last executing test programs:

2.605458307s ago: executing program 2 (id=983):
r0 = fsopen(&(0x7f0000000000)='erofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000080)='dax\x00', &(0x7f0000000300)='g', 0x1)

2.515990333s ago: executing program 2 (id=984):
r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000480)={{0xffffffff, 0x0, 0x0, 0x10000, 'syz0\x00'}, 0x3, 0x20000000, 0x5, 0x0, 0x0, 0x1ff, 'syz0\x00', 0x0})
shmctl$SHM_LOCK(0x0, 0xb)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
r2 = syz_io_uring_setup(0xc, &(0x7f00000002c0)={0x0, 0x29, 0x8, 0x0, 0x209}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, &(0x7f0000000000)=[{0x0}], 0x1, 0x12})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r2, 0x847ba, 0x900, 0xe, 0x0, 0x0)

1.609842802s ago: executing program 0 (id=992):
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="c0400001", @ANYRES16=0x0, @ANYBLOB="000000000000000000001b000000200022801c000080080002000000000008000400000000000800050000000000050092000000000007002100616100007c0022803400008008000300000000000800050000000000080002000000000008000300000000000800020000000000080004000000000044000080080004000000000008000700000000000800060000000000080005000000000008000100000000000800020000000000080003"], 0xc0}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000180), 0xfefc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000002000/0x3000)=nil, &(0x7f0000000000/0xe000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000008000/0x2000)=nil, &(0x7f0000260000/0x4000)=nil, &(0x7f0000008000/0x3000)=nil, &(0x7f0000947000/0x1000)=nil, &(0x7f0000002000/0x1000)=nil, &(0x7f0000969000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f000000c000/0x2000)=nil, 0x0}, 0x68)

1.471253036s ago: executing program 0 (id=994):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x7fffffff, 0x36, 0x0, 0x11})

1.461078446s ago: executing program 2 (id=995):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xd9, 0x94, 0x8b, 0x20, 0x694, 0x1, 0xb244, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x60, 0x2, 0x1, 0xaa, 0x4, 0x96, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)

1.366535176s ago: executing program 0 (id=997):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = epoll_create1(0x80000)
r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x60000021})
epoll_wait(r0, &(0x7f0000000140)=[{}], 0x1, 0x1)

1.256856104s ago: executing program 0 (id=998):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x200068c0, &(0x7f0000000180)={0x11, 0x888e, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000006b40)={0x2020}, 0x206e)

1.182966367s ago: executing program 0 (id=1001):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0xffe}, 0x10)
write(r0, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0003000000", 0x41d)

926.7936ms ago: executing program 0 (id=1003):
syz_emit_ethernet(0xca, &(0x7f0000000640)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @dest_unreach={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x28, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @local, {[@rr={0x7, 0x3, 0xdd}, @generic={0x0, 0xd, "ee0dd9de36ed4bcc5b4e23"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}, @ssrr={0x89, 0xf, 0x0, [@private=0x4000, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private}, {}, {@local}, {@loopback}, {@private}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}, {@broadcast}]}, @timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}]}}}}}}}, 0x0)

752.784667ms ago: executing program 32 (id=1003):
syz_emit_ethernet(0xca, &(0x7f0000000640)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @dest_unreach={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x28, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @local, {[@rr={0x7, 0x3, 0xdd}, @generic={0x0, 0xd, "ee0dd9de36ed4bcc5b4e23"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private}]}, @ssrr={0x89, 0xf, 0x0, [@private=0x4000, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private}, {}, {@local}, {@loopback}, {@private}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}, {@broadcast}]}, @timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}]}}}}}}}, 0x0)

345.811847ms ago: executing program 1 (id=1005):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r1)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000019180)={[&(0x7f0000000200)=' ', &(0x7f0000019080)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']})

234.188853ms ago: executing program 2 (id=1006):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000019000100000000000000000080200000f610000500000000080001007f0000010800", @ANYRES32=0x0, @ANYBLOB="08000f"], 0x3c}}, 0x0)

232.076103ms ago: executing program 1 (id=1007):
r0 = syz_open_dev$swradio(&(0x7f0000000a00), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000a40)={0x0, 0x5})

157.248147ms ago: executing program 2 (id=1008):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404005400ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b70000000000000095000000000000003f0c54cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752688300000000dbc2777df150b7cdd77b85b941092314fd085f1b1b2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c830fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b8498aa787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28179f09943b1b0452d1b72183aacf4a84f9130b701b81675dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fd80f3876acb45821d0c48fb657c29b309c73f0977e7cde65a89d9458aac2795b2b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d2665016ac59dd20fde0745db06753a7ac7fe13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2084bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a3894696082417304fff0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bdb539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572ac45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af00200f900cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee78ebf9ef40662d7836961a8de6f2d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408816eae08cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb7819441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005391577f480000ea65559eb00e2b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e710d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d4ac534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f0300000000000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca396eeec1f53bb0bc1bc9ce45bb671f2dea5eafc74551cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b847e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fde46ad265983eb1b1c6adb1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0c5605000063902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f617396c18cc7130000fc000000210000006e00002000000000000027c9a46157a3ffff6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4472b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc4c860495b240e80063bde261fd000000000072f6df342f3e7071e28ef6806b6b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2b3a113e47edf76f7d116d2b0976cf2ec447c0309316d1dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a80500e92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949c68b7a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273061fc5c0e0a33db7f2d43ea8086cf059f40fa2645944cd9e7f2e6ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858e13e8f0ba9d1dec469dc71e998d99ebf7cfda638d7ce859acfec3f14ec2aa98b53cd68a0d99d62a5620b7c0f61dc386c449664a94bca09859a35760b7b818087347697c239990daec8384a12d973d5470efe5dae887be689c6b1551f4c5a649d9dc563d7049c91453facecbee789a1d5a4896b2b7bec3ec5e60c4916e5561888502a12f4985f9c7dab41cbf31c26cd12d5116de95b521a57408adbbac278be82fef3f9d8a51385b376b57e20be83e7b27460729a626250ccd7982eba588f86195e15119eca569bebba8514e5bfcbe51f1a628793b4ed4424c95a731628fa38e167b79affcd50b561d3a9cb4bea872d9e5a06a4201fd09eecfe283854837a65ecf8cd6cdaad4bf223db323de9d4854d66d324a0d125e3ebe2ed3c78e47392962860de6bb86759406e74335443407d9ee7d4a4430b60b6ef369604e1282b0c1aa8d4b18e8db32a0eeaaabc7f7b5c49bd88cfe860f69f5510179d867970f975169591908282cd4367f82e62e3fa37876f30934c23dc2d02a0c25839f008ec099503c8d1b3169aa9c5a7db7f0116d203ac6503596c3a5b063c28f84c9eb4200000000000000000000000000000000000009f491210abc6ed14c49e22898d449d435f7e0e94a6b8b37924f725c47d17471ea258133681ff4dca50beba02eacfe0910c1676bdff06e737e0d12878ab5366985c0e8245864b3abd02e81ba0638e4de4b2f62098108535546b58ae8baee1fcc301a3b4101588e60f6f7678b82aa80e37832a2f49744d23e3a11bd2282ec7ff3400e8748f91e247b80e1b65400"/3088], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
r3 = dup(r2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x2, @void}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000140)=ANY=[], 0x0)

157.008629ms ago: executing program 1 (id=1009):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000004700)=""/4097, 0x1001}, {&(0x7f0000001480)=""/4089, 0xff9}, {&(0x7f0000002500)=""/4137, 0x1029}, {&(0x7f0000000200)=""/115, 0x73}, {&(0x7f00000005c0)=""/172, 0xac}, {&(0x7f0000000500)=""/181, 0xb5}], 0x6}, 0x0)

95.949268ms ago: executing program 1 (id=1010):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1/file4/file6\x00', 0x104)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)

95.435478ms ago: executing program 2 (id=1011):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x22000402, &(0x7f0000000a40)={[{@dioread_lock}, {@noblock_validity}, {@noinit_itable}, {@discard}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@mb_optimize_scan}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x85, 0x4e6, &(0x7f00000001c0)="$eJzs3M1rHOUfAPDv7Oatr0n7Kz/ti3a1isFq0qRVe/CgotCLIuihHmMaS23aShvBlmKjSD2Kf0H1KAievHhSEFEvKl71LoUiuTR6kJXZndnsJptkN2kSm/18YHafZ+aZeeY7M8/uzDw7G0DHKqUvScT2iPgtIvqr2cYCperb7MzV8b9mro4nUS6/8mdSKXd75up4XjSfb1uWGSxEFD5IYn+Tei9dvnJ2bHJy4mKWH54699bwpctXHj9zbuz0xOmJ86PHjx87OvLUk6NPtBTHtWWmp3Hd3vfuhQN7T7z28Yvj5Xj9h8/T9d2eTa+Po2qgpXqXUopSlDNzY3sqrw+veun/LTvq0knXBq4IbSlGRLq7uivtvz+KMbfz+uOF92uZbzdoBYE1k3437Vowtpi9F2rfX8BmlGjj0KHyb/z0+jcf1vP8Y6PdejZ9najEP5sNP71U3TaF9Fp2oHrFXpw3X0/2/v8my+xLy1dnKPcvU//2iDg5/feNdIim9yGWkLRcEgCg5uv0/OexZud/hYZzm51ZH8pARByOiN0R8b+I2BOFWpl7IuLeNusvzcsvPP/5ZUubi2xLev73dNa3lQ/VKXlcSS23oxJ/d/LGmcmJI9k2GYzu3jQ/skQd3zz/60eLTSvVnf+lQ1p/fi6YrcfNrr7GeU6NTY2tIuQGt96L2NfVLP6k1hOQboG9EbFvBctPt9mZRz87kKZ3bls4ffn4F5FkHRerVP404pHq/p+OefHXVZXWtFj/5HBfTE4cGc6PioV+/Pn6y/X57rp0Q/x9rcXUt9Jgm0j3/9Z5x391+Vn8eTOY11873UYd13//cNFrmob4i3FjdiaJkw0LL9zs6o2ILXObLT3+e5JXK+n8OuydsampiyMRPdmIhvGjc0vL83n5NP7BQ83b/+6Ifz7J5tsfEelBfF9E3B8RB7N1fyAiHoyIQ0vE//1zD7259BZawfF/h6Txn2r6+Vc7/geS+v76FSSKZ7/7arH6W/r86z1WSQ1mY1r5/Gt1BVez7QAAAOBuUaj0QSeFoTxdd3NqT2wtTF64NHW4FG+fP1Xtqx6I7kJ+p6u/7n7oSHZvOM+PpumeufzRiNhV+aXRlkp+aPzC5I6NDByoPKuTt//ebNzQUPX9j/k/egE2n7b60ep/dPbFl3d+ZYB15XlN6FzaP3Qu7R86l/YPnatZ+78WMbsBqwKss9a+/8seN4dNyPk/dC7tHzqX9g8daeEj8fnfrazkSf+5xO4Tq5p9zRPl/jVZ8nT7cxXXKNKo+9OOxQsnEbGyKqKwdJmeuHylb532af7QSstzFZYt88xym6V7Vf+JkSYOZoneiGh1rmst7NM7d/ykErf9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9q/AQAA//9CaeBU")
creat(0x0, 0x1b8)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)

47.309699ms ago: executing program 1 (id=1012):
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @rand_addr=0x64010102, {[@generic={0x86, 0x8, "8ac9b40e2e6d"}]}}, {{0x0, 0x8035, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xc1}}}}}}, 0x0)

