115.444056][ T8327] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  115.777970][ T8331] comedi comedi3: pcl730: I/O port conflict (0x5,4)
[  116.001740][   T10] em28xx 2-1:0.89: unknown em28xx chip ID (0)
[  116.553446][ T8343] netlink: 'syz.2.903': attribute type 3 has an invalid length.
[  116.559394][ T8343] netlink: 766 bytes leftover after parsing attributes in process `syz.2.903'.
[  116.655624][   T10] em28xx 2-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  116.658286][   T10] em28xx 2-1:0.89: board has no eeprom
[  116.704513][ T8345] loop2: detected capacity change from 0 to 32768
[  116.710690][ T8345] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.904 (8345)
[  116.716563][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:2' failed: Read-only file system
[  116.721704][   T10] em28xx 2-1:0.89: Identified as Terratec Grabby (card=67)
[  116.722033][ T8345] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  116.724073][   T10] em28xx 2-1:0.89: analog set to bulk mode.
[  116.727537][ T8345] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  116.727576][ T8345] BTRFS info (device loop2): using free-space-tree
[  116.736141][   T10] usb 2-1: USB disconnect, device number 19
[  116.739756][   T10] em28xx 2-1:0.89: Disconnecting em28xx
[  116.741916][    T9] em28xx 2-1:0.89: Registering V4L2 extension
[  116.762680][    T9] em28xx 2-1:0.89: Config register raw data: 0xffffffed
[  116.765256][    T9] em28xx 2-1:0.89: AC97 chip type couldn't be determined
[  116.767699][    T9] em28xx 2-1:0.89: No AC97 audio processor
[  116.773821][    T9] usb 2-1: Decoder not found
[  116.775532][    T9] em28xx 2-1:0.89: failed to create media graph
[  116.777657][    T9] em28xx 2-1:0.89: V4L2 device video103 deregistered
[  116.784251][    T9] em28xx 2-1:0.89: Registering snapshot button...
[  116.794561][    T9] input: em28xx snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.89/input/input10
[  116.800725][    T9] em28xx 2-1:0.89: Remote control support is not available for this card.
[  116.804890][   T10] em28xx 2-1:0.89: Closing input extension
[  116.807357][   T10] em28xx 2-1:0.89: Deregistering snapshot button
[  116.828904][   T10] em28xx 2-1:0.89: Freeing device
[  116.831710][ T8345] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  116.913229][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:2' failed: Read-only file system
[  116.957711][ T5844] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  117.436075][ T8384] loop0: detected capacity change from 0 to 4096
[  117.444672][ T8384] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  117.457743][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  117.459715][ T8384] ntfs3(loop0): Failed to load $Extend (-22).
[  117.462207][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:0' failed: Read-only file system
[  117.463347][ T8384] ntfs3(loop0): Failed to initialize $Extend.
[  117.479120][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  117.484967][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:0' failed: Read-only file system
[  117.577649][ T8388] loop0: detected capacity change from 0 to 4096
[  117.580546][ T8386] loop1: detected capacity change from 0 to 32768
[  117.587998][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  117.598094][ T8386] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.914 (8386)
[  117.604736][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:0' failed: Read-only file system
[  117.619045][ T5913] udevd[5913]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system
[  117.639173][ T8388] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  117.642264][ T8388] ntfs3(loop0): Failed to load $Secure (-22).
[  117.644458][ T8388] ntfs3(loop0): Failed to initialize $Secure (-22).
[  117.644977][ T8386] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  117.663983][ T8386] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  117.681314][ T8386] BTRFS info (device loop1): disk space caching is enabled
[  117.698447][ T8386] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  117.764367][ T8386] BTRFS info (device loop1): rebuilding free space tree
[  117.772588][ T8386] BTRFS info (device loop1): disabling free space tree
[  117.779971][ T8386] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  117.783206][ T8386] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  117.816527][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system
[  117.829247][   T33] audit: type=1800 audit(2000000041.933:19): pid=8386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.914" name="file1" dev="loop1" ino=260 res=0 errno=0
[  117.855380][ T5846] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  117.985909][ T8393] loop2: detected capacity change from 0 to 32768
[  118.127814][ T8413] loop1: detected capacity change from 0 to 40427
[  118.130469][ T8393] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  118.150593][ T8413] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  118.153105][ T8413] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  118.157725][ T8413] F2FS-fs (loop1): invalid crc value
[  118.160218][ T8393] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  118.177876][ T8406] loop0: detected capacity change from 0 to 40427
[  118.196248][ T8413] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  118.201268][ T8413] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  118.203767][ T8413] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  118.233448][ T8406] F2FS-fs (loop0): build fault injection rate: 771
[  118.257829][ T8406] F2FS-fs (loop0): invalid crc value
[  118.282902][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  118.652198][ T5841] Bluetooth: hci2: command tx timeout
[  118.657996][   T33] audit: type=1800 audit(2000000042.495:20): pid=8423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.919" name="file1" dev="loop1" ino=10 res=0 errno=0
[  118.692441][ T8406] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  118.696420][ T8406] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  118.780452][ T5839] syz-executor: attempt to access beyond end of device
[  118.780452][ T5839] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  118.788011][ T5839] CPU: 0 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  118.788024][ T5839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  118.788029][ T5839] Call Trace:
[  118.788033][ T5839]  <TASK>
[  118.788036][ T5839]  dump_stack_lvl+0x189/0x250
[  118.788050][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.788059][ T5839]  ? __pfx_queue_work_on+0x10/0x10
[  118.788067][ T5839]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  118.788076][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  118.788090][ T5839]  f2fs_handle_critical_error+0x37c/0x540
[  118.788103][ T5839]  f2fs_write_end_io+0x886/0xb60
[  118.788121][ T5839]  __submit_merged_bio+0x27a/0x6a0
[  118.788134][ T5839]  __submit_merged_write_cond+0x255/0x530
[  118.788146][ T5839]  f2fs_write_data_pages+0x261d/0x3000
[  118.788172][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  118.788218][ T5839]  ? __mod_zone_page_state+0xd7/0x140
[  118.788235][ T5839]  ? folios_put_refs+0x560/0x640
[  118.788248][ T5839]  ? __pfx_folios_put_refs+0x10/0x10
[  118.788255][ T5839]  ? rcu_is_watching+0x15/0xb0
[  118.788288][ T5839]  ? __lock_acquire+0xab9/0xd20
[  118.788308][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  118.788319][ T5839]  do_writepages+0x32e/0x550
[  118.788334][ T5839]  ? do_raw_spin_unlock+0x4d/0x240
[  118.788345][ T5839]  filemap_fdatawrite+0x199/0x240
[  118.788355][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  118.788388][ T5839]  ? do_raw_spin_unlock+0x4d/0x240
[  118.788399][ T5839]  f2fs_sync_dirty_inodes+0x31f/0x830
[  118.788417][ T5839]  f2fs_write_checkpoint+0x95a/0x1df0
[  118.788438][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  118.788469][ T5839]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  118.788478][ T5839]  ? kfree+0x18e/0x440
[  118.788489][ T5839]  ? kill_f2fs_super+0x298/0x6c0
[  118.788501][ T5839]  kill_f2fs_super+0x2c3/0x6c0
[  118.788514][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[  118.788524][ T5839]  ? radix_tree_delete_item+0x2b6/0x400
[  118.788536][ T5839]  ? shrinker_free+0x2ce/0x3e0
[  118.788551][ T5839]  deactivate_locked_super+0xbc/0x130
[  118.788562][ T5839]  cleanup_mnt+0x425/0x4c0
[  118.788570][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.788580][ T5839]  task_work_run+0x1d4/0x260
[  118.788592][ T5839]  ? __pfx_task_work_run+0x10/0x10
[  118.788601][ T5839]  ? __x64_sys_umount+0x122/0x160
[  118.788613][ T5839]  ? exit_to_user_mode_loop+0x40/0x110
[  118.788626][ T5839]  exit_to_user_mode_loop+0xec/0x110
[  118.788636][ T5839]  do_syscall_64+0x2bd/0x3b0
[  118.788644][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.788652][ T5839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.788660][ T5839]  ? exc_page_fault+0x9f/0xf0
[  118.788669][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.788676][ T5839] RIP: 0033:0x7fc8fab8ff17
[  118.788684][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  118.788690][ T5839] RSP: 002b:00007ffd975ad378 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  118.788699][ T5839] RAX: 0000000000000000 RBX: 00007fc8fac11c05 RCX: 00007fc8fab8ff17
[  118.788704][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd975ad430
[  118.788708][ T5839] RBP: 00007ffd975ad430 R08: 0000000000000000 R09: 0000000000000000
[  118.788713][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd975ae4c0
[  118.788718][ T5839] R13: 00007fc8fac11c05 R14: 000000000001bf25 R15: 00007ffd975ae500
[  118.788731][ T5839]  </TASK>
[  118.920154][ T8426] loop2: detected capacity change from 0 to 4096
[  118.922852][ T8426] ntfs3: Unexpected value for 'sparse'
[  118.942789][ T5839] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  118.978917][ T8428] loop2: detected capacity change from 0 to 4096
[  119.024033][ T8428] ntfs3(loop2): ino=1a, mi_enum_attr
[  119.025838][ T8428] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  119.730758][ T5905] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  119.913616][ T5905] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  119.919231][ T5905] usb 1-1: New USB device found, idVendor=0565, idProduct=0001, bcdDevice=57.66
[  119.922907][ T5905] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.925751][ T5905] usb 1-1: Product: syz
[  119.927456][ T5905] usb 1-1: Manufacturer: syz
[  119.929058][ T5905] usb 1-1: SerialNumber: syz
[  119.932007][ T5905] usb 1-1: config 0 descriptor??
[  119.935384][ T5905] belkin_sa 1-1:0.0: Belkin / Peracom / GoHubs USB Serial Adapter converter detected
[  119.938894][ T5905] usb 1-1: bcdDevice: 5766, bfc: 0
[  119.941301][ T5905] usb 1-1: Belkin / Peracom / GoHubs USB Serial Adapter converter now attached to ttyUSB0
[  120.154003][ T8302] usb 1-1: USB disconnect, device number 12
[  120.163619][ T8302] belkin ttyUSB0: Belkin / Peracom / GoHubs USB Serial Adapter converter now disconnected from ttyUSB0
[  120.171466][ T8436] loop2: detected capacity change from 0 to 40427
[  120.171474][ T8302] belkin_sa 1-1:0.0: device disconnected
[  120.176339][ T8436] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  120.178681][ T8436] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  120.181705][ T8436] F2FS-fs (loop2): build fault injection rate: 1
[  120.183804][ T8436] F2FS-fs (loop2): build fault injection type: 0x1f8
[  120.189402][ T8436] F2FS-fs (loop2): invalid crc value
[  120.225003][ T8436] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  120.229887][ T8436] F2FS-fs (loop2): Start checkpoint disabled!
[  120.233689][ T8436] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  120.235991][ T8436] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  120.241777][ T8436] F2FS-fs (loop2): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xfe/0x1050
[  120.245794][ T8436] F2FS-fs (loop2): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xfe/0x1050
[  120.544142][ T8445] loop2: detected capacity change from 0 to 32768
[  120.559196][ T8445] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.574098][ T8445] XFS (loop2): Ending clean mount
[  120.579829][ T8445] XFS (loop2): Quotacheck needed: Please wait.
[  120.599216][ T8445] XFS (loop2): Quotacheck: Done.
