last executing test programs:

1m40.700558211s ago: executing program 1 (id=439):
r0 = memfd_create(&(0x7f00000000c0)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x4d091, r0, 0x4000000)
fcntl$addseals(r0, 0x409, 0x6)
r1 = openat$udambuf(0xffffff9c, &(0x7f0000000000), 0x2)
ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000040)={r0, 0xffffff, 0x0, 0x1000000})

1m40.62030264s ago: executing program 1 (id=442):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x50}, 0x4, 0x700000000000000}, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1m40.538966862s ago: executing program 1 (id=444):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x64, 0x0, 0x3, 0x1}]})

1m40.481045485s ago: executing program 1 (id=446):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x222)

1m40.416057263s ago: executing program 1 (id=448):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f00000000c0)={{}, {0x0, 0x7}, 0x6, 0x6})

1m40.109781614s ago: executing program 1 (id=453):
r0 = gettid()
timer_create(0x7, &(0x7f0000000780)={0x0, 0x3f, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x5, &(0x7f0000000800)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f0000000840)={{r2, r3+10000000}, {0x0, 0x989680}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x3f, &(0x7f0000000940)={&(0x7f00000008c0)="c46279340cdbc4c261ad9a0c000000c4c2d503f264430fae54bcc0660f638d9b540000c482c5ac2c566742d0430366f30fbae70040d9fa90", 0x40000001, 0x0, {[0x40]}}, 0x0, 0x8, &(0x7f0000000a80))

1m39.9152116s ago: executing program 32 (id=453):
r0 = gettid()
timer_create(0x7, &(0x7f0000000780)={0x0, 0x3f, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
clock_gettime(0x5, &(0x7f0000000800)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f0000000840)={{r2, r3+10000000}, {0x0, 0x989680}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x3f, &(0x7f0000000940)={&(0x7f00000008c0)="c46279340cdbc4c261ad9a0c000000c4c2d503f264430fae54bcc0660f638d9b540000c482c5ac2c566742d0430366f30fbae70040d9fa90", 0x40000001, 0x0, {[0x40]}}, 0x0, 0x8, &(0x7f0000000a80))

1m38.002991311s ago: executing program 2 (id=470):
keyctl$set_reqkey_keyring(0xe, 0x1)
keyctl$set_reqkey_keyring(0xe, 0x1)

1m37.943333973s ago: executing program 2 (id=471):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
listen(r0, 0x8)
accept4$inet(r0, &(0x7f0000000100), 0x0, 0x80800)

1m37.943138582s ago: executing program 2 (id=472):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x1c}], 0x4)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

1m37.633403516s ago: executing program 2 (id=473):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00af268263b121dc03d7d9b98b9cdb76841d31005b31fdfd141b652968fbeae7aac982a517703dc5950f6728aecf5ec337b119ffd66d0a02970718ba573db352906385cece74366e628b6a775c9a6f6fff046416c6240e39a647186c4cf0b360bd17d4cdbd912dc61fd24e6f17d8"], 0x1, 0x152, &(0x7f00000007c0)="$eJzs0E1LKnEUx/Hf3Bnlcq/eBzKwFia0aEjMacRatdBIEtKBwk0rwSYKFCOhXBrRrkXQ1oXlVnwLlrWxRgh7E23cBS0n/o7Rw67977MZ5nsOh2FWlnoqgoAMx3KpuLdvlsvmVnDdSCc3ntrtuOhuAD8/zZ39qziwI54KMDgCRL7xAtu7BXMuXyqI90EcUAEkfjtdg7P7SzSf0+YhSaKp00Bn3Gn6aO9ji47apAIk/r7fsy+AGXHv/9s94BlApRZquZCxbNu2xfeepEJTY5LTm3cZq5sKzwbMUz050fD4ZWTN20skhvPHSDf8EGk1+z0rvWakjV5U1xeimqJpsb5xb6Vi1TMoq54DYPPLPTf8ASULHEvA+XA2uJa8ADr1F6P4Z7E++tfVQzkISJVaPud3NXK+fz8gq5BARERERERERERERERERET0Xa8BAAD//wFeZcY=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000240)=ANY=[], 0x25, 0x2)

1m37.5020491s ago: executing program 2 (id=474):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x1, 0x0, 0x62)

1m37.226359853s ago: executing program 2 (id=476):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x61f, &(0x7f0000001680)="$eJzs3c9rXNUeAPDvnUnSpM17aR+Px2t4DwMuWpCmSS1W3djWhV0ULNiFiIuGJqmh0x80KdhaaAsuFBRE3Bbpxn/AvXTvTgR151qoIhUFLRm5d+6kk+ROk6admaT384GZOffcO3POd05P77n35swNoLTG0qdKxO6IxVNJxEjLuuForBzLt7v367XT6SOJev2NX5JI8rzm9ov56470KYkYjIhvjkb8q7q63PkrV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcyzGYjEPsTW/LyIOpYmC72WrWVcI2zpfDzammv977I+I/8RIVLOlhpGY+6inlQM6ql6NqAMllej/UFLNcUDz2H59x8EnOzwq6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xMoPy3j/rXRW+kjlp2H+GOpdfqeQDnt3LgZEf8tij/J6rYzizSNvxKVlveldZqIiIE8/eoGim4mWs+dPOZ5mEevxCPE39oO6XdxOH9N849usPyxFcvdjh+AcrpzJN+RZ3vjB/u/dOzRHP9EwfhnuGDftRG93v+1H/819/eD2TnyyopxWDpmOVH8kf0rM3788Nin7cpvHf/dv5Zk9WiOBbvh7s2I0RXxf5AN9JKl9k8K2j/d5NTh9ZXx2nc/H2u3bnn8o7e6HX/9dsSewuOfB6PSNPWQ65P7Z+dqMxON58Iyvvr67S/ald/r+NP2394m/pb2r6x8X/qdXFxnGV+euH1uoM264TXjr/w0kDSON5uf8e7UwsKlyYiB5Hi+SUv+gYfXpblN8zPS+Pc+W9z/l/37v7n8c4ZaD2DWcPHNs/fardtI+7dcTF6sr7MO7aTxT6/d/qv6f5r3yTrL+P2ty/9vt64g/og8/qHHCQwAAAAAAABKqJJdg00q40vpSmV8vDFf9t+xvVK7ML/w3OyFy+enI/Zmfw/ZX2le6R5pLCfp8mT+97DN5QMrlp+PiF0R8Vl1KFseP32hNt3r4AEAAAAAAAAAAAAAAAAAAGCT2JHP/2/ep/q3amP+P1ASnbzBHLC56f9QXln/X3WLJ6AM7P+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/wcAAACAp9KuZ+78kETEjZeHskdqIF9X7WnNgE7rL8irX+9BRYCus4+H8lq69G/6P5RO0fh/lT/zHwfsfHWAHkiKMrPBQf3hnf9O4TsBAAAAAAAAAAAAgA7Ys7v9/P91zQ0AtizT/qC8HmP+v58OgC3OT/9DeTnGB9aaxT/YboX5/wAAAAAAAAAAAADQNcPZI6mM53OBh6NSGR+P+EdE7Iz+ZHauNjMREf+MiO+r/dvS5cleVxoAAAAAAAAAAAAAAAAAAACeMvNXrp6dqtVmLrUm/lqV83QnmndB7UJZr8QjviuS7n8tQxHR80bpWKKvJSeJuJG2/Kao2KX52BzVyBI9/o8JAAAAAAAAAAAAAAAAAABKqGXucbHRz7tcIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovgf3/+9cotcxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb098BAAD///yqQiE=")

1m37.118307646s ago: executing program 33 (id=476):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x61f, &(0x7f0000001680)="$eJzs3c9rXNUeAPDvnUnSpM17aR+Px2t4DwMuWpCmSS1W3djWhV0ULNiFiIuGJqmh0x80KdhaaAsuFBRE3Bbpxn/AvXTvTgR151qoIhUFLRm5d+6kk+ROk6admaT384GZOffcO3POd05P77n35swNoLTG0qdKxO6IxVNJxEjLuuForBzLt7v367XT6SOJev2NX5JI8rzm9ov56470KYkYjIhvjkb8q7q63PkrV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcyzGYjEPsTW/LyIOpYmC72WrWVcI2zpfDzammv977I+I/8RIVLOlhpGY+6inlQM6ql6NqAMllej/UFLNcUDz2H59x8EnOzwq6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xMoPy3j/rXRW+kjlp2H+GOpdfqeQDnt3LgZEf8tij/J6rYzizSNvxKVlveldZqIiIE8/eoGim4mWs+dPOZ5mEevxCPE39oO6XdxOH9N849usPyxFcvdjh+AcrpzJN+RZ3vjB/u/dOzRHP9EwfhnuGDftRG93v+1H/819/eD2TnyyopxWDpmOVH8kf0rM3788Nin7cpvHf/dv5Zk9WiOBbvh7s2I0RXxf5AN9JKl9k8K2j/d5NTh9ZXx2nc/H2u3bnn8o7e6HX/9dsSewuOfB6PSNPWQ65P7Z+dqMxON58Iyvvr67S/ald/r+NP2394m/pb2r6x8X/qdXFxnGV+euH1uoM264TXjr/w0kDSON5uf8e7UwsKlyYiB5Hi+SUv+gYfXpblN8zPS+Pc+W9z/l/37v7n8c4ZaD2DWcPHNs/fardtI+7dcTF6sr7MO7aTxT6/d/qv6f5r3yTrL+P2ty/9vt64g/og8/qHHCQwAAAAAAABKqJJdg00q40vpSmV8vDFf9t+xvVK7ML/w3OyFy+enI/Zmfw/ZX2le6R5pLCfp8mT+97DN5QMrlp+PiF0R8Vl1KFseP32hNt3r4AEAAAAAAAAAAAAAAAAAAGCT2JHP/2/ep/q3amP+P1ASnbzBHLC56f9QXln/X3WLJ6AM7P+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/wcAAACAp9KuZ+78kETEjZeHskdqIF9X7WnNgE7rL8irX+9BRYCus4+H8lq69G/6P5RO0fh/lT/zHwfsfHWAHkiKMrPBQf3hnf9O4TsBAAAAAAAAAAAAgA7Ys7v9/P91zQ0AtizT/qC8HmP+v58OgC3OT/9DeTnGB9aaxT/YboX5/wAAAAAAAAAAAADQNcPZI6mM53OBh6NSGR+P+EdE7Iz+ZHauNjMREf+MiO+r/dvS5cleVxoAAAAAAAAAAAAAAAAAAACeMvNXrp6dqtVmLrUm/lqV83QnmndB7UJZr8QjviuS7n8tQxHR80bpWKKvJSeJuJG2/Kao2KX52BzVyBI9/o8JAAAAAAAAAAAAAAAAAABKqGXucbHRz7tcIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovgf3/+9cotcxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb098BAAD///yqQiE=")

36.2420464s ago: executing program 3 (id=1131):
prctl$PR_GET_NO_NEW_PRIVS(0x27)

36.149319273s ago: executing program 3 (id=1133):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x19)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000)

36.072289347s ago: executing program 3 (id=1136):
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000000)=""/179)

36.071950875s ago: executing program 3 (id=1138):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x195011, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)

35.913255819s ago: executing program 3 (id=1140):
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000200)={0x0, 0x79af, 0x0, 0x7ffc, 0x259}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000005200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x627, 0xc104effa, 0x41, 0x0, 0x0)

35.470640332s ago: executing program 3 (id=1142):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000107010100000000000000000a00000a1c000780080001"], 0x30}, 0x1, 0x0, 0x0, 0x4008801}, 0x20008004)

35.184292352s ago: executing program 34 (id=1142):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000107010100000000000000000a00000a1c000780080001"], 0x30}, 0x1, 0x0, 0x0, 0x4008801}, 0x20008004)

3.571986074s ago: executing program 4 (id=1448):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'dummy0\x00', &(0x7f0000000140)=@ethtool_perm_addr={0x18}})

3.571838857s ago: executing program 4 (id=1449):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000003e000701feffffff00000000017c0000000039a0040008000c0001800600060086dd0000080002"], 0x30}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)

3.518086049s ago: executing program 4 (id=1450):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0xf48f)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000240)=0xffffffffffffffff)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x1, 0x885, 0x0, 0x0)

2.994993402s ago: executing program 5 (id=1455):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})

2.994717696s ago: executing program 5 (id=1456):
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x3, 0x2, @thr={&(0x7f0000000000), &(0x7f0000000280)="1e6a1993cf401d7ae45c99db86b84df553ad10ccb72a9fcd60a34e67c839755cdc0c226b56b6a1e7f6fcc32183f098668c40f4ead09c143b6a8aff3ee5d881aca743425950faa2ed0212993aca35"}}, &(0x7f0000000140))
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000846, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@noload}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x4000000, &(0x7f0000000240))
setsockopt$PNPIPE_INITSTATE(r0, 0x113, 0x4, &(0x7f0000000000), 0x4)
ustat(0x1, &(0x7f0000000040))

2.26801366s ago: executing program 4 (id=1458):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
r5 = open(0x0, 0x80242, 0x1df2a23c5997fa5f)
r6 = openat(0xffffffffffffff9c, 0x0, 0x289c2, 0x1)
ioctl$FICLONE(r5, 0x40049409, r6)
keyctl$read(0xb, r4, &(0x7f00000010c0)=""/4096, 0x1000)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)

1.828949025s ago: executing program 5 (id=1459):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0xa, @pix={0x0, 0x0, 0x34565348, 0x0, 0x0, 0x0, 0x25}})