0s ago: executing program 1 (id=1013):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r2, 0x0, 0xffffffffffffff69, 0x44854, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)

kernel console output (not intermixed with test programs):

 scanned by syz.0.1 (5922)
[   60.796367][ T5922] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   60.806477][ T5927] loop1: detected capacity change from 0 to 32768
[   60.817999][ T5927] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.7 (5927)
[   60.833075][ T5922] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   60.835233][ T5927] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   60.835949][ T5922] BTRFS info (device loop0): using free-space-tree
[   60.840712][ T5927] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[   60.844862][ T5927] BTRFS info (device loop1): using free-space-tree
[   61.020024][ T5845] Bluetooth: hci2: command tx timeout
[   61.102879][   T55] Bluetooth: hci1: command tx timeout
[   61.105477][ T5845] Bluetooth: hci0: command tx timeout
[   61.124403][ T5922] BTRFS info (device loop0): rebuilding free space tree
[   61.413253][ T5841] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   61.798598][ T5850] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   62.302473][ T5968] syz.1.12 uses obsolete (PF_INET,SOCK_PACKET)
[   62.537852][ T5976] loop0: detected capacity change from 0 to 4096
[   62.552171][ T5976] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   62.676069][ T5970] loop2: detected capacity change from 0 to 32768
[   62.680600][ T5970] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.11 (5970)
[   62.701161][ T5970] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   62.704514][ T5970] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   62.710698][ T5980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17'.
[   62.713516][ T5980] netlink: 12 bytes leftover after parsing attributes in process `syz.0.17'.
[   62.716446][ T5980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.17'.
[   62.721080][ T5970] BTRFS info (device loop2): using free-space-tree
[   63.100600][ T5845] Bluetooth: hci2: command tx timeout
[   63.180869][   T55] Bluetooth: hci1: command tx timeout
[   63.184346][ T5845] Bluetooth: hci0: command tx timeout
[   63.441140][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.446773][ T6011] batadv_slave_0: entered promiscuous mode
[   63.636003][ T5843] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   64.753617][ T6013] loop0: detected capacity change from 0 to 32768
[   64.800841][ T6013] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   64.833950][ T6013] XFS (loop0): Ending clean mount
[   64.856784][ T6013] XFS (loop0): Quotacheck needed: Please wait.
[   64.894309][ T6013] XFS (loop0): Quotacheck: Done.
[   64.973788][ T5841] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   65.181798][ T5845] Bluetooth: hci2: command tx timeout
[   65.259671][ T5845] Bluetooth: hci0: command tx timeout
[   65.261170][   T55] Bluetooth: hci1: command tx timeout
[   66.299978][   T47] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   66.458919][   T47] usb 1-1: Using ep0 maxpacket: 8
[   66.472686][   T47] usb 1-1: config 1 has an invalid interface number: 22 but max is 2
[   66.475927][   T47] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.487590][ T6065] loop2: detected capacity change from 0 to 32768
[   66.490408][   T47] usb 1-1: config 1 has no interface number 1
[   66.492809][   T47] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   66.498482][ T6065] =======================================================
[   66.498482][ T6065] WARNING: The mand mount option has been deprecated and
[   66.498482][ T6065]          and is ignored by this kernel. Remove the mand
[   66.498482][ T6065]          option from the mount to silence this warning.
[   66.498482][ T6065] =======================================================
[   66.519375][   T47] usb 1-1: config 1 interface 2 altsetting 40 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   66.524512][   T47] usb 1-1: config 1 interface 2 has no altsetting 0
[   66.533025][   T47] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   66.536804][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   66.539803][   T47] usb 1-1: Product: syz
[   66.541139][   T47] usb 1-1: Manufacturer: syz
[   66.542625][   T47] usb 1-1: SerialNumber: syz
[   66.562889][ T6065] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   66.596844][ T6065] XFS (loop2): Ending clean mount
[   66.660381][ T5843] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   66.791706][   T47] usb 1-1: cannot find UAC_HEADER
[   66.838575][   T47] snd-usb-audio 1-1:1.2: probe with driver snd-usb-audio failed with error -22
[   66.883621][   T47] usb 1-1: USB disconnect, device number 2
[   66.986879][ T6079] netlink: 'syz.2.45': attribute type 12 has an invalid length.
[   67.028432][ T6081] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   67.038361][ T6081] iommufd_mock iommufd_mock1: Adding to iommu group 1
[   67.405377][ T6089] loop2: detected capacity change from 0 to 40427
[   67.406662][ T6091] vlan0: entered promiscuous mode
[   67.423370][ T6089] F2FS-fs (loop2): invalid crc value
[   67.466681][ T6089] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   67.471980][ T6089] F2FS-fs (loop2): Start checkpoint disabled!
[   67.489160][ T6089] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   67.570881][   T33] audit: type=1800 audit(1755040443.458:2): pid=6096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.50" name="bus" dev="loop2" ino=10 res=0 errno=0
[   67.584754][ T6096] syz.2.50: attempt to access beyond end of device
[   67.584754][ T6096] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   67.644579][ T6096] syz.2.50: attempt to access beyond end of device
[   67.644579][ T6096] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.677253][ T6096] syz.2.50: attempt to access beyond end of device
[   67.677253][ T6096] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.698464][ T6096] syz.2.50: attempt to access beyond end of device
[   67.698464][ T6096] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.741345][ T6096] syz.2.50: attempt to access beyond end of device
[   67.741345][ T6096] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.752515][ T6096] syz.2.50: attempt to access beyond end of device
[   67.752515][ T6096] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   67.800337][ T6096] syz.2.50: attempt to access beyond end of device
[   67.800337][ T6096] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.823815][ T6096] syz.2.50: attempt to access beyond end of device
[   67.823815][ T6096] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   67.859738][ T6096] syz.2.50: attempt to access beyond end of device
[   67.859738][ T6096] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   67.870153][ T6096] syz.2.50: attempt to access beyond end of device
[   67.870153][ T6096] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   67.985572][ T6103] warning: `syz.0.55' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   68.170129][ T6107] loop0: detected capacity change from 0 to 1024
[   68.205309][ T6107] EXT4-fs (loop0): orphan cleanup on readonly fs
[   68.237137][ T6107] EXT4-fs (loop0): 1 truncate cleaned up
[   68.249731][ T6107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.363422][ T5841] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.412443][ T6112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.60'.
[   68.675531][ T6120] netlink: 96 bytes leftover after parsing attributes in process `syz.1.62'.
[   68.828061][ T6125] Zero length message leads to an empty skb
[   68.923519][ T6131] netlink: 292 bytes leftover after parsing attributes in process `syz.0.67'.
[   69.047105][ T6127] loop1: detected capacity change from 0 to 32768
[   69.081618][ T6137] loop0: detected capacity change from 0 to 1024
[   69.102343][ T6127] (syz.1.65,6127,0):ocfs2_verify_heartbeat:839 ERROR: Heartbeat has to be started to mount a read-write clustered device.
[   69.118750][ T6127] (syz.1.65,6127,0):ocfs2_fill_super:1177 ERROR: status = -22
[   69.137395][ T6137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.199961][   T62] CPU: 0 UID: 0 PID: 62 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   69.199981][   T62] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   69.199987][   T62] Workqueue: writeback wb_workfn (flush-7:2)
[   69.200006][   T62] Call Trace:
[   69.200011][   T62]  <TASK>
[   69.200016][   T62]  dump_stack_lvl+0x189/0x250
[   69.200032][   T62]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.200041][   T62]  ? __pfx_queue_work_on+0x10/0x10
[   69.200051][   T62]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   69.200061][   T62]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   69.200074][   T62]  f2fs_handle_critical_error+0x37c/0x540
[   69.200090][   T62]  f2fs_write_end_io+0x886/0xb60
[   69.200110][   T62]  __submit_merged_bio+0x27a/0x6a0
[   69.200123][   T62]  __submit_merged_write_cond+0x255/0x530
[   69.200135][   T62]  f2fs_write_data_pages+0x261d/0x3000
[   69.200160][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   69.200177][   T62]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   69.200203][   T62]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   69.200218][   T62]  ? trace_f2fs_writepages+0x7f/0x200
[   69.200228][   T62]  ? f2fs_write_node_pages+0x478/0x6e0
[   69.200240][   T62]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   69.200263][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   69.200285][   T62]  do_writepages+0x32e/0x550
[   69.200306][   T62]  ? reacquire_held_locks+0x127/0x1d0
[   69.200322][   T62]  ? writeback_sb_inodes+0x384/0x1010
[   69.200344][   T62]  __writeback_single_inode+0x145/0xff0
[   69.200362][   T62]  ? do_raw_spin_unlock+0x4d/0x240
[   69.200379][   T62]  writeback_sb_inodes+0x6c7/0x1010
[   69.200402][   T62]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   69.200421][   T62]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   69.200448][   T62]  ? rcu_is_watching+0x15/0xb0
[   69.200462][   T62]  wb_writeback+0x43b/0xaf0
[   69.200475][   T62]  ? queue_io+0x391/0x590
[   69.200485][   T62]  ? __pfx_wb_writeback+0x10/0x10
[   69.200502][   T62]  ? _raw_spin_unlock_irq+0x23/0x50
[   69.200512][   T62]  wb_workfn+0x409/0xef0
[   69.200528][   T62]  ? __pfx_wb_workfn+0x10/0x10
[   69.200538][   T62]  ? __lock_acquire+0xab9/0xd20
[   69.200556][   T62]  ? process_scheduled_works+0x9ef/0x17b0
[   69.200567][   T62]  ? _raw_spin_unlock_irq+0x23/0x50
[   69.200574][   T62]  ? process_scheduled_works+0x9ef/0x17b0
[   69.200581][   T62]  ? process_scheduled_works+0x9ef/0x17b0
[   69.200589][   T62]  process_scheduled_works+0xae1/0x17b0
[   69.200609][   T62]  ? __pfx_process_scheduled_works+0x10/0x10
[   69.200630][   T62]  worker_thread+0x8a0/0xda0
[   69.200640][   T62]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   69.200651][   T62]  ? __kthread_parkme+0x7b/0x200
[   69.200665][   T62]  kthread+0x711/0x8a0
[   69.200676][   T62]  ? __pfx_worker_thread+0x10/0x10
[   69.200683][   T62]  ? __pfx_kthread+0x10/0x10
[   69.200693][   T62]  ? _raw_spin_unlock_irq+0x23/0x50
[   69.200700][   T62]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.200709][   T62]  ? __pfx_kthread+0x10/0x10
[   69.200719][   T62]  ret_from_fork+0x3fc/0x770
[   69.200729][   T62]  ? __pfx_ret_from_fork+0x10/0x10
[   69.200740][   T62]  ? __switch_to_asm+0x39/0x70
[   69.200749][   T62]  ? __switch_to_asm+0x33/0x70
[   69.200758][   T62]  ? __pfx_kthread+0x10/0x10
[   69.200767][   T62]  ret_from_fork_asm+0x1a/0x30
[   69.200784][   T62]  </TASK>
[   69.200806][   T62] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   69.350532][ T5841] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.520090][ T6147] binder: 6144:6147 ioctl 40046205 0 returned -22
[   69.665606][ T6150] syzkaller0: entered promiscuous mode
[   69.667974][ T6150] syzkaller0: entered allmulticast mode
[   70.546334][ T6157] loop0: detected capacity change from 0 to 32768
[   70.555173][ T6157] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.77 (6157)
[   70.602486][ T6157] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   70.605639][ T6157] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   70.608279][ T6157] BTRFS info (device loop0): using free-space-tree
[   70.795013][ T5841] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   71.036751][ T6180] openvswitch: netlink: IP tunnel dst address not specified
[   71.105121][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   71.107193][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.228685][ T6182] loop0: detected capacity change from 0 to 32768
[   71.235543][ T6182] ERROR: (device loop0): xtSearch: xt_getpage: xtree page corrupt
[   71.235543][ T6182] 
[   71.245673][ T6182] ERROR: (device loop0): remounting filesystem as read-only
[   71.248087][ T6182] xtLookup: xtSearch returned -5
[   71.249916][ T6182] read_mapping_page failed!
[   71.251330][ T6182] jfs_mount: diMount(ipaimap2) failed, rc = -5
[   71.253699][ T6182] Mount JFS Failure: -5
[   71.255008][ T6182] jfs_mount failed w/return code = -5
[   71.809050][ T5314] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   71.832241][ T6198] loop2: detected capacity change from 0 to 40427