[  120.614159][   T33] audit: type=1804 audit(2000000044.553:21): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.927" name="/newroot/308/file0/file1" dev="loop2" ino=9286 res=1 errno=0
[  120.643395][ T5844] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.793199][ T8459] loop2: detected capacity change from 0 to 1024
[  120.826575][ T8459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.830438][ T8459] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.841445][ T8459] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 1: comm syz.2.930: lblock 1 mapped to illegal pblock 1 (length 1)
[  120.848747][ T8459] EXT4-fs error (device loop2): ext4_ext_remove_space:2955: inode #15: comm syz.2.930: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  120.857920][ T8459] EXT4-fs error (device loop2) in ext4_setattr:6071: Corrupt filesystem
[  120.861072][ T8455] loop0: detected capacity change from 0 to 32768
[  120.876875][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.884998][ T8455] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  120.920633][ T5839] ocfs2: Unmounting device (7,0) on (node local)
[  121.266634][ T5846] syz-executor: attempt to access beyond end of device
[  121.266634][ T5846] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  121.276164][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  121.276178][ T5846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  121.276183][ T5846] Call Trace:
[  121.276187][ T5846]  <TASK>
[  121.276190][ T5846]  dump_stack_lvl+0x189/0x250
[  121.276204][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.276213][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.276225][ T5846]  ? f2fs_handle_critical_error+0x322/0x540
[  121.276260][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  121.276272][ T5846]  f2fs_write_end_io+0x886/0xb60
[  121.276290][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  121.276298][ T5846]  ? up_write+0x1c4/0x420
[  121.276309][ T5846]  __submit_merged_write_cond+0x44c/0x530
[  121.276320][ T5846]  f2fs_sync_node_pages+0x1479/0x15e0
[  121.276337][ T5846]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  121.276357][ T5846]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  121.276370][ T5846]  ? up_write+0x1c4/0x420
[  121.276376][ T5846]  ? do_raw_spin_unlock+0x4d/0x240
[  121.276387][ T5846]  f2fs_write_checkpoint+0xe6f/0x1df0
[  121.276407][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  121.276436][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  121.276449][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  121.276462][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  121.276471][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  121.276482][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  121.276492][ T5846]  deactivate_locked_super+0xbc/0x130
[  121.276501][ T5846]  cleanup_mnt+0x425/0x4c0
[  121.276512][ T5846]  task_work_run+0x1d4/0x260
[  121.276523][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  121.276531][ T5846]  ? __x64_sys_umount+0x122/0x160
[  121.276543][ T5846]  ? exit_to_user_mode_loop+0x40/0x110
[  121.276555][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  121.276565][ T5846]  do_syscall_64+0x2bd/0x3b0
[  121.276575][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.276582][ T5846]  ? asm_sysvec_call_function_single+0x1a/0x20
[  121.276597][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.276604][ T5846] RIP: 0033:0x7f5b6b38ff17
[  121.276613][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  121.276619][ T5846] RSP: 002b:00007ffeb8e11118 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  121.276629][ T5846] RAX: 0000000000000000 RBX: 00007f5b6b411c05 RCX: 00007f5b6b38ff17
[  121.276634][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeb8e111d0
[  121.276638][ T5846] RBP: 00007ffeb8e111d0 R08: 0000000000000000 R09: 0000000000000000
[  121.276642][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb8e12260
[  121.276647][ T5846] R13: 00007f5b6b411c05 R14: 000000000001c041 R15: 00007ffeb8e122a0
[  121.276659][ T5846]  </TASK>
[  121.276770][ T5846] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  121.643076][ T8473] loop1: detected capacity change from 0 to 2048
[  122.153389][ T8484] loop2: detected capacity change from 0 to 32768
[  122.201081][ T8484] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc
[  122.201093][ T8484]   allowing incompatible features above 0.0: (unknown version)
[  122.201098][ T8484]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  122.218970][ T8484] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  122.225071][ T8484] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[  122.228158][ T8484] bcachefs (loop2): Version upgrade required:
[  122.228158][ T8484] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  122.228158][ T8484] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  122.228158][ T8484]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  122.256758][ T8484] bcachefs (loop2): dropping and reconstructing all alloc info
[  122.271766][ T8484] bcachefs (loop2): accounting_read... done
[  122.276678][ T8484] bcachefs (loop2): alloc_read... done
[  122.279897][ T8484] bcachefs (loop2): done starting filesystem
[  122.347026][ T5844] bcachefs (loop2): shutting down
[  122.377977][ T5844] bcachefs (loop2): shutdown complete
[  122.778364][ T8501] netlink: 'syz.1.946': attribute type 21 has an invalid length.
[  122.780896][ T8501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.946'.
[  123.433155][ T8509] loop2: detected capacity change from 0 to 32768
[  123.443031][ T8509] JBD2: Ignoring recovery information on journal
[  123.447864][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:2' failed: Read-only file system
[  123.459188][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:2' failed: Read-only file system
[  123.465665][ T8509] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  123.503128][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  123.729662][ T8517] loop2: detected capacity change from 0 to 32768
[  123.734221][ T8517] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.952 (8517)
[  123.742964][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/e417788f-7a09-42b2-9266-8ddc5d5d35d2.tmp-b7:2' failed: Read-only file system
[  123.747242][ T8517] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  123.751740][ T8517] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  123.754918][ T8517] BTRFS info (device loop2): disk space caching is enabled
[  123.758057][ T8517] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  123.823440][ T8517] BTRFS info (device loop2): rebuilding free space tree
[  123.830657][ T8517] BTRFS info (device loop2): disabling free space tree
[  123.836333][ T8517] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  123.839305][ T8517] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  123.890091][ T5844] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  123.941331][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/e417788f-7a09-42b2-9266-8ddc5d5d35d2.tmp-b7:2' failed: Read-only file system
[  124.074745][ T8539] loop1: detected capacity change from 0 to 40427
[  124.087368][ T8539] F2FS-fs (loop1): build fault injection rate: 14
[  124.089548][ T8539] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  124.105373][ T5913] udevd[5913]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  124.118375][ T8539] F2FS-fs (loop1): invalid crc value
[  124.127074][ T5913] udevd[5913]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  124.145431][    C0] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  124.152089][    C0] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  124.190612][ T8539] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.193790][ T8539] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  124.204505][ T8539] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  124.227165][ T8539] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  124.234581][ T8539] F2FS-fs (loop1): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x249/0x1cf0
[  124.243231][ T8539] F2FS-fs (loop1): inconsistent node block, node_type:1, nid:3, node_footer[nid:3,ino:3,ofs:0,cpver:1219692001,blkaddr:4098]
[  124.280610][ T5846] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_grab_meta_folio+0x6a/0x1d0
[  124.417995][ T8563] wg1 speed is unknown, defaulting to 1000
[  124.421321][ T8563] wg1 speed is unknown, defaulting to 1000
[  124.437649][ T8563] wg1 speed is unknown, defaulting to 1000
[  124.451635][ T8563] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  124.471076][ T8563] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  124.551976][ T8563] wg1 speed is unknown, defaulting to 1000
[  124.572110][ T8563] wg1 speed is unknown, defaulting to 1000
[  124.592121][ T8563] wg1 speed is unknown, defaulting to 1000
[  125.272011][ T8576] loop1: detected capacity change from 0 to 32768
[  125.282300][ T8576] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.970 (8576)
[  125.304376][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system
[  125.305575][ T8576] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  125.312604][ T8576] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  125.315608][ T8576] BTRFS info (device loop1): using free-space-tree
[  125.461636][ T5846] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  125.484664][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system
[  125.666766][ T8599] batman_adv: batadv0: Adding interface: gretap1
[  125.668973][ T8599] batman_adv: batadv0: Interface activated: gretap1
[  125.707994][ T8594] loop2: detected capacity change from 0 to 32768
[  125.723314][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/d7dc424e-7990-42cb-9f91-9cb7200a101d.tmp-b7:2' failed: Read-only file system
[  125.733844][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/d7dc424e-7990-42cb-9f91-9cb7200a101d.tmp-b7:2' failed: Read-only file system
[  125.743263][ T8594] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  125.762093][ T8594] XFS (loop2): Ending clean mount
[  125.771828][ T8594] XFS (loop2): Quotacheck needed: Please wait.
[  125.784536][ T6172] XFS (loop2): Metadata corruption detected at xfs_dinode_verify+0x1a6/0x1570, inode 0x1806 dinode
[  125.787946][ T6172] XFS (loop2): Unmount and run xfs_repair
[  125.789748][ T6172] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  125.793387][ T6172] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  125.796064][ T6172] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  125.798864][ T6172] 00000020: 34 f7 58 68 a5 e2 bf 3d 34 f7 58 68 a5 e2 bf 3d  4.Xh...=4.Xh...=
[  125.802997][ T6172] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 0a  4.Xh...=........
[  125.805948][ T6172] 00000040: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01  ................
[  125.809207][ T6172] 00000050: 00 00 65 01 00 00 00 00 00 00 00 00 2c 50 36 f0  ..e.........,P6.
[  125.811979][ T6172] 00000060: ff ff ff ff cb 1f f2 eb 00 00 00 00 00 00 00 08  ................
[  125.815000][ T6172] 00000070: 00 00 00 01 00 00 00 0d 00 00 00 00 00 00 00 08  ................
[  125.831220][ T8594] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  125.844840][ T5844] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  125.854158][ T5844] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair.
[  125.902711][ T8601] loop1: detected capacity change from 0 to 32768
[  126.338117][ T8619] loop2: detected capacity change from 0 to 32768
[  126.351709][ T8619] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.380804][ T8619] XFS (loop2): Ending clean mount
[  126.386207][ T8619] XFS (loop2): Quotacheck needed: Please wait.
[  126.412091][ T8619] XFS (loop2): Quotacheck: Done.
[  126.435126][ T5844] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.724334][ T8637] loop2: detected capacity change from 0 to 8
[  126.733268][ T8637] SQUASHFS error: lzo decompression failed, data probably corrupt
[  126.736011][ T8637] SQUASHFS error: Failed to read block 0x62b: -5
[  126.738097][ T8637] SQUASHFS error: Unable to read metadata cache entry [629]
[  126.740414][ T8637] SQUASHFS error: Unable to read inode 0x11f
[  126.892774][ T8650] loop1: detected capacity change from 0 to 128
[  126.906073][ T8650] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  126.913110][ T8650] ext4 filesystem being mounted at /324/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  127.111937][ T5846] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  127.304917][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.992'.
[  127.784918][ T8661] loop2: detected capacity change from 0 to 1024
[  127.887016][ T8667] loop2: detected capacity change from 0 to 1024
[  127.896164][ T8667] EXT4-fs: Ignoring removed nobh option
[  127.898366][ T8667] EXT4-fs: Ignoring removed bh option
[  127.911452][ T8667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.972263][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.080787][ T8677] loop2: detected capacity change from 0 to 64
[  128.206753][ T8688] netlink: 'syz.1.1005': attribute type 63 has an invalid length.
[  128.515945][ T8699] netlink: 'syz.2.1010': attribute type 3 has an invalid length.
[  128.746733][ T8701] loop2: detected capacity change from 0 to 8192
[  128.796428][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/8AF3-4683.tmp-b7:2' failed: Read-only file system
[  128.838320][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/SYZKALLER.tmp-b7:2' failed: Read-only file system
[  128.843999][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/8AF3-4683.tmp-b7:2' failed: Read-only file system
[  128.882513][ T8703] loop2: detected capacity change from 0 to 512
[  128.887026][ T8703] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.895224][ T8703] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  128.900034][ T8703] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.1012: attempt to clear invalid blocks 2 len 1
[  128.905425][ T8703] EXT4-fs (loop2): Remounting filesystem read-only
[  128.911623][ T8703] EXT4-fs (loop2): 1 truncate cleaned up
[  128.912155][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  128.915777][ T8703] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.934191][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  128.952594][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  128.976947][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  128.986271][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.045064][ T8706] netlink: 'syz.2.1013': attribute type 2 has an invalid length.
[  129.662281][ T5904] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  129.823714][ T5904] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  129.827131][ T5904] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 3
[  129.830203][ T5904] usb 2-1: config 220 interface 0 has no altsetting 0
[  129.834356][ T5904] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  129.837309][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.839893][ T5904] usb 2-1: Product: syz
[  129.841354][ T5904] usb 2-1: Manufacturer: syz
[  129.843051][ T5904] usb 2-1: SerialNumber: syz
[  130.074235][   T33] audit: type=1326 audit(2000000053.411:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.1.1015" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  130.085762][   T33] audit: type=1326 audit(2000000053.411:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.1.1015" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  130.100890][ T5904] uvcvideo 2-1:220.0: probe with driver uvcvideo failed with error -22
[  130.110215][ T5904] usb 2-1: USB disconnect, device number 20
[  130.111975][   T33] audit: type=1326 audit(2000000053.420:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.1.1015" exe="/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  130.123673][   T33] audit: type=1326 audit(2000000053.420:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.1.1015" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  130.133041][   T33] audit: type=1326 audit(2000000053.420:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8710 comm="syz.1.1015" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  130.292493][ T8723] loop2: detected capacity change from 0 to 8
[  130.302979][ T8723] SQUASHFS error: xz decompression failed, data probably corrupt
[  130.306974][ T8723] SQUASHFS error: Failed to read block 0x108: -5
[  130.308998][ T8723] SQUASHFS error: Unable to read metadata cache entry [106]
[  130.311402][ T8723] SQUASHFS error: Unable to read inode 0x11f
[  130.522629][ T8733] loop2: detected capacity change from 0 to 32768
[  130.537442][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:2' failed: Read-only file system
[  130.546260][ T8733] JBD2: Ignoring recovery information on journal
[  130.566312][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:2' failed: Read-only file system
[  130.576307][ T8737] loop0: detected capacity change from 0 to 32768
[  130.578257][ T8733] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  130.592435][ T8737] ERROR: (device loop0): xtTruncate_pmap: xt_getpage: xtree page corrupt
[  130.592435][ T8737] 
[  130.599242][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:0' failed: Read-only file system
[  130.599391][ T8737] ERROR: (device loop0): remounting filesystem as read-only
[  130.618505][ T8737] ERROR: (device loop0): jfs_unlink: 
[  130.618505][ T8737] 
[  130.627395][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  130.659207][ T5839] ERROR: (device loop0): xtTruncate: xt_getpage: xtree page corrupt
[  130.659207][ T5839] 
[  130.818835][ T8749] nvme_fabrics: missing parameter 'transport=%s'
[  130.822518][ T8749] nvme_fabrics: missing parameter 'nqn=%s'
[  131.057324][ T8760] loop0: detected capacity change from 0 to 1024
[  131.069042][ T8760] hfsplus: request for non-existent node 3 in B*Tree
[  131.071958][ T8760] hfsplus: request for non-existent node 3 in B*Tree
[  131.199317][ T8766] loop0: detected capacity change from 0 to 16
[  131.209579][ T8766] erofs (device loop0): mounted with root inode @ nid 36.