1.728660998s ago: executing program 5 (id=1460):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
write$tun(0xffffffffffffffff, &(0x7f0000000240)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "fc0300", 0x530, 0x2c, 0x0, @local, @mcast2, {[@fragment={0x3a}], @pkt_toobig={0x2, 0x0, 0x0, 0xd93f, {0x4, 0x6, '\x00', 0xf08, 0x11, 0xb9e02c7ea3376920, @mcast2, @dev={0xfe, 0x80, '\x00', 0x12}, [@hopopts={0x4fb560df2bad385d, 0x2, '\x00', [@generic={0x7, 0xf, "55b5d747d5ce5853e308cdbcf10ddd"}]}, @dstopts={0x16, 0x99, '\x00', [@enc_lim, @calipso={0x7, 0x10, {0x4, 0x2, 0x4, 0x6c8, [0x0]}}, @generic={0x2, 0x4b8, "471c193e445fffa682333b6ea5d9758e49d1f56a2cacf058c91036aa2a98b0af004e6f5acbbab33a8a5a9112f348b1a0089ddf5d100402cf846849a5c61cd7554140293b1191985ab08825ff716bc3ec7c318469d1e246d1c2b6f9ac2da9fa05bbc052fd2c1e07394a280e009667ed6f989d69942944973c6d558feda3d1c3358d50dff7bdd2c1fb8021ade354c814396f3fc7c17209d79e6c4952e91a6ec461a7cc945887c3bce662f5449d7b817758d7db37c9b2d74a1e7f0e05c28fce1ed8803f1e214667d299c1bd9653c497bea87774d74ebc16b76bee5c7e6ba19f460cafc8a531b56ea9d086e7f82153806b9840ec4fa711abb32a8728e81b51406040e0c274c260aa9b0b468d88f95b045258ddd448a48b987951e70d75bba7371694f1fb2b1957b4954fb807f86d7c7781697c2304a26e879a066a81d9b4f9ad82632a90632f737b44dc95d5b56a4acfdca287e039c5ebe808b5d585eda8c1543dbc5bf1b6bfc52c5ff2a947bce2327ccfeccfc2ba9df17ea126da5c4bbb54018d4f8277939acd67cd26ce4173968cfb747b74d61eb69503dea36f616de641ed0755b2e37f14dc9a8d86bab92acdfcbb93bed1d4344f2fd9c539d5fda77cbae2bedb79e05fc03e64e253b03bd8ac170e54ee380314727c60a3bc1d689b989710dd0f9a418f90637db3aae7034a9b83e8c843ba835c6a500ae43e840688d0801a882ffb94b7a77bd2314217aac52d296d169395c0b3dc7339a389354e1e4ff0746e6b2e3fc0149a36e75eafc20d51812e984faeecb52ad9b89288bacf21c152290ff2f6781dc761a3e50d88a8b4da3e65782fa959d583c718cf64d09d330c381ae123bea01e7d25eb8f8be911f3928237e3878e505be36bb6852903dff1e77be22ccf3b3e1c8658a5b92c816c6f3f0306a196ec62d5a39ecf36528f18e639b26351b6bc9d1230482e5d8e2c9561de5204d98487364c50f7236c503db3665876f6c04f7f23d1606d36120f62e3fd3de4a7525678e3748905d5a14fa840297c7dda43e13e18fad1453d5c24ddcb4bef61ab494d4f620201993b1b20f339ec6409474a6f104edbe42e0df14633c9a40352f773600b335e6a7ec6f0b0511c6d55fb484696d3b3e2fa4346d26446cba1e2e7ae1de5df058e7c2b52a1d6bb2d2daff1c73a4718541d6b9882891870b3f17442bdc250de45202f7314cd6c3670c3061b9ea658f21e1c362d622316f158968f118a72bef80745a9159f3c77985ecd9bca98ccd482b96ab39701053e30fb4d6d5efc4ba8f33fe18b0df2ab24ad5b2169ed8569cc264f91481fe3accc27448231088f05d996f562fd1950e43313193d23338fc134753ef5127d57161597f99598d546e290123ac1c3df0f5ded6cad9f523e71f7d5ce0b7d41f0d2fc6f911bd6b578f156b7b85dcf90d423e1cb854bb18ddc6801fc30ce76df9c27c1d5d91e06e9209d061b43449d0abdf346c644db465ee610d3ed406af49cce6119a1ec2ac9846350367f99e7255e5be602f0cce16439f3c5beb7276f96f2f9dffc88da05c8b197b90bf4ca75be6d767dc10d1ff883728fcaecbde596ed9b01a456e417fb9ded7431323b19a6fa8f6fd0ec596410a887037ff6a0feb81ce0dffdfdec39a5b04ec962e87bc038e4436b2a8ac00e51bca0976eef42211107422ff30034cc62355fcf65b51325fcd25861ee487c"}]}]}}}}}}, 0x566)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e00"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

1.674930898s ago: executing program 5 (id=1463):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xeffffffa, 0xb, 0xfffffffc, 0xfffffffc, 0x7f, "db5909003a7f000700"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000340)={0x0, 0xfffffffd, 0x8, 0x8, 0xc, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"})
r1 = syz_open_pts(r0, 0x400)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0x2)

1.400796166s ago: executing program 0 (id=1470):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000140)={<r1=>r0})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={r1})

1.3237266s ago: executing program 0 (id=1471):
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000000)=0xe1)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
pipe2(0x0, 0x880)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffff7c, 0x4)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="2e000400010002", 0x7)
connect$packet(r2, 0x0, 0x0)
setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x380000}, 0x8)
shutdown(r2, 0x1)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x30}, 0x0)

1.323497764s ago: executing program 4 (id=1472):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10)

1.230261476s ago: executing program 4 (id=1473):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100009e173610ef171e7206de0102030109021200010000000009040000000206"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

673.781087ms ago: executing program 5 (id=1474):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000ec0)={0x34, &(0x7f0000000c40)={0x20, 0x36}, 0x0, 0x0, 0x0, 0x0, 0x0})

85.410012ms ago: executing program 0 (id=1475):
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x2200, 0x0, 0x0)

85.136276ms ago: executing program 0 (id=1476):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)="9902000012006b9c9e3fe3d86e6c1d0000147ea60864160af36504b68675f8001d000a00a0e69ee517d24460bc24eab556a705251e6182949a36c2151fef08d8cdbf9367b41ad206000000f408000300060100000800050000000000", 0x5c}, {&(0x7f00000000c0)="d557fc16674b56c0a96a733c232d6790c63ca969a688b06e3da58f3c4568bf0a77bdff6f41d7890e18defe94ef1a392dc00dea94a1bfe64982de7cf1c91e1103cc1840210cbb57222bc2bfa30369992a6bc5156c00aeadd359a7991ad1de01feec401dba6d7694a14785839d3c2d67188cd07827c934897de4676743c192c4a4b24f7f8747141a1325d29da89694574c32eba56e5bbc8f80376f3325dd89937e990089294183a4829e21849004c538378d41066cb7de399450b3544067", 0xbd}, {&(0x7f0000000280)="5e191aea3468a5eab1c3d6024b43dece099475c81c53aa9244d866f68b8e31e93b41b432fb0454234620a25706bfb6f01ce01093b7ff634785d8b345ef8f7a928034820bbd37467d1049ac7a724c153c358d6f7efd919bb918734e846598b03733a6f4bbce06471d3a440e14dae67170cbfea76bc33481c28ec2cfad1f3d83ddece3006d5bb30dc4288dd40bd476cc7f94d143c56e54ed4d84b9c1ecc87fc035c7c992767edcfe2218bc6542a6a3a9b879e8aa6d652d277ee640cc15d2e9efe30584ed57ab208ca4db6cf63381804a5ee5950020", 0xd4}, {&(0x7f00000017c0)="fd7617adb877574c4a4489fcaccde0c97bdb2d9d89dba8ab9fc9ebbdcedc770661e1971989a787890de32eebe4008ac8bfafa034add91f6ea4acc741521abecc6cbb4fcfeb61d7d08a8911e59550055d17897194afc1ffd04c18c2506d41bec374a6e5b1ed5fd07db55483fef2dc9ad8ae7c6044b08a303f256ff7e7dd720c72fc0d513110468d44e31a8fc9833d521b95c3b04378ca1c67b4faca350009045628c7f7196510f14ebdc68ba7", 0xac}], 0x4, 0x0, 0x0, 0x1f00c00e}, 0x0)

251.011µs ago: executing program 0 (id=1477):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x40)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, 0x0)

0s ago: executing program 0 (id=1478):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f27, 0x5, 0x2, 0x421, 0x1, 0xcc7, 0x7fffffff, 0x5c952399, 0x5, 0x3ff, 0x2, 0x300, 0x1, 0x1, 0x9, 0x0, 0x0, 0x8, 0xfffffffa, 0x1ff, 0x80000089, 0xa, 0x0, 0x20001e54, 0xffffeadb, 0x3, 0x3d, 0x8, 0x4, 0x8000000, 0xdffffffa]})

kernel console output (not intermixed with test programs):