[   71.838961][ T6198] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[   71.841072][ T6198] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   71.911963][ T6198] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   71.920825][ T6198] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   71.923113][ T6198] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   71.963963][ T5843] CPU: 0 UID: 0 PID: 5843 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   71.963977][ T5843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   71.963983][ T5843] Call Trace:
[   71.963987][ T5843]  <TASK>
[   71.963999][ T5843]  dump_stack_lvl+0x189/0x250
[   71.964017][ T5843]  ? __pfx_dump_stack_lvl+0x10/0x10
[   71.964027][ T5843]  ? __pfx_queue_work_on+0x10/0x10
[   71.964050][ T5843]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   71.964060][ T5843]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   71.964073][ T5843]  f2fs_handle_critical_error+0x37c/0x540
[   71.964088][ T5843]  f2fs_write_end_io+0x886/0xb60
[   71.964107][ T5843]  __submit_merged_bio+0x27a/0x6a0
[   71.964119][ T5843]  __submit_merged_write_cond+0x255/0x530
[   71.964131][ T5843]  f2fs_write_data_pages+0x261d/0x3000
[   71.964156][ T5843]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   71.964197][ T5843]  ? __lock_acquire+0xab9/0xd20
[   71.964213][ T5843]  ? do_raw_spin_lock+0x121/0x290
[   71.964227][ T5843]  ? do_raw_spin_unlock+0x4d/0x240
[   71.964236][ T5843]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   71.964246][ T5843]  do_writepages+0x32e/0x550
[   71.964262][ T5843]  ? do_raw_spin_unlock+0x4d/0x240
[   71.964273][ T5843]  filemap_fdatawrite+0x199/0x240
[   71.964285][ T5843]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   71.964316][ T5843]  ? do_raw_spin_unlock+0x4d/0x240
[   71.964327][ T5843]  f2fs_sync_dirty_inodes+0x31f/0x830
[   71.964347][ T5843]  f2fs_write_checkpoint+0x95a/0x1df0
[   71.964368][ T5843]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   71.964397][ T5843]  ? call_rcu+0x6ff/0x9c0
[   71.964405][ T5843]  ? lockdep_hardirqs_on+0x9c/0x150
[   71.964416][ T5843]  ? kill_f2fs_super+0x298/0x6c0
[   71.964430][ T5843]  kill_f2fs_super+0x2c3/0x6c0
[   71.964444][ T5843]  ? __pfx_kill_f2fs_super+0x10/0x10
[   71.964453][ T5843]  ? radix_tree_delete_item+0x2b6/0x400
[   71.964466][ T5843]  ? shrinker_free+0x2ce/0x3e0
[   71.964477][ T5843]  deactivate_locked_super+0xbc/0x130
[   71.964489][ T5843]  cleanup_mnt+0x425/0x4c0
[   71.964499][ T5843]  ? lockdep_hardirqs_on+0x9c/0x150
[   71.964509][ T5843]  task_work_run+0x1d4/0x260
[   71.964521][ T5843]  ? __pfx_task_work_run+0x10/0x10
[   71.964530][ T5843]  ? __x64_sys_umount+0x122/0x160
[   71.964543][ T5843]  ? exit_to_user_mode_loop+0x40/0x110
[   71.964558][ T5843]  exit_to_user_mode_loop+0xec/0x110
[   71.964568][ T5843]  do_syscall_64+0x2bd/0x3b0
[   71.964578][ T5843]  ? lockdep_hardirqs_on+0x9c/0x150
[   71.964586][ T5843]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.964594][ T5843]  ? exc_page_fault+0x9f/0xf0
[   71.964604][ T5843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.964611][ T5843] RIP: 0033:0x7f044758ff17
[   71.964622][ T5843] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   71.964638][ T5843] RSP: 002b:00007ffd51148088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   71.964651][ T5843] RAX: 0000000000000000 RBX: 00007f0447611c05 RCX: 00007f044758ff17
[   71.964657][ T5843] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd51148140
[   71.964663][ T5843] RBP: 00007ffd51148140 R08: 0000000000000000 R09: 0000000000000000
[   71.964694][ T5843] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd511491d0
[   71.964701][ T5843] R13: 00007f0447611c05 R14: 000000000001188e R15: 00007ffd51149210
[   71.964721][ T5843]  </TASK>
[   71.964894][ T5843] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   72.030038][ T6202] loop1: detected capacity change from 0 to 32768
[   72.030253][ T5314] usb 1-1: New USB device found, idVendor=2133, idProduct=0018, bcdDevice= 0.00
[   72.035478][ T6202] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.91 (6202)
[   72.035616][ T5314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.044133][ T6202] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   72.088447][ T5314] usb 1-1: config 0 descriptor??
[   72.140640][ T6202] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[   72.144640][ T6202] BTRFS info (device loop1): using free-space-tree
[   72.263935][   T33] audit: type=1800 audit(1755040448.158:3): pid=6202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.91" name="file1" dev="loop1" ino=260 res=0 errno=0
[   72.359373][ T5850] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   72.524862][ T6229] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   72.546711][ T5314] viewsonic 0003:2133:0018.0001: unknown main item tag 0x0
[   72.557247][ T5314] viewsonic 0003:2133:0018.0001: item fetching failed at offset 3/5
[   72.568777][ T5314] viewsonic 0003:2133:0018.0001: probe with driver viewsonic failed with error -22
[   72.614418][ T6234] netlink: 'syz.2.97': attribute type 1 has an invalid length.
[   72.616918][ T6234] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   72.813180][ T6236] loop2: detected capacity change from 0 to 32768
[   72.820200][ T6236] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.98 (6236)
[   72.840538][ T6236] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   72.844744][ T6236] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[   72.847832][ T6236] BTRFS info (device loop2): using free-space-tree
[   72.873578][   T33] audit: type=1800 audit(1755040448.768:4): pid=6236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.98" name="file1" dev="loop2" ino=260 res=0 errno=0
[   73.454072][ T6259] netlink: 'syz.1.100': attribute type 2 has an invalid length.
[   73.457252][ T6259] netlink: 20 bytes leftover after parsing attributes in process `syz.1.100'.
[   73.583769][ T5843] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   74.202450][ T6269] loop2: detected capacity change from 0 to 32768
[   74.214205][ T6269] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   74.237146][ T6269] XFS (loop2): Ending clean mount
[   74.241877][ T6269] XFS (loop2): Quotacheck needed: Please wait.
[   74.261728][ T6269] XFS (loop2): Quotacheck: Done.
[   74.291342][ T5843] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   74.587607][ T5314] usb 1-1: USB disconnect, device number 3
[   74.629974][ T6293] team0: Device gtp1 is of different type
[   75.086280][ T6299] process 'syz.0.113' launched '/dev/fd/6' with NULL argv: empty string added
[   75.672068][ T6309] netlink: 'syz.2.118': attribute type 1 has an invalid length.
[   75.953666][ T6305] loop1: detected capacity change from 0 to 40427
[   75.966658][ T6305] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   75.971934][ T6305] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   75.976432][ T6305] F2FS-fs (loop1): invalid crc value
[   76.247663][ T6305] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   76.254284][ T6305] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   76.256618][ T6305] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   76.759038][ T2214] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   76.918967][ T2214] usb 2-1: Using ep0 maxpacket: 32
[   76.923393][ T2214] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[   76.926750][ T2214] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.933624][ T2214] usb 2-1: config 0 descriptor??
[   76.939054][ T2214] gspca_main: nw80x-2.14.0 probing 055f:d001
[   77.118878][ T5314] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   77.141087][ T2214] gspca_nw80x: reg_w err -71
[   77.142642][ T2214] nw80x 2-1:0.0: probe with driver nw80x failed with error -71
[   77.147991][ T2214] usb 2-1: USB disconnect, device number 2
[   77.269004][ T5314] usb 3-1: Using ep0 maxpacket: 16
[   77.273578][ T5314] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   77.276807][ T5314] usb 3-1: config 0 has no interface number 0
[   77.281894][ T5314] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[   77.285396][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.288520][ T5314] usb 3-1: Product: syz
[   77.290591][ T5314] usb 3-1: Manufacturer: syz
[   77.292812][ T5314] usb 3-1: SerialNumber: syz
[   77.297298][ T5314] usb 3-1: config 0 descriptor??
[   77.303564][ T5314] gspca_main: spca1528-2.14.0 probing 04fc:1528
[   77.507660][ T5314] gspca_spca1528: reg_w err -71
[   77.539066][ T5314] spca1528 3-1:0.1: probe with driver spca1528 failed with error -71
[   77.545666][ T5314] usb 3-1: USB disconnect, device number 2
[   77.956583][ T6341] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   78.907844][ T6360] syz.1.138 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   79.735341][ T5845] Bluetooth: hci2: unexpected cc 0x040d length: 63 > 7
[   79.919019][ T5314] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   80.070750][ T5314] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   80.074672][ T5314] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   80.078196][ T5314] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[   80.083640][ T5314] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   80.089930][ T5314] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   80.092724][ T5314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   80.095264][ T5314] usb 1-1: SerialNumber: syz
[   80.315140][ T5314] usb 1-1: 0:2 : does not exist
[   80.317730][ T5314] usb 1-1: unit 5 not found!
[   80.332018][ T5314] usb 1-1: USB disconnect, device number 4
[   80.356073][ T5847] udevd[5847]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   80.700473][ T5845] Bluetooth: hci3: command 0x1003 tx timeout
[   80.703465][   T55] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   81.061341][ T6402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.154'.
[   81.159220][   T24] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   81.196596][ T6410] mmap: syz.1.158 (6410) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   81.320694][   T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   81.324594][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.327951][   T24] usb 3-1: Product: syz
[   81.331840][   T24] usb 3-1: Manufacturer: syz
[   81.333879][   T24] usb 3-1: SerialNumber: syz
[   81.346518][   T10] cfg80211: failed to load regulatory.db
[   81.358732][   T24] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   81.432509][   T47] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   81.463781][ T2214] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   81.649015][ T2214] usb 1-1: Using ep0 maxpacket: 16
[   81.654322][ T2214] usb 1-1: config 254 has an invalid interface number: 235 but max is 0
[   81.657024][ T2214] usb 1-1: config 254 has no interface number 0
[   81.662286][ T2214] usb 1-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32
[   81.669094][ T2214] usb 1-1: config 254 interface 235 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   81.677256][ T2214] usb 1-1: config 254 interface 235 has no altsetting 0
[   81.842555][ T6421] loop1: detected capacity change from 0 to 40427
[   81.847424][ T6421] F2FS-fs (loop1): invalid crc value
[   81.894936][ T2214] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[   81.897968][ T2214] usb 1-1: New USB device strings: Mfr=1, Product=251, SerialNumber=3
[   81.915827][ T2214] usb 1-1: Product: syz
[   81.917460][ T2214] usb 1-1: Manufacturer: syz
[   81.918138][   T24] usb 3-1: USB disconnect, device number 3
[   81.925258][ T2214] usb 1-1: SerialNumber: syz
[   81.964920][ T6421] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   81.969208][ T6421] F2FS-fs (loop1): Start checkpoint disabled!
[   81.972612][ T6421] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   81.984490][ T6408] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   82.247739][ T6424] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   82.528471][ T2214] usbtest 1-1:254.235: couldn't get endpoints, -71
[   82.530645][ T2214] usbtest 1-1:254.235: probe with driver usbtest failed with error -71
[   82.536510][ T2214] usb 1-1: USB disconnect, device number 5
[   82.552486][   T47] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[   82.556258][   T47] ath9k_htc: Failed to initialize the device
[   82.578061][   T36] bio_check_eod: 183 callbacks suppressed
[   82.578099][   T36] kworker/u10:1: attempt to access beyond end of device
[   82.578099][   T36] loop1: rw=1, sector=45096, nr_sectors = 8 limit=40427
[   82.588094][   T24] usb 3-1: ath9k_htc: USB layer deinitialized
[   82.599690][   T36] kworker/u10:1: attempt to access beyond end of device
[   82.599690][   T36] loop1: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[   82.604582][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u10:1 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   82.604601][   T36] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   82.604610][   T36] Workqueue: writeback wb_workfn (flush-7:1)
[   82.604633][   T36] Call Trace:
[   82.604638][   T36]  <TASK>
[   82.604645][   T36]  dump_stack_lvl+0x189/0x250
[   82.604695][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.604712][   T36]  ? __pfx_queue_work_on+0x10/0x10
[   82.604725][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   82.604741][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   82.604762][   T36]  f2fs_handle_critical_error+0x37c/0x540