[  131.218911][ T8766] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36
[  131.225420][ T8766] erofs (device loop0): read error -117 @ 43 of nid 36
[  131.270709][ T8768] netlink: 'syz.0.1041': attribute type 1 has an invalid length.
[  131.311759][ T8756] loop2: detected capacity change from 0 to 131072
[  131.314975][ T8756] F2FS-fs (loop2): Test dummy encryption mode enabled
[  131.317564][ T8302] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  131.349629][ T8756] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  131.353560][ T8756] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  131.434795][ T8782] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1044'.
[  131.495469][ T8302] usb 2-1: unable to get BOS descriptor or descriptor too short
[  131.503910][ T8302] usb 2-1: not running at top speed; connect to a high speed hub
[  131.513735][ T8302] usb 2-1: config 8 has an invalid interface number: 250 but max is 0
[  131.516338][ T8302] usb 2-1: config 8 has no interface number 0
[  131.518366][ T8302] usb 2-1: config 8 interface 250 has no altsetting 0
[  131.536240][ T8302] usb 2-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=b9.7d
[  131.539341][ T8302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.542997][ T8302] usb 2-1: Product: syz
[  131.552872][ T8302] usb 2-1: Manufacturer: syz
[  131.555372][ T8302] usb 2-1: SerialNumber: syz
[  131.724776][ T8798] netlink: 9280 bytes leftover after parsing attributes in process `syz.0.1052'.
[  131.796740][ T8302] gspca_main: sn9c2028-2.14.0 probing 0458:7005
[  131.799419][ T8302] gspca_sn9c2028: read1 error -71
[  131.803111][ T8302] gspca_sn9c2028: read1 error -71
[  131.813047][ T8302] gspca_sn9c2028: read1 error -71
[  131.815008][ T8302] sn9c2028 2-1:8.250: probe with driver sn9c2028 failed with error -71
[  131.828679][ T8302] usb 2-1: USB disconnect, device number 21
[  131.852529][ T8810] loop0: detected capacity change from 0 to 512
[  131.857049][ T8810] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.867468][ T8810] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  131.886566][ T8810] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1057: iget: bad extended attribute block 1
[  131.902265][ T8810] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1057: couldn't read orphan inode 15 (err -117)
[  131.905245][ T8815] delete_channel: no stack
[  131.907780][ T8810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.947347][ T8810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.952749][ T8817] loop2: detected capacity change from 0 to 1024
[  131.999539][   T69] hfsplus: b-tree write err: -5, ino 4
[  132.077386][ T8823] loop2: detected capacity change from 0 to 4096
[  132.086891][ T8823] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  132.113601][ T8823] ntfs3(loop2): Failed to load $Extend (-22).
[  132.116129][ T8823] ntfs3(loop2): Failed to initialize $Extend.
[  132.125769][ T8823] ntfs3(loop2): ino=5, "/" indx_read
[  132.329655][ T8829] loop0: detected capacity change from 0 to 40427
[  132.358636][ T8829] F2FS-fs (loop0): Corrupted extension count (64 + 1 > 64)
[  132.361766][ T8829] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  132.396212][ T8837] loop1: detected capacity change from 0 to 1024
[  132.423274][  T183] hfsplus: b-tree write err: -5, ino 4
[  132.431502][ T8835] loop2: detected capacity change from 0 to 40427
[  132.446012][ T8835] F2FS-fs (loop2): invalid crc value
[  132.476694][ T8829] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  132.484023][ T8829] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  132.494847][ T8829] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  132.511906][ T8835] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  132.519308][ T8835] F2FS-fs (loop2): Start checkpoint disabled!
[  132.524101][ T8835] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  132.674617][ T8851] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  132.676710][ T8851] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  132.679864][ T8851] vhci_hcd vhci_hcd.0: Device attached
[  132.684025][ T8852] vhci_hcd: connection closed
[  132.684154][   T12] vhci_hcd: stop threads
[  132.687040][   T12] vhci_hcd: release socket
[  132.696674][ T8855] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.698777][   T12] vhci_hcd: disconnect device
[  132.699744][ T8855] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.704345][ T8855] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.706789][ T8855] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.994613][ T8864] loop0: detected capacity change from 0 to 40427
[  133.002927][ T8864] F2FS-fs (loop0): build fault injection rate: 771
[  133.006064][ T8864] F2FS-fs (loop0): invalid crc value
[  133.036350][ T8864] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  133.039835][ T8864] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  133.051323][   T10] usb 3-1: new low-speed USB device number 14 using dummy_hcd
[  133.056230][ T5839] syz-executor: attempt to access beyond end of device
[  133.056230][ T5839] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.060544][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  133.060556][ T5839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  133.060560][ T5839] Call Trace:
[  133.060563][ T5839]  <TASK>
[  133.060567][ T5839]  dump_stack_lvl+0x189/0x250
[  133.060581][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.060590][ T5839]  ? __pfx_queue_work_on+0x10/0x10
[  133.060598][ T5839]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  133.060607][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  133.060620][ T5839]  f2fs_handle_critical_error+0x37c/0x540
[  133.060633][ T5839]  f2fs_write_end_io+0x886/0xb60
[  133.060651][ T5839]  __submit_merged_bio+0x27a/0x6a0
[  133.060663][ T5839]  __submit_merged_write_cond+0x255/0x530
[  133.060675][ T5839]  f2fs_write_data_pages+0x261d/0x3000
[  133.060684][ T5839]  ? is_bpf_text_address+0x26/0x2b0
[  133.060711][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  133.060755][ T5839]  ? __mod_zone_page_state+0xd7/0x140
[  133.060772][ T5839]  ? folios_put_refs+0x560/0x640
[  133.060785][ T5839]  ? __pfx_folios_put_refs+0x10/0x10
[  133.060792][ T5839]  ? rcu_is_watching+0x15/0xb0
[  133.060804][ T5839]  ? __lock_acquire+0xab9/0xd20
[  133.060822][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  133.060832][ T5839]  do_writepages+0x32e/0x550
[  133.060848][ T5839]  ? do_raw_spin_unlock+0x4d/0x240
[  133.060859][ T5839]  filemap_fdatawrite+0x199/0x240
[  133.060869][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  133.060901][ T5839]  ? do_raw_spin_unlock+0x4d/0x240
[  133.060911][ T5839]  f2fs_sync_dirty_inodes+0x31f/0x830
[  133.060929][ T5839]  f2fs_write_checkpoint+0x95a/0x1df0
[  133.060950][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  133.060980][ T5839]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  133.060991][ T5839]  ? kfree+0x18e/0x440
[  133.061000][ T5839]  ? kill_f2fs_super+0x298/0x6c0
[  133.061013][ T5839]  kill_f2fs_super+0x2c3/0x6c0
[  133.061026][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[  133.061035][ T5839]  ? radix_tree_delete_item+0x2b6/0x400
[  133.061047][ T5839]  ? shrinker_free+0x2ce/0x3e0
[  133.061056][ T5839]  deactivate_locked_super+0xbc/0x130
[  133.061066][ T5839]  cleanup_mnt+0x425/0x4c0
[  133.061096][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  133.061106][ T5839]  task_work_run+0x1d4/0x260
[  133.061117][ T5839]  ? __pfx_task_work_run+0x10/0x10
[  133.061126][ T5839]  ? __x64_sys_umount+0x122/0x160
[  133.061138][ T5839]  ? exit_to_user_mode_loop+0x40/0x110
[  133.061150][ T5839]  exit_to_user_mode_loop+0xec/0x110
[  133.061161][ T5839]  do_syscall_64+0x2bd/0x3b0
[  133.061169][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  133.061177][ T5839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.061184][ T5839]  ? exc_page_fault+0x9f/0xf0
[  133.061193][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.061200][ T5839] RIP: 0033:0x7fc8fab8ff17
[  133.061208][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  133.061215][ T5839] RSP: 002b:00007ffd975ad378 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  133.061223][ T5839] RAX: 0000000000000000 RBX: 00007fc8fac11c05 RCX: 00007fc8fab8ff17
[  133.061228][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd975ad430
[  133.061233][ T5839] RBP: 00007ffd975ad430 R08: 0000000000000000 R09: 0000000000000000
[  133.061237][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd975ae4c0
[  133.061242][ T5839] R13: 00007fc8fac11c05 R14: 000000000001f387 R15: 00007ffd975ae500
[  133.061255][ T5839]  </TASK>
[  133.065025][ T5839] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  133.272894][ T8871] program syz.1.1081 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  133.278687][   T10] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  133.281170][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.284661][   T10] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.307585][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.311266][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.334645][   T10] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  133.337163][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.350864][   T10] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.354636][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.358153][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.364241][   T10] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  133.366703][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.370098][   T10] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.374259][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.377932][   T10] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.384667][   T10] usb 3-1: string descriptor 0 read error: -22
[  133.386715][   T10] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  133.389628][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.398096][   T10] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  133.434693][ T8881] loop0: detected capacity change from 0 to 24
[  133.484388][ T8883] loop1: detected capacity change from 0 to 4096
[  133.487739][ T8883] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  133.503609][ T8883] ntfs3(loop1): ino=1a, mi_enum_attr
[  133.503624][ T8883] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  133.503936][ T8883] ntfs3(loop1): ino=1a, mi_enum_attr
[  133.503945][ T8883] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  133.530125][   T33] audit: type=1800 audit(2000000056.638:27): pid=8883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1085" name="file1" dev="loop1" ino=24 res=0 errno=0
[  133.610977][ T8892] openvswitch: netlink: IPv6 tunnel dst address is zero
[  133.611494][   T51] usb 3-1: USB disconnect, device number 14
[  133.646976][ T8896] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1091'.
[  133.660427][ T8896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1091'.
[  133.746483][ T8906] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1096'.
[  134.047582][ T8922] loop0: detected capacity change from 0 to 32768
[  134.054322][   T33] audit: type=1800 audit(2000000057.124:28): pid=8922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1104" name="file1" dev="loop0" ino=4 res=0 errno=0
[  134.064553][ T8922] ERROR: (device loop0): diWrite: ixpxd invalid
[  134.064553][ T8922] 
[  134.068253][ T8922] ERROR: (device loop0): remounting filesystem as read-only
[  134.070629][ T8922] ERROR: (device loop0): txCommit: 
[  134.070629][ T8922] 
[  134.101564][ T8925] loop1: detected capacity change from 0 to 8
[  134.117620][ T8925] SQUASHFS error: zlib decompression failed, data probably corrupt
[  134.132762][ T8925] SQUASHFS error: Failed to read block 0x9b: -5
[  134.134741][ T8925] SQUASHFS error: Unable to read metadata cache entry [99]
[  134.137013][ T8925] SQUASHFS error: Unable to read inode 0x127
[  134.148148][ T8927] ALSA: mixer_oss: invalid OSS volume 'A141=wVe]'
[  134.150545][ T8927] ALSA: mixer_oss: invalid OSS volume 'ұB;T`@$EcXMYd,'
[  134.154149][ T8927] ALSA: mixer_oss: invalid OSS volume 'b@h#'
[  134.156190][ T8927] ALSA: mixer_oss: invalid OSS volume 'h4XS4v=0_>&'
[  134.158715][ T8927] ALSA: mixer_oss: invalid OSS volume '|/"tj'
[  134.160715][ T8927] ALSA: mixer_oss: invalid OSS volume '-z5c^J6$'
[  134.163714][ T8927] ALSA: mixer_oss: invalid OSS volume '0Ty󉴪jP&at'
[  134.166535][ T8927] ALSA: mixer_oss: invalid OSS volume '|~\'
[  134.168818][ T8927] ALSA: mixer_oss: invalid OSS volume '@^3bɜ}G$#\("/oL'
[  134.171656][ T8927] ALSA: mixer_oss: invalid OSS volume ''
[  135.280698][ T8959] loop1: detected capacity change from 0 to 40427
[  135.288773][ T8959] F2FS-fs (loop1): invalid crc value
[  135.292022][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:1' failed: Read-only file system
[  135.319643][ T8959] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  135.322814][ T8959] F2FS-fs (loop1): Start checkpoint disabled!