tadv_slave_1
[  109.405528][ T5876] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.442339][ T5876] veth1_macvtap: left promiscuous mode
[  109.444240][ T5876] veth0_macvtap: left promiscuous mode
[  109.448862][ T5876] veth1_vlan: left promiscuous mode
[  109.451780][ T5876] veth0_vlan: left promiscuous mode
[  109.993713][ T5876] team0 (unregistering): Port device team_slave_1 removed
[  110.006119][ T5897] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  110.025349][ T5876] team0 (unregistering): Port device team_slave_0 removed
[  110.174326][ T5897] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  110.188997][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.192204][ T5897] usb 1-1: Product: syz
[  110.194075][ T5897] usb 1-1: Manufacturer: syz
[  110.197977][ T5897] usb 1-1: SerialNumber: syz
[  110.207390][ T5897] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  110.262012][ T5883] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  110.300224][ T5848] Bluetooth: hci1: command tx timeout
[  110.433380][ T7104] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  110.453388][ T7104] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  110.504362][ T7104] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  110.523492][ T7104] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  110.631859][ T7053] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.681578][ T7053] 8021q: adding VLAN 0 to HW filter on device team0
[  110.715683][ T4990] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.718452][ T4990] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.745901][ T4990] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.748829][ T4990] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.869824][ T7104] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.903032][ T7104] 8021q: adding VLAN 0 to HW filter on device team0
[  110.911405][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.915478][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.935635][  T792] usb 1-1: USB disconnect, device number 12
[  110.952952][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.955994][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.014991][ T5848] Bluetooth: hci0: command tx timeout
[  111.089764][ T7053] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.142011][ T7053] veth0_vlan: entered promiscuous mode
[  111.154864][ T7053] veth1_vlan: entered promiscuous mode
[  111.172582][ T7104] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.186730][ T7053] veth0_macvtap: entered promiscuous mode
[  111.197641][ T7053] veth1_macvtap: entered promiscuous mode
[  111.211720][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.220986][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.235596][ T5872] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.239731][ T5872] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.242738][ T5872] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.247205][ T5872] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.336378][ T5883] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  111.340560][ T5883] ath9k_htc: Failed to initialize the device
[  111.347269][  T792] usb 1-1: ath9k_htc: USB layer deinitialized
[  111.376984][ T4140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.380308][ T4140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.422492][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.428595][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.483383][ T7104] veth0_vlan: entered promiscuous mode
[  111.497105][ T7104] veth1_vlan: entered promiscuous mode
[  111.572551][ T7104] veth0_macvtap: entered promiscuous mode
[  111.580048][ T7104] veth1_macvtap: entered promiscuous mode
[  111.615273][ T7104] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.636443][ T7104] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.659923][ T5876] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.662978][ T5876] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.683485][ T5876] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.714035][ T5876] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.722034][ T7223] loop0: detected capacity change from 0 to 2048
[  111.787033][ T7229] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  111.812993][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.818384][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.847540][ T4140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.862607][ T4140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.898032][ T7229] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  111.914659][ T7229] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  111.928271][ T7229] Remounting filesystem read-only
[  111.949335][ T5855] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  112.116017][ T7226] loop3: detected capacity change from 0 to 32768
[  112.142397][ T7226] ERROR: (device loop3): diRead: i_ino != di_number
[  112.142397][ T7226] 
[  112.349093][ T7250] loop0: detected capacity change from 0 to 512
[  112.352561][ T7250] EXT4-fs: Ignoring removed i_version option
[  112.369681][ T7250] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  112.378435][ T5848] Bluetooth: hci1: command tx timeout
[  112.429605][ T7250] EXT4-fs (loop0): 1 truncate cleaned up
[  112.472035][ T7250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.477129][ T7258] netlink: 14 bytes leftover after parsing attributes in process `syz.4.505'.
[  112.482879][ T7258] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.495777][ T7258] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.510887][ T7258] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.520066][ T7258] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.759761][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.102079][ T5848] Bluetooth: hci0: command tx timeout
[  113.530005][ T7270] loop0: detected capacity change from 0 to 40427
[  113.550618][ T7270] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  113.569818][ T7270] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  113.682893][ T7270] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  113.689116][ T7270] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  113.692832][ T7270] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  113.767459][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.772542][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.778278][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.781466][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.787080][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.790222][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  113.795709][ T5855] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  114.286921][ T7292] loop4: detected capacity change from 0 to 262144
[  114.301755][ T7292] F2FS-fs (loop4): invalid crc value
[  114.349857][ T7292] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  114.364554][ T7292] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  114.506036][ T7323] loop3: detected capacity change from 0 to 512
[  114.536177][ T7323] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  114.866916][ T7337] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.522'.
[  115.194544][ T5848] Bluetooth: hci0: command tx timeout
[  115.617502][ T7370] loop4: detected capacity change from 0 to 512
[  115.634336][ T7370] EXT4-fs (loop4): Test dummy encryption mode enabled
[  115.641236][ T7370] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  115.654863][ T7370] EXT4-fs (loop4): group descriptors corrupted!
[  115.929058][ T7396] loop3: detected capacity change from 0 to 1024
[  116.050018][ T7402] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  116.065661][ T7402] syz.3.540: attempt to access beyond end of device
[  116.065661][ T7402] loop3: rw=0, sector=0, nr_sectors = 2 limit=0
[  116.153132][ T7407] netlink: 'syz.4.543': attribute type 11 has an invalid length.
[  116.265705][ T7409] loop3: detected capacity change from 0 to 8192
[  116.349828][ T5295] udevd[5295]: worker [5983] terminated by signal 33 (Unknown signal 33)
[  116.367295][ T5295] udevd[5295]: worker [5983] failed while handling '/devices/virtual/block/loop3'
[  116.389738][ T7418] loop0: detected capacity change from 0 to 128
[  116.405267][ T7421] netlink: 16 bytes leftover after parsing attributes in process `syz.3.546'.
[  116.433089][ T7418] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  116.441760][ T7418] ext4 filesystem being mounted at /198/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  116.518939][ T7428] EXT4-fs (loop0): shut down requested (1)
[  116.571307][ T5855] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  116.683086][ T7435] team0: entered promiscuous mode
[  116.685309][ T7435] team_slave_0: entered promiscuous mode
[  116.687879][ T7435] team_slave_1: entered promiscuous mode
[  116.691778][ T7435] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  116.696725][ T7435] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  116.854557][ T7424] loop4: detected capacity change from 0 to 32768
[  117.187308][ T7469] [U] 
[  117.188640][ T7469] [U] 
[  117.189582][ T7469] [U] 
[  117.190546][ T7469] [U] 
[  117.191950][ T7469] [U] 
[  117.193010][ T7469] [U] 
[  117.193986][ T7469] [U] 
[  117.194873][ T7469] [U] 
[  117.196927][ T7469] [U] 
[  117.198085][ T7469] [U] 
[  117.199054][ T7469] [U] 
[  117.201225][ T7468] [U] 
[  117.322599][ T7479] netlink: 51 bytes leftover after parsing attributes in process `syz.4.570'.
[  117.401004][ T7485] loop3: detected capacity change from 0 to 256
[  117.439986][ T7487] netlink: 20 bytes leftover after parsing attributes in process `syz.4.573'.
[  117.529002][ T7491] ieee802154 phy0 wpan0: encryption failed: -22
[  117.711670][ T7502] loop3: detected capacity change from 0 to 1024
[  117.747500][   T33] audit: type=1800 audit(1755107616.629:6): pid=7502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.580" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=25 res=0 errno=0
[  117.841570][ T7507] loop4: detected capacity change from 0 to 256
[  117.850424][ T7507] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  117.932569][ T7509] block nbd3: shutting down sockets
[  118.014781][ T7512] netlink: 60 bytes leftover after parsing attributes in process `syz.4.584'.
[  118.064574][ T7518] sock: sock_set_timeout: `syz.3.587' (pid 7518) tries to set negative timeout
[  118.422614][ T5911] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  118.593732][ T5911] usb 1-1: Using ep0 maxpacket: 16
[  118.605285][ T5911] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.609702][ T5911] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.613665][ T5911] usb 1-1: config 0 interface 0 has no altsetting 0
[  118.617209][ T5911] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  118.648084][ T5911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.661186][ T5911] usb 1-1: config 0 descriptor??
[  118.889085][ T7524] loop0: detected capacity change from 0 to 512
[  118.927336][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  119.106827][    T9] usb 4-1: Using ep0 maxpacket: 8
[  119.116453][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.117750][ T5911] hid (null): unknown global tag 0xd
[  119.123213][ T5911] hid (null): invalid report_count 33026
[  119.125589][ T5911] hid (null): unknown global tag 0xe
[  119.127932][ T5911] hid (null): global environment stack underflow
[  119.128865][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.131315][ T5911] hid (null): invalid report_size 30046
[  119.136570][    T9] usb 4-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  119.137109][ T5911] hid (null): unknown global tag 0xe
[  119.143022][ T5911] hid (null): unknown global tag 0xe
[  119.146758][ T5911] hid (null): global environment stack underflow
[  119.150448][ T5911] hid (null): unknown global tag 0xc
[  119.152745][ T5911] hid (null): unknown global tag 0xe
[  119.155176][ T5911] hid (null): unknown global tag 0x7a
[  119.157551][ T5911] hid (null): invalid report_count 1147629863
[  119.157645][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.174228][    T9] usb 4-1: config 0 descriptor??
[  119.343883][ T5850] usb 1-1: USB disconnect, device number 13
[  119.369242][ T7576] loop4: detected capacity change from 0 to 32768
[  119.384443][ T7576] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.616 (7576)
[  119.406467][ T7576] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  119.421344][ T7576] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  119.425293][ T7576] BTRFS info (device loop4): disk space caching is enabled
[  119.428950][ T7576] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  119.482827][ T7576] BTRFS info (device loop4): rebuilding free space tree
[  119.503832][ T7576] BTRFS info (device loop4): disabling free space tree
[  119.506197][ T7576] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  119.510178][ T7576] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  119.567817][ T7576] BTRFS info (device loop4): balance: start -d -m
[  119.579722][ T7576] BTRFS info (device loop4): relocating block group 6881280 flags data|metadata
[  119.633583][    T9] cherry 0003:046A:0027.0008: fixing up Cherry Cymotion report descriptor
[  119.639027][ T7576] BTRFS info (device loop4): balance: paused
[  119.641462][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x0
[  119.642058][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x0
[  119.647117][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x0
[  119.649956][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x6
[  119.658574][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x5
[  119.661458][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x4
[  119.669092][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x0
[  119.672616][    T9] cherry 0003:046A:0027.0008: unknown main item tag 0x0
[  119.688243][    T9] cherry 0003:046A:0027.0008: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.3-1/input0
[  119.730494][ T7104] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  119.871797][ T5911] usb 4-1: USB disconnect, device number 2
[  120.009141][ T7606] loop0: detected capacity change from 0 to 256
[  120.122341][ T5883] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  120.283634][ T5883] usb 5-1: Using ep0 maxpacket: 32
[  120.288429][ T7618] loop0: detected capacity change from 0 to 4096
[  120.291299][ T5883] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  120.295734][ T5883] usb 5-1: config 0 has no interface number 0
[  120.305339][ T5883] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  120.315445][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.318830][ T5883] usb 5-1: Product: syz
[  120.320570][ T5883] usb 5-1: Manufacturer: syz
[  120.321950][ T7619] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  120.329253][ T5883] usb 5-1: SerialNumber: syz
[  120.333648][ T5883] usb 5-1: config 0 descriptor??
[  120.339075][ T5883] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  120.452837][ T7621] sctp: [Deprecated]: syz.0.628 (pid 7621) Use of struct sctp_assoc_value in delayed_ack socket option.
[  120.452837][ T7621] Use struct sctp_sack_info instead
[  120.548031][ T7625] loop3: detected capacity change from 0 to 4096
[  120.569521][ T7625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.572644][ T5883] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  120.601885][ T5883] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  120.696953][ T7053] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.800613][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  120.801981][    T9] usb 5-1: USB disconnect, device number 2
[  120.826831][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  120.838977][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  120.843130][    T9] quatech2 5-1:0.51: device disconnected
[  120.936410][ T7644] loop3: detected capacity change from 0 to 4096
[  121.050829][ T7653] loop3: detected capacity change from 0 to 1024
[  121.226043][ T7662] loop3: detected capacity change from 0 to 4096
[  121.229920][ T7662] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  121.253627][ T7662] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  121.259905][ T7662] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  121.350290][ T7673] netem: unknown loss type 0
[  121.355806][ T7673] netem: change failed
[  121.673719][    T9] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  121.699734][ T7690] netlink: 76 bytes leftover after parsing attributes in process `syz.4.658'.
[  121.898672][    T9] usb 4-1: config 0 has no interfaces?
[  121.910934][    T9] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  121.914760][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.925117][    T9] usb 4-1: config 0 descriptor??
[  122.057433][ T5897] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  122.165124][ T5910] usb 4-1: USB disconnect, device number 3
[  122.223799][ T5897] usb 5-1: config index 0 descriptor too short (expected 63186, got 210)
[  122.227999][ T5897] usb 5-1: config 0 has an invalid interface number: 106 but max is 0
[  122.232104][ T5897] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.236275][ T5897] usb 5-1: config 0 has no interface number 0
[  122.240272][ T5897] usb 5-1: config 0 interface 106 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  122.243994][ T5897] usb 5-1: config 0 interface 106 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  122.247688][ T5897] usb 5-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  122.254857][ T5897] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  122.258589][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=64
[  122.263438][ T5897] usb 5-1: SerialNumber: syz
[  122.268582][ T5897] usb 5-1: config 0 descriptor??
[  122.302655][ T5897] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  122.524279][ T5876] usb 5-1: Failed to submit usb control message: -71
[  122.524957][ T5910] usb 5-1: USB disconnect, device number 3
[  122.526976][ T5876] usb 5-1: unable to send the bmi data to the device: -71
[  122.532098][ T5876] usb 5-1: unable to get target info from device
[  122.534238][ T5876] usb 5-1: could not get target info (-71)
[  122.536498][ T5876] usb 5-1: could not probe fw (-71)
[  123.030440][ T7712] loop3: detected capacity change from 0 to 2368
[  123.361625][ T7726] loop4: detected capacity change from 0 to 256
[  123.590063][ T7736] netlink: 'syz.4.673': attribute type 34 has an invalid length.
[  123.752308][ T7742] loop4: detected capacity change from 0 to 2048
[  123.772924][ T7743] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  123.816128][ T7742] NILFS (loop4): error -2 truncating bmap (ino=16)
[  123.850140][ T7743] NILFS (loop4): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3)
[  123.855748][ T7743] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=16)
[  123.861189][ T7743] Remounting filesystem read-only
[  123.867419][ T7104] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  124.054921][ T7749] loop3: detected capacity change from 0 to 512
[  124.090691][ T7749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.096822][ T7749] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.342335][ T7757] syz.4.680: attempt to access beyond end of device