[   82.604786][   T36]  f2fs_write_end_io+0x886/0xb60
[   82.604815][   T36]  __submit_merged_bio+0x27a/0x6a0
[   82.604834][   T36]  __submit_merged_write_cond+0x255/0x530
[   82.604856][   T36]  f2fs_write_data_pages+0x261d/0x3000
[   82.604898][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.604967][   T36]  ? f2fs_write_meta_pages+0x357/0x450
[   82.604989][   T36]  ? __lock_acquire+0xab9/0xd20
[   82.605008][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.605026][   T36]  do_writepages+0x32e/0x550
[   82.605055][   T36]  ? reacquire_held_locks+0x127/0x1d0
[   82.605066][   T36]  ? writeback_sb_inodes+0x384/0x1010
[   82.605087][   T36]  __writeback_single_inode+0x145/0xff0
[   82.605104][   T36]  ? do_raw_spin_unlock+0x4d/0x240
[   82.605122][   T36]  writeback_sb_inodes+0x6c7/0x1010
[   82.605161][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   82.605194][   T36]  ? rcu_is_watching+0x15/0xb0
[   82.605207][   T36]  wb_writeback+0x43b/0xaf0
[   82.605220][   T36]  ? queue_io+0x391/0x590
[   82.605231][   T36]  ? __pfx_wb_writeback+0x10/0x10
[   82.605244][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.605255][   T36]  wb_workfn+0x409/0xef0
[   82.605270][   T36]  ? __pfx_wb_workfn+0x10/0x10
[   82.605280][   T36]  ? __lock_acquire+0xab9/0xd20
[   82.605295][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.605306][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.605313][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.605320][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.605328][   T36]  process_scheduled_works+0xae1/0x17b0
[   82.605348][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[   82.605369][   T36]  worker_thread+0x8a0/0xda0
[   82.605389][   T36]  kthread+0x711/0x8a0
[   82.605399][   T36]  ? __pfx_worker_thread+0x10/0x10
[   82.605407][   T36]  ? __pfx_kthread+0x10/0x10
[   82.605416][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.605424][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[   82.605432][   T36]  ? __pfx_kthread+0x10/0x10
[   82.605442][   T36]  ret_from_fork+0x3fc/0x770
[   82.605451][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[   82.605462][   T36]  ? __switch_to_asm+0x39/0x70
[   82.605471][   T36]  ? __switch_to_asm+0x33/0x70
[   82.605480][   T36]  ? __pfx_kthread+0x10/0x10
[   82.605489][   T36]  ret_from_fork_asm+0x1a/0x30
[   82.605506][   T36]  </TASK>
[   82.605510][   T36] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   82.721606][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u10:1 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[   82.721629][   T36] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   82.721671][   T36] Workqueue: writeback wb_workfn (flush-7:1)
[   82.721695][   T36] Call Trace:
[   82.721702][   T36]  <TASK>
[   82.721709][   T36]  dump_stack_lvl+0x189/0x250
[   82.721731][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.721749][   T36]  ? __pfx_queue_work_on+0x10/0x10
[   82.721762][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   82.721778][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   82.721804][   T36]  f2fs_handle_critical_error+0x37c/0x540
[   82.721829][   T36]  f2fs_write_end_io+0x886/0xb60
[   82.721866][   T36]  __submit_merged_bio+0x27a/0x6a0
[   82.721889][   T36]  __submit_merged_write_cond+0x255/0x530
[   82.721913][   T36]  f2fs_write_data_pages+0x261d/0x3000
[   82.721964][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.722057][   T36]  ? f2fs_write_meta_pages+0x357/0x450
[   82.722085][   T36]  ? __lock_acquire+0xab9/0xd20
[   82.722109][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.722128][   T36]  do_writepages+0x32e/0x550
[   82.722152][   T36]  ? reacquire_held_locks+0x127/0x1d0
[   82.722165][   T36]  ? writeback_sb_inodes+0x384/0x1010
[   82.722191][   T36]  __writeback_single_inode+0x145/0xff0
[   82.722210][   T36]  ? do_raw_spin_unlock+0x4d/0x240
[   82.722231][   T36]  writeback_sb_inodes+0x6c7/0x1010
[   82.722274][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   82.722324][   T36]  ? rcu_is_watching+0x15/0xb0
[   82.722345][   T36]  wb_writeback+0x43b/0xaf0
[   82.722370][   T36]  ? queue_io+0x391/0x590
[   82.722390][   T36]  ? __pfx_wb_writeback+0x10/0x10
[   82.722414][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.722433][   T36]  wb_workfn+0x409/0xef0
[   82.722461][   T36]  ? __pfx_wb_workfn+0x10/0x10
[   82.722480][   T36]  ? __lock_acquire+0xab9/0xd20
[   82.722510][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.722530][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.722543][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.722555][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[   82.722570][   T36]  process_scheduled_works+0xae1/0x17b0
[   82.722611][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[   82.722679][   T36]  worker_thread+0x8a0/0xda0
[   82.722715][   T36]  kthread+0x711/0x8a0
[   82.722733][   T36]  ? __pfx_worker_thread+0x10/0x10
[   82.722746][   T36]  ? __pfx_kthread+0x10/0x10
[   82.722765][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.722779][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[   82.722793][   T36]  ? __pfx_kthread+0x10/0x10
[   82.722811][   T36]  ret_from_fork+0x3fc/0x770
[   82.722829][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[   82.722848][   T36]  ? __switch_to_asm+0x39/0x70
[   82.722864][   T36]  ? __switch_to_asm+0x33/0x70
[   82.722880][   T36]  ? __pfx_kthread+0x10/0x10
[   82.722898][   T36]  ret_from_fork_asm+0x1a/0x30
[   82.722931][   T36]  </TASK>
[   82.722938][   T36] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   83.096623][ T6456] netlink: 'syz.1.165': attribute type 10 has an invalid length.
[   83.104278][ T6452] IPVS: Scheduler module ip_vs_sip not found
[   83.106873][ T6452] IPVS: length: 146 != 8
[   83.111361][ T6456] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.118221][ T6456] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   83.371936][   T33] audit: type=1326 audit(1755040459.268:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6466 comm="syz.0.181" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de158ebe9 code=0x7ffc0000
[   83.380793][   T33] audit: type=1326 audit(1755040459.268:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6466 comm="syz.0.181" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0de158ebe9 code=0x7ffc0000
[   83.697848][   T33] audit: type=1326 audit(1755040459.268:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6466 comm="syz.0.181" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de158ebe9 code=0x7ffc0000
[   83.746735][   T33] audit: type=1326 audit(1755040459.268:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6466 comm="syz.0.181" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0de158ebe9 code=0x7ffc0000
[   83.759692][   T55] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   83.765028][   T55] Bluetooth: hci2: Injecting HCI hardware error event
[   83.777039][ T5845] Bluetooth: hci2: hardware error 0x00
[   84.476801][ T6492] loop2: detected capacity change from 0 to 512
[   84.512617][ T6492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   84.517702][ T6492] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   84.676633][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   84.789767][   T47] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   84.875151][ T6514] netlink: zone id is out of range
[   84.917071][ T6514] netlink: set zone limit has 4 unknown bytes
[   84.939422][   T47] usb 2-1: Using ep0 maxpacket: 16
[   84.943888][   T47] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.952412][ T6514] netlink: del zone limit has 4 unknown bytes
[   84.955254][   T47] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.960843][   T47] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[   84.976310][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   84.988970][   T47] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   84.991984][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.010946][   T47] usb 2-1: config 0 descriptor??
[   85.440713][   T47] hid (null): unknown global tag 0xe
[   85.442668][   T47] hid (null): usage index exceeded
[   85.444532][   T47] hid (null): unknown global tag 0xe
[   85.446516][   T47] hid (null): unknown global tag 0xd
[   85.450342][   T47] hid (null): nested delimiters
[   85.720696][   T47] usb 2-1: USB disconnect, device number 3
[   85.900281][ T5845] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   86.933030][ T6539] loop0: detected capacity change from 0 to 2048
[   86.958304][ T6541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.213'.
[   87.032051][ T6545] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.123636][ T6548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.216'.
[   87.127331][ T6548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.216'.
[   87.237053][ T6551] loop2: detected capacity change from 0 to 1024
[   87.579896][ T6551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.672308][   T33] audit: type=1800 audit(1755040463.568:9): pid=6551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.217" name="bus" dev="loop2" ino=19 res=0 errno=0
[   87.693322][ T6551] Trying to write to read-only block-device loop2
[   87.781898][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.040553][ T6566] loop0: detected capacity change from 0 to 4096
[   88.049540][ T6566] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.053979][ T6566] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.056794][ T6566] EXT4-fs (loop0): Test dummy encryption mode enabled
[   88.066899][ T6566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.075368][ T6566] EXT4-fs: Ignoring removed nomblk_io_submit option
[   88.077651][ T6566] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.084416][ T6566] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   88.130640][ T5841] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.231658][ T6583] netlink: 'syz.1.230': attribute type 3 has an invalid length.
[   88.249615][   T33] audit: type=1326 audit(1755040464.128:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.229" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044758ebe9 code=0x7ffc0000
[   88.257474][   T33] audit: type=1326 audit(1755040464.128:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.229" exe="/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f044758ebe9 code=0x7ffc0000
[   88.286473][   T33] audit: type=1326 audit(1755040464.128:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.2.229" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044758ebe9 code=0x7ffc0000
[   88.406189][ T6595] loop1: detected capacity change from 0 to 128
[   88.535144][ T6585] loop0: detected capacity change from 0 to 32768
[   88.598231][ T6585] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[   88.635763][ T5841] ocfs2: Unmounting device (7,0) on (node local)
[   88.738736][ T6613] loop0: detected capacity change from 0 to 1024
[   88.750282][ T6613] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   88.753936][ T6613] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   88.767783][ T6613] JBD2: no valid journal superblock found
[   88.770490][ T6613] EXT4-fs (loop0): Could not load journal inode
[   89.049097][   T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   89.208960][   T10] usb 3-1: Using ep0 maxpacket: 8
[   89.215414][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[   89.218318][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.222554][   T10] usb 3-1: Product: syz
[   89.223905][   T10] usb 3-1: Manufacturer: syz
[   89.225493][   T10] usb 3-1: SerialNumber: syz
[   89.230005][   T10] usb 3-1: config 0 descriptor??
[   89.644781][   T10] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[   90.374134][   T10] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[   90.384436][   T10] usb 3-1: USB disconnect, device number 4
[   91.182120][   T10] kernel write not supported for file /188/sched (pid: 10 comm: kworker/0:1)
[   91.191941][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   91.322002][ T6691] capability: warning: `syz.2.278' uses deprecated v2 capabilities in a way that may be insecure
[   91.364924][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[   91.375834][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[   91.387915][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   91.398943][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[   91.404042][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.421076][   T24] usb 2-1: config 0 descriptor??
[   91.434377][   T24] em28xx 2-1:0.0: New device   @ 480 Mbps (2040:1605, interface 0, class 0)
[   91.437294][   T24] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[   91.623740][   T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   91.691141][   T24] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[   91.700010][   T24] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[   91.702704][   T24] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[   91.705650][   T24] em28xx 2-1:0.0: No AC97 audio processor
[   91.729288][   T24] usb 2-1: USB disconnect, device number 4
[   91.735976][   T24] em28xx 2-1:0.0: Disconnecting em28xx
[   91.752673][   T24] em28xx 2-1:0.0: Freeing device