[  135.328724][ T8959] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  135.469471][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.469471][ T1087] loop1: rw=1, sector=77824, nr_sectors = 8 limit=40427
[  135.480796][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.480796][ T1087] loop1: rw=1, sector=77832, nr_sectors = 2528 limit=40427
[  135.490508][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.490508][ T1087] loop1: rw=1, sector=80360, nr_sectors = 1560 limit=40427
[  135.497298][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.497298][ T1087] loop1: rw=1, sector=49152, nr_sectors = 8 limit=40427
[  135.506414][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.506414][ T1087] loop1: rw=1, sector=49160, nr_sectors = 2048 limit=40427
[  135.516376][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.516376][ T1087] loop1: rw=1, sector=51208, nr_sectors = 2040 limit=40427
[  135.521399][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.521399][ T1087] loop1: rw=1, sector=57344, nr_sectors = 8 limit=40427
[  135.530576][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.530576][ T1087] loop1: rw=1, sector=57352, nr_sectors = 2048 limit=40427
[  135.541471][ T1087] kworker/u9:4: attempt to access beyond end of device
[  135.541471][ T1087] loop1: rw=1, sector=59400, nr_sectors = 2016 limit=40427
[  135.551638][ T1087] CPU: 0 UID: 0 PID: 1087 Comm: kworker/u9:4 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  135.551651][ T1087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  135.551656][ T1087] Workqueue: writeback wb_workfn (flush-7:1)
[  135.551669][ T1087] Call Trace:
[  135.551672][ T1087]  <TASK>
[  135.551676][ T1087]  dump_stack_lvl+0x189/0x250
[  135.551688][ T1087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.551697][ T1087]  ? __pfx_queue_work_on+0x10/0x10
[  135.551705][ T1087]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  135.551713][ T1087]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.551726][ T1087]  f2fs_handle_critical_error+0x37c/0x540
[  135.551740][ T1087]  f2fs_write_end_io+0x886/0xb60
[  135.551758][ T1087]  __submit_merged_bio+0x27a/0x6a0
[  135.551770][ T1087]  __submit_merged_write_cond+0x255/0x530
[  135.551782][ T1087]  f2fs_write_data_pages+0x261d/0x3000
[  135.551832][ T1087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.551880][ T1087]  ? f2fs_write_meta_pages+0x357/0x450
[  135.551900][ T1087]  ? __lock_acquire+0xab9/0xd20
[  135.551913][ T1087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.551924][ T1087]  do_writepages+0x32e/0x550
[  135.551936][ T1087]  ? reacquire_held_locks+0x127/0x1d0
[  135.551943][ T1087]  ? writeback_sb_inodes+0x384/0x1010
[  135.551956][ T1087]  __writeback_single_inode+0x145/0xff0
[  135.551966][ T1087]  ? do_raw_spin_unlock+0x4d/0x240
[  135.551976][ T1087]  writeback_sb_inodes+0x6c7/0x1010
[  135.551998][ T1087]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  135.552027][ T1087]  ? rcu_is_watching+0x15/0xb0
[  135.552061][ T1087]  wb_writeback+0x43b/0xaf0
[  135.552076][ T1087]  ? queue_io+0x371/0x590
[  135.552087][ T1087]  ? __pfx_wb_writeback+0x10/0x10
[  135.552100][ T1087]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.552111][ T1087]  wb_workfn+0x409/0xef0
[  135.552125][ T1087]  ? __pfx_wb_workfn+0x10/0x10
[  135.552136][ T1087]  ? __lock_acquire+0xab9/0xd20
[  135.552168][ T1087]  ? process_scheduled_works+0x9ef/0x17b0
[  135.552178][ T1087]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.552186][ T1087]  ? process_scheduled_works+0x9ef/0x17b0
[  135.552192][ T1087]  ? process_scheduled_works+0x9ef/0x17b0
[  135.552200][ T1087]  process_scheduled_works+0xae1/0x17b0
[  135.552221][ T1087]  ? __pfx_process_scheduled_works+0x10/0x10
[  135.552241][ T1087]  worker_thread+0x8a0/0xda0
[  135.552261][ T1087]  kthread+0x711/0x8a0
[  135.552271][ T1087]  ? __pfx_worker_thread+0x10/0x10
[  135.552278][ T1087]  ? __pfx_kthread+0x10/0x10
[  135.552294][ T1087]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.552302][ T1087]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.552310][ T1087]  ? __pfx_kthread+0x10/0x10
[  135.552319][ T1087]  ret_from_fork+0x3fc/0x770
[  135.552328][ T1087]  ? __pfx_ret_from_fork+0x10/0x10
[  135.552338][ T1087]  ? __switch_to_asm+0x39/0x70
[  135.552347][ T1087]  ? __switch_to_asm+0x33/0x70
[  135.552355][ T1087]  ? __pfx_kthread+0x10/0x10
[  135.552364][ T1087]  ret_from_fork_asm+0x1a/0x30
[  135.552381][ T1087]  </TASK>
[  135.644845][    C0] vkms_vblank_simulate: vblank timer overrun
[  135.654072][ T1087] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  135.913724][ T8980] loop1: detected capacity change from 0 to 512
[  135.934156][ T8976] loop2: detected capacity change from 0 to 40427
[  135.938900][ T8976] F2FS-fs (loop2): Image doesn't support compression
[  135.941796][ T8976] F2FS-fs (loop2): build fault injection rate: 4
[  135.944386][ T8976] F2FS-fs (loop2): build fault injection type: 0x5288
[  135.952361][ T8976] F2FS-fs (loop2): invalid crc value
[  135.960506][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[  135.984533][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system
[  135.995124][ T8976] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  136.003546][ T8976] F2FS-fs (loop2): Start checkpoint disabled!
[  136.006767][ T8976] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  136.194437][ T8993] loop2: detected capacity change from 0 to 24
[  136.199748][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/rom\x20637cf1fa.tmp-b7:2' failed: Read-only file system
[  136.203708][ T8993] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  136.207497][ T8993] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  136.212335][ T8993] romfs: read error for inode 0x70040
[  136.272727][ T8997] pim6reg1: entered allmulticast mode
[  136.636876][ T9010] binder: 9009:9010 ioctl c0306201 200000000280 returned -14
[  137.641735][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  137.644281][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  138.032809][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  138.068575][ T9060] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  138.070759][ T9060] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  138.073955][ T9060] vhci_hcd vhci_hcd.0: Device attached
[  138.106590][ T9064] loop0: detected capacity change from 0 to 2048
[  138.112157][ T9064] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  138.117963][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system
[  138.123315][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system
[  138.132089][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system
[  138.136149][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system
[  138.149423][ T9066] loop0: detected capacity change from 0 to 2048
[  138.155528][ T9066] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  138.164834][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system
[  138.168985][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system
[  138.203682][    T9] usb 2-1: Using ep0 maxpacket: 32
[  138.208585][    T9] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  138.211239][    T9] usb 2-1: config 0 has no interface number 0
[  138.219985][    T9] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  138.222995][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.236461][    T9] usb 2-1: Product: syz
[  138.237863][    T9] usb 2-1: Manufacturer: syz
[  138.239486][    T9] usb 2-1: SerialNumber: syz
[  138.248158][    T9] usb 2-1: config 0 descriptor??
[  138.251457][    T9] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  138.267938][   T10] vhci_hcd: vhci_device speed not set
[  138.334965][ T5904] usb 3-1: new low-speed USB device number 15 using dummy_hcd
[  138.337571][   T10] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  138.365922][ T9072] netlink: 'syz.0.1160': attribute type 21 has an invalid length.
[  138.368527][ T9072] netlink: 'syz.0.1160': attribute type 1 has an invalid length.
[  138.371024][ T9072] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1160'.
[  138.470759][    T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  138.475874][    T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  138.526211][ T5904] usb 3-1: config 0 has no interfaces?
[  138.528034][ T5904] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  138.530862][ T5904] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.535239][ T5904] usb 3-1: config 0 descriptor??
[  138.664068][   T51] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  138.755316][ T8302] usb 3-1: USB disconnect, device number 15
[  138.758798][ T9061] vhci_hcd: connection reset by peer
[  138.763866][   T12] vhci_hcd: stop threads
[  138.765328][   T12] vhci_hcd: release socket
[  138.768396][   T12] vhci_hcd: disconnect device
[  138.823801][   T10] vhci_hcd: vhci_device speed not set
[  138.825233][   T51] usb 1-1: config 0 interface 0 has no altsetting 0
[  138.827582][   T51] usb 1-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  138.830464][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.834956][   T51] usb 1-1: config 0 descriptor??
[  138.902017][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  138.902330][   T24] usb 2-1: USB disconnect, device number 22
[  138.913041][   T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  138.919739][   T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  138.924578][   T24] quatech2 2-1:0.51: device disconnected
[  139.278410][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.280844][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.283561][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.286454][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.289398][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.292303][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.295271][   T51] razer 0003:1532:011B.000A: unknown main item tag 0x0
[  139.300480][   T51] razer 0003:1532:011B.000A: hidraw0: USB HID vff.f7 Device [HID 1532:011b] on usb-dummy_hcd.0-1/input0
[  139.493054][    T9] usb 1-1: USB disconnect, device number 13
[  139.556687][ T9090] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1169'.
[  139.645863][ T9098] loop2: detected capacity change from 0 to 1024
[  139.649222][ T9098] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.652324][ T9098] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  139.659958][ T9098] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.680177][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.723004][   T51] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  139.894590][   T51] usb 2-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.897887][   T51] usb 2-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  139.902078][   T51] usb 2-1: config 0 interface 0 has no altsetting 0
[  139.907031][   T51] usb 2-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.00
[  139.909955][   T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.913870][   T51] usb 2-1: config 0 descriptor??
[  140.125959][ T9127] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.134697][   T51] usb 2-1: string descriptor 0 read error: -71
[  140.140622][   T51] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input11
[  140.151351][   T51] usb 2-1: USB disconnect, device number 23
[  140.393679][ T9127] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.461229][ T9127] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.530325][ T9127] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.600396][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.607488][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.616101][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.625666][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.785386][ T9138] tmpfs: Bad value for 'mpol'
[  140.851237][ T9144] loop1: detected capacity change from 0 to 1024
[  140.856445][ T9144] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  140.872393][ T9144] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  140.879283][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:1' failed: Read-only file system
[  140.915531][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:1' failed: Read-only file system
[  140.950630][ T9144] EXT4-fs (loop1): orphan cleanup on readonly fs
[  140.964257][ T9144] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.1192: Invalid inode table block 0 in block_group 0
[  140.979822][ T9144] EXT4-fs (loop1): Remounting filesystem read-only
[  140.982518][ T9144] Quota error (device loop1): write_blk: dquota write failed
[  140.998514][ T9149] loop2: detected capacity change from 0 to 1024
[  141.001893][ T9149] EXT4-fs: mb_optimize_scan should be set to 0 or 1.
[  141.004908][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  141.010640][ T9144] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  141.014013][ T9144] EXT4-fs (loop1): 1 truncate cleaned up
[  141.043955][ T9144] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.070997][ T9144] EXT4-fs (loop1): shut down requested (1)
[  141.105713][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.107498][ T9160] netlink: 'syz.0.1199': attribute type 3 has an invalid length.
[  141.251148][ T9175] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1207'.
[  141.452936][ T9200] loop1: detected capacity change from 0 to 64
[  141.464135][ T9200] bio_check_eod: 1 callbacks suppressed
[  141.464144][ T9200] syz.1.1220: attempt to access beyond end of device
[  141.464144][ T9200] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  141.473778][ T9200] Buffer I/O error on dev loop1, logical block 134217734, async page read
[  141.480481][ T9200] syz.1.1220: attempt to access beyond end of device
[  141.480481][ T9200] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  141.485316][ T9200] Buffer I/O error on dev loop1, logical block 134217734, async page read
[  141.645665][ T9208] loop1: detected capacity change from 0 to 2048
[  141.663375][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  141.680379][ T9208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.714094][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.731575][   T33] audit: type=1800 audit(2000000064.280:29): pid=9208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1223" name="bus" dev="loop1" ino=18 res=0 errno=0
[  141.818222][ T9212] loop0: detected capacity change from 0 to 512
[  141.824221][ T9212] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.831491][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  141.852158][ T9212] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  141.854828][ T9212] System zones: 0-2, 18-18, 34-34
[  141.857841][ T9212] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.862779][ T9212] ext4 filesystem being mounted at /402/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.878036][ T9212] EXT4-fs: Cannot change journaled quota options when quota turned on
[  141.903046][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.963527][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  143.155956][   T51] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  143.206403][ T9228] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0)
[  143.284822][ T9236] loop2: detected capacity change from 0 to 256
[  143.290355][ T9236] exfat: Deprecated parameter 'namecase'
[  143.296293][ T9236] exfat: Deprecated parameter 'namecase'
[  143.300993][ T9236] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  143.316019][   T51] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  143.322303][   T51] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  143.325868][   T51] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  143.330348][   T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.425716][ T9233] loop0: detected capacity change from 0 to 40427
[  143.430484][ T9233] F2FS-fs (loop0): build fault injection rate: 16
[  143.439476][ T9233] F2FS-fs (loop0): build fault injection type: 0x77fd1
[  143.447807][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:0' failed: Read-only file system
[  143.458985][ T9233] F2FS-fs (loop0): invalid crc value
[  143.461816][ T9233] F2FS-fs (loop0): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x30ed/0x49f0
[  143.468496][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:0' failed: Read-only file system
[  143.475048][ T9233] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-12)
[  143.490724][ T9247] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  143.494064][   T51] kernel write not supported for file /audio (pid: 51 comm: kworker/1:1)
[  143.555507][ T5841] Bluetooth: hci2: Malformed LE Event: 0x0d
[  143.558551][   T51] usb 2-1: USB disconnect, device number 24
[  144.004428][ T9274] loop0: detected capacity change from 0 to 4096
[  144.007490][ T9274] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  144.017604][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:0' failed: Read-only file system
[  144.018902][ T9274] ntfs3(loop0): ino=19, mi_enum_attr
[  144.031384][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:0' failed: Read-only file system
[  144.044603][ T9274] ntfs3(loop0): ino=5, "/" indx_read
[  144.046488][ T9274] ntfs3(loop0): ino=5, "/" ntfs_readdir
[  144.079047][ T9276] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  144.159530][ T9284] loop1: detected capacity change from 0 to 512
[  144.162319][ T9284] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  144.166555][ T9284] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  144.174631][ T9284] EXT4-fs (loop1): 1 truncate cleaned up
[  144.177693][ T9284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.236598][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.518627][ T9302] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1260'.