[  124.342335][ T7757] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[  124.350646][ T7757] MINIX-fs: unable to read superblock
[  124.375955][ T7053] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.775076][ T7763] loop3: detected capacity change from 0 to 32768
[  124.799415][ T7763] JBD2: Ignoring recovery information on journal
[  124.845020][ T7763] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  124.929568][ T7791] netlink: 'syz.0.693': attribute type 10 has an invalid length.
[  124.932199][ T7791] netlink: 40 bytes leftover after parsing attributes in process `syz.0.693'.
[  124.936531][ T7791] batadv0: entered promiscuous mode
[  124.943435][ T7791] batadv0: entered allmulticast mode
[  124.946953][ T7791] bridge0: port 3(batadv0) entered blocking state
[  124.949095][ T7791] bridge0: port 3(batadv0) entered disabled state
[  124.954330][ T7791] bridge0: port 3(batadv0) entered blocking state
[  124.956656][ T7791] bridge0: port 3(batadv0) entered forwarding state
[  124.976468][ T7053] ocfs2: Unmounting device (7,3) on (node local)
[  125.365460][ T7804] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  125.456400][   T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  125.460967][   T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  125.764677][ T7806] overlayfs: missing 'workdir'
[  125.804323][ T7808] netlink: 'syz.3.699': attribute type 29 has an invalid length.
[  125.976177][   T33] audit: type=1326 audit(1755107625.331:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.4.704" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0d598ebe9 code=0x0
[  126.119730][ T5883] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  126.282203][ T5883] usb 4-1: config 16 has an invalid interface number: 131 but max is 0
[  126.285886][ T5883] usb 4-1: config 16 has no interface number 0
[  126.288713][ T5883] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  126.292616][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.301073][ T5883] usb-storage 4-1:16.131: USB Mass Storage device detected
[  126.320564][ T5883] usb-storage 4-1:16.131: Quirks match for vid 04e6 pid 000b: 4
[  126.516513][ T5883] usb 4-1: USB disconnect, device number 4
[  126.534205][ T5850] kernel read not supported for file /dsp (pid: 5850 comm: kworker/0:3)
[  126.584518][ T7839] binder: 7837:7839 unknown command 24
[  126.587047][ T7839] binder: 7837:7839 ioctl c0306201 200000000280 returned -22
[  126.629487][ T7843] befs: (nbd0): No write support. Marking filesystem read-only
[  126.633853][ T7843] syz.0.707: attempt to access beyond end of device
[  126.633853][ T7843] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0
[  126.640577][ T7843] befs: (nbd0): unable to read superblock
[  126.981178][ T7865] loop4: detected capacity change from 0 to 1024
[  126.992142][ T7865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.997026][ T7865] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.997067][ T7851] loop0: detected capacity change from 0 to 32768
[  127.004660][ T7851] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.709 (7851)
[  127.009454][ T7865] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 1: comm syz.4.711: lblock 1 mapped to illegal pblock 1 (length 1)
[  127.019786][ T7851] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.021952][ T7865] EXT4-fs error (device loop4): ext4_ext_remove_space:2955: inode #15: comm syz.4.711: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  127.024115][ T7851] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  127.033319][ T7865] EXT4-fs error (device loop4) in ext4_setattr:6071: Corrupt filesystem
[  127.041663][ T7851] BTRFS info (device loop0): using free-space-tree
[  127.080442][ T7104] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.153876][ T5855] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.437605][ T7897] mmap: syz.3.717 (7897) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  128.162935][ T5897] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  128.343502][ T5897] usb 1-1: Using ep0 maxpacket: 32
[  128.352638][ T5897] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  128.362750][ T5897] usb 1-1: config 0 has no interface number 0
[  128.372072][ T5897] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  128.382632][ T5897] usb 1-1: config 0 interface 85 has no altsetting 0
[  128.394249][ T5897] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  128.397703][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.400575][ T5897] usb 1-1: Product: syz
[  128.402127][ T5897] usb 1-1: Manufacturer: syz
[  128.403815][ T5897] usb 1-1: SerialNumber: syz
[  128.413667][ T5897] usb 1-1: config 0 descriptor??
[  128.632454][ T5850] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  128.810229][ T5850] usb 4-1: Using ep0 maxpacket: 32
[  128.815700][ T5850] usb 4-1: config 0 has an invalid interface number: 54 but max is 0
[  128.818777][ T5850] usb 4-1: config 0 has no interface number 0
[  128.820982][ T5850] usb 4-1: config 0 interface 54 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  128.835174][ T5850] usb 4-1: config 0 interface 54 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  128.838540][ T5850] usb 4-1: config 0 interface 54 has no altsetting 0
[  128.849874][ T5850] usb 4-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=46.42
[  128.853160][ T5850] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.855861][ T5850] usb 4-1: Product: syz
[  128.865336][ T5850] usb 4-1: Manufacturer: syz
[  128.869464][ T5850] usb 4-1: SerialNumber: syz
[  128.873678][ T5850] usb 4-1: config 0 descriptor??
[  128.878375][ T7920] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  128.881826][ T7920] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  128.958057][ T7940] veth1_to_batadv: entered promiscuous mode
[  129.081161][ T5897] appletouch 1-1:0.85: Geyser mode initialized.
[  129.085450][ T5897] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input9
[  129.128632][ T5850] ums_eneub6250 4-1:0.54: USB Mass Storage device detected
[  129.147705][ T5850] scsi host6: usb-storage 4-1:0.54
[  129.231884][ T5850] ums_eneub6250 4-1:0.54: probe with driver ums_eneub6250 failed with error 3
[  129.251260][ T5850] usb 4-1: USB disconnect, device number 5
[  129.276904][ T7962] Invalid option length (0) for dns_resolver key
[  129.292707][ T5897] usb 1-1: USB disconnect, device number 14
[  129.322095][ T5897] appletouch 1-1:0.85: input: appletouch disconnected
[  129.559786][ T7983] netlink: 72 bytes leftover after parsing attributes in process `syz.4.736'.
[  129.849263][ T7995] loop3: detected capacity change from 0 to 4096
[  129.883663][ T8002] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  129.924183][ T7053] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[  129.948035][ T7053] Remounting filesystem read-only
[  129.950205][ T7053] NILFS error (device loop3): nilfs_readdir: bad page in #2
[  129.993604][ T7053] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=8192, inode=0, rec_len=0, name_len=0
[  129.999977][ T7053] NILFS error (device loop3): nilfs_readdir: bad page in #2
[  131.079554][ T8058] openvswitch: netlink: Multiple metadata blocks provided
[  131.119227][ T8060] netlink: 20 bytes leftover after parsing attributes in process `syz.4.758'.
[  131.264164][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  131.345000][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.4.761'.
[  131.358417][ T8066] netlink: 4 bytes leftover after parsing attributes in process `syz.4.761'.
[  131.424849][ T8068] netlink: 'syz.4.762': attribute type 7 has an invalid length.
[  131.443644][    T9] usb 1-1: Using ep0 maxpacket: 8
[  131.449636][    T9] usb 1-1: config 4 has an invalid interface number: 244 but max is 0
[  131.452481][    T9] usb 1-1: config 4 has no interface number 0
[  131.465028][    T9] usb 1-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7
[  131.469097][    T9] usb 1-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0
[  131.472498][    T9] usb 1-1: config 4 interface 244 has no altsetting 0
[  131.479400][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa
[  131.482564][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.485477][    T9] usb 1-1: Product: syz
[  131.497386][    T9] usb 1-1: Manufacturer: syz
[  131.499033][    T9] usb 1-1: SerialNumber: syz
[  131.729022][    T9] ipheth 1-1:4.244: Unable to find endpoints
[  131.745231][    T9] usb 1-1: USB disconnect, device number 15
[  131.786401][ T8070] loop4: detected capacity change from 0 to 40427
[  131.791214][ T8070] F2FS-fs (loop4): Image doesn't support compression
[  131.794067][ T8070] F2FS-fs (loop4): build fault injection rate: 690
[  131.800860][ T8070] F2FS-fs (loop4): invalid crc value
[  131.877033][ T8070] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  131.881546][ T8070] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  131.911574][ T8070] syz.4.763: attempt to access beyond end of device
[  131.911574][ T8070] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.955327][ T7104] syz-executor: attempt to access beyond end of device
[  131.955327][ T7104] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  131.964212][ T7104] CPU: 0 UID: 0 PID: 7104 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  131.964233][ T7104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  131.964241][ T7104] Call Trace:
[  131.964246][ T7104]  <TASK>
[  131.964251][ T7104]  dump_stack_lvl+0x189/0x250
[  131.964274][ T7104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.964290][ T7104]  ? __pfx_queue_work_on+0x10/0x10
[  131.964332][ T7104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  131.964348][ T7104]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  131.964371][ T7104]  f2fs_handle_critical_error+0x37c/0x540
[  131.964392][ T7104]  f2fs_write_end_io+0x886/0xb60
[  131.964426][ T7104]  __submit_merged_bio+0x27a/0x6a0
[  131.964447][ T7104]  __submit_merged_write_cond+0x255/0x530
[  131.964468][ T7104]  f2fs_write_data_pages+0x261d/0x3000
[  131.964514][ T7104]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  131.964542][ T7104]  ? arch_stack_walk+0xfc/0x150
[  131.964581][ T7104]  ? __mod_zone_page_state+0xd7/0x140
[  131.964607][ T7104]  ? folios_put_refs+0x560/0x640
[  131.964630][ T7104]  ? __pfx_folios_put_refs+0x10/0x10
[  131.964642][ T7104]  ? rcu_is_watching+0x15/0xb0
[  131.964662][ T7104]  ? __lock_acquire+0xab9/0xd20
[  131.964695][ T7104]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  131.964712][ T7104]  do_writepages+0x32e/0x550
[  131.964739][ T7104]  ? do_raw_spin_unlock+0x4d/0x240
[  131.964758][ T7104]  filemap_fdatawrite+0x199/0x240
[  131.964775][ T7104]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  131.964831][ T7104]  ? do_raw_spin_unlock+0x4d/0x240
[  131.964850][ T7104]  f2fs_sync_dirty_inodes+0x31f/0x830
[  131.964881][ T7104]  f2fs_write_checkpoint+0x95a/0x1df0
[  131.964920][ T7104]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  131.964977][ T7104]  ? kill_f2fs_super+0x298/0x6c0
[  131.965004][ T7104]  kill_f2fs_super+0x2c3/0x6c0
[  131.965025][ T7104]  ? __pfx_kill_f2fs_super+0x10/0x10
[  131.965039][ T7104]  ? radix_tree_delete_item+0x2b6/0x400
[  131.965061][ T7104]  ? shrinker_free+0x2ce/0x3e0
[  131.965076][ T7104]  deactivate_locked_super+0xbc/0x130
[  131.965093][ T7104]  cleanup_mnt+0x425/0x4c0
[  131.965106][ T7104]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.965121][ T7104]  task_work_run+0x1d4/0x260
[  131.965140][ T7104]  ? __pfx_task_work_run+0x10/0x10
[  131.965154][ T7104]  ? __x64_sys_umount+0x122/0x160
[  131.965175][ T7104]  ? exit_to_user_mode_loop+0x40/0x110
[  131.965197][ T7104]  exit_to_user_mode_loop+0xec/0x110
[  131.965214][ T7104]  do_syscall_64+0x2bd/0x3b0
[  131.965228][ T7104]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.965241][ T7104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.965253][ T7104]  ? exc_page_fault+0x9f/0xf0
[  131.965268][ T7104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.965280][ T7104] RIP: 0033:0x7fa0d598ff17
[  131.965294][ T7104] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  131.965335][ T7104] RSP: 002b:00007ffd9631b1e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  131.965349][ T7104] RAX: 0000000000000000 RBX: 00007fa0d5a11c05 RCX: 00007fa0d598ff17
[  131.965357][ T7104] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9631b2a0
[  131.965364][ T7104] RBP: 00007ffd9631b2a0 R08: 0000000000000000 R09: 0000000000000000
[  131.965371][ T7104] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9631c330
[  131.965379][ T7104] R13: 00007fa0d5a11c05 R14: 000000000001fe9c R15: 00007ffd9631c370
[  131.965402][ T7104]  </TASK>
[  131.965408][ T7104] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  132.483796][ T8094] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[  133.099171][ T8099] befs: (nullb0): invalid magic header
[  133.567814][ T8091] loop0: detected capacity change from 0 to 32768
[  133.574897][ T8091] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.772 (8091)
[  133.634381][ T8091] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  133.664709][ T8091] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  133.670340][ T8091] BTRFS error (device loop0): nologreplay must be used with ro mount option
[  133.674075][ T8091] BTRFS info (device loop0): using free-space-tree
[  133.677441][ T8091] BTRFS error (device loop0): open_ctree failed: -22
[  133.679683][ T8103] loop4: detected capacity change from 0 to 512
[  133.703438][ T8103] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  133.715052][ T8103] EXT4-fs (loop4): invalid journal inode
[  133.717707][ T8103] EXT4-fs (loop4): can't get journal size
[  133.743716][ T8103] EXT4-fs (loop4): 1 truncate cleaned up
[  133.756998][ T8103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.929890][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  133.932652][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  133.984009][ T7104] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.487931][ T8122] loop3: detected capacity change from 0 to 32768
[  134.498931][ T8122] JBD2: Ignoring recovery information on journal
[  134.547328][ T8122] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  134.571766][ T8122] (syz.3.779,8122,0):ocfs2_get_suballoc_slot_bit:2819 ERROR: invalid inode 8192 requested
[  134.576214][ T8122] (syz.3.779,8122,0):ocfs2_get_suballoc_slot_bit:2844 ERROR: status = -22
[  134.580825][ T8122] (syz.3.779,8122,0):ocfs2_test_inode_bit:2926 ERROR: get alloc slot and bit failed -22
[  134.584821][ T8122] (syz.3.779,8122,0):ocfs2_test_inode_bit:2967 ERROR: status = -22
[  134.634495][ T7053] ocfs2: Unmounting device (7,3) on (node local)
[  135.337416][ T8154] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  136.159682][ T8159] loop3: detected capacity change from 0 to 32768
[  136.162396][ T8165] netlink: 44 bytes leftover after parsing attributes in process `syz.4.796'.
[  136.323443][ T8159] bcachefs (loop3): starting version 1.13: inode_has_child_snapshots
[  136.323461][ T8159]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  136.332798][ T8159] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  136.336572][ T8159] bcachefs (loop3): recovering from clean shutdown, journal seq 8
[  136.340527][ T8159] bcachefs (loop3): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  136.340527][ T8159]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  136.408467][ T8159] bcachefs (loop3): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[  136.414068][ T8159] bcachefs (loop3): check_topology... done
[  136.420759][ T8159] bcachefs (loop3): accounting_read... done
[  136.430879][ T8159] bcachefs (loop3): alloc_read... done
[  136.435939][ T8159] bcachefs (loop3): snapshots_read... done
[  136.440072][ T8159] bcachefs (loop3): check_allocations...
[  136.459615][ T8159] bcachefs (loop3): bucket 0:78 gen 0 has wrong data_type: got btree, should be need_discard, fixing
[  136.467933][ T8159] bcachefs (loop3): bucket 0:78 gen 0 data type need_discard has wrong dirty_sectors: got 64, should be 0, fixing
[  136.486403][ T8159]  done
[  136.511951][ T8159] bcachefs (loop3): going read-write
[  136.562461][ T8159] bcachefs (loop3): journal_replay... done
[  136.748089][ T8159] bcachefs (loop3): check_lrus... done
[  136.752726][ T8159] bcachefs (loop3): check_backpointers_to_extents... done
[  136.771228][ T8159] bcachefs (loop3): check_extents_to_backpointers... done
[  136.779446][ T8159] bcachefs (loop3): check_inodes... done
[  136.784065][ T8159] bcachefs (loop3): resume_logged_ops... done
[  136.788586][ T8159] bcachefs (loop3): delete_dead_inodes... done
[  136.808465][ T8159] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[  136.812056][ T8159] bcachefs (loop3): check_extents_to_backpointers...
[  136.813159][ T8159] bcachefs (loop3): scanning for missing backpointers in 1/512 buckets
[  136.827086][ T8159]  done
[  136.834980][ T8159] bcachefs (loop3): check_inodes... done
[  136.839650][ T8159] bcachefs (loop3): resume_logged_ops... done
[  136.851049][ T8159] bcachefs (loop3): delete_dead_inodes... done
[  136.879775][ T8159] bcachefs (loop3): done starting filesystem
[  137.019314][ T8159] syz.3.793 (8159) used greatest stack depth: 15112 bytes left
[  137.049760][ T7053] bcachefs (loop3): shutting down
[  137.052782][ T7053] bcachefs (loop3): going read-only
[  137.055481][ T7053] bcachefs (loop3): finished waiting for writes to stop
[  137.077631][ T7053] bcachefs (loop3): flushing journal and stopping allocators, journal seq 18
[  137.085519][ T7053] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 18
[  137.092818][ T7053] bcachefs (loop3): clean shutdown complete, journal seq 19
[  137.096460][ T7053] bcachefs (loop3): marking filesystem clean
[  137.164135][ T7053] bcachefs (loop3): shutdown complete
[  137.805253][ T8207] netlink: 8 bytes leftover after parsing attributes in process `syz.4.806'.
[  137.975457][  T792] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  138.146357][  T792] usb 1-1: Using ep0 maxpacket: 16
[  138.153788][  T792] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  138.157132][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.159645][  T792] usb 1-1: Product: syz
[  138.161330][  T792] usb 1-1: Manufacturer: syz
[  138.164815][  T792] usb 1-1: SerialNumber: syz
[  138.176897][  T792] r8152-cfgselector 1-1: Unknown version 0x0000
[  138.179643][  T792] r8152-cfgselector 1-1: config 0 descriptor??
[  138.406363][  T792] r8152-cfgselector 1-1: Needed 2 retries to read version
[  138.409449][  T792] r8152-cfgselector 1-1: Unknown version 0x0000
[  138.414531][  T792] r8152-cfgselector 1-1: bad CDC descriptors
[  138.433708][ T5883] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  138.600898][ T5883] usb 5-1: config 7 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 55911, setting to 64
[  138.606556][ T5883] usb 5-1: config 7 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  138.606575][ T8242] netlink: 'syz.3.799': attribute type 4 has an invalid length.
[  138.611913][ T5883] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  138.619230][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.629465][  T792] r8152-cfgselector 1-1: USB disconnect, device number 16
[  138.637325][ T8232] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  138.860554][    T9] usb 5-1: USB disconnect, device number 4