[   91.778903][   T10] usb 3-1: Using ep0 maxpacket: 8
[   91.783098][   T10] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[   91.785811][   T10] usb 3-1: config 0 has no interface number 0
[   91.801255][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   91.804626][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.807194][   T10] usb 3-1: Product: syz
[   91.814465][   T10] usb 3-1: Manufacturer: syz
[   91.816083][   T10] usb 3-1: SerialNumber: syz
[   91.827829][   T10] usb 3-1: config 0 descriptor??
[   92.038599][   T10] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[   92.042774][   T10] usb 3-1: No valid video chain found.
[   92.045878][   T10] usb 3-1: USB disconnect, device number 5
[   92.590303][   T33] audit: type=1326 audit(1755040468.488:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6724 comm="syz.2.294" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f044758ebe9 code=0x0
[   94.177324][ T6746] netlink: 'syz.1.302': attribute type 29 has an invalid length.
[   94.183907][ T6746] netlink: 'syz.1.302': attribute type 29 has an invalid length.
[   94.277899][ T6748] loop1: detected capacity change from 0 to 4096
[   94.457397][ T6750] syz.1.304: attempt to access beyond end of device
[   94.457397][ T6750] loop1: rw=0, sector=1, nr_sectors = 1 limit=0
[   94.463149][ T6750] qnx4: unable to read the superblock
[   94.851354][ T6770] loop2: detected capacity change from 0 to 512
[   94.887226][ T6772] netlink: 4 bytes leftover after parsing attributes in process `syz.2.315'.
[   94.890878][ T6772] netlink: 4 bytes leftover after parsing attributes in process `syz.2.315'.
[   95.668796][ T6813] syzkaller1: entered promiscuous mode
[   95.672314][ T6813] syzkaller1: entered allmulticast mode
[   96.159071][   T47] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   96.175120][ T6824] loop0: detected capacity change from 0 to 32768
[   96.253127][ T6826] loop1: detected capacity change from 0 to 32768
[   96.268471][ T6826] (syz.1.339,6826,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[   96.273040][ T6826] (syz.1.339,6826,0):ocfs2_fill_super:1177 ERROR: status = -22
[   96.329261][   T47] usb 3-1: Using ep0 maxpacket: 8
[   96.337445][   T47] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   96.342070][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[   96.345563][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   96.348568][   T47] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   96.358964][   T47] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   96.368976][   T47] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   96.371877][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.376023][   T47] usb 3-1: config 0 descriptor??
[   96.505170][ T6829] loop1: detected capacity change from 0 to 32768
[   96.512595][ T6829] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.341 (6829)
[   96.521823][ T6829] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   96.525197][ T6829] BTRFS info (device loop1 state S): using crc32c (crc32c-lib) checksum algorithm
[   96.577938][   T26] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[   96.584949][   T32] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[   96.588093][   T47] usb 3-1: USB disconnect, device number 6
[   96.591753][   T26] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[   96.599226][ T4302] BTRFS warning (device loop1 state S): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x0bc7de37 level 0, ignored
[   96.615621][ T6829] BTRFS error (device loop1 state S): logical 6881280 len 1638400 found bg but no related chunk
[   96.642636][ T5850] BTRFS info (device loop1 state S): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   97.237139][ T6853] loop1: detected capacity change from 0 to 32768
[   97.288276][ T6849] loop0: detected capacity change from 0 to 32768
[   97.297898][ T6849] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.340 (6849)
[   97.322700][ T6849] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   97.330026][ T6849] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   97.336204][ T6849] BTRFS info (device loop0): using free-space-tree
[   97.373324][ T6849] BTRFS info (device loop0): rebuilding free space tree
[   97.498106][ T6855] loop2: detected capacity change from 0 to 32768
[   97.745386][ T5841] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   98.523702][ T6898] loop0: detected capacity change from 0 to 1024
[   98.570906][ T5845] Bluetooth: hci0: unknown advertising packet type: 0x72
[   98.570962][ T5845] Bluetooth: hci0: unknown advertising packet type: 0x30
[   98.574105][ T5845] Bluetooth: hci0: unknown advertising packet type: 0x6b
[   99.326864][   T36] hfsplus: b-tree write err: -5, ino 4
[  100.047870][ T6922] loop1: detected capacity change from 0 to 32768
[  100.066776][ T6922] (syz.1.364,6922,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  100.079185][ T6922] (syz.1.364,6922,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  100.114959][ T6922] JBD2: Ignoring recovery information on journal
[  100.121218][ T6938] loop0: detected capacity change from 0 to 128
[  100.135872][ T6938] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.153609][ T6922] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  100.158462][ T6938] ext4 filesystem being mounted at /126/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.164768][ T6938] EXT4-fs (loop0): resizing filesystem from 64 to 2 blocks
[  100.172159][ T6938] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  100.194084][ T5841] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  100.268216][ T5850] ocfs2: Unmounting device (7,1) on (node local)
[  100.311877][ T6945] loop0: detected capacity change from 0 to 1024
[  100.320423][ T6945] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  100.344152][ T6945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.357444][ T6945] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.373971][   T33] audit: type=1800 audit(1755040476.268:14): pid=6945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.375" name="file1" dev="loop0" ino=15 res=0 errno=0
[  100.406298][ T5841] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.936757][ T6963] loop0: detected capacity change from 0 to 40427
[  100.947805][ T6963] F2FS-fs (loop0): invalid crc value
[  101.003849][ T6963] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  101.008325][ T6963] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  101.018582][   T33] audit: type=1800 audit(1755040476.908:15): pid=6963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.381" name="file1" dev="loop0" ino=10 res=0 errno=0
[  101.043003][ T5841] syz-executor: attempt to access beyond end of device
[  101.043003][ T5841] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.052141][ T5841] CPU: 0 UID: 0 PID: 5841 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  101.052159][ T5841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.052166][ T5841] Call Trace:
[  101.052170][ T5841]  <TASK>
[  101.052176][ T5841]  dump_stack_lvl+0x189/0x250
[  101.052194][ T5841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.052204][ T5841]  ? __pfx_queue_work_on+0x10/0x10
[  101.052213][ T5841]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  101.052223][ T5841]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.052237][ T5841]  f2fs_handle_critical_error+0x37c/0x540
[  101.052252][ T5841]  f2fs_write_end_io+0x886/0xb60
[  101.052273][ T5841]  __submit_merged_bio+0x27a/0x6a0
[  101.052285][ T5841]  __submit_merged_write_cond+0x255/0x530
[  101.052298][ T5841]  f2fs_write_data_pages+0x261d/0x3000
[  101.052325][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.052359][ T5841]  ? folios_put_refs+0x559/0x640
[  101.052374][ T5841]  ? __pfx_folios_put_refs+0x10/0x10
[  101.052382][ T5841]  ? rcu_is_watching+0x15/0xb0
[  101.052394][ T5841]  ? __lock_acquire+0xab9/0xd20
[  101.052422][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.052432][ T5841]  do_writepages+0x32e/0x550
[  101.052448][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[  101.052460][ T5841]  filemap_fdatawrite+0x199/0x240
[  101.052471][ T5841]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  101.052503][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[  101.052514][ T5841]  f2fs_sync_dirty_inodes+0x31f/0x830
[  101.052533][ T5841]  f2fs_write_checkpoint+0x95a/0x1df0
[  101.052556][ T5841]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  101.052588][ T5841]  ? kill_f2fs_super+0x298/0x6c0
[  101.052601][ T5841]  kill_f2fs_super+0x2c3/0x6c0
[  101.052615][ T5841]  ? __pfx_kill_f2fs_super+0x10/0x10
[  101.052624][ T5841]  ? radix_tree_delete_item+0x2b6/0x400
[  101.052637][ T5841]  ? shrinker_free+0x2ce/0x3e0
[  101.052648][ T5841]  deactivate_locked_super+0xbc/0x130
[  101.052661][ T5841]  cleanup_mnt+0x425/0x4c0
[  101.052675][ T5841]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.052690][ T5841]  task_work_run+0x1d4/0x260
[  101.052709][ T5841]  ? __pfx_task_work_run+0x10/0x10
[  101.052727][ T5841]  ? exit_to_user_mode_loop+0x40/0x110
[  101.052747][ T5841]  exit_to_user_mode_loop+0xec/0x110
[  101.052766][ T5841]  do_syscall_64+0x2bd/0x3b0
[  101.052782][ T5841]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.052794][ T5841]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.052806][ T5841]  ? exc_page_fault+0x9f/0xf0
[  101.052824][ T5841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.052838][ T5841] RIP: 0033:0x7f0de158ff17
[  101.052851][ T5841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  101.052863][ T5841] RSP: 002b:00007ffd7ec94248 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  101.052905][ T5841] RAX: 0000000000000000 RBX: 00007f0de1611c05 RCX: 00007f0de158ff17
[  101.052912][ T5841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd7ec94300
[  101.052917][ T5841] RBP: 00007ffd7ec94300 R08: 0000000000000000 R09: 0000000000000000
[  101.052922][ T5841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd7ec95390
[  101.052927][ T5841] R13: 00007f0de1611c05 R14: 0000000000018a2b R15: 00007ffd7ec953d0
[  101.052940][ T5841]  </TASK>
[  101.052945][ T5841] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  101.471334][ T6977] loop2: detected capacity change from 0 to 736
[  101.550257][ T6977] rock: directory entry would overflow storage
[  101.552539][ T6977] rock: sig=0x3b10, size=4, remaining=3
[  101.775269][   T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  101.931226][   T24] usb 2-1: Using ep0 maxpacket: 8
[  101.935494][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  101.941765][   T24] usb 2-1: config 4 has an invalid interface number: 147 but max is 0
[  101.949621][   T24] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  101.955250][   T24] usb 2-1: config 4 has no interface number 0
[  101.964499][   T24] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  101.971082][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.975649][   T24] usb 2-1: Product: syz
[  101.978552][   T24] usb 2-1: Manufacturer: syz
[  101.983282][   T24] usb 2-1: SerialNumber: syz
[  102.208474][   T24] usb 2-1: Found UVC 0.02 device syz (04f2:b746)
[  102.210616][   T24] usb 2-1: No valid video chain found.
[  102.214955][   T24] usb 2-1: USB disconnect, device number 5
[  104.079114][   T47] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  104.462736][   T47] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  104.470239][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.473763][   T47] usb 3-1: Product: syz
[  104.475662][   T47] usb 3-1: Manufacturer: syz
[  104.477742][   T47] usb 3-1: SerialNumber: syz
[  104.489501][   T47] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  104.507389][   T24] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  105.131931][   T47] usb 3-1: USB disconnect, device number 7
[  105.416036][ T7046] syz.1.412 (7046) used greatest stack depth: 19224 bytes left
[  105.741712][   T24] usb 3-1: Service connection timeout for: 256
[  105.744909][   T24] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services
[  105.755864][   T24] ath9k_htc: Failed to initialize the device
[  105.761987][   T47] usb 3-1: ath9k_htc: USB layer deinitialized
[  106.439151][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  106.592825][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.597516][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  106.605195][   T10] usb 3-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  106.609625][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.626172][   T10] usb 3-1: config 0 descriptor??
[  107.081561][   T10] hid-led 0003:1294:1320.0003: hidraw0: USB HID vff.fe Device [HID 1294:1320] on usb-dummy_hcd.2-1/input0
[  107.112059][   T10] hid-led 0003:1294:1320.0003: Riso Kagaku Webmail Notifier initialized
[  107.192267][ T7093] loop0: detected capacity change from 0 to 256
[  107.346488][   T10] usb 3-1: USB disconnect, device number 8
[  107.361325][   T13] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[  107.374229][   T13] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[  107.386379][   T13] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[  107.581539][ T7100] loop0: detected capacity change from 0 to 32768
[  107.596547][ T7100] 
[  107.596547][ T7100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.596547][ T7100] 
[  107.608764][ T7100] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4