[  145.265424][ T9322] Device name not specified.
[  145.265424][ T9322] 
[  145.620211][ T9335] loop2: detected capacity change from 0 to 2048
[  145.623981][ T9335] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  145.638340][ T9335] syz.2.1278: attempt to access beyond end of device
[  145.638340][ T9335] loop2: rw=0, sector=111568486480, nr_sectors = 2 limit=2048
[  145.643809][ T9335] NILFS (loop2): I/O error reading meta-data file (ino=4, block-offset=0)
[  145.649085][ T9335] NILFS (loop2): error -5 while loading last checkpoint (checkpoint number=2)
[  146.172794][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.176748][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.179080][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.181359][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.183593][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.185799][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.188033][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.190292][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.192533][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.194747][ T9349] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  146.483566][ T9356] loop1: detected capacity change from 0 to 8192
[  146.486732][ T9356] FAT-fs (loop1): bogus logical sector size 155
[  146.491201][ T9356] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  146.494267][ T9356] FAT-fs (loop1): Can't find a valid FAT filesystem
[  146.606603][ T9358] loop0: detected capacity change from 0 to 1024
[  146.621120][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/untitled.tmp-b7:0' failed: Read-only file system
[  146.622808][   T52] hfsplus: b-tree write err: -5, ino 4
[  146.625393][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:0' failed: Read-only file system
[  146.657072][ T9362] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1291'.
[  146.875664][ T9386] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1303'.
[  147.012779][ T8302] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  147.023555][    T9] usb 1-1: new low-speed USB device number 14 using dummy_hcd
[  147.028620][ T9397] netlink: 'syz.1.1308': attribute type 1 has an invalid length.
[  147.031125][ T9397] netlink: 'syz.1.1308': attribute type 1 has an invalid length.
[  147.033605][ T9397] netlink: 216 bytes leftover after parsing attributes in process `syz.1.1308'.
[  147.173084][ T8302] usb 3-1: Using ep0 maxpacket: 16
[  147.176161][ T8302] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  147.178667][ T8302] usb 3-1: config 1 has no interface number 0
[  147.186038][    T9] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  147.188858][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.189018][ T8302] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  147.195120][    T9] usb 1-1: config 0 descriptor??
[  147.197769][ T8302] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  147.202736][ T8302] usb 3-1: config 1 interface 105 has no altsetting 0
[  147.210291][ T8302] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  147.213118][ T8302] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.215769][ T8302] usb 3-1: Product: syz
[  147.221710][ T8302] usb 3-1: Manufacturer: syz
[  147.223207][ T8302] usb 3-1: SerialNumber: syz
[  147.235577][ T9376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  147.238321][ T9376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  147.527552][ T9417] loop1: detected capacity change from 0 to 32768
[  147.539025][ T9417] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  147.545394][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:1' failed: Read-only file system
[  147.550445][ T5876] (kworker/u8:3,5876,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len is smaller than minimal - offset=0, inode=348545186005064, rec_len=0, name_len=1
[  147.573522][ T5846] ocfs2: Unmounting device (7,1) on (node local)
[  147.673356][ T9376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  147.676567][ T9376] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  147.910894][   T10] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  148.073257][   T10] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.076750][   T10] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.079856][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  148.082158][   T10] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  148.085145][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.089689][   T10] usb 2-1: config 0 descriptor??
[  148.323174][ T8302] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  148.327793][ T8302] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  148.340836][ T8302] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 3e:29:f3:94:fa:3c
[  148.345989][ T8302] usb 3-1: USB disconnect, device number 16
[  148.351597][ T8302] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  148.405141][ T8302] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  148.409239][ T8302] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  148.412571][ T8302] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  148.487022][    T9] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  148.494328][    T9] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  148.497705][    T9] asix 1-1:0.0: probe with driver asix failed with error -71
[  148.508492][    T9] usb 1-1: USB disconnect, device number 14
[  148.740915][   T10] usb 2-1: string descriptor 0 read error: -22
[  149.056950][ T9438] loop0: detected capacity change from 0 to 512
[  149.178630][   T10] uclogic 0003:256C:006D.000B: failed retrieving string descriptor #100: -71
[  149.182172][   T10] uclogic 0003:256C:006D.000B: failed retrieving pen parameters: -71
[  149.185590][   T10] uclogic 0003:256C:006D.000B: failed probing pen v1 parameters: -71
[  149.188281][   T10] uclogic 0003:256C:006D.000B: failed probing parameters: -71
[  149.190705][   T10] uclogic 0003:256C:006D.000B: probe with driver uclogic failed with error -71
[  149.195201][   T10] usb 2-1: USB disconnect, device number 25
[  149.740182][ T9443] loop1: detected capacity change from 0 to 256
[  149.784097][ T9445] syz.1.1325: attempt to access beyond end of device
[  149.784097][ T9445] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  149.788371][ T9445] vxfs: unable to read disk superblock at 1
[  149.790641][ T9445] syz.1.1325: attempt to access beyond end of device
[  149.790641][ T9445] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[  149.796270][ T9445] vxfs: unable to read disk superblock at 8
[  149.798213][ T9445] vxfs: can't find superblock.
[  150.211577][ T9467] loop2: detected capacity change from 0 to 4096
[  150.235369][ T9467] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  150.266109][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  150.283624][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/7089678B273CDB5C.tmp-b7:2' failed: Read-only file system
[  150.335678][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  150.349634][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/7089678B273CDB5C.tmp-b7:2' failed: Read-only file system
[  150.415155][ T9467] ntfs3(loop2): ino=0, attr_set_size
[  150.418152][ T9467] ntfs3(loop2): ino=0, attr_set_size
[  150.420604][ T9467] ntfs3(loop2): ino=0, attr_set_size
[  150.424671][ T9467] ntfs3(loop2): no free space to extend mft
[  150.792615][ T9477] loop0: detected capacity change from 0 to 32768
[  150.823640][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:0' failed: Read-only file system
[  150.837275][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:0' failed: Read-only file system
[  150.844742][ T9477] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.865651][ T9481] loop2: detected capacity change from 0 to 32768
[  150.877677][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/9f1cad42-11bd-4e12-8f0b-f07876b81d9a.tmp-b7:2' failed: Read-only file system
[  150.879219][ T9477] XFS (loop0): Ending clean mount
[  150.896510][ T9477] XFS (loop0): User initiated shutdown received.
[  150.899017][ T9477] XFS (loop0): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  150.903607][ T9477] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  150.907751][ T9481] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  150.925161][ T5839] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.925243][ T9481] XFS (loop2): Ending clean mount
[  151.039808][ T5844] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  151.337242][   T33] audit: type=1107 audit(2000000073.297:30): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  151.396158][ T8302] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  151.566955][ T8302] usb 1-1: Using ep0 maxpacket: 32
[  151.571194][ T8302] usb 1-1: config 0 has an invalid interface number: 16 but max is 0
[  151.574640][ T8302] usb 1-1: config 0 has no interface number 0
[  151.577233][ T8302] usb 1-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  151.581703][ T8302] usb 1-1: config 0 interface 16 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  151.588078][ T8302] usb 1-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[  151.592293][ T8302] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.595580][ T8302] usb 1-1: Product: syz
[  151.597477][ T8302] usb 1-1: Manufacturer: syz
[  151.599537][ T8302] usb 1-1: SerialNumber: syz
[  151.604996][ T8302] usb 1-1: config 0 descriptor??
[  151.607674][ T9501] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  151.612706][ T8302] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  151.615424][ T8302] usb 1-1: invalid MIDI in EP 0
[  151.640332][ T8302] snd-usb-audio 1-1:0.16: probe with driver snd-usb-audio failed with error -22
[  151.835181][   T10] usb 1-1: USB disconnect, device number 15
[  152.090833][ T5841] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  152.093176][   T54] Bluetooth: hci3: command 0x1003 tx timeout
[  152.160479][ T9509] loop2: detected capacity change from 0 to 256
[  152.163418][ T9509] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  152.167088][ T9509] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  152.175131][ T9509] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  152.207117][ T9509] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  152.210072][ T9509] exFAT-fs (loop2): Filesystem has been set read-only
[  152.214511][ T9509] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  152.217310][ T9509] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  152.363081][ T9511] loop2: detected capacity change from 0 to 32768
[  152.372546][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:2' failed: Read-only file system
[  152.423208][ T9513] sctp: [Deprecated]: syz.0.1350 (pid 9513) Use of int in max_burst socket option.
[  152.423208][ T9513] Use struct sctp_assoc_value instead
[  152.460322][ T9515] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1351'.
[  152.516910][ T9522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1353'.
[  152.521465][ T9522] netlink: 'syz.0.1353': attribute type 3 has an invalid length.
[  152.744654][   T10] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  152.749601][ T9533] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  152.800458][ T9540] net_ratelimit: 3321 callbacks suppressed
[  152.800469][ T9540] openvswitch: netlink: IP tunnel dst address not specified
[  152.904606][   T10] usb 3-1: Using ep0 maxpacket: 32
[  152.907769][   T10] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  152.914873][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.925537][   T10] usb 3-1: config 0 descriptor??
[  152.937916][   T10] gspca_main: sunplus-2.14.0 probing 041e:400b
[  152.945471][ T9555] 9pnet: p9_errstr2errno: server reported unknown error @0x0000000000000003
[  153.556301][ T9582] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1380'.
[  153.620260][ T9586] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1382'.
[  153.623279][ T9586] netlink: 'syz.0.1382': attribute type 1 has an invalid length.
[  153.627093][ T9586] netlink: 'syz.0.1382': attribute type 2 has an invalid length.
[  153.629677][ T9586] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1382'.
[  153.805500][ T9590] loop0: detected capacity change from 0 to 32768
[  153.832131][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:0' failed: Read-only file system
[  153.959034][ T9592] loop0: detected capacity change from 0 to 32768
[  153.964157][ T9592] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1385 (9592)
[  153.971735][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:0' failed: Read-only file system
[  153.978301][ T9592] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  153.981530][ T9592] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  153.984301][ T9592] BTRFS info (device loop0): using free-space-tree
[  154.091007][   T10] gspca_sunplus: reg_w_riv err -71
[  154.092752][   T10] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  154.104284][   T10] usb 3-1: USB disconnect, device number 17
[  154.110160][ T9604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1386'.
[  154.114841][ T9604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1386'.
[  154.489575][ T9612] loop1: detected capacity change from 0 to 32768
[  154.497700][ T9612] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1387 (9612)
[  154.509423][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:1' failed: Read-only file system
[  154.509428][ T9612] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  154.517309][ T9612] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  154.520355][ T9612] BTRFS info (device loop1): using free-space-tree
[  154.590196][ T5846] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  154.815516][ T5839] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.844165][ T9639] loop1: detected capacity change from 0 to 512
[  154.849120][ T9639] EXT4-fs (loop1): bad geometry: block count 1024 exceeds size of device (256 blocks)
[  154.853959][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-label/\x86\x5b.tmp-b7:1' failed: Read-only file system
[  154.944010][ T9641] loop1: detected capacity change from 0 to 2048
[  154.955322][ T9633] loop2: detected capacity change from 0 to 32768
[  154.970758][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-label/LinuxUDF.tmp-b7:1' failed: Read-only file system
[  154.973894][ T9641] UDF-fs: warning (device loop1): udf_load_logicalvol: Damaged or missing LVID, forcing readonly mount
[  154.975332][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/1234567812345678.tmp-b7:1' failed: Read-only file system
[  154.988091][ T9633] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1389 (9633)
[  154.995676][ T9633] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  155.004894][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:2' failed: Read-only file system
[  155.009907][ T9633] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  155.020993][ T9633] BTRFS info (device loop2): using free-space-tree
[  155.107349][ T9661] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1396'.
[  155.140597][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:2' failed: Read-only file system
[  155.150541][ T9633] BTRFS info (device loop2): rebuilding free space tree
[  155.187232][ T9672] netlink: 'syz.0.1399': attribute type 1 has an invalid length.
[  155.189814][ T9672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1399'.
[  155.268469][ T5844] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  155.413476][ T9679] loop1: detected capacity change from 0 to 1024
[  155.467701][ T5913] udevd[5913]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  155.475588][ T9679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.519292][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.675333][ T9694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1407'.
[  155.807618][ T9700] loop1: detected capacity change from 0 to 16
[  155.823609][ T9700] erofs (device loop1): mounted with root inode @ nid 36.