[  138.957914][ T5883] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  139.140891][ T5883] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  139.144701][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.150182][ T5883] usb 4-1: config 0 descriptor??
[  139.154065][ T5883] cp210x 4-1:0.0: cp210x converter detected
[  139.209575][ T8268] netlink: 'syz.0.820': attribute type 2 has an invalid length.
[  139.537191][ T8288] loop0: detected capacity change from 0 to 1024
[  139.593384][ T5883] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  139.629739][ T5883] usb 4-1: cp210x converter now attached to ttyUSB0
[  139.825895][ T5883] usb 4-1: USB disconnect, device number 6
[  139.829716][ T5883] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  139.847620][ T5883] cp210x 4-1:0.0: device disconnected
[  139.904609][ T8314] loop0: detected capacity change from 0 to 40427
[  139.951232][ T8314] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  139.955907][ T8314] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  139.974603][ T5855] syz-executor: attempt to access beyond end of device
[  139.974603][ T5855] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  139.982344][ T5855] CPU: 0 UID: 0 PID: 5855 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  139.982359][ T5855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  139.982364][ T5855] Call Trace:
[  139.982367][ T5855]  <TASK>
[  139.982371][ T5855]  dump_stack_lvl+0x189/0x250
[  139.982387][ T5855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.982396][ T5855]  ? __pfx_queue_work_on+0x10/0x10
[  139.982403][ T5855]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  139.982412][ T5855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  139.982424][ T5855]  f2fs_handle_critical_error+0x37c/0x540
[  139.982437][ T5855]  f2fs_write_end_io+0x886/0xb60
[  139.982455][ T5855]  __submit_merged_bio+0x27a/0x6a0
[  139.982466][ T5855]  __submit_merged_write_cond+0x255/0x530
[  139.982477][ T5855]  f2fs_write_data_pages+0x261d/0x3000
[  139.982500][ T5855]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  139.982530][ T5855]  ? folios_put_refs+0x559/0x640
[  139.982544][ T5855]  ? __lock_acquire+0xab9/0xd20
[  139.982557][ T5855]  ? do_raw_spin_lock+0x121/0x290
[  139.982570][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[  139.982579][ T5855]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  139.982589][ T5855]  do_writepages+0x32e/0x550
[  139.982603][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[  139.982613][ T5855]  filemap_fdatawrite+0x199/0x240
[  139.982624][ T5855]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  139.982651][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[  139.982661][ T5855]  f2fs_sync_dirty_inodes+0x31f/0x830
[  139.982697][ T5855]  f2fs_write_checkpoint+0x95a/0x1df0
[  139.982718][ T5855]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  139.982746][ T5855]  ? kill_f2fs_super+0x298/0x6c0
[  139.982758][ T5855]  kill_f2fs_super+0x2c3/0x6c0
[  139.982771][ T5855]  ? __pfx_kill_f2fs_super+0x10/0x10
[  139.982780][ T5855]  ? radix_tree_delete_item+0x2b6/0x400
[  139.982792][ T5855]  ? shrinker_free+0x2ce/0x3e0
[  139.982801][ T5855]  deactivate_locked_super+0xbc/0x130
[  139.982811][ T5855]  cleanup_mnt+0x425/0x4c0
[  139.982819][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.982829][ T5855]  task_work_run+0x1d4/0x260
[  139.982840][ T5855]  ? __pfx_task_work_run+0x10/0x10
[  139.982848][ T5855]  ? __x64_sys_umount+0x122/0x160
[  139.982860][ T5855]  ? exit_to_user_mode_loop+0x40/0x110
[  139.982872][ T5855]  exit_to_user_mode_loop+0xec/0x110
[  139.982882][ T5855]  do_syscall_64+0x2bd/0x3b0
[  139.982890][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.982898][ T5855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.982905][ T5855]  ? exc_page_fault+0x9f/0xf0
[  139.982920][ T5855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.982927][ T5855] RIP: 0033:0x7f001d18ff17
[  139.982936][ T5855] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  139.982946][ T5855] RSP: 002b:00007ffd8ae26a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  139.982958][ T5855] RAX: 0000000000000000 RBX: 00007f001d211c05 RCX: 00007f001d18ff17
[  139.982965][ T5855] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd8ae26ad0
[  139.982972][ T5855] RBP: 00007ffd8ae26ad0 R08: 0000000000000000 R09: 0000000000000000
[  139.982978][ T5855] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd8ae27b60
[  139.982985][ T5855] R13: 00007f001d211c05 R14: 0000000000021bf9 R15: 00007ffd8ae27ba0
[  139.983001][ T5855]  </TASK>
[  140.118186][ T5855] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  140.409509][ T8358] warning: `syz.3.849' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  140.680671][ T8385] netlink: 4 bytes leftover after parsing attributes in process `syz.4.859'.
[  140.683874][ T8385] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.805772][  T792] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  140.816813][ T5910] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  140.976753][ T5910] usb 4-1: Using ep0 maxpacket: 8
[  140.982117][  T792] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  140.985387][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.988591][  T792] usb 1-1: Product: syz
[  140.990813][  T792] usb 1-1: Manufacturer: syz
[  140.992959][  T792] usb 1-1: SerialNumber: syz
[  140.995683][ T5910] usb 4-1: unable to get BOS descriptor or descriptor too short
[  140.996156][  T792] usb 1-1: config 0 descriptor??
[  141.001514][ T5910] usb 4-1: no configurations
[  141.003571][ T5910] usb 4-1: can't read configurations, error -22
[  141.223606][  T792] hso 1-1:0.0: Failed to find INT IN ep
[  141.226502][  T792] usb-storage 1-1:0.0: USB Mass Storage device detected
[  141.440612][  T792] usb 1-1: USB disconnect, device number 17
[  142.216173][ T8420] loop3: detected capacity change from 0 to 32768
[  142.475326][ T8420] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow,no_data_io
[  142.475351][ T8420]   allowing incompatible features above 0.0: (unknown version)
[  142.475360][ T8420]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  142.492991][ T8420] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  142.497101][ T8420] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  142.501135][ T8420] bcachefs (loop3): Version upgrade required:
[  142.501135][ T8420] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  142.501135][ T8420] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  142.501135][ T8420]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  142.532971][ T8420] bcachefs (loop3): dropping and reconstructing all alloc info
[  142.579929][ T8420] bcachefs (loop3): accounting_read... done
[  142.591458][ T8420] bcachefs (loop3): alloc_read... done
[  142.595487][ T8420] bcachefs (loop3): snapshots_read... done
[  142.600503][ T8420] bcachefs (loop3): done starting filesystem
[  142.708366][ T5883] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  142.919937][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  142.921084][ T7053] bcachefs (loop3): shutting down
[  142.924159][ T5883] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  142.928448][ T5883] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.936337][ T5883] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  142.957624][ T5883] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  142.962516][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.964966][ T7053] bcachefs (loop3): shutdown complete
[  142.966525][ T5883] usb 1-1: Product: syz
[  142.970650][ T5883] usb 1-1: Manufacturer: syz
[  142.972907][ T5883] usb 1-1: SerialNumber: syz
[  143.431141][ T5883] usb 1-1: 0:2 : does not exist
[  144.101862][ T5883] usb 1-1: USB disconnect, device number 18
[  144.792103][ T5883] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  144.839508][ T8486] netlink: 512 bytes leftover after parsing attributes in process `syz.0.880'.
[  144.980173][ T5883] usb 5-1: Using ep0 maxpacket: 8
[  144.991987][ T5883] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  144.999079][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.016000][ T5883] pvrusb2: Hardware description: Terratec Grabster AV400
[  145.018894][ T5883] pvrusb2: **********
[  145.020554][ T5883] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  145.027911][ T5883] pvrusb2: Important functionality might not be entirely working.
[  145.031180][ T5883] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  145.035676][ T5883] pvrusb2: **********
[  145.201485][ T8512] program syz.0.888 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  145.232599][ T2397] pvrusb2: Invalid write control endpoint
[  145.284419][ T2397] pvrusb2: Invalid write control endpoint
[  145.287088][ T2397] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  145.294631][ T2397] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  145.298377][ T2397] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  145.302899][ T8522] tmpfs: Group quota block hardlimit too large.
[  145.306586][ T2397] pvrusb2: Device being rendered inoperable
[  145.313670][ T2397] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  145.319548][ T2397] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  145.327921][ T2397] pvrusb2: Attached sub-driver cx25840
[  145.331217][ T2397] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  145.338012][ T2397] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  145.444113][ T5883] usb 5-1: USB disconnect, device number 5
[  145.972778][ T8556] loop0: detected capacity change from 0 to 32768
[  146.012716][ T8556] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  146.040777][ T8556] XFS (loop0): Ending clean mount
[  146.059157][ T8556] XFS (loop0): Quotacheck needed: Please wait.
[  146.121785][ T8558] loop3: detected capacity change from 0 to 32768
[  146.134969][ T8556] XFS (loop0): Quotacheck: Done.
[  146.151979][ T8558] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  146.203168][ T5855] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  146.402514][ T7053] ocfs2: Unmounting device (7,3) on (node local)
[  146.451653][ T8593] loop0: detected capacity change from 0 to 128
[  146.469866][   T33] audit: type=1800 audit(1755107900.512:8): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.911" name="file1" dev="loop0" ino=1048614 res=0 errno=0
[  146.507267][ T8593] syz.0.911: attempt to access beyond end of device
[  146.507267][ T8593] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  146.511515][   T33] audit: type=1804 audit(1755107900.540:9): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.911" name="/newroot/317/file0/file1" dev="loop0" ino=1048614 res=1 errno=0
[  146.520038][   T33] audit: type=1800 audit(1755107900.540:10): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.911" name="file1" dev="loop0" ino=1048614 res=0 errno=0
[  146.567567][ T8599] all: renamed from lo
[  146.593697][ T8603] netlink: 36 bytes leftover after parsing attributes in process `syz.0.914'.
[  146.744211][ T8619] netlink: 16 bytes leftover after parsing attributes in process `syz.3.922'.
[  146.847511][ T8625] loop3: detected capacity change from 0 to 1024
[  146.873957][ T8625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.901483][ T8625] EXT4-fs (loop3): shut down requested (0)
[  146.935955][ T7053] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.136006][ T8644] loop0: detected capacity change from 0 to 128
[  147.140412][ T8644] FAT-fs (loop0): bogus number of reserved sectors
[  147.144349][ T8644] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  147.149508][ T8644] FAT-fs (loop0): Can't find a valid FAT filesystem
[  147.325642][ T8666] loop0: detected capacity change from 0 to 1024
[  147.353385][   T53] hfsplus: b-tree write err: -5, ino 4
[  147.484135][ T5910] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  147.645744][ T5910] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  147.651948][ T5910] usb 4-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=ef.4d
[  147.656323][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.659389][ T5910] usb 4-1: Product: syz
[  147.661123][ T5910] usb 4-1: Manufacturer: syz
[  147.665813][ T5910] usb 4-1: SerialNumber: syz
[  147.762078][ T5883] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  147.888028][ T5910] usb 4-1: selecting invalid altsetting 1
[  147.933166][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  147.945763][ T5883] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.949978][ T5883] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  147.958133][ T5883] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  147.962338][ T5883] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  147.969015][ T5883] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  147.982538][ T5883] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  147.987994][ T5883] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  147.991579][ T5883] usb 1-1: Manufacturer: syz
[  147.996119][ T5883] usb 1-1: config 0 descriptor??
[  148.105637][ T5910] LME2510(C): Firmware Status: 1a 03 34 00 32 00
[  148.105703][ T5910] dvb_usb_lmedm04 4-1:2.0: probe with driver dvb_usb_lmedm04 failed with error -22
[  148.274635][ T5883] rc_core: IR keymap rc-hauppauge not found
[  148.276625][ T5883] Registered IR keymap rc-empty
[  148.278588][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.296723][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.320151][ T5883] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  148.330383][ T5883] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input10
[  148.338842][ T5897] usb 4-1: USB disconnect, device number 9
[  148.351100][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.372809][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.392851][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.426144][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.445892][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.467299][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.490014][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.510516][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.531064][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.553748][ T5883] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  148.577644][ T5883] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  148.581701][ T5883] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  148.719792][ T5883] usb 1-1: USB disconnect, device number 19
[  149.290909][ T5883] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  149.297561][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.0.956'.
[  149.300875][ T8749] openvswitch: netlink: nsh attr 8224 is out of range max 3
[  149.303761][ T8749] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  149.474364][ T5883] usb 4-1: unable to get BOS descriptor or descriptor too short
[  149.478915][ T5883] usb 4-1: config 249 has an invalid interface number: 177 but max is 0
[  149.482787][ T5883] usb 4-1: config 249 has no interface number 0
[  149.485617][ T5883] usb 4-1: config 249 interface 177 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  149.490054][ T5883] usb 4-1: config 249 interface 177 altsetting 0 has an endpoint descriptor with address 0x53, changing to 0x3
[  149.495256][ T5883] usb 4-1: config 249 interface 177 altsetting 0 endpoint 0x3 has invalid maxpacket 65199, setting to 1024
[  149.499905][ T5883] usb 4-1: config 249 interface 177 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  149.504321][ T5883] usb 4-1: config 249 interface 177 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  149.513100][ T5883] usb 4-1: New USB device found, idVendor=057c, idProduct=3800, bcdDevice=5a.9d
[  149.516895][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.520184][ T5883] usb 4-1: Product: syz
[  149.521819][ T5883] usb 4-1: Manufacturer: syz
[  149.523346][ T5883] usb 4-1: SerialNumber: syz
[  149.527386][ T8744] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  149.588792][  T123] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  149.749059][  T123] usb 1-1: Using ep0 maxpacket: 8
[  149.755652][ T5883] usb 4-1: USB disconnect, device number 10
[  149.759970][  T123] usb 1-1: unable to get BOS descriptor or descriptor too short
[  149.763678][  T123] usb 1-1: config 250 has an invalid interface number: 4 but max is 0
[  149.766764][  T123] usb 1-1: config 250 has no interface number 0
[  149.769064][  T123] usb 1-1: config 250 interface 4 altsetting 43 endpoint 0x6 has invalid wMaxPacketSize 0
[  149.781161][  T123] usb 1-1: config 250 interface 4 has no altsetting 0
[  149.785903][  T123] usb 1-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=1b.8a
[  149.789434][  T123] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.793549][  T123] usb 1-1: Product: syz
[  149.795218][  T123] usb 1-1: Manufacturer: syz
[  149.798221][  T123] usb 1-1: SerialNumber: syz
[  150.026296][  T123] powermate 1-1:250.4: probe with driver powermate failed with error -5
[  150.031792][  T123] usb 1-1: USB disconnect, device number 20
[  150.198735][ T5910] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  150.358326][ T5910] usb 5-1: Using ep0 maxpacket: 8
[  150.364451][ T5910] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 17
[  150.376232][ T5910] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07
[  150.380753][ T5910] usb 5-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60
[  150.385468][ T5910] usb 5-1: Product: syz
[  150.387610][ T5910] usb 5-1: Manufacturer: syz
[  150.389729][ T5910] usb 5-1: SerialNumber: syz
[  150.398520][ T5910] usb 5-1: config 0 descriptor??
[  150.664936][ T5910] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  150.847072][ T8795] loop0: detected capacity change from 0 to 512
[  151.026767][ T8795] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.964: bg 0: block 248: padding at end of block bitmap is not set
[  151.048617][ T8795] Quota error (device loop0): write_blk: dquota write failed
[  151.053644][ T8795] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  151.058506][ T8795] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.964: Failed to acquire dquot type 1
[  151.094446][ T8795] EXT4-fs (loop0): 1 truncate cleaned up
[  151.104147][ T5910] gspca_sunplus: reg_w_riv err -71
[  151.109021][ T5910] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  151.109733][ T8795] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.116518][ T5910] usb 5-1: USB disconnect, device number 6
[  151.118291][ T8795] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.261070][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.363922][ T8810] loop0: detected capacity change from 0 to 256
[  151.465240][ T8810] FAT-fs (loop0): Directory bread(block 64) failed
[  151.468437][ T8810] FAT-fs (loop0): Directory bread(block 65) failed
[  151.472505][ T8810] FAT-fs (loop0): Directory bread(block 66) failed
[  151.475538][ T8810] FAT-fs (loop0): Directory bread(block 67) failed
[  151.481001][ T8810] FAT-fs (loop0): Directory bread(block 68) failed
[  151.484056][ T8810] FAT-fs (loop0): Directory bread(block 69) failed
[  151.486865][ T8810] FAT-fs (loop0): Directory bread(block 70) failed
[  151.489653][ T8810] FAT-fs (loop0): Directory bread(block 71) failed