[  107.608764][ T7100] 
[  107.640152][   T27] 
[  107.640152][   T27]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.640152][   T27] 
[  107.644917][   T27] 
[  107.644917][   T27]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.644917][   T27] 
[  107.655793][  T116] 
[  107.655793][  T116]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.655793][  T116] 
[  107.668196][ T5841] 
[  107.668196][ T5841]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.668196][ T5841] 
[  107.678519][ T5841] 
[  107.678519][ T5841]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  107.678519][ T5841] 
[  107.996953][ T7124] loop2: detected capacity change from 0 to 256
[  108.653384][ T7117] loop0: detected capacity change from 0 to 32768
[  108.684713][ T7117] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  108.725059][ T7117] XFS (loop0): Ending clean mount
[  108.992571][   T33] audit: type=1804 audit(1755040484.878:16): pid=7146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.442" name="/newroot/145/file0/bus" dev="loop0" ino=4425 res=1 errno=0
[  109.092076][ T5841] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  109.108671][ T7151] netlink: 'syz.2.450': attribute type 33 has an invalid length.
[  109.114666][ T7151] (unnamed net_device) (uninitialized): option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[  109.447163][ T7162] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  109.705913][ T7176] netlink: 20 bytes leftover after parsing attributes in process `syz.1.462'.
[  110.270504][ T7205] loop2: detected capacity change from 0 to 4096
[  110.282373][ T7205] nilfs2: Bad value for 'cp'
[  110.509228][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  110.679702][   T10] usb 2-1: Using ep0 maxpacket: 8
[  110.684335][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  110.687804][   T10] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  110.691215][   T10] usb 2-1: config 1 has no interface number 1
[  110.693277][   T10] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  110.700805][   T10] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  110.703660][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.706235][   T10] usb 2-1: Product: syz
[  110.707694][   T10] usb 2-1: Manufacturer: syz
[  110.710195][   T10] usb 2-1: SerialNumber: syz
[  110.924998][   T10] usb 2-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[  110.927958][   T10] usb 2-1: 2:1 : sample bitwidth 65 in over sample bytes 1
[  110.930583][   T10] usb 2-1: 2:1 : invalid channels 0
[  110.941127][   T10] usb 2-1: USB disconnect, device number 6
[  110.959790][ T5847] udevd[5847]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  111.008989][   T47] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  111.159029][   T47] usb 3-1: Using ep0 maxpacket: 16
[  111.165310][   T47] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  111.168485][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.172030][   T47] usb 3-1: Product: syz
[  111.173473][   T47] usb 3-1: Manufacturer: syz
[  111.175227][   T47] usb 3-1: SerialNumber: syz
[  111.179421][   T47] usb 3-1: config 0 descriptor??
[  111.390982][   T10] usb 3-1: USB disconnect, device number 9
[  111.585729][ T7239] Bluetooth: MGMT ver 1.23
[  111.686090][ T7243] netlink: 'syz.1.495': attribute type 1 has an invalid length.
[  111.721710][ T7243] 8021q: adding VLAN 0 to HW filter on device bond1
[  111.742129][ T7243] 8021q: adding VLAN 0 to HW filter on device batadv1
[  111.747613][ T7243] bond1: (slave batadv1): making interface the new active one
[  111.753736][ T7243] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  111.988312][ T7252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.499'.
[  112.173129][ T7259] netlink: 'syz.1.501': attribute type 1 has an invalid length.
[  112.320234][ T7265] loop1: detected capacity change from 0 to 8
[  112.351878][ T7265] SQUASHFS error: lzo decompression failed, data probably corrupt
[  112.354664][ T7265] SQUASHFS error: Failed to read block 0x91: -5
[  112.356697][ T7265] SQUASHFS error: Unable to read metadata cache entry [8f]
[  112.361025][ T7265] SQUASHFS error: Unable to read inode 0x11f
[  112.561485][ T7270] tap0: tun_chr_ioctl cmd 1074025681
[  112.675906][ T7274] netlink: 80 bytes leftover after parsing attributes in process `syz.1.509'.
[  112.806909][ T7280] netlink: 16 bytes leftover after parsing attributes in process `syz.1.512'.
[  113.398647][ T7291] loop2: detected capacity change from 0 to 512
[  113.652459][ T7301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.521'.
[  113.722992][ T7305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.523'.
[  113.725847][ T7305] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.731963][ T7305] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.734390][ T7305] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.761189][ T7305] bond0: (slave batadv0): Releasing backup interface
[  113.768984][  T791] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  113.940881][  T791] usb 3-1: config 0 has an invalid interface number: 98 but max is 0
[  113.944195][  T791] usb 3-1: config 0 has no interface number 0
[  113.946540][  T791] usb 3-1: config 0 interface 98 has no altsetting 0
[  113.956312][  T791] usb 3-1: New USB device found, idVendor=0711, idProduct=0230, bcdDevice=76.91
[  113.963285][  T791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.966824][  T791] usb 3-1: Product: syz
[  113.968583][  T791] usb 3-1: Manufacturer: syz
[  113.974053][  T791] usb 3-1: SerialNumber: syz
[  113.998621][  T791] usb 3-1: config 0 descriptor??
[  114.014252][  T791] mct_u232 3-1:0.98: MCT U232 converter detected
[  114.018555][  T791] mct_u232 ttyUSB0: expected endpoint missing
[  114.233481][ T2214] usb 3-1: USB disconnect, device number 10
[  114.243998][ T2214] mct_u232 3-1:0.98: device disconnected
[  115.019387][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  115.170942][   T24] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  115.174439][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.187964][   T24] usb 3-1: config 0 descriptor??
[  115.195706][   T24] gspca_main: cpia1-2.14.0 probing 0813:0001
[  115.524061][ T7396] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  115.568072][ T7398] netlink: 'syz.0.566': attribute type 5 has an invalid length.
[  115.601698][   T24] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[  115.668469][ T7400] loop0: detected capacity change from 0 to 4096
[  116.083067][   T24] gspca_cpia1: usb_control_msg 02, error -71
[  116.087984][   T24] gspca_cpia1: usb_control_msg 05, error -71
[  116.090718][   T24] cpia1 3-1:0.0: unexpected systemstate: 00
[  116.101952][   T24] usb 3-1: USB disconnect, device number 11
[  117.147263][ T7477] loop1: detected capacity change from 0 to 512
[  117.201577][ T7477] EXT4-fs: Ignoring removed i_version option
[  117.292521][ T7477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.387216][ T7477] evm: overlay not supported
[  117.528479][ T7492] loop2: detected capacity change from 0 to 512
[  117.708623][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.928036][ T7501] loop1: detected capacity change from 0 to 1024
[  117.963167][ T7508] netlink: 36 bytes leftover after parsing attributes in process `syz.0.586'.
[  117.975080][   T24] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  117.989376][   T24] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  118.513267][ T7517] loop0: detected capacity change from 0 to 32768
[  118.517278][ T7517] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.589 (7517)
[  118.540862][ T7517] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.549820][ T7517] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  118.552949][ T7517] BTRFS info (device loop0): using free-space-tree
[  118.639688][ T5841] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  119.039114][  T791] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  119.119031][   T24] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  119.189349][  T791] usb 3-1: Using ep0 maxpacket: 8
[  119.215969][  T791] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[  119.220852][  T791] usb 3-1: config 0 interface 0 has no altsetting 0
[  119.234539][  T791] usb 3-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  119.238260][  T791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.245048][  T791] usb 3-1: Product: syz
[  119.246788][  T791] usb 3-1: Manufacturer: syz
[  119.252769][  T791] usb 3-1: SerialNumber: syz
[  119.259542][  T791] usb 3-1: config 0 descriptor??
[  119.267451][  T791] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found
[  119.272877][   T24] usb 2-1: Using ep0 maxpacket: 16
[  119.291203][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  119.295123][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  119.318693][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 132
[  119.349432][   T24] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=14.47
[  119.355626][   T24] usb 2-1: New USB device strings: Mfr=55, Product=172, SerialNumber=120
[  119.359641][   T24] usb 2-1: Product: syz
[  119.361997][   T24] usb 2-1: Manufacturer: syz
[  119.363991][   T24] usb 2-1: SerialNumber: syz
[  119.372915][   T24] usb 2-1: config 0 descriptor??
[  119.378319][ T7547] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  119.410775][   T24] mcba_usb 2-1:0.0 can0: failed tx_urb -90
[  119.413528][   T24] mcba_usb 2-1:0.0 can0: Failed to send cmd (169)
[  119.416326][   T24] mcba_usb 2-1:0.0 can0: failed tx_urb -90
[  119.419050][   T24] mcba_usb 2-1:0.0 can0: Failed to send cmd (169)
[  119.421794][   T24] mcba_usb 2-1:0.0: Microchip CAN BUS Analyzer connected
[  119.477494][  T791] snd_usb_toneport 3-1:0.0: cannot get proper max packet size
[  119.481075][  T791] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected
[  119.487160][  T791] snd_usb_toneport 3-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  119.588745][   T24] usb 2-1: USB disconnect, device number 7
[  119.598524][   T24] mcba_usb 2-1:0.0 can0: device disconnected
[  119.681912][  T791] usb 3-1: USB disconnect, device number 12
[  120.190200][ T7584] loop1: detected capacity change from 0 to 4096
[  120.290468][   T33] audit: type=1800 audit(1755040496.188:17): pid=7584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.603" name="file1" dev="loop1" ino=30 res=0 errno=0
[  120.307602][ T7584] ntfs3(loop1): ino=1e, "file1" attr_set_size
[  120.312447][   T33] audit: type=1800 audit(1755040496.198:18): pid=7584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.603" name="file1" dev="loop1" ino=30 res=0 errno=0
[  120.486317][ T7596] loop2: detected capacity change from 0 to 2048
[  120.594965][ T7602] loop0: detected capacity change from 0 to 2048
[  120.605575][ T7602] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.981852][ T7625] netlink: 'syz.1.623': attribute type 41 has an invalid length.
[  121.060766][ T7631] lo speed is unknown, defaulting to 1000
[  121.069132][ T7631] lo speed is unknown, defaulting to 1000
[  121.081842][ T7631] lo speed is unknown, defaulting to 1000
[  121.094248][ T7631] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  121.131978][ T7631] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  121.196187][ T7631] lo speed is unknown, defaulting to 1000
[  121.204092][ T7631] lo speed is unknown, defaulting to 1000
[  121.210511][ T7631] lo speed is unknown, defaulting to 1000
[  121.290672][ T7636] loop0: detected capacity change from 0 to 128
[  121.343304][ T7636] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  121.353041][ T7636] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.380430][ T7619] loop2: detected capacity change from 0 to 32768
[  121.432215][ T5841] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  121.575058][ T7643] loop2: detected capacity change from 0 to 1024
[  121.591803][ T7643] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.605331][ T7643] EXT4-fs: inline encryption not supported
[  121.883220][ T7649] loop2: detected capacity change from 0 to 64
[  122.249527][ T7652] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  122.330446][ T7658] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  122.385358][ T7662] netlink: 88 bytes leftover after parsing attributes in process `syz.1.636'.
[  122.520262][ T7668] loop1: detected capacity change from 0 to 512
[  122.540405][ T7668] EXT4-fs: Ignoring removed nobh option
[  122.560208][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.641: corrupted inode contents
[  122.567575][ T7668] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.641: mark_inode_dirty error
[  122.585511][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.641: corrupted inode contents
[  122.589447][ T7668] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.641: mark_inode_dirty error
[  122.594867][ T7668] Quota error (device loop1): write_blk: dquota write failed
[  122.597335][ T7668] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  122.600728][ T7668] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.641: Failed to acquire dquot type 0
[  123.025746][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.641: corrupted inode contents
[  123.041328][ T7668] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.641: mark_inode_dirty error
[  123.046368][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.641: corrupted inode contents