[  155.841371][ T9700] erofs (device loop1): readahead error at folio 2 @ nid 89
[  155.845276][ T9700] erofs (device loop1): readahead error at folio 1 @ nid 89
[  155.851452][ T9700] erofs (device loop1): read error -117 @ 1 of nid 89
[  155.856197][   T33] audit: type=1800 audit(2000000077.525:31): pid=9700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1410" name="file3" dev="loop1" ino=89 res=0 errno=0
[  155.856711][ T9700] erofs (device loop1): read error -117 @ 1 of nid 89
[  155.867501][ T9700] erofs (device loop1): read error -117 @ 1 of nid 89
[  156.665618][ T9731] loop2: detected capacity change from 0 to 32768
[  156.666495][   T51] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  156.668478][ T9731] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1423 (9731)
[  156.676604][ T9731] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  156.681465][ T9731] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  156.684182][ T9731] BTRFS info (device loop2): using free-space-tree
[  156.743513][ T5844] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  156.858541][   T51] usb 1-1: Using ep0 maxpacket: 8
[  156.862271][   T51] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  156.865262][   T51] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  156.868241][   T51] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.880281][   T51] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.884738][   T51] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  156.887594][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.114620][   T51] usb 1-1: GET_CAPABILITIES returned 0
[  157.116741][   T51] usbtmc 1-1:16.0: can't read capabilities
[  157.348797][   T51] usb 1-1: USB disconnect, device number 16
[  157.367670][ T9783] hsr0: Device is already in use.
[  157.692934][ T9820] loop2: detected capacity change from 0 to 128
[  158.007345][ T9835] loop2: detected capacity change from 0 to 32768
[  158.029189][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/805fce0c-ac78-492f-ad66-cd1bf6eb4f90.tmp-b7:2' failed: Read-only file system
[  158.040190][ T9835] JBD2: Ignoring recovery information on journal
[  158.055978][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/805fce0c-ac78-492f-ad66-cd1bf6eb4f90.tmp-b7:2' failed: Read-only file system
[  158.069579][ T9835] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  158.091781][ T9852] netlink: 'syz.1.1458': attribute type 10 has an invalid length.
[  158.094136][ T9856] loop0: detected capacity change from 0 to 16
[  158.099323][ T9856] erofs (device loop0): mounted with root inode @ nid 36.
[  158.102952][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/dc990305-0000-0000-0000-00c46e0e7dba.tmp-b7:0' failed: Read-only file system
[  158.110417][ T9856] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36
[  158.113316][ T9856] erofs (device loop0): failed to decompress -29 in[58, 4038] out[1851]
[  158.116196][ T9856] erofs (device loop0): read error -117 @ 43 of nid 36
[  158.127405][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/dc990305-0000-0000-0000-00c46e0e7dba.tmp-b7:0' failed: Read-only file system
[  158.141551][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/dc990305-0000-0000-0000-00c46e0e7dba.tmp-b7:0' failed: Read-only file system
[  158.145032][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  158.242719][ T9860] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36
[  158.245683][ T9860] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36
[  158.248389][ T9860] erofs (device loop0): readahead error at folio 42 @ nid 36
[  158.280839][ T9860] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36
[  158.283391][ T9860] erofs (device loop0): readahead error at folio 41 @ nid 36
[  158.285761][ T9860] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36
[  158.288318][ T9860] erofs (device loop0): readahead error at folio 40 @ nid 36
[  158.290642][ T9860] erofs (device loop0): readahead error at folio 39 @ nid 36
[  158.310084][ T9860] erofs (device loop0): readahead error at folio 38 @ nid 36
[  158.332010][ T9860] erofs (device loop0): readahead error at folio 36 @ nid 36
[  158.336168][ T9860] erofs (device loop0): bogus lookback distance 1468 @ lcn 31 of nid 36
[  158.348300][ T9860] erofs (device loop0): readahead error at folio 31 @ nid 36
[  158.354589][ T9860] erofs (device loop0): readahead error at folio 25 @ nid 36
[  158.367519][ T9860] erofs (device loop0): readahead error at folio 24 @ nid 36
[  158.374784][ T9860] erofs (device loop0): readahead error at folio 19 @ nid 36
[  158.385887][ T9860] syz.0.1459: attempt to access beyond end of device
[  158.385887][ T9860] loop0: rw=524288, sector=784, nr_sectors = 64 limit=16
[  158.409693][ T9860] syz.0.1459: attempt to access beyond end of device
[  158.409693][ T9860] loop0: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  158.425602][ T9860] syz.0.1459: attempt to access beyond end of device
[  158.425602][ T9860] loop0: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  158.450008][ T9860] erofs (device loop0): failed to decompress -29 in[58, 4038] out[2639]
[  158.470592][ T9860] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36
[  158.480976][ T9860] erofs (device loop0): readahead error at folio 47 @ nid 36
[  158.489496][ T9860] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36
[  158.496344][ T9860] erofs (device loop0): readahead error at folio 46 @ nid 36
[  158.509969][ T9860] erofs (device loop0): readahead error at folio 45 @ nid 36
[  158.516121][ T9860] syz.0.1459: attempt to access beyond end of device
[  158.516121][ T9860] loop0: rw=524288, sector=16, nr_sectors = 16 limit=16
[  158.534471][ T9860] erofs (device loop0): failed to decompress -29 in[58, 4038] out[3537]
[  158.815197][ T5904] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  158.825911][   T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  158.977507][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.981299][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.992623][   T10] usb 3-1: Using ep0 maxpacket: 16
[  158.995039][ T5904] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  158.999287][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.003106][   T10] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  159.005829][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  159.010144][ T5904] usb 2-1: config 0 descriptor??
[  159.019962][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  159.033870][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.040242][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.042776][   T10] usb 3-1: Product: syz
[  159.045235][   T10] usb 3-1: Manufacturer: syz
[  159.049170][   T10] usb 3-1: SerialNumber: syz
[  159.468565][ T5904] hid-thrustmaster 0003:044F:B65D.000C: unknown main item tag 0x0
[  159.481761][ T5904] hid-thrustmaster 0003:044F:B65D.000C: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0
[  159.485685][ T5904] hid-thrustmaster 0003:044F:B65D.000C: Wrong number of endpoints?
[  159.503450][   T10] usb 3-1: 0:2 : does not exist
[  159.686025][    C0] hid-thrustmaster 0003:044F:B65D.000C: URB to get model id failed with error -71
[  159.686854][ T8302] usb 2-1: USB disconnect, device number 26
[  160.073360][ T9887] loop0: detected capacity change from 0 to 64
[  160.104230][ T5839] Trying to free block not in datazone
[  160.108468][ T5839] Trying to free block not in datazone
[  160.113221][ T5839] Trying to free block not in datazone
[  160.115111][ T5839] Trying to free block not in datazone
[  160.116858][ T5839] Trying to free block not in datazone
[  160.118592][ T5839] Trying to free block not in datazone
[  160.121180][ T5839] Trying to free block not in datazone
[  160.124563][ T5839] Trying to free block not in datazone
[  160.126378][ T5839] Trying to free block not in datazone
[  160.128154][ T5839] Trying to free block not in datazone
[  160.129917][ T5839] Trying to free block not in datazone
[  160.133538][ T5839] Trying to free block not in datazone
[  160.135262][ T5839] Trying to free block not in datazone
[  160.137672][ T5839] Trying to free block not in datazone
[  160.174279][   T10] usb 3-1: USB disconnect, device number 18
[  160.199858][ T9891] __nla_validate_parse: 2 callbacks suppressed
[  160.199868][ T9891] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1474'.
[  160.200336][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  160.202151][ T9891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1474'.
[  160.385782][ T9907] loop1: detected capacity change from 0 to 128
[  160.402143][ T9907] EXT4-fs (loop1): Test dummy encryption mode enabled
[  160.405552][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:1' failed: Read-only file system
[  160.412822][ T9907] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0082]
[  160.415633][ T9907] System zones: 1-3, 19-19, 35-36
[  160.422956][ T9907] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  160.426895][ T9907] ext4 filesystem being mounted at /473/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.433926][ T9907] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  160.466444][ T5846] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  160.545866][ T9902] loop0: detected capacity change from 0 to 40427
[  160.552318][ T9902] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  160.554743][ T9902] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  160.557933][ T9913] loop1: detected capacity change from 0 to 4096
[  160.569587][ T9914] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.569910][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:0' failed: Read-only file system
[  160.576861][ T5913] udevd[5913]: symlink '../../loop1' '/dev/disk/by-uuid/3b59f4fc-a790-4a4c-9011-25a8178ccefa.tmp-b7:1' failed: Read-only file system
[  160.580560][ T9902] F2FS-fs (loop0): invalid crc value
[  160.584279][ T9902] F2FS-fs (loop0): Failed to get valid F2FS checkpoint
[  160.591423][ T5849] udevd[5849]: symlink '../../loop1' '/dev/disk/by-uuid/3b59f4fc-a790-4a4c-9011-25a8178ccefa.tmp-b7:1' failed: Read-only file system
[  160.800942][ T9925] loop0: detected capacity change from 0 to 2048
[  160.822897][ T9925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.827015][ T9925] ext4 filesystem being mounted at /491/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.125089][   T33] audit: type=1800 audit(2000000082.436:32): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1489" name="file0" dev="loop0" ino=13 res=0 errno=0
[  161.632512][ T9940] loop1: detected capacity change from 0 to 1024
[  161.635244][ T9940] EXT4-fs: Ignoring removed nomblk_io_submit option
[  161.639397][ T9940] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  161.642670][ T9940] EXT4-fs (loop1): stripe (3675) is not aligned with cluster size (16), stripe is disabled
[  161.647346][ T9940] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  161.664705][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.708984][ T9943] loop1: detected capacity change from 0 to 4096
[  161.711909][ T9943] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  161.731819][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.739864][ T9943] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  161.747066][ T9943] ntfs3(loop1): ino=1a, mi_enum_attr
[  161.760220][ T9943] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  161.773286][ T9945] netlink: 'syz.2.1497': attribute type 29 has an invalid length.
[  161.792996][ T9945] netlink: 'syz.2.1497': attribute type 29 has an invalid length.
[  161.796273][ T9943] ntfs3(loop1): ino=5, "/" ntfs_readdir
[  161.803277][ T9945] netlink: 'syz.2.1497': attribute type 29 has an invalid length.
[  161.811499][ T9945] netlink: 'syz.2.1497': attribute type 29 has an invalid length.
[  162.120347][   T33] audit: type=1326 audit(2000000083.381:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.139504][ T9974] netlink: 'syz.2.1509': attribute type 6 has an invalid length.
[  162.142520][ T9974] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1509'.
[  162.146829][   T33] audit: type=1326 audit(2000000083.381:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.173987][   T33] audit: type=1326 audit(2000000083.381:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.180626][   T33] audit: type=1326 audit(2000000083.381:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.200884][   T33] audit: type=1326 audit(2000000083.381:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.210434][   T33] audit: type=1326 audit(2000000083.381:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9970 comm="syz.1.1507" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b38ebe9 code=0x7ffc0000
[  162.253335][ T9986] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1515'.
[  162.349575][ T9997] loop2: detected capacity change from 0 to 512
[  162.352310][ T9997] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.355959][ T9997] EXT4-fs: old and new quota format mixing
[  162.381306][T10000] loop2: detected capacity change from 0 to 256
[  162.403474][T10001] netlink: 1276 bytes leftover after parsing attributes in process `syz.1.1521'.
[  162.420212][T10003] loop2: detected capacity change from 0 to 2048
[  162.433140][T10004] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  162.442456][T10003] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=7, rec_len=16, name_len=1
[  162.453217][T10003] Remounting filesystem read-only
[  162.592234][T10010] block nbd0: server does not support multiple connections per device.
[  162.600708][T10010] block nbd0: shutting down sockets
[  162.717756][T10014] loop2: detected capacity change from 0 to 128
[  162.759880][T10016] netlink: 'syz.2.1528': attribute type 11 has an invalid length.
[  162.767448][T10016] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1528'.
[  162.902445][T10027] netlink: 'syz.2.1531': attribute type 21 has an invalid length.
[  162.905274][T10027] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1531'.
[  162.935435][T10030] loop2: detected capacity change from 0 to 128
[  163.021286][T10030] syz.2.1532: attempt to access beyond end of device
[  163.021286][T10030] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128
[  163.025515][T10030] syz.2.1532: attempt to access beyond end of device
[  163.025515][T10030] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[  163.029761][T10030] syz.2.1532: attempt to access beyond end of device
[  163.029761][T10030] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[  163.034126][T10030] syz.2.1532: attempt to access beyond end of device
[  163.034126][T10030] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[  163.038455][T10030] syz.2.1532: attempt to access beyond end of device
[  163.038455][T10030] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[  163.042647][T10030] syz.2.1532: attempt to access beyond end of device
[  163.042647][T10030] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[  163.158552][T10038] loop0: detected capacity change from 0 to 256
[  163.372409][T10049] loop1: detected capacity change from 0 to 1764
[  163.375906][T10050] loop2: detected capacity change from 0 to 128
[  163.393524][T10049] iso9660: Corrupted directory entry in block 2 of inode 1920
[  163.466760][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:2' failed: Read-only file system
[  163.482247][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:2' failed: Read-only file system
[  163.554394][T10050] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  163.559115][T10050] ext4 filesystem being mounted at /544/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.667834][ T5844] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.893263][   T51] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  164.032206][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  164.053621][   T51] usb 2-1: Using ep0 maxpacket: 8
[  164.056698][   T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  164.059608][   T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  164.062554][   T51] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  164.074951][   T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.081810][   T51] usb 2-1: config 0 descriptor??