[  151.493885][ T8810] FAT-fs (loop0): Directory bread(block 72) failed
[  151.497454][ T8810] FAT-fs (loop0): Directory bread(block 73) failed
[  152.161260][ T8845] netlink: 60 bytes leftover after parsing attributes in process `syz.4.977'.
[  152.166169][ T8844] netlink: 60 bytes leftover after parsing attributes in process `syz.4.977'.
[  152.170528][ T8845] netlink: 60 bytes leftover after parsing attributes in process `syz.4.977'.
[  152.228046][ T5910] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  152.394839][ T5910] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.401435][ T5910] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.405821][ T5910] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  152.409830][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.417885][ T5910] usb 4-1: config 0 descriptor??
[  152.460788][   T33] audit: type=1800 audit(1755107906.108:11): pid=8860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.984" name="/" dev="9p" ino=2 res=0 errno=0
[  152.547754][ T8868] netlink: 16 bytes leftover after parsing attributes in process `syz.4.987'.
[  152.654042][ T8875] loop0: detected capacity change from 0 to 512
[  152.673037][ T8875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.678700][ T8875] ext4 filesystem being mounted at /346/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.695158][ T8875] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.989: corrupted xattr block 33: invalid header
[  152.705225][ T8875] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.989: corrupted xattr block 33: invalid header
[  152.718622][ T8875] fscrypt (loop0, inode 15): Error -117 getting encryption context
[  152.752693][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.302507][ T5910] hid-led 0003:27B8:01ED.0009: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.3-1/input0
[  153.327028][ T5910] hid-led 0003:27B8:01ED.0009: ThingM blink(1) initialized
[  153.518505][  T792] usb 4-1: USB disconnect, device number 11
[  153.756068][ T5910] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  153.916229][ T5910] usb 5-1: Using ep0 maxpacket: 32
[  153.923556][ T5910] usb 5-1: unable to get BOS descriptor or descriptor too short
[  153.933693][ T5910] usb 5-1: config 14 has an invalid interface number: 32 but max is 0
[  153.937257][ T5910] usb 5-1: config 14 has no interface number 0
[  153.940224][ T5910] usb 5-1: config 14 interface 32 has no altsetting 0
[  153.945877][ T5910] usb 5-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[  153.951591][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.955110][ T5910] usb 5-1: Product: syz
[  153.956850][ T5910] usb 5-1: Manufacturer: syz
[  153.959006][ T5910] usb 5-1: SerialNumber: syz
[  154.187927][ T5910] ums-usbat 5-1:14.32: USB Mass Storage device detected
[  154.207860][ T5910] ums-usbat 5-1:14.32: Quirks match for vid 0781 pid 0005: 1
[  154.210886][ T5910] ums-usbat 5-1:14.32: This device (0781,0005,0005 S 39 P 80) has an unneeded Protocol entry in unusual_devs.h (kernel 6.16.0-syzkaller-11895-gcca7a0aae895-dirty)
[  154.210886][ T5910]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  154.286384][ T5910] usb 5-1: USB disconnect, device number 7
[  154.472576][ T8994] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  154.472576][ T8994] The task syz.0.1019 (8994) triggered the difference, watch for misbehavior.
[  154.652266][ T8993] loop3: detected capacity change from 0 to 32768
[  154.662348][ T8993] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  154.677606][ T8993] XFS (loop3): Ending clean mount
[  154.964306][ T5848] Bluetooth: hci0: command tx timeout
[  155.407150][ T7053] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.991477][  T792] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  156.160033][  T792] usb 4-1: Using ep0 maxpacket: 16
[  156.176097][  T792] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  156.179596][  T792] usb 4-1: config 0 has no interface number 0
[  156.182351][  T792] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.189507][  T792] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.193751][  T792] usb 4-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  156.199239][  T792] usb 4-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00
[  156.203785][  T792] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.218898][  T792] usb 4-1: config 0 descriptor??
[  156.499598][ T9032] loop0: detected capacity change from 0 to 32768
[  156.515052][ T9032] bcachefs (/dev/loop0): error validating superblock: Not a bcachefs superblock layout
[  156.519426][ T9032] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout
[  156.679607][  T792] holtek_mouse 0003:04D9:A072.000A: unknown main item tag 0x0
[  156.682997][  T792] holtek_mouse 0003:04D9:A072.000A: unknown main item tag 0x0
[  156.686875][  T792] holtek_mouse 0003:04D9:A072.000A: unknown main item tag 0x0
[  156.690929][  T792] holtek_mouse 0003:04D9:A072.000A: unknown main item tag 0x0
[  156.714390][  T792] holtek_mouse 0003:04D9:A072.000A: hidraw0: USB HID v0.00 Device [HID 04d9:a072] on usb-dummy_hcd.3-1/input1
[  156.829416][ T9048] loop0: detected capacity change from 0 to 512
[  156.837130][ T9048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.862682][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.884248][  T792] usb 4-1: USB disconnect, device number 12
[  156.914395][ T9066] loop0: detected capacity change from 0 to 512
[  156.921210][ T9066] EXT4-fs (loop0): Test dummy encryption mode enabled
[  156.926547][ T9066] EXT4-fs error (device loop0): __ext4_iget:5464: inode #11: block 1: comm syz.0.1035: invalid block
[  156.933093][ T9066] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1035: couldn't read orphan inode 11 (err -117)
[  156.941116][ T9066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.119117][ T9066] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  157.129506][ T9066] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  157.172613][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.451537][ T9079] loop0: detected capacity change from 0 to 2048
[  157.458615][ T9079] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  157.477025][ T9081] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  157.481778][ T9079] syz.0.1037: attempt to access beyond end of device
[  157.481778][ T9079] loop0: rw=524288, sector=65534, nr_sectors = 2 limit=2048
[  157.557643][ T9085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1038'.
[  157.779130][ T9101] loop3: detected capacity change from 0 to 128
[  157.791763][ T9101] qnx6: wrong signature (magic) in superblock #1.
[  158.753319][ T9151] netlink: 'syz.3.1057': attribute type 1 has an invalid length.
[  158.759397][ T9151] netlink: 'syz.3.1057': attribute type 1 has an invalid length.
[  159.024380][    T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  159.102895][ T9161] loop3: detected capacity change from 0 to 4096
[  159.115417][ T9161] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  159.194896][    T9] usb 1-1: Using ep0 maxpacket: 16
[  159.211758][ T9161] ntfs3(loop3): Failed to load $Extend (-22).
[  159.213940][ T9161] ntfs3(loop3): Failed to initialize $Extend.
[  159.222798][    T9] usb 1-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=93.52
[  159.225858][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.243918][    T9] usb 1-1: Product: syz
[  159.245372][    T9] usb 1-1: Manufacturer: syz
[  159.247420][    T9] usb 1-1: SerialNumber: syz
[  159.248466][   T33] audit: type=1800 audit(1755107912.463:12): pid=9161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1060" name="file1" dev="loop3" ino=30 res=0 errno=0
[  159.258998][    T9] usb 1-1: config 0 descriptor??
[  159.414702][ T9173] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  159.488871][  T792] usb 1-1: USB disconnect, device number 21
[  160.145010][ T9191] loop3: detected capacity change from 0 to 32768
[  160.185860][ T9191] JBD2: Ignoring recovery information on journal
[  160.279039][ T9191] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  160.324168][ T7053] ocfs2: Unmounting device (7,3) on (node local)
[  160.500940][ T9210] loop3: detected capacity change from 0 to 4096
[  160.510654][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  160.513795][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  160.516840][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  160.520056][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc0c00
[  160.522798][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc1c00
[  160.525518][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc2c00
[  160.528505][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc4c00
[  160.531752][ T5910] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  160.535868][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffc8c00
[  160.538407][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffd0c00
[  160.544348][ T9210] ntfs3(loop3): try to read out of volume at offset 0x3fffffe0c00
[  160.692490][ T5910] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  160.696065][ T5910] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  160.703994][ T5910] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  160.708586][ T5910] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  160.713775][ T5910] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  160.718989][ T5910] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  160.724629][ T5910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.734718][ T5910] usb 5-1: config 0 descriptor??
[  160.737585][ T9199] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  160.818726][ T9196] loop0: detected capacity change from 0 to 131072
[  160.822056][ T9196] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  160.825035][ T9196] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  160.830965][ T9196] F2FS-fs (loop0): invalid crc value
[  160.864734][ T9196] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  160.869869][ T9196] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  160.872571][ T9196] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  161.082752][ T9224] loop3: detected capacity change from 0 to 4096
[  161.198887][ T5910] plantronics 0003:047F:FFFF.000B: reserved main item tag 0xd
[  161.233201][ T5910] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  161.531680][  T792] usb 5-1: USB disconnect, device number 8
[  161.960927][ T9261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1076'.
[  162.400340][ T5910] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  162.560522][ T5910] usb 5-1: Using ep0 maxpacket: 8
[  162.567647][ T5910] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.573185][ T5910] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  162.576994][ T5910] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  162.580999][ T5910] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  162.590084][ T5910] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  162.593953][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.597274][ T5910] usb 5-1: Product: syz
[  162.598989][ T5910] usb 5-1: Manufacturer: syz
[  162.600868][ T5910] usb 5-1: SerialNumber: syz
[  162.608522][ T5910] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  162.612771][ T5910] usbtest 5-1:1.0: Linux user mode ISO test driver
[  162.615873][ T5910] usbtest 5-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  162.741890][    T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  162.830297][  T792] usb 5-1: USB disconnect, device number 9
[  162.903376][    T9] usb 4-1: Using ep0 maxpacket: 8
[  162.907541][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.911923][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.916498][    T9] usb 4-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  162.920371][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.927690][    T9] usb 4-1: config 0 descriptor??
[  163.370250][    T9] lenovo 0003:17EF:6009.000C: hidraw0: USB HID v0.00 Device [HID 17ef:6009] on usb-dummy_hcd.3-1/input0
[  163.493928][ T9303] skbuff: bad partial csum: csum=65506/2 headroom=178 headlen=65526
[  163.581864][    T9] usb 4-1: USB disconnect, device number 13
[  163.759353][ T9325] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  164.213596][ T9334] loop3: detected capacity change from 0 to 2048
[  164.221980][ T9334] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.283728][ T9340] 9pnet_rdma: rdma_create_trans (9340): problem binding to privport: 13
[  164.479413][ T9355] libceph: resolve '4..' (ret=-3): failed
[  164.520234][ T9360] netlink: 'syz.4.1103': attribute type 4 has an invalid length.
[  164.611437][ T9373] loop3: detected capacity change from 0 to 256
[  164.659427][ T9378] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1109'.
[  164.711921][ T9380] loop3: detected capacity change from 0 to 4096
[  164.716020][ T9380] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  164.727382][ T9380] ntfs3(loop3): ino=1a, mi_enum_attr
[  164.730177][ T9380] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  164.752987][ T9380] ntfs3(loop3): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ntfs_sync_inode failed, -22.
[  164.778144][   T26] ntfs3(loop3): ino=1e, ntfs3_write_inode failed, -22.
[  164.868243][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  165.042735][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  165.050183][    T9] usb 5-1: config 255 has an invalid interface number: 218 but max is 0
[  165.053693][    T9] usb 5-1: config 255 contains an unexpected descriptor of type 0x2, skipping
[  165.057189][    T9] usb 5-1: config 255 has an invalid interface descriptor of length 2, skipping
[  165.060506][  T792] usb 4-1: new low-speed USB device number 14 using dummy_hcd
[  165.061056][    T9] usb 5-1: config 255 has no interface number 0
[  165.066836][    T9] usb 5-1: config 255 interface 218 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  165.072787][    T9] usb 5-1: config 255 interface 218 has no altsetting 0
[  165.078085][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=04e1, bcdDevice=2a.3b
[  165.082104][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.085467][    T9] usb 5-1: Product: syz
[  165.087255][    T9] usb 5-1: Manufacturer: syz
[  165.089211][    T9] usb 5-1: SerialNumber: syz
[  165.222685][  T792] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  165.226280][  T792] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  165.229940][  T792] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  165.234543][  T792] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  165.238996][  T792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  165.252792][  T792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  165.257285][  T792] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  165.279850][  T792] usb 4-1: string descriptor 0 read error: -22
[  165.282536][  T792] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  165.295620][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.306814][  T792] usb 4-1: config 0 descriptor??
[  165.311565][  T792] hub 4-1:0.0: bad descriptor, ignoring hub
[  165.317001][  T792] hub 4-1:0.0: probe with driver hub failed with error -5
[  165.323151][  T792] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12
[  165.327409][    T9] usb 5-1: USB disconnect, device number 10
[  165.445312][ T5883] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  165.532447][    T9] usb 4-1: USB disconnect, device number 14
[  165.605530][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  165.608892][ T5883] usb 1-1: config 1 has an invalid interface number: 223 but max is 0
[  165.612470][ T5883] usb 1-1: config 1 has no interface number 0
[  165.614846][ T5883] usb 1-1: config 1 interface 223 has no altsetting 0
[  165.620464][ T5883] usb 1-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice=42.53
[  165.624214][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.627858][ T5883] usb 1-1: Product: syz
[  165.629795][ T5883] usb 1-1: Manufacturer: syz
[  165.631767][ T5883] usb 1-1: SerialNumber: syz
[  165.644723][ T5883] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.223/input/input13
[  165.855349][ T5280] bcm5974 1-1:1.223: could not read from device
[  165.862783][ T5280] bcm5974 1-1:1.223: could not read from device
[  165.870208][ T5883] usb 1-1: USB disconnect, device number 22
[  166.449999][ T9461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'.
[  166.632534][ T9469] loop3: detected capacity change from 0 to 256
[  166.639744][ T9469] exfat: Deprecated parameter 'utf8'
[  166.661032][ T9469] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  166.854378][ T9478] loop3: detected capacity change from 0 to 2048
[  166.857263][ T9477] loop0: detected capacity change from 0 to 2048
[  166.864819][ T9477] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  166.893293][ T9481] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  166.956236][ T9478] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.961878][ T9478] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.020194][   T33] audit: type=1800 audit(1755107919.744:13): pid=9478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1126" name="file0" dev="loop3" ino=13 res=0 errno=0
[  167.048476][ T9478] fs-verity (loop3, inode 13): Error -22 reading file data
[  167.051888][ T9478] fs-verity (loop3, inode 13): Error -22 building Merkle tree
[  167.127023][ T7053] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.356334][ T9493] loop3: detected capacity change from 0 to 4096
[  167.643541][ T9494] loop0: detected capacity change from 0 to 32768
[  167.713637][ T9494] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  167.713653][ T9494]   allowing incompatible features above 0.0: (unknown version)
[  167.713658][ T9494]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  167.730758][ T9494] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  167.734327][ T9494] bcachefs (loop0): initializing new filesystem
[  167.741988][ T9494] bcachefs (loop0): going read-write
[  167.762778][ T9494] bcachefs (loop0): marking superblocks
[  167.799181][ T9494] bcachefs (loop0): initializing freespace
[  167.823291][ T9494] bcachefs (loop0): done initializing freespace
[  167.868776][ T9494] bcachefs (loop0): reading snapshots table
[  167.879277][ T9494] bcachefs (loop0): reading snapshots done
[  167.915523][ T9494] bcachefs (loop0): done starting filesystem
[  168.035075][ T5855] bcachefs (loop0): shutting down
[  168.036876][ T5855] bcachefs (loop0): going read-only
[  168.038568][ T5855] bcachefs (loop0): finished waiting for writes to stop
[  168.047527][ T5855] bcachefs (loop0): flushing journal and stopping allocators, journal seq 2
[  168.085440][ T5855] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  168.268610][ T5855] bcachefs (loop0): clean shutdown complete, journal seq 4
[  168.296304][ T5855] bcachefs (loop0): marking filesystem clean
[  168.424221][ T5855] bcachefs (loop0): shutdown complete