[  123.053847][ T7668] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.641: mark_inode_dirty error
[  123.059943][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.641: corrupted inode contents
[  123.064561][ T7668] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  123.067918][ T7668] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.641: corrupted inode contents
[  123.076256][ T7668] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.641: mark_inode_dirty error
[  123.083961][ T7668] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  123.098483][ T7668] EXT4-fs (loop1): 1 truncate cleaned up
[  123.108568][ T7668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.115053][ T7668] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.142264][ T7668] EXT4-fs error (device loop1): ext4_empty_dir:3124: inode #12: block 13: comm syz.1.641: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0
[  123.168205][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.172591][   T32] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  123.177375][   T32] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u9:1: Failed to release dquot type 1
[  123.376935][ T7690] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  123.379894][ T7690] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  123.723164][ T7720] loop2: detected capacity change from 0 to 128
[  123.760597][ T5296] udevd[5296]: worker [5847] terminated by signal 33 (Unknown signal 33)
[  123.763913][ T5296] udevd[5296]: worker [5847] failed while handling '/devices/virtual/block/loop2'
[  123.922105][ T7723] loop2: detected capacity change from 0 to 32768
[  124.368942][ T5898] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  124.544293][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.548536][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.552724][ T5898] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  124.557759][ T5898] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  124.561511][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.567814][ T5898] usb 3-1: config 0 descriptor??
[  124.899554][ T7741] loop1: detected capacity change from 0 to 8
[  124.908198][ T7741] SQUASHFS error: xz decompression failed, data probably corrupt
[  124.914461][ T7741] SQUASHFS error: Failed to read block 0x108: -5
[  124.917045][ T7741] SQUASHFS error: Unable to read metadata cache entry [106]
[  124.921509][ T7741] SQUASHFS error: Unable to read inode 0x11f
[  124.992582][ T5898] plantronics 0003:047F:FFFF.0005: reserved main item tag 0xd
[  125.018025][ T5898] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  125.185278][ T7731] loop2: detected capacity change from 0 to 1024
[  125.288394][ T5898] usb 3-1: USB disconnect, device number 13
[  125.882734][ T7759] loop2: detected capacity change from 0 to 512
[  125.887322][ T7759] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  125.893318][ T7759] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[  125.906105][ T7759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  125.942804][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.982472][ T7762] loop2: detected capacity change from 0 to 128
[  126.071439][ T7766] loop2: detected capacity change from 0 to 512
[  126.216292][ T7768] loop2: detected capacity change from 0 to 1024
[  126.237682][ T7768] loop2: detected capacity change from 0 to 1024
[  126.566841][ T7776] loop1: detected capacity change from 0 to 32768
[  126.572825][ T7776] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64)
[  126.572825][ T7776] members_v2 (size 152):
[  126.572825][ T7776] nr_devices mismatch: have 17 entries, should be 1Device:0
[  126.572825][ T7776]   Label:                       (none)
[  126.572825][ T7776]   UUID:                        7af6772b-00de-4159-0000-000000000000
[  126.572825][ T7776]   Size:                        0
[  126.572825][ T7776]   read errors:                 0
[  126.572825][ T7776]   write errors:                0
[  126.572825][ T7776]   checksum errors:             0
[  126.572825][ T7776]   seqread iops:                0
[  126.572825][ T7776]   seqwrite iops:               0
[  126.572825][ T7776]   randread iops:               0
[  126.572825][ T7776]   randwrite iops:              0
[  126.572825][ T7776]   Bucket size:                 0
[  126.572825][ T7776]   First bucket:                0
[  126.572825][ T7776]   Buckets:                     0
[  126.572825][ T7776]   Last mount:                  (never)
[  126.572825][ T7776]   Last superblock write:       0
[  126.572825][ T7776]   State:                       rw
[  126.572825][ T7776]   Data allowed:                (none)
[  126.572825][ T7776]   Has data:                    (none)
[  126.572825][ T7776]   Btree allocated bitmap blocksize:1
[  126.572825][ T7776]   Btree allocated bitmap:      0000000000000000000000000000000000000000000000000000000000000000
[  126.572825][ T7776]   Durability:       
[  126.572941][ T7776] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  127.616775][ T7794] ieee802154 phy0 wpan0: encryption failed: -22
[  127.930766][ T7810] could not open pipe file descriptor
[  129.113644][ T7837] loop2: detected capacity change from 0 to 8
[  131.177800][ T7886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.733'.
[  131.184491][ T7886] netlink: 36 bytes leftover after parsing attributes in process `syz.2.733'.
[  132.542318][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  132.545071][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  133.029507][ T7926] kAFS: No cell specified
[  133.384849][ T7936] netlink: 32 bytes leftover after parsing attributes in process `syz.1.757'.
[  133.387699][ T7936] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  133.419923][ T5742] tipc: Subscription rejected, illegal request
[  133.545444][ T7947] x_tables: ip_tables: udp match: only valid for protocol 17
[  134.224895][ T7975] syzkaller0: refused to change device tx_queue_len
[  134.412099][ T7983] loop2: detected capacity change from 0 to 512
[  134.415609][ T7983] EXT4-fs: Ignoring removed bh option
[  134.425500][ T7983] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  134.431151][ T7983] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  134.434606][ T7983] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[  134.441937][ T7983] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.469787][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.029005][  T791] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  135.183350][  T791] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.187941][  T791] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.192823][  T791] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  135.196482][  T791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.203686][  T791] usb 2-1: config 0 descriptor??
[  135.614766][  T791] playstation 0003:054C:0DF2.0006: unknown main item tag 0x0
[  135.617196][  T791] playstation 0003:054C:0DF2.0006: unknown main item tag 0x0
[  135.620040][  T791] playstation 0003:054C:0DF2.0006: unknown main item tag 0x0
[  135.622429][  T791] playstation 0003:054C:0DF2.0006: unknown main item tag 0x0
[  135.624791][  T791] playstation 0003:054C:0DF2.0006: unknown main item tag 0x0
[  135.629277][  T791] playstation 0003:054C:0DF2.0006: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0
[  135.699043][ T5314] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  135.853252][ T5314] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  135.857685][ T5314] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  135.862133][ T5314] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  135.866298][ T5314] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  135.874172][ T5314] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.877793][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.881126][ T5314] usb 3-1: Product: syz
[  135.883000][ T5314] usb 3-1: Manufacturer: syz
[  135.884974][ T5314] usb 3-1: SerialNumber: syz
[  135.894149][ T7995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  135.904485][ T5314] cdc_mbim 3-1:1.0: skipping garbage
[  136.014349][  T791] playstation 0003:054C:0DF2.0006: Failed to retrieve feature with reportID 32: -71
[  136.020035][  T791] playstation 0003:054C:0DF2.0006: Failed to retrieve DualSense firmware info: -71
[  136.023926][  T791] playstation 0003:054C:0DF2.0006: Failed to get firmware info from DualSense
[  136.027468][  T791] playstation 0003:054C:0DF2.0006: Failed to create dualsense.
[  136.033398][  T791] playstation 0003:054C:0DF2.0006: probe with driver playstation failed with error -71
[  136.041044][  T791] usb 2-1: USB disconnect, device number 8
[  136.103344][ T7995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  136.106399][ T7995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  136.334561][ T8001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.785'.
[  136.531201][ T8007] loop0: detected capacity change from 0 to 4096
[  136.538241][ T8007] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  136.554911][ T8007] ntfs3(loop0): ino=19, mi_enum_attr
[  136.569659][ T8007] ntfs3(loop0): ino=5, "/" indx_read
[  136.571608][ T8007] ntfs3(loop0): ino=5, "/" ntfs_readdir
[  136.694601][ T8015] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  136.696853][ T8015] comedi comedi3: 8255: I/O port conflict (0x10000,4)
[  136.704708][ T8015] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  136.706923][ T8015] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  136.710582][ T8015] comedi comedi3: 8255: I/O port conflict (0x10,4)
[  136.714020][ T8015] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  136.716888][ T7995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  136.721110][ T7995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  136.723677][ T5314] cdc_mbim 3-1:1.0: setting tx_max = 184
[  136.724882][ T8015] comedi comedi3: 8255: I/O port conflict (0x400000a,4)
[  136.727842][ T8015] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff8,4)
[  136.733583][ T8015] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  136.735728][ T8015] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  136.737853][ T8015] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  136.739752][ T5314] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device
[  136.742112][ T8015] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  136.744904][ T8015] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  136.757214][ T5314] wwan wwan0: port wwan0mbim0 attached
[  136.766511][ T8017] Driver unsupported XDP return value 0 on prog  (id 72) dev N/A, expect packet loss!
[  136.770843][ T5314] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, ca:a4:20:b7:11:c5
[  136.934192][ T2214] usb 3-1: USB disconnect, device number 14
[  136.936845][ T2214] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[  137.023647][ T2214] wwan wwan0: port wwan0mbim0 disconnected
[  137.218526][ T8040] loop1: detected capacity change from 0 to 32768
[  137.223699][ T8040] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.801 (8040)
[  137.232507][ T8040] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.235668][ T8040] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  137.238352][ T8040] BTRFS info (device loop1): using free-space-tree
[  137.337804][ T5850] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.587135][ T8068] loop1: detected capacity change from 0 to 1024
[  137.617997][ T8068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.623206][ T8068] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.647038][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.787875][ T8077] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  137.793068][ T8077] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  139.124773][ T8117] loop2: detected capacity change from 0 to 1024
[  139.128793][ T8117] EXT4-fs: Ignoring removed orlov option
[  139.133167][ T8117] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.269380][ T8119] loop1: detected capacity change from 0 to 32768
[  139.282959][ T8121] loop2: detected capacity change from 0 to 4096
[  139.385198][ T8119] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  139.385246][ T8119]   allowing incompatible features above 0.0: (unknown version)
[  139.385257][ T8119]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  139.399650][ T8119] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  139.402785][ T8119] bcachefs (loop1): initializing new filesystem
[  139.411594][ T8119] bcachefs (loop1): going read-write
[  139.424698][ T8119] bcachefs (loop1): marking superblocks
[  139.436441][ T8119] bcachefs (loop1): initializing freespace
[  139.441011][ T8119] bcachefs (loop1): done initializing freespace
[  139.444675][ T8119] bcachefs (loop1): reading snapshots table
[  139.446605][ T8119] bcachefs (loop1): reading snapshots done
[  139.480077][ T8119] bcachefs (loop1): done starting filesystem
[  139.497631][   T33] audit: type=1326 audit(1755040515.388:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.2.830" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f044758ebe9 code=0x0
[  139.525941][ T8119] syz.1.827 (8119) used greatest stack depth: 17064 bytes left
[  139.540495][ T5850] bcachefs (loop1): shutting down
[  139.542792][ T5850] bcachefs (loop1): going read-only
[  139.545284][ T5850] bcachefs (loop1): finished waiting for writes to stop