[  164.087340][   T51] hso 2-1:0.0: Can't find BULK IN endpoint
[  164.203311][    T9] usb 3-1: Using ep0 maxpacket: 32
[  164.210291][    T9] usb 3-1: config index 0 descriptor too short (expected 1051, got 27)
[  164.212946][    T9] usb 3-1: config 0 has an invalid interface number: 101 but max is 1
[  164.215844][    T9] usb 3-1: config 0 has an invalid interface number: 33 but max is 1
[  164.218314][    T9] usb 3-1: config 0 has no interface number 0
[  164.220359][    T9] usb 3-1: config 0 has no interface number 1
[  164.222265][    T9] usb 3-1: config 0 interface 101 has no altsetting 0
[  164.224425][    T9] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=59.84
[  164.227419][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.235730][    T9] usb 3-1: config 0 descriptor??
[  164.301464][   T51] usb 2-1: USB disconnect, device number 27
[  164.457634][    T9] usb 3-1: string descriptor 0 read error: -71
[  164.484976][    T9] usb 3-1: USB disconnect, device number 19
[  164.507773][T10074] loop0: detected capacity change from 0 to 2048
[  164.511577][T10074] EXT4-fs: Ignoring removed mblk_io_submit option
[  164.519184][ T5913] udevd[5913]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  164.530372][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  164.540827][T10074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.568002][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.889944][T10082] netlink: 'syz.1.1554': attribute type 1 has an invalid length.
[  164.892470][T10082] netlink: 'syz.1.1554': attribute type 3 has an invalid length.
[  164.894952][T10082] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1554'.
[  165.118801][T10100] netlink: 'syz.2.1562': attribute type 2 has an invalid length.
[  165.121283][T10100] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1562'.
[  165.165700][T10104] loop2: detected capacity change from 0 to 128
[  165.183429][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-label/SYZKALLER.tmp-b7:2' failed: Read-only file system
[  165.188530][ T5913] udevd[5913]: symlink '../../loop2' '/dev/disk/by-uuid/8AF2-7630.tmp-b7:2' failed: Read-only file system
[  165.200267][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-label/SYZKALLER.tmp-b7:2' failed: Read-only file system
[  165.204536][ T5849] udevd[5849]: symlink '../../loop2' '/dev/disk/by-uuid/8AF2-7630.tmp-b7:2' failed: Read-only file system
[  165.422034][ T8302] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  165.582338][ T8302] usb 2-1: Using ep0 maxpacket: 8
[  165.585487][ T8302] usb 2-1: config 0 has an invalid interface number: 38 but max is 0
[  165.588363][ T8302] usb 2-1: config 0 has no interface number 0
[  165.590391][ T8302] usb 2-1: config 0 interface 38 has no altsetting 0
[  165.594439][ T8302] usb 2-1: New USB device found, idVendor=04e6, idProduct=0009, bcdDevice= 2.00
[  165.597728][ T8302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.600188][ T8302] usb 2-1: Product: syz
[  165.601547][ T8302] usb 2-1: Manufacturer: syz
[  165.603209][ T8302] usb 2-1: SerialNumber: syz
[  165.603763][    T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  165.605965][ T8302] usb 2-1: config 0 descriptor??
[  165.613065][ T8302] usb-storage 2-1:0.38: USB Mass Storage device detected
[  165.709695][T10112] loop0: detected capacity change from 0 to 128
[  165.724784][   T33] audit: type=1800 audit(2000000086.758:39): pid=10112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1568" name="file2" dev="loop0" ino=1048618 res=0 errno=0
[  165.751699][T10112] bio_check_eod: 105 callbacks suppressed
[  165.751715][T10112] syz.0.1568: attempt to access beyond end of device
[  165.751715][T10112] loop0: rw=2049, sector=129, nr_sectors = 8 limit=128
[  165.760541][T10112] syz.0.1568: attempt to access beyond end of device
[  165.760541][T10112] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[  165.766238][T10112] syz.0.1568: attempt to access beyond end of device
[  165.766238][T10112] loop0: rw=2049, sector=161, nr_sectors = 1 limit=128
[  165.771899][T10112] Buffer I/O error on dev loop0, logical block 161, lost async page write
[  165.776440][T10112] syz.0.1568: attempt to access beyond end of device
[  165.776440][T10112] loop0: rw=2049, sector=128, nr_sectors = 1 limit=128
[  165.782209][T10112] Buffer I/O error on dev loop0, logical block 128, lost async page write
[  165.786356][T10112] syz.0.1568: attempt to access beyond end of device
[  165.786356][T10112] loop0: rw=2049, sector=137, nr_sectors = 1 limit=128
[  165.792075][T10112] Buffer I/O error on dev loop0, logical block 137, lost async page write
[  165.798735][T10112] syz.0.1568: attempt to access beyond end of device
[  165.798735][T10112] loop0: rw=2049, sector=154, nr_sectors = 1 limit=128
[  165.804669][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  165.809943][T10112] Buffer I/O error on dev loop0, logical block 154, lost async page write
[  165.810095][    T9] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  165.813959][T10112] syz.0.1568: attempt to access beyond end of device
[  165.813959][T10112] loop0: rw=2049, sector=155, nr_sectors = 1 limit=128
[  165.817052][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  165.823022][T10112] Buffer I/O error on dev loop0, logical block 155, lost async page write
[  165.825468][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.831307][T10112] syz.0.1568: attempt to access beyond end of device
[  165.831307][T10112] loop0: rw=2049, sector=156, nr_sectors = 1 limit=128
[  165.836008][T10108] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  165.836199][   T10] usb 2-1: USB disconnect, device number 28
[  165.841427][T10112] Buffer I/O error on dev loop0, logical block 156, lost async page write
[  165.841505][T10112] syz.0.1568: attempt to access beyond end of device
[  165.841505][T10112] loop0: rw=2049, sector=157, nr_sectors = 1 limit=128
[  165.852298][T10112] Buffer I/O error on dev loop0, logical block 157, lost async page write
[  165.855291][T10112] syz.0.1568: attempt to access beyond end of device
[  165.855291][T10112] loop0: rw=2049, sector=158, nr_sectors = 1 limit=128
[  165.855478][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  165.859560][T10112] Buffer I/O error on dev loop0, logical block 158, lost async page write
[  165.859601][T10112] Buffer I/O error on dev loop0, logical block 159, lost async page write
[  165.859650][T10112] Buffer I/O error on dev loop0, logical block 160, lost async page write
[  165.995395][T10118] netlink: 'syz.0.1571': attribute type 4 has an invalid length.
[  166.002555][T10118] netlink: 'syz.0.1571': attribute type 4 has an invalid length.
[  166.084149][T10122] loop0: detected capacity change from 0 to 2048
[  166.091392][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  166.093064][   T24] usb 3-1: USB disconnect, device number 20
[  166.116515][ T5849] udevd[5849]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system
[  166.140938][T10122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.147156][T10122] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  166.154219][T10122] EXT4-fs (loop0): Remounting filesystem read-only
[  166.166491][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.262454][T10130] loop0: detected capacity change from 0 to 2048
[  166.268572][T10130] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.342446][T10132] loop0: detected capacity change from 0 to 4096
[  166.452037][T10137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1580'.
[  166.548464][T10148] IPVS: sh: TCP 172.20.20.170:0 - no destination available
[  166.615728][T10152] loop0: detected capacity change from 0 to 4096
[  166.632105][T10154] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  166.725142][T10158] loop0: detected capacity change from 0 to 512
[  166.752321][T10158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.757443][T10158] ext4 filesystem being mounted at /528/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  166.777146][T10158] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1589: bg 0: block 145: padding at end of block bitmap is not set
[  166.799390][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.864976][T10164] loop0: detected capacity change from 0 to 128
[  167.923124][T10183] loop0: detected capacity change from 0 to 512
[  167.933010][T10183] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  167.939432][T10183] UDF-fs: error (device loop0): udf_read_inode: (ino 19) failed ident=264
[  168.685326][T10197] loop1: detected capacity change from 0 to 512
[  168.983957][   T33] audit: type=1326 audit(2000000089.807:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10203 comm="syz.2.1606" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa82798ebe9 code=0x7ffe0000
[  168.993780][T10211] tunl0: entered promiscuous mode
[  168.998672][T10211] netlink: 'syz.0.1609': attribute type 4 has an invalid length.
[  169.001135][T10211] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1609'.
[  169.093525][T10217] ==================================================================
[  169.096463][T10217] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6ad/0x8d0
[  169.099235][T10217] Read of size 2 at addr ffff88810cda2542 by task syz.1.1612/10217
[  169.102626][T10217] 
[  169.103459][T10217] CPU: 0 UID: 0 PID: 10217 Comm: syz.1.1612 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  169.103471][T10217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  169.103477][T10217] Call Trace:
[  169.103481][T10217]  <TASK>
[  169.103485][T10217]  dump_stack_lvl+0x189/0x250
[  169.103496][T10217]  ? __kasan_check_byte+0x12/0x40
[  169.103508][T10217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.103517][T10217]  ? lock_release+0x4b/0x3e0
[  169.103529][T10217]  ? __virt_addr_valid+0x4a5/0x5c0
[  169.103539][T10217]  print_report+0xca/0x240
[  169.103547][T10217]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  169.103557][T10217]  kasan_report+0x118/0x150
[  169.103567][T10217]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  169.103577][T10217]  __xfrm_state_lookup+0x6ad/0x8d0
[  169.103609][T10217]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  169.103619][T10217]  ? xfrm_state_lookup+0x45/0x1e0
[  169.103629][T10217]  xfrm_state_lookup+0x11e/0x1e0
[  169.103640][T10217]  xfrm_user_state_lookup+0x231/0x370
[  169.103649][T10217]  ? __pfx_xfrm_user_state_lookup+0x10/0x10
[  169.103657][T10217]  ? apparmor_capable+0x137/0x1b0
[  169.103666][T10217]  xfrm_get_sa+0x93/0x290
[  169.103672][T10217]  ? __nla_parse+0x40/0x60
[  169.103682][T10217]  xfrm_user_rcv_msg+0x7a3/0xab0
[  169.103689][T10217]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  169.103701][T10217]  ? __pfx___mutex_trylock_common+0x10/0x10
[  169.103709][T10217]  ? rcu_is_watching+0x15/0xb0
[  169.103717][T10217]  ? trace_contention_end+0x39/0x120
[  169.103724][T10217]  ? __mutex_lock+0x335/0x1360
[  169.103734][T10217]  netlink_rcv_skb+0x208/0x470
[  169.103743][T10217]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  169.103749][T10217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.103759][T10217]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.103767][T10217]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.103775][T10217]  xfrm_netlink_rcv+0x79/0x90
[  169.103782][T10217]  netlink_unicast+0x82f/0x9e0
[  169.103790][T10217]  ? __pfx_netlink_unicast+0x10/0x10
[  169.103798][T10217]  ? netlink_sendmsg+0x642/0xb30
[  169.103806][T10217]  ? skb_put+0x11b/0x210
[  169.103815][T10217]  netlink_sendmsg+0x805/0xb30
[  169.103825][T10217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.103834][T10217]  ? aa_sock_msg_perm+0xf1/0x1d0
[  169.103848][T10217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  169.103856][T10217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.103864][T10217]  __sock_sendmsg+0x21c/0x270
[  169.103872][T10217]  ____sys_sendmsg+0x505/0x830
[  169.103883][T10217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.103895][T10217]  ? import_iovec+0x74/0xa0
[  169.103902][T10217]  ___sys_sendmsg+0x21f/0x2a0
[  169.103912][T10217]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.103927][T10217]  ? __fget_files+0x2a/0x420
[  169.103939][T10217]  ? __fget_files+0x3a0/0x420
[  169.103951][T10217]  __x64_sys_sendmsg+0x19b/0x260
[  169.103961][T10217]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  169.103972][T10217]  ? rcu_is_watching+0x15/0xb0
[  169.103979][T10217]  ? do_syscall_64+0xbe/0x3b0
[  169.103989][T10217]  do_syscall_64+0xfa/0x3b0
[  169.103997][T10217]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.104005][T10217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.104012][T10217]  ? exc_page_fault+0x9f/0xf0
[  169.104020][T10217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.104027][T10217] RIP: 0033:0x7f5b6b38ebe9