[  168.438647][ T5876] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.667785][ T5876] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.733377][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  168.739239][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  168.742897][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  168.748309][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.751763][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.795521][ T5876] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.001991][ T9554] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  169.161989][ T5876] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.322852][ T9544] chnl_net:caif_netlink_parms(): no params data found
[  169.459617][ T9544] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.462303][ T9544] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.465418][ T9544] bridge_slave_0: entered allmulticast mode
[  169.468759][ T9544] bridge_slave_0: entered promiscuous mode
[  169.474988][ T5876] bridge_slave_1: left allmulticast mode
[  169.477014][ T5876] bridge_slave_1: left promiscuous mode
[  169.479276][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.495724][ T5876] bridge_slave_0: left allmulticast mode
[  169.499310][ T5876] bridge_slave_0: left promiscuous mode
[  169.501948][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.156982][ T5876] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.166701][ T5876] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.174168][ T5876] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  170.180522][ T5876] team0: left promiscuous mode
[  170.182693][ T5876] team_slave_0: left promiscuous mode
[  170.185378][ T5876] team_slave_1: left promiscuous mode
[  170.192237][ T5876] bond0 (unregistering): Released all slaves
[  170.209470][ T9544] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.227020][ T9544] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.230327][ T9544] bridge_slave_1: entered allmulticast mode
[  170.235136][ T9544] bridge_slave_1: entered promiscuous mode
[  170.418965][ T9544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.434761][ T9544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.571420][ T9544] team0: Port device team_slave_0 added
[  170.589129][ T9544] team0: Port device team_slave_1 added
[  170.857056][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.859424][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.885821][ T9544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.907208][ T9810] dlm: no locking on control device
[  170.920060][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.922513][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.941117][ T9544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.946302][   T55] Bluetooth: hci1: command tx timeout
[  171.010405][ T5876] hsr_slave_0: left promiscuous mode
[  171.015692][ T5876] hsr_slave_1: left promiscuous mode
[  171.018483][ T5876] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.027528][ T5876] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.037967][ T5876] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.045615][ T5876] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.070833][ T5876] veth1_macvtap: left promiscuous mode
[  171.073211][ T5876] veth0_macvtap: left promiscuous mode
[  171.075652][ T5876] veth1_vlan: left promiscuous mode
[  171.081036][ T5876] veth0_vlan: left promiscuous mode
[  171.119902][ T9822] loop0: detected capacity change from 0 to 256
[  171.135783][ T9822] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  171.153975][ T9822] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  171.167740][ T9822] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  172.357444][ T5876] team0 (unregistering): Port device team_slave_1 removed
[  172.450326][ T5876] team0 (unregistering): Port device team_slave_0 removed
[  173.159956][   T55] Bluetooth: hci1: command tx timeout
[  173.558104][ T9544] hsr_slave_0: entered promiscuous mode
[  173.564016][ T9544] hsr_slave_1: entered promiscuous mode
[  174.025757][ T9933] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.1162'.
[  174.073113][ T9544] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  174.084704][ T9544] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  174.092384][ T9544] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  174.101494][ T9544] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  174.110946][ T5910] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  174.196212][ T9544] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.214948][ T9544] 8021q: adding VLAN 0 to HW filter on device team0
[  174.225317][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.228566][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.239214][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.242367][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.282122][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  174.286754][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  174.291303][ T5910] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[  174.307148][ T5910] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.319002][ T5910] usb 1-1: config 0 descriptor??
[  174.321731][ T9899] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  174.478032][ T9544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  174.682223][ T9544] veth0_vlan: entered promiscuous mode
[  174.696538][ T9544] veth1_vlan: entered promiscuous mode
[  174.723783][ T9544] veth0_macvtap: entered promiscuous mode
[  174.729831][ T9544] veth1_macvtap: entered promiscuous mode
[  174.745292][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.758105][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.765314][ T5910] greenasia 0003:0E8F:0012.000D: item fetching failed at offset 5/7
[  174.768645][ T5876] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.773364][ T5910] greenasia 0003:0E8F:0012.000D: parse failed
[  174.775576][ T5910] greenasia 0003:0E8F:0012.000D: probe with driver greenasia failed with error -22
[  174.778967][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.781937][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.790933][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.868538][ T4140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.872711][ T4140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.907547][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.910883][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.952921][ T9985] loop5: detected capacity change from 0 to 512
[  174.970956][ T9985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.976555][ T9985] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.981873][ T5897] usb 1-1: USB disconnect, device number 23
[  175.015117][ T9544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.098125][T10005] loop5: detected capacity change from 0 to 16
[  175.107898][T10005] erofs (device loop5): mounted with root inode @ nid 36.
[  175.382463][   T55] Bluetooth: hci1: command tx timeout
[  175.845228][T10033] loop0: detected capacity change from 0 to 32768
[  175.849966][T10033] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section disk_groups: disk 0 has invalid label 15 (have 0)
[  175.849966][T10033] disk_groups (size 40):
[  175.849966][T10033] 
[  175.859225][T10033] bcachefs: bch2_fs_get_tree() error: invalid_sb_disk_groups
[  176.058602][T10045] netlink: 'syz.0.1183': attribute type 10 has an invalid length.
[  176.062493][T10045] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1183'.
[  176.074512][T10045] batman_adv: batadv0: Adding interface: 
[  176.079588][T10045] batman_adv: batadv0: The MTU of interface  is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.090616][T10045] batman_adv: batadv0: Interface activated: 
[  176.177135][T10051] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  176.292818][T10061] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  177.605439][   T55] Bluetooth: hci1: command tx timeout
[  180.061957][T10103] loop5: detected capacity change from 0 to 164
[  180.124596][T10103] syz.5.1206: attempt to access beyond end of device
[  180.124596][T10103] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  180.145152][T10103] syz.5.1206: attempt to access beyond end of device
[  180.145152][T10103] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  180.156128][   T33] audit: type=1800 audit(1755107932.033:14): pid=10103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1206" name="file0" dev="overlay" ino=1862 res=0 errno=0
[  180.277883][T10114] loop0: detected capacity change from 0 to 2048
[  180.323506][T10114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.329365][T10114] ext4 filesystem being mounted at /413/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.368399][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.474460][ T5910] IPVS: starting estimator thread 0...
[  180.588426][T10123] IPVS: using max 84 ests per chain, 201600 per kthread
[  180.819111][T10135] loop0: detected capacity change from 0 to 22
[  180.827212][T10135] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  180.840015][T10135] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  181.016112][   T55] Bluetooth: hci1: Malformed LE Event: 0x1b
[  181.286834][T10149] loop0: detected capacity change from 0 to 32768
[  181.290645][T10149] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section crypt: wrong size (got 24 should be 64)
[  181.290645][T10149] crypt (size 24):
[  181.290645][T10149] KFD:               3
[  181.290645][T10149] scrypt n:          0
[  181.290645][T10149] scrypt r:          0
[  181.290645][T10149] scrypt p:          0
[  181.290645][T10149] 
[  181.304743][T10149] bcachefs: bch2_fs_get_tree() error: invalid_sb_crypt
[  182.614086][   T33] audit: type=1326 audit(1755107934.328:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.622089][   T33] audit: type=1326 audit(1755107934.328:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.632001][   T33] audit: type=1326 audit(1755107934.346:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.644232][   T33] audit: type=1326 audit(1755107934.346:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.653830][   T33] audit: type=1326 audit(1755107934.346:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.661753][   T33] audit: type=1326 audit(1755107934.346:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10198 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001d18ebe9 code=0x7ffc0000
[  182.740312][T10205] netlink: 'syz.0.1239': attribute type 25 has an invalid length.
[  182.744121][T10205] netlink: 'syz.0.1239': attribute type 7 has an invalid length.
[  182.877733][T10213] loop0: detected capacity change from 0 to 1024
[  182.916118][ T1089] hfsplus: b-tree write err: -5, ino 4
[  183.255363][T10237] Bluetooth: MGMT ver 1.23
[  183.277477][T10239] netlink: 'syz.4.1253': attribute type 4 has an invalid length.
[  183.282341][T10239] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1253'.
[  184.298852][T10258] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1261'.
[  184.303696][T10258] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1261'.
[  184.394953][T10264] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1264'.
[  184.435195][T10267] bridge: RTM_NEWNEIGH with invalid ether address
[  184.764785][   T33] audit: type=1400 audit(1755107936.339:21): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=10290 comm="syz.5.1278"
[  184.871908][T10304] pim6reg1: entered promiscuous mode
[  184.874095][T10304] pim6reg1: entered allmulticast mode
[  185.013153][ T5884] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  185.224481][ T5884] usb 5-1: Using ep0 maxpacket: 8
[  185.231383][ T5884] usb 5-1: config 251 has an invalid interface number: 243 but max is 0
[  185.234394][ T5884] usb 5-1: config 251 has no interface number 0
[  185.236917][ T5884] usb 5-1: config 251 interface 243 altsetting 5 bulk endpoint 0x5 has invalid maxpacket 32
[  185.242301][ T5884] usb 5-1: config 251 interface 243 altsetting 5 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  185.247572][ T5884] usb 5-1: config 251 interface 243 has no altsetting 0
[  185.260086][ T5884] usb 5-1: New USB device found, idVendor=0ab4, idProduct=0014, bcdDevice=28.9a
[  185.264440][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.268941][ T5884] usb 5-1: Product: syz
[  185.271613][ T5884] usb 5-1: Manufacturer: syz
[  185.273733][ T5884] usb 5-1: SerialNumber: syz
[  185.313332][T10294] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  185.547256][ T5884] esd_usb 5-1:251.243: sending version message failed
[  185.556461][ T5884] esd_usb 5-1:251.243: probe with driver esd_usb failed with error -8
[  185.572070][ T5884] usb 5-1: USB disconnect, device number 11
[  185.588968][ T5910] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  185.801815][ T5910] usb 1-1: Using ep0 maxpacket: 16
[  185.806169][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.810372][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.814451][ T5910] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  185.819327][ T5910] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  185.822625][ T5910] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.829441][ T5910] usb 1-1: config 0 descriptor??
[  186.362894][ T5910] microsoft 0003:045E:07DA.000E: unknown main item tag 0x1
[  186.365940][ T5910] microsoft 0003:045E:07DA.000E: report is too long
[  186.368970][ T5910] microsoft 0003:045E:07DA.000E: item 0 2 0 11 parsing failed
[  186.372246][ T5910] microsoft 0003:045E:07DA.000E: parse failed
[  186.374890][ T5910] microsoft 0003:045E:07DA.000E: probe with driver microsoft failed with error -22
[  186.581746][ T5884] usb 1-1: USB disconnect, device number 24
[  187.178618][   T33] audit: type=1326 audit(1755107938.602:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10364 comm="syz.5.1295" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff29038ebe9 code=0x0
[  187.284848][T10374] loop0: detected capacity change from 0 to 16
[  187.303323][T10374] erofs (device loop0): mounted with root inode @ nid 36.
[  187.839560][T10395] loop5: detected capacity change from 0 to 128
[  187.842275][T10395] EXT4-fs: Ignoring removed nobh option
[  187.850028][T10395] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.856963][T10395] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  187.881067][ T9544] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.912847][T10403] loop5: detected capacity change from 0 to 1024
[  187.915848][T10403] EXT4-fs: Ignoring removed bh option
[  187.934910][T10403] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.952547][T10403] EXT4-fs error (device loop5): ext4_get_first_dir_block:3544: inode #11: comm syz.5.1306: directory missing '.'
[  187.958677][T10403] EXT4-fs (loop5): Remounting filesystem read-only
[  187.974673][ T9544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.716718][T10423] loop0: detected capacity change from 0 to 131072
[  188.721126][T10423] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  188.723848][T10423] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  188.727645][T10423] F2FS-fs (loop0): invalid crc value
[  188.759573][T10423] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  188.764613][T10423] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  188.766915][T10423] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  188.784452][  T123] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  188.955527][  T123] usb 6-1: Using ep0 maxpacket: 8
[  188.959409][  T123] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.963846][  T123] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.968715][  T123] usb 6-1: config 0 interface 0 has no altsetting 0
[  188.971224][  T123] usb 6-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  188.974290][  T123] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.978730][  T123] usb 6-1: config 0 descriptor??
[  189.308100][T10448] loop0: detected capacity change from 0 to 1024
[  189.335314][   T33] audit: type=1800 audit(1755107940.623:23): pid=10448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1318" name="file1" dev="loop0" ino=20 res=0 errno=0
[  189.423135][  T123] samsung 0003:0419:0001.000F: unknown main item tag 0x0
[  189.425712][  T123] samsung 0003:0419:0001.000F: unknown main item tag 0x0
[  189.429363][  T123] samsung 0003:0419:0001.000F: unknown main item tag 0x2
[  189.436347][  T123] samsung 0003:0419:0001.000F: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.5-1/input0
[  189.654464][ T5884] usb 6-1: USB disconnect, device number 2
[  190.807884][T10508] sp0: Synchronizing with TNC
[  190.941386][T10518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1334'.
[  190.944150][ T5897] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  190.965413][ T5884] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  191.005495][T10520] loop0: detected capacity change from 0 to 4096
[  191.015347][T10520] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  191.025432][T10520] ntfs3(loop0): Failed to load $Extend (-22).
[  191.027603][T10520] ntfs3(loop0): Failed to initialize $Extend.
[  191.107817][ T5897] usb 6-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  191.111110][ T5897] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.114612][ T5897] usb 6-1: Product: syz
[  191.120911][ T5897] usb 6-1: Manufacturer: syz
[  191.124546][ T5897] usb 6-1: SerialNumber: syz
[  191.127157][ T5884] usb 5-1: Using ep0 maxpacket: 32
[  191.131829][ T5884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.135068][ T5884] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  191.140146][ T5897] usb 6-1: config 0 descriptor??
[  191.143807][ T5884] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.149555][ T5884] usb 5-1: config 0 descriptor??
[  191.563276][T10536] loop0: detected capacity change from 0 to 256
[  191.595197][ T5884] magicmouse 0003:05AC:0265.0010: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.4-1/input0
[  191.631280][T10546] team_slave_0: entered promiscuous mode
[  191.633830][T10546] team_slave_1: entered promiscuous mode
[  191.636806][T10546] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  191.640933][T10546] team0: Device macvtap1 is already an upper device of the team interface
[  191.645163][T10546] team_slave_0: left promiscuous mode
[  191.647271][T10546] team_slave_1: left promiscuous mode
[  191.814162][  T123] usb 5-1: USB disconnect, device number 12
[  192.023799][   T10] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  192.195533][   T10] usb 1-1: Using ep0 maxpacket: 8
[  192.201789][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  192.206813][   T10] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  192.210907][   T10] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  192.215296][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  192.223236][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  192.227375][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.230733][   T10] usb 1-1: Product: syz
[  192.232459][   T10] usb 1-1: Manufacturer: syz
[  192.234571][   T10] usb 1-1: SerialNumber: syz
[  192.454471][ T5897] usb 6-1: f81604_read: reg: 100e failed: -EPROTO
[  192.462572][   T10] usb 1-1: 0:2 : does not exist
[  192.470815][ T5897] usb 6-1: f81604_read: reg: 200f failed: -EPROTO
[  192.473649][   T10] usb 1-1: USB disconnect, device number 25
[  192.482316][ T5897] usb 6-1: USB disconnect, device number 3
[  192.491911][ T5897] usb 6-1: f81604_read: reg: 100f failed: -ENODEV
[  192.541737][ T5897] usb 6-1: f81604_read: reg: 200f failed: -ENODEV