[  169.104035][T10217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.104042][T10217] RSP: 002b:00007f5b6c196038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.104050][T10217] RAX: ffffffffffffffda RBX: 00007f5b6b5b5fa0 RCX: 00007f5b6b38ebe9
[  169.104056][T10217] RDX: 0000000024004040 RSI: 00002000000014c0 RDI: 0000000000000003
[  169.104061][T10217] RBP: 00007f5b6b411e19 R08: 0000000000000000 R09: 0000000000000000
[  169.104065][T10217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.104070][T10217] R13: 00007f5b6b5b6038 R14: 00007f5b6b5b5fa0 R15: 00007ffeb8e11e88
[  169.104077][T10217]  </TASK>
[  169.104080][T10217] 
[  169.227774][T10217] Allocated by task 8655:
[  169.229123][T10217]  kasan_save_track+0x3e/0x80
[  169.230602][T10217]  __kasan_slab_alloc+0x6c/0x80
[  169.232143][T10217]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  169.233864][T10217]  xfrm_state_alloc+0x24/0x2f0
[  169.235350][T10217]  __find_acq_core+0x8a7/0x1c00
[  169.236907][T10217]  xfrm_find_acq+0x78/0xa0
[  169.238337][T10217]  xfrm_alloc_userspi+0x6b3/0xc90
[  169.239928][T10217]  xfrm_user_rcv_msg+0x7a3/0xab0
[  169.241571][T10217]  netlink_rcv_skb+0x208/0x470
[  169.243122][T10217]  xfrm_netlink_rcv+0x79/0x90
[  169.244601][T10217]  netlink_unicast+0x82f/0x9e0
[  169.246122][T10217]  netlink_sendmsg+0x805/0xb30
[  169.247602][T10217]  __sock_sendmsg+0x21c/0x270
[  169.249142][T10217]  ____sys_sendmsg+0x505/0x830
[  169.250739][T10217]  ___sys_sendmsg+0x21f/0x2a0
[  169.252238][T10217]  __x64_sys_sendmsg+0x19b/0x260
[  169.253787][T10217]  do_syscall_64+0xfa/0x3b0
[  169.255247][T10217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.257128][T10217] 
[  169.257897][T10217] Freed by task 8302:
[  169.259163][T10217]  kasan_save_track+0x3e/0x80
[  169.260663][T10217]  kasan_save_free_info+0x46/0x50
[  169.262238][T10217]  __kasan_slab_free+0x5b/0x80
[  169.263741][T10217]  kmem_cache_free+0x18f/0x400
[  169.265305][T10217]  xfrm_state_gc_task+0x52d/0x6b0
[  169.266995][T10217]  process_scheduled_works+0xae1/0x17b0
[  169.268856][T10217]  worker_thread+0x8a0/0xda0
[  169.270378][T10217]  kthread+0x711/0x8a0
[  169.271741][T10217]  ret_from_fork+0x3fc/0x770
[  169.273269][T10217]  ret_from_fork_asm+0x1a/0x30
[  169.274798][T10217] 
[  169.275576][T10217] The buggy address belongs to the object at ffff88810cda2400
[  169.275576][T10217]  which belongs to the cache xfrm_state of size 928
[  169.280068][T10217] The buggy address is located 322 bytes inside of
[  169.280068][T10217]  freed 928-byte region [ffff88810cda2400, ffff88810cda27a0)
[  169.284315][T10217] 
[  169.285088][T10217] The buggy address belongs to the physical page:
[  169.287144][T10217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88810cda2400 pfn:0x10cda0
[  169.290391][T10217] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  169.293126][T10217] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  169.295492][T10217] page_type: f5(slab)
[  169.296852][T10217] raw: 057ff00000000040 ffff88801bfbcb40 dead000000000122 0000000000000000
[  169.299651][T10217] raw: ffff88810cda2400 00000000800e000c 00000000f5000000 0000000000000000
[  169.302383][T10217] head: 057ff00000000040 ffff88801bfbcb40 dead000000000122 0000000000000000
[  169.305036][T10217] head: ffff88810cda2400 00000000800e000c 00000000f5000000 0000000000000000
[  169.307690][T10217] head: 057ff00000000002 ffffea0004336801 00000000ffffffff 00000000ffffffff
[  169.310486][T10217] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  169.313213][T10217] page dumped because: kasan: bad access detected
[  169.315257][T10217] page_owner tracks the page as allocated
[  169.317106][T10217] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7443, tgid 7441 (syz.0.566), ts 90928447342, free_ts 46780503319
[  169.323094][T10217]  post_alloc_hook+0x240/0x2a0
[  169.324569][T10217]  get_page_from_freelist+0x21e4/0x22c0
[  169.326407][T10217]  __alloc_frozen_pages_noprof+0x181/0x370
[  169.328333][T10217]  alloc_pages_mpol+0x232/0x4a0
[  169.329880][T10217]  allocate_slab+0x8a/0x370
[  169.331305][T10217]  ___slab_alloc+0xbeb/0x1410
[  169.332826][T10217]  kmem_cache_alloc_noprof+0x283/0x3c0
[  169.334501][T10217]  xfrm_state_alloc+0x24/0x2f0
[  169.336010][T10217]  xfrm_state_find+0x37d4/0x5400
[  169.337602][T10217]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  169.339513][T10217]  xfrm_lookup_with_ifid+0x2a7/0x1a70
[  169.341223][T10217]  xfrm_lookup_route+0x3c/0x1c0
[  169.342819][T10217]  rawv6_sendmsg+0xdab/0x1820
[  169.344376][T10217]  __sock_sendmsg+0x19c/0x270
[  169.345956][T10217]  ____sys_sendmsg+0x52d/0x830
[  169.347537][T10217]  ___sys_sendmsg+0x21f/0x2a0
[  169.349121][T10217] page last free pid 69 tgid 69 stack trace:
[  169.351100][T10217]  __free_frozen_pages+0xbc4/0xd30
[  169.352797][T10217]  __slab_free+0x303/0x3c0
[  169.354258][T10217]  qlist_free_all+0x97/0x140
[  169.355791][T10217]  kasan_quarantine_reduce+0x148/0x160
[  169.357596][T10217]  __kasan_slab_alloc+0x22/0x80
[  169.359204][T10217]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  169.361156][T10217]  __alloc_skb+0x112/0x2d0
[  169.362641][T10217]  rtmsg_ifinfo_build_skb+0x84/0x260
[  169.364380][T10217]  rtmsg_ifinfo+0x8c/0x1a0
[  169.365874][T10217]  netif_state_change+0x29e/0x3a0
[  169.367525][T10217]  linkwatch_do_dev+0x117/0x170
[  169.369157][T10217]  __linkwatch_run_queue+0x56a/0x7e0
[  169.370903][T10217]  linkwatch_event+0x4c/0x60
[  169.372430][T10217]  process_scheduled_works+0xae1/0x17b0
[  169.374259][T10217]  worker_thread+0x8a0/0xda0
[  169.375793][T10217]  kthread+0x711/0x8a0
[  169.377148][T10217] 
[  169.377968][T10217] Memory state around the buggy address:
[  169.379819][T10217]  ffff88810cda2400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  169.382439][T10217]  ffff88810cda2480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  169.385066][T10217] >ffff88810cda2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  169.387690][T10217]                                            ^
[  169.389693][T10217]  ffff88810cda2580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  169.392143][T10217]  ffff88810cda2600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  169.394622][T10217] ==================================================================
[  169.402924][T10217] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  169.405190][T10217] CPU: 0 UID: 0 PID: 10217 Comm: syz.1.1612 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  169.409020][T10217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  169.412139][T10217] Call Trace:
[  169.413206][T10217]  <TASK>
[  169.414158][T10217]  dump_stack_lvl+0x99/0x250
[  169.415621][T10217]  ? __asan_memcpy+0x40/0x70
[  169.417076][T10217]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.418720][T10217]  ? __pfx__printk+0x10/0x10
[  169.420227][T10217]  vpanic+0x281/0x750
[  169.421469][T10217]  ? preempt_schedule+0xae/0xc0
[  169.422999][T10217]  ? __pfx_vpanic+0x10/0x10
[  169.424447][T10217]  ? preempt_schedule_common+0x83/0xd0
[  169.426165][T10217]  ? preempt_schedule+0xae/0xc0
[  169.427718][T10217]  ? __pfx_preempt_schedule+0x10/0x10
[  169.429428][T10217]  panic+0xb9/0xc0
[  169.430619][T10217]  ? __pfx_panic+0x10/0x10
[  169.432048][T10217]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  169.433858][T10217]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  169.435477][T10217]  check_panic_on_warn+0x89/0xb0
[  169.437044][T10217]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  169.438742][T10217]  end_report+0x78/0x160
[  169.440086][T10217]  kasan_report+0x129/0x150
[  169.441490][T10217]  ? __xfrm_state_lookup+0x6ad/0x8d0
[  169.443140][T10217]  __xfrm_state_lookup+0x6ad/0x8d0
[  169.444757][T10217]  ? __pfx___xfrm_state_lookup+0x10/0x10
[  169.446500][T10217]  ? xfrm_state_lookup+0x45/0x1e0
[  169.448096][T10217]  xfrm_state_lookup+0x11e/0x1e0
[  169.449735][T10217]  xfrm_user_state_lookup+0x231/0x370
[  169.451411][T10217]  ? __pfx_xfrm_user_state_lookup+0x10/0x10
[  169.453245][T10217]  ? apparmor_capable+0x137/0x1b0
[  169.454848][T10217]  xfrm_get_sa+0x93/0x290
[  169.456259][T10217]  ? __nla_parse+0x40/0x60
[  169.457689][T10217]  xfrm_user_rcv_msg+0x7a3/0xab0
[  169.459324][T10217]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  169.461168][T10217]  ? __pfx___mutex_trylock_common+0x10/0x10
[  169.463093][T10217]  ? rcu_is_watching+0x15/0xb0
[  169.464572][T10217]  ? trace_contention_end+0x39/0x120
[  169.466295][T10217]  ? __mutex_lock+0x335/0x1360
[  169.467870][T10217]  netlink_rcv_skb+0x208/0x470
[  169.469415][T10217]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  169.471139][T10217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  169.472906][T10217]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.474622][T10217]  ? netlink_deliver_tap+0x2e/0x1b0
[  169.476341][T10217]  xfrm_netlink_rcv+0x79/0x90
[  169.477877][T10217]  netlink_unicast+0x82f/0x9e0
[  169.479417][T10217]  ? __pfx_netlink_unicast+0x10/0x10
[  169.481138][T10217]  ? netlink_sendmsg+0x642/0xb30
[  169.482716][T10217]  ? skb_put+0x11b/0x210
[  169.484115][T10217]  netlink_sendmsg+0x805/0xb30
[  169.485685][T10217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.487393][T10217]  ? aa_sock_msg_perm+0xf1/0x1d0
[  169.489033][T10217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  169.490771][T10217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.492433][T10217]  __sock_sendmsg+0x21c/0x270
[  169.493940][T10217]  ____sys_sendmsg+0x505/0x830
[  169.495520][T10217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.497268][T10217]  ? import_iovec+0x74/0xa0
[  169.498787][T10217]  ___sys_sendmsg+0x21f/0x2a0
[  169.500352][T10217]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.502090][T10217]  ? __fget_files+0x2a/0x420
[  169.503637][T10217]  ? __fget_files+0x3a0/0x420
[  169.505201][T10217]  __x64_sys_sendmsg+0x19b/0x260
[  169.506848][T10217]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  169.508660][T10217]  ? rcu_is_watching+0x15/0xb0
[  169.510259][T10217]  ? do_syscall_64+0xbe/0x3b0
[  169.511762][T10217]  do_syscall_64+0xfa/0x3b0
[  169.513270][T10217]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.515042][T10217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.517045][T10217]  ? exc_page_fault+0x9f/0xf0
[  169.518621][T10217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.520552][T10217] RIP: 0033:0x7f5b6b38ebe9
[  169.522047][T10217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.528302][T10217] RSP: 002b:00007f5b6c196038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.531093][T10217] RAX: ffffffffffffffda RBX: 00007f5b6b5b5fa0 RCX: 00007f5b6b38ebe9
[  169.533710][T10217] RDX: 0000000024004040 RSI: 00002000000014c0 RDI: 0000000000000003
[  169.536298][T10217] RBP: 00007f5b6b411e19 R08: 0000000000000000 R09: 0000000000000000
[  169.538813][T10217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.541395][T10217] R13: 00007f5b6b5b6038 R14: 00007f5b6b5b5fa0 R15: 00007ffeb8e11e88
[  169.543999][T10217]  </TASK>
[  169.545673][T10217] Kernel Offset: disabled
[  169.547111][T10217] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:39:50  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=0000000000000031 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001256 RDI=0000000000001257 RBP=00000000000003f8 RSP=ffffc9000a1869f0
R8 =ffff888021780237 R9 =1ffff110042f0046 R10=dffffc0000000000 R11=ffffffff854e72e0
R12=dffffc0000000000 R13=ffffffff99af18f6 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e735c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f5b6c1966c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b31e13ff8 CR3=000000011d49a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f5b6b587498 00007f5b6b587470 XMM03=00007f5b6b5874a8 00007f5b6b5874a0
XMM04=00007f5b6c0ed100 00007f5b6b587460 XMM05=00007f5b6b587478 00007f5b6b5874c0
XMM06=00007f5b6b5874b8 00007f5b6b5874b0 XMM07=00007f5b6b5874a8 00007f5b6b5874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f5b6b412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81f63226 RBX=dffffc0000000000 RCX=ffff888107eb8000 RDX=0000000000000002
RSI=000000000000037f RDI=000000000000037b RBP=0000000000000000 RSP=ffffc9000a176628
R8 =ffffea0004456637 R9 =1ffffd400088acc6 R10=dffffc0000000000 R11=fffff9400088acc7
R12=1ffff9200142ed05 R13=ffffc9000a176828 R14=000000000000037b R15=000000000000037f
RIP=ffffffff81bfae47 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa8288836c0 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000340 CR3=000000002941c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 ff00000000000000 XMM05=000000000000002d 0000000000302e32
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffff000000 XMM09=323a312d332f312d 332f336273752f32
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