[  192.665237][  T792] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  192.827736][  T792] usb 5-1: unable to get BOS descriptor or descriptor too short
[  192.831425][  T792] usb 5-1: not running at top speed; connect to a high speed hub
[  192.835735][  T792] usb 5-1: config 5 has an invalid interface number: 246 but max is 0
[  192.839202][  T792] usb 5-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  192.844338][  T792] usb 5-1: config 5 has no interface number 0
[  192.847467][  T792] usb 5-1: config 5 interface 246 altsetting 4 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  192.851944][  T792] usb 5-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.856363][  T792] usb 5-1: config 5 interface 246 has no altsetting 0
[  192.861657][  T792] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4
[  192.865070][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.868089][  T792] usb 5-1: Product: syz
[  192.869566][  T792] usb 5-1: Manufacturer: syz
[  192.871147][  T792] usb 5-1: SerialNumber: syz
[  193.096124][T10616] gtp0: entered promiscuous mode
[  193.132076][  T792] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  193.137021][   T13] usb 5-1: Failed to submit usb control message: -71
[  193.140795][   T13] usb 5-1: unable to send the bmi data to the device: -71
[  193.143301][   T13] usb 5-1: unable to get target info from device
[  193.145339][   T13] usb 5-1: could not get target info (-71)
[  193.153069][  T792] usb 5-1: USB disconnect, device number 13
[  193.168046][   T13] usb 5-1: could not probe fw (-71)
[  193.402812][   T10] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  193.440471][T10639] loop5: detected capacity change from 0 to 32768
[  193.446860][T10639] (syz.5.1347,10639,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: rec_len is smaller than minimal - offset=88, inode=69, rec_len=8, name_len=8
[  193.453737][T10639] (syz.5.1347,10639,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  193.457770][T10639] (syz.5.1347,10639,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs?
[  193.457795][T10639] (syz.5.1347,10639,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  193.466686][T10639] (syz.5.1347,10639,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  193.470483][T10639] (syz.5.1347,10639,0):ocfs2_fill_super:1177 ERROR: status = -22
[  193.576138][   T10] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  193.579904][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.586167][   T10] usb 1-1: config 0 descriptor??
[  193.590655][   T10] cp210x 1-1:0.0: cp210x converter detected
[  194.034474][T10673] loop5: detected capacity change from 0 to 8
[  194.037536][T10673] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  194.045551][T10673] cramfs: Error -3 while decompressing!
[  194.054406][T10673] cramfs: ffffffff99be7628(26)->ffff88811924d000(4096)
[  194.059469][T10673] cramfs: bad data blocksize 3489655184
[  194.062352][T10673] cramfs: Error -3 while decompressing!
[  194.064747][T10673] cramfs: ffffffff99be7628(26)->ffff88811924d000(4096)
[  194.070315][   T33] audit: type=1800 audit(1755107945.057:24): pid=10673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1361" name="file2" dev="loop5" ino=348 res=0 errno=0
[  194.257512][   T10] cp210x 1-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  194.260857][   T10] cp210x 1-1:0.0: GPIO initialisation failed: -71
[  194.279909][   T10] usb 1-1: cp210x converter now attached to ttyUSB0
[  194.287746][   T10] usb 1-1: USB disconnect, device number 26
[  194.312150][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  194.322682][   T10] cp210x 1-1:0.0: device disconnected
[  195.378158][T10726] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1373'.
[  195.383139][T10726] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1373'.
[  195.426362][T10728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1374'.
[  195.917375][T10743] tipc: Started in network mode
[  195.919111][T10743] tipc: Node identity 7f000001, cluster identity 4711
[  195.921782][T10743] tipc: Enabled bearer <udp:syz2>, priority 10
[  195.994768][T10747] Bluetooth: hci0: invalid length 0, exp 2 for type 17
[  196.048795][T10740] loop0: detected capacity change from 0 to 32768
[  196.076393][T10740] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  196.087914][T10740] XFS (loop0): Ending clean mount
[  196.135802][ T5855] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  196.140112][T10765] loop5: detected capacity change from 0 to 4096
[  196.168219][T10771] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  196.332568][ T5848] Bluetooth: hci2: command 0x0406 tx timeout
[  196.391284][T10793] loop0: detected capacity change from 0 to 1024
[  196.432167][  T741] hfsplus: bad catalog file entry
[  196.516088][T10800] gretap0: entered promiscuous mode
[  196.521375][T10800] gretap0: left promiscuous mode
[  196.549348][  T792] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  196.724290][  T792] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  196.729082][  T792] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  196.736301][  T792] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  196.741142][  T792] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  196.745686][T10823] IPv6: addrconf: prefix option has invalid lifetime
[  196.752473][  T792] usb 6-1: SerialNumber: syz
[  196.909421][ T5883] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  196.979448][  T792] usb 6-1: 0:2 : does not exist
[  196.999855][  T792] usb 6-1: USB disconnect, device number 4
[  197.003781][ T5911] tipc: Node number set to 2130706433
[  197.081428][ T5884] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  197.084980][ T5883] usb 5-1: Using ep0 maxpacket: 32
[  197.089427][ T5883] usb 5-1: config 4 has an invalid interface number: 128 but max is 0
[  197.093231][ T5883] usb 5-1: config 4 has no interface number 0
[  197.095839][ T5883] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.100651][ T5883] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.104917][ T5883] usb 5-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00
[  197.108841][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.118912][ T5883] hub 5-1:4.128: USB hub found
[  197.240760][ T5884] usb 1-1: Using ep0 maxpacket: 16
[  197.245234][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.250324][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.254827][ T5884] usb 1-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  197.258826][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.265695][ T5884] usb 1-1: config 0 descriptor??
[  197.333811][ T5883] hub 5-1:4.128: 2 ports detected
[  197.336291][ T5883] hub 5-1:4.128: Using single TT (err -22)
[  197.550970][ T5883] hub 5-1:4.128: hub_hub_status failed (err = -71)
[  197.555655][ T5883] hub 5-1:4.128: config failed, can't get hub status (err -71)
[  197.599567][T10859] loop5: detected capacity change from 0 to 128
[  197.600029][ T5883] usb 5-1: USB disconnect, device number 14
[  197.617478][T10859] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.623052][T10859] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  197.656416][ T9544] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.709000][ T5884] gt683r_led 0003:1770:FF00.0011: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.0-1/input0
[  197.901737][T10889] loop5: detected capacity change from 0 to 8
[  197.909500][T10889] Filesystem uses "unknown" compression. This is not supported
[  197.917224][    T9] usb 1-1: USB disconnect, device number 27
[  197.928744][   T10] gt683r_led 0003:1770:FF00.0011: failed to send set report request: -19
[  197.961299][T10907] loop5: detected capacity change from 0 to 256
[  197.966077][T10907] exFAT-fs (loop5): error, invalid access to FAT (entry 0x00000005) bogus content (0x07ffffff)
[  197.971232][T10907] exFAT-fs (loop5): failed to count the number of clusters in root
[  197.974478][T10907] exFAT-fs (loop5): failed to recognize exfat type
[  198.865959][ T5884] usb 1-1: new low-speed USB device number 28 using dummy_hcd
[  199.030169][ T5884] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  199.034718][ T5884] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[  199.039872][ T5884] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[  199.051232][ T5884] usb 1-1: string descriptor 0 read error: -22
[  199.054252][ T5884] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  199.058241][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.065546][T10947] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  199.291012][ T5884] cdc_ncm 1-1:1.0: bind() failure
[  199.297884][ T5884] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  199.301448][ T5884] cdc_ncm 1-1:1.1: bind() failure
[  199.307542][ T5884] usb 1-1: USB disconnect, device number 28
[  199.368563][ T5910] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  199.528841][ T5910] usb 6-1: Using ep0 maxpacket: 32
[  199.534329][ T5910] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  199.541911][ T5910] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  199.546671][ T5910] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.551341][ T5910] usb 6-1: Product: syz
[  199.553171][ T5910] usb 6-1: Manufacturer: syz
[  199.555096][ T5910] usb 6-1: SerialNumber: syz
[  199.559812][ T5910] usb 6-1: config 0 descriptor??
[  199.566437][T10955] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  199.576078][ T5910] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input15
[  199.589149][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  199.804278][ T5910] usb 6-1: USB disconnect, device number 5
[  199.804352][    C0] usbtouchscreen 6-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  199.930977][T11010] loop0: detected capacity change from 0 to 128
[  199.948550][T11010] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  199.954489][T11010] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  200.390793][T11035] loop5: detected capacity change from 0 to 512
[  200.400169][T11035] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002]
[  200.403727][T11035] System zones: 1-12
[  200.407732][T11035] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.1451: Directory hole found for htree index block 0
[  200.421581][T11035] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[  200.426406][T11035] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.1451: Directory hole found for htree index block 0
[  200.436164][T11035] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  200.441257][T11035] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.478270][ T9544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.697180][T11049] binder: 11048:11049 ioctl c0306201 200000000640 returned -22
[  200.747822][T11051] loop5: detected capacity change from 0 to 1024
[  200.752210][T11051] EXT4-fs: Ignoring removed nobh option
[  200.754860][T11051] EXT4-fs: Ignoring removed bh option
[  200.786840][T11051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.984811][T11057] loop0: detected capacity change from 0 to 512
[  200.999605][T11057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.005314][T11057] ext4 filesystem being mounted at /492/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.398700][T11057] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.1457: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  201.417486][T11057] EXT4-fs (loop0): Remounting filesystem read-only
[  201.850150][ T9544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.948611][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.956218][T11071] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1460'.
[  201.978205][T11071] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.983057][T11071] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.238505][T11091] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1468'.
[  202.242120][T11091] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1468'.
[  202.749169][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  202.908100][    T9] usb 5-1: Using ep0 maxpacket: 16
[  202.955730][    T9] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  202.962407][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.966167][    T9] usb 5-1: Product: syz
[  202.968304][    T9] usb 5-1: Manufacturer: syz
[  202.970692][    T9] usb 5-1: SerialNumber: syz
[  202.991694][    T9] r8152-cfgselector 5-1: Unknown version 0x0000
[  202.996620][    T9] r8152-cfgselector 5-1: config 0 descriptor??
[  203.287499][    T9] r8152-cfgselector 5-1: Unknown version 0x0000
[  203.290768][    T9] r8152-cfgselector 5-1: bad CDC descriptors
[  203.399218][ T5884] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  203.510992][    T9] r8152-cfgselector 5-1: USB disconnect, device number 15
[  203.591540][ T5884] usb 6-1: Using ep0 maxpacket: 16
[  203.596352][ T5884] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  203.601395][ T5884] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  203.611344][ T5884] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  203.614833][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.617709][ T5884] usb 6-1: Product: syz
[  203.619325][ T5884] usb 6-1: Manufacturer: syz
[  203.621042][ T5884] usb 6-1: SerialNumber: syz
[  203.624950][ T5884] usb 6-1: config 0 descriptor??
[  203.630402][ T5884] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  203.638150][ T5884] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  203.729406][T11130] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI
[  203.733508][T11130] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[  203.737468][T11130] CPU: 0 UID: 0 PID: 11130 Comm: syz.0.1478 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  203.742993][T11130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  203.747150][T11130] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  203.749350][T11130] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 29 02 37 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 08 02 37 f9 4d 8b 24 24 48 83 c3
[  203.756195][T11130] RSP: 0018:ffffc9000287fa60 EFLAGS: 00010206
[  203.758666][T11130] RAX: 0000000000000005 RBX: ffff888026ed6700 RCX: 0000000000080000
[  203.761868][T11130] RDX: ffffc90003fa2000 RSI: 00000000000003bc RDI: 00000000000003bd
[  203.765040][T11130] RBP: 0000000000000001 R08: ffff8881068d692f R09: 1ffff11020d1ad25
[  203.768039][T11130] R10: dffffc0000000000 R11: ffffffff88ebee90 R12: 0000000000000028
[  203.771219][T11130] R13: dffffc0000000000 R14: ffff8881068d6800 R15: dffffc0000000000
[  203.774295][T11130] FS:  00007f001e0216c0(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  203.778100][T11130] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  203.780626][T11130] CR2: 00007f001e020fc8 CR3: 00000000235cc000 CR4: 00000000000006f0
[  203.784027][T11130] Call Trace:
[  203.785419][T11130]  <TASK>
[  203.786642][T11130]  pcl818_detach+0x66/0xd0
[  203.788518][T11130]  comedi_device_detach_locked+0x178/0x750
[  203.790872][T11130]  comedi_unlocked_ioctl+0xcde/0x1020
[  203.792920][T11130]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  203.795144][T11130]  ? __lock_acquire+0xab9/0xd20
[  203.797179][T11130]  ? __fget_files+0x2a/0x420
[  203.799105][T11130]  ? __fget_files+0x2a/0x420
[  203.801104][T11130]  ? __fget_files+0x3a0/0x420
[  203.803101][T11130]  ? __fget_files+0x2a/0x420
[  203.804926][T11130]  ? bpf_lsm_file_ioctl+0x9/0x20
[  203.806957][T11130]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  203.809203][T11130]  __se_sys_ioctl+0xfc/0x170
[  203.811013][T11130]  do_syscall_64+0xfa/0x3b0
[  203.812787][T11130]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.815014][T11130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.817449][T11130]  ? exc_page_fault+0x9f/0xf0
[  203.819339][T11130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.821712][T11130] RIP: 0033:0x7f001d18ebe9
[  203.823674][T11130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.831432][T11130] RSP: 002b:00007f001e021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.835020][T11130] RAX: ffffffffffffffda RBX: 00007f001d3b5fa0 RCX: 00007f001d18ebe9
[  203.838424][T11130] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000003
[  203.841663][T11130] RBP: 00007f001d211e19 R08: 0000000000000000 R09: 0000000000000000
[  203.844855][T11130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  203.848107][T11130] R13: 00007f001d3b6038 R14: 00007f001d3b5fa0 R15: 00007ffd8ae27788
[  203.851324][T11130]  </TASK>
[  203.852648][T11130] Modules linked in:
[  203.854924][T11130] ---[ end trace 0000000000000000 ]---
[  203.861570][T11130] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  203.863925][T11130] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 29 02 37 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 08 02 37 f9 4d 8b 24 24 48 83 c3
[  203.870570][T11130] RSP: 0018:ffffc9000287fa60 EFLAGS: 00010206
[  203.872813][T11130] RAX: 0000000000000005 RBX: ffff888026ed6700 RCX: 0000000000080000
[  203.875364][T11130] RDX: ffffc90003fa2000 RSI: 00000000000003bc RDI: 00000000000003bd
[  203.878016][T11130] RBP: 0000000000000001 R08: ffff8881068d692f R09: 1ffff11020d1ad25
[  203.881090][T11130] R10: dffffc0000000000 R11: ffffffff88ebee90 R12: 0000000000000028
[  203.883826][T11130] R13: dffffc0000000000 R14: ffff8881068d6800 R15: dffffc0000000000
[  203.886498][T11130] FS:  00007f001e0216c0(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  203.889373][T11130] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  203.892656][T11130] CR2: 0000001b31523ffc CR3: 00000000235cc000 CR4: 00000000000006f0
[  203.895477][T11130] Kernel panic - not syncing: Fatal exception
[  203.898400][T11130] Kernel Offset: disabled
[  203.900283][T11130] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:50:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000fe0 RDI=0000000000000fe1 RBP=00000000000003f8 RSP=ffffc9000287f290
R8 =ffff888021198237 R9 =1ffff11004233046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af1918 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f001e0216c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f001e020fc8 CR3=00000000235cc000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f001d387498 00007f001d387470 XMM03=00007f001d3874a8 00007f001d3874a0
XMM04=00007f001deed100 00007f001d387460 XMM05=00007f001d387478 00007f001d3874c0
XMM06=00007f001d3874b8 00007f001d3874b0 XMM07=00007f001d3874a8 00007f001d3874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f001d212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=050c213df086f400 RBX=ffffffff81968308 RCX=050c213df086f400 RDX=0000000000000001
RSI=ffffffff8be325e0 RDI=ffffffff81968308 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa34230 R13=0000000000000001 R14=0000000000000001 R15=1ffff11020006000
RIP=ffffffff8b7893f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000056509637a7e8 CR3=0000000106cda000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000015 000000000003bf12
XMM02=000055555ab8e603 000055555ab8e5e0 XMM03=000055555ab883f4 000055555ab883f0
XMM04=0000000000000000 0000000000000000 XMM05=000055555ab86132 000055555ab860f0
XMM06=0000000000000000 0000000000000000 XMM07=0800059803018080 8080080005900308
XMM08=0800058803100800 0580037a080004f8 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