[  139.551640][ T5850] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  139.612263][ T5850] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  139.618052][ T5850] bcachefs (loop1): clean shutdown complete, journal seq 4
[  139.621317][ T5850] bcachefs (loop1): marking filesystem clean
[  139.646943][ T5850] bcachefs (loop1): shutdown complete
[  140.298944][ T5845] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  140.301680][ T5845] Bluetooth: hci0: Injecting HCI hardware error event
[  140.304784][ T5845] Bluetooth: hci0: hardware error 0x00
[  140.442504][   T33] audit: type=1800 audit(1755040516.338:20): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.835" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  140.880276][ T8163] loop1: detected capacity change from 0 to 8
[  141.229508][ T5314] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  141.343917][ T8178] netlink: 'syz.0.845': attribute type 11 has an invalid length.
[  141.346358][ T8178] netlink: 36 bytes leftover after parsing attributes in process `syz.0.845'.
[  141.378939][ T5314] usb 3-1: Using ep0 maxpacket: 16
[  141.390880][ T5314] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  141.400856][ T5314] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  141.404235][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.423274][ T5314] usb 3-1: Product: syz
[  141.424951][ T5314] usb 3-1: Manufacturer: syz
[  141.426723][ T5314] usb 3-1: SerialNumber: syz
[  141.439555][ T5314] usb 3-1: config 0 descriptor??
[  141.451649][ T5314] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  141.594853][ T8174] loop1: detected capacity change from 0 to 32768
[  141.626097][ T8174] ERROR: (device loop1): diNewExt: no free extents
[  141.626097][ T8174] 
[  141.632470][ T8174] ERROR: (device loop1): remounting filesystem as read-only
[  141.638679][ T8174] ialloc: diAlloc returned -5!
[  141.646862][   T13] usb 3-1: Failed to submit usb control message: -71
[  141.647114][ T2214] usb 3-1: USB disconnect, device number 15
[  141.654171][   T13] usb 3-1: unable to send the bmi data to the device: -71
[  141.656904][   T13] usb 3-1: unable to get target info from device
[  141.669175][   T13] usb 3-1: could not get target info (-71)
[  141.671254][   T13] usb 3-1: could not probe fw (-71)
[  141.711866][ T8191] program syz.0.850 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.985165][ T8205] netlink: 'syz.0.857': attribute type 11 has an invalid length.
[  141.987814][ T8205] netlink: 36 bytes leftover after parsing attributes in process `syz.0.857'.
[  142.068889][ T8208] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3946
[  142.431781][ T5845] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  142.464273][ T8209] ceph: No mds server is up or the cluster is laggy
[  142.489170][  T791] libceph: connect (1)[c::]:6789 error -101
[  142.496312][  T791] libceph: mon0 (1)[c::]:6789 connect error
[  142.568114][ T8218] netlink: 'syz.0.861': attribute type 5 has an invalid length.
[  142.914923][ T2214] libceph: connect (1)[c::]:6789 error -101
[  142.917481][ T2214] libceph: mon0 (1)[c::]:6789 connect error
[  143.220786][ T8231] ceph: No mds server is up or the cluster is laggy
[  143.253581][ T2214] libceph: connect (1)[c::]:6789 error -101
[  143.255552][ T2214] libceph: mon0 (1)[c::]:6789 connect error
[  143.308989][ T5884] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  143.468909][ T5884] usb 3-1: Using ep0 maxpacket: 16
[  143.472101][ T5884] usb 3-1: config 0 has no interfaces?
[  143.476572][ T5884] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  143.488926][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.491450][ T5884] usb 3-1: Product: syz
[  143.492762][ T5884] usb 3-1: Manufacturer: syz
[  143.494228][ T5884] usb 3-1: SerialNumber: syz
[  143.497175][ T5884] usb 3-1: config 0 descriptor??
[  143.503759][ T8239] loop1: detected capacity change from 0 to 32768
[  143.512905][ T8239] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.868 (8239)
[  143.534141][ T8239] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  143.537875][ T8239] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  143.557357][ T8239] BTRFS info (device loop1): disk space caching is enabled
[  143.607690][ T8239] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  143.689957][ T8239] BTRFS info (device loop1): rebuilding free space tree
[  143.699205][ T8239] BTRFS info (device loop1): disabling free space tree
[  143.701518][ T8239] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  143.708665][ T8239] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  143.726014][ T5884] usb 3-1: USB disconnect, device number 16
[  143.796907][ T8239] BTRFS info (device loop1): balance: start -d -m
[  143.807018][ T8239] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata
[  143.837679][ T8239] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata
[  143.916449][ T8239] BTRFS info (device loop1): found 9 extents, stage: move data extents
[  143.951240][ T8239] BTRFS info (device loop1): found 1 extents, stage: update data pointers
[  143.972671][ T8239] BTRFS info (device loop1): balance: ended with status: 0
[  144.020430][ T5850] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  144.912311][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'.
[  144.916136][ T8285] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  145.219350][   T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  145.256100][ T8291] loop1: detected capacity change from 0 to 512
[  145.269388][ T8291] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.883: casefold flag without casefold feature
[  145.276421][ T8291] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.883: couldn't read orphan inode 15 (err -117)
[  145.281480][ T8291] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.287338][ T8291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.371331][   T24] usb 3-1: config 0 has an invalid interface number: 161 but max is 0
[  145.374908][   T24] usb 3-1: config 0 has no interface number 0
[  145.377345][   T24] usb 3-1: config 0 interface 161 altsetting 8 has an endpoint descriptor with address 0xA1, changing to 0x81
[  145.388959][   T24] usb 3-1: config 0 interface 161 has no altsetting 0
[  145.391657][   T24] usb 3-1: New USB device found, idVendor=0572, idProduct=cb07, bcdDevice=33.62
[  145.399444][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.409881][   T24] usb 3-1: config 0 descriptor??
[  145.420964][   T24] cxacru 3-1:0.161: cxacru_bind: interface has incorrect endpoints
[  145.423983][   T24] cxacru 3-1:0.161: usbatm_usb_probe: bind failed: -19!
[  145.621939][ T5314] usb 3-1: USB disconnect, device number 17
[  145.749080][ T5884] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  145.901256][ T5884] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.907686][ T5884] usb 2-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  145.911315][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.914436][ T5884] usb 2-1: Product: syz
[  145.916042][ T5884] usb 2-1: Manufacturer: syz
[  145.917864][ T5884] usb 2-1: SerialNumber: syz
[  146.140348][ T5884] usbhid 2-1:1.0: can't add hid device: -71
[  146.142812][ T5884] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  146.152818][ T5884] usb 2-1: USB disconnect, device number 9
[  146.190805][ T8303] loop2: detected capacity change from 0 to 2048
[  146.207011][ T8303] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  146.212916][ T8303] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  146.215954][ T8303] UDF-fs: Scanning with blocksize 512 failed
[  146.225394][ T8303] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.549804][ T5314] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  146.709096][ T5314] usb 3-1: Using ep0 maxpacket: 16
[  146.725982][ T5314] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  146.731313][ T5314] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[  146.736975][ T5314] usb 3-1: config 0 interface 0 has no altsetting 0
[  146.742535][ T5314] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  146.747540][ T5314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.753463][ T5314] usb 3-1: Product: syz
[  146.755290][ T5314] usb 3-1: Manufacturer: syz
[  146.757264][ T5314] usb 3-1: SerialNumber: syz
[  146.762565][ T5314] usb 3-1: config 0 descriptor??
[  146.944616][ T4302] Bluetooth: hci3: Frame reassembly failed (-84)
[  147.200360][ T5314] usb 3-1: USB disconnect, device number 18
[  147.872145][ T8320] loop2: detected capacity change from 0 to 128
[  148.078945][   T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  148.405258][ T8334] netlink: 4 bytes leftover after parsing attributes in process `syz.2.902'.
[  148.414252][ T8334] netlink: 12 bytes leftover after parsing attributes in process `syz.2.902'.
[  148.719019][   T24] usb 2-1: Using ep0 maxpacket: 8
[  148.764363][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  148.774201][   T24] usb 2-1: unable to read config index 0 descriptor/start: -71
[  148.777378][   T24] usb 2-1: can't read configurations, error -71
[  149.029505][   T55] Bluetooth: hci3: command 0x1003 tx timeout
[  149.036126][ T5845] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  149.439054][ T2214] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  149.488058][ T8371] loop1: detected capacity change from 0 to 4096
[  150.369419][ T2214] usb 3-1: config 1 interface 0 altsetting 165 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  150.374742][ T2214] usb 3-1: config 1 interface 0 has no altsetting 0
[  150.384309][ T2214] usb 3-1: New USB device found, idVendor=18d1, idProduct=503c, bcdDevice= 0.40
[  150.387912][ T2214] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.391786][ T2214] usb 3-1: Product: syz
[  150.393481][ T2214] usb 3-1: Manufacturer: syz
[  150.395048][ T2214] usb 3-1: SerialNumber: syz
[  150.451789][ T8382] loop1: detected capacity change from 0 to 2048
[  150.507238][ T5855]  loop1: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[  150.507335][ T5855] loop1: partition table partially beyond EOD, truncated
[  150.555099][ T5855] loop1: p2 start 150994944 is beyond EOD, truncated
[  150.558328][ T5855] loop1: p3 start 458752 is beyond EOD, truncated
[  150.562525][ T5855] loop1: p4 start 4294901760 is beyond EOD, truncated
[  150.565378][ T5855] loop1: p5 start 150994944 is beyond EOD, truncated
[  150.568174][ T5855] loop1: p6 start 150994944 is beyond EOD, truncated
[  150.570997][ T5855] loop1: p7 start 150994944 is beyond EOD, truncated
[  150.574100][ T5855] loop1: p8 start 150994944 is beyond EOD, truncated
[  150.576859][ T5855] loop1: p9 start 150994944 is beyond EOD, truncated
[  150.582499][ T5855] loop1: p10 start 150994944 is beyond EOD, truncated
[  150.585601][ T5855] loop1: p11 start 150994944 is beyond EOD, truncated
[  150.612330][ T5855] loop1: p12 start 150994944 is beyond EOD, truncated
[  150.616764][ T5855] loop1: p13 start 150994944 is beyond EOD, truncated
[  150.619720][ T5855] loop1: p14 start 150994944 is beyond EOD, truncated
[  150.621857][ T5855] loop1: p15 start 150994944 is beyond EOD, truncated
[  150.624428][ T5855] loop1: p16 start 150994944 is beyond EOD, truncated
[  150.627044][ T5855] loop1: p17 start 150994944 is beyond EOD, truncated
[  150.633120][ T5855] loop1: p18 start 150994944 is beyond EOD, truncated
[  150.636916][ T5855] loop1: p19 start 150994944 is beyond EOD, truncated
[  150.639964][ T5855] loop1: p20 start 150994944 is beyond EOD, truncated
[  150.642849][ T5855] loop1: p21 start 150994944 is beyond EOD, truncated
[  150.645232][ T5855] loop1: p22 start 150994944 is beyond EOD, truncated
[  150.647709][ T5855] loop1: p23 start 150994944 is beyond EOD, truncated
[  150.651225][ T5855] loop1: p24 start 150994944 is beyond EOD, truncated
[  150.653475][ T5855] loop1: p25 start 150994944 is beyond EOD, truncated
[  150.655460][ T5855] loop1: p26 start 150994944 is beyond EOD, truncated
[  150.657736][ T5855] loop1: p27 start 150994944 is beyond EOD, truncated
[  150.663949][ T5855] loop1: p28 start 150994944 is beyond EOD, truncated
[  150.666609][ T5855] loop1: p29 start 150994944 is beyond EOD, truncated
[  150.676485][ T5855] loop1: p30 start 150994944 is beyond EOD, truncated
[  150.678675][ T5855] loop1: p31 start 150994944 is beyond EOD, truncated
[  150.682071][ T5855] loop1: p32 start 150994944 is beyond EOD, truncated
[  150.684394][ T5855] loop1: p33 start 150994944 is beyond EOD, truncated
[  150.686616][ T5855] loop1: p34 start 150994944 is beyond EOD, truncated
[  150.699044][ T5855] loop1: p35 start 150994944 is beyond EOD, truncated
[  150.701687][ T5855] loop1: p36 start 150994944 is beyond EOD, truncated
[  150.704093][ T5855] loop1: p37 start 150994944 is beyond EOD, truncated
[  150.721224][ T2214] usbhid 3-1:1.0: can't add hid device: -71
[  150.723548][ T2214] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  150.728448][ T5855] loop1: p38 start 150994944 is beyond EOD, truncated
[  150.733010][ T5855] loop1: p39 start 150994944 is beyond EOD, truncated
[  150.737071][ T5855] loop1: p40 start 150994944 is beyond EOD, truncated
[  150.744801][ T5855] loop1: p41 start 150994944 is beyond EOD, truncated
[  150.746864][ T5855] loop1: p42 start 150994944 is beyond EOD, truncated
[  150.749662][ T2214] usb 3-1: USB disconnect, device number 19
[  150.754184][ T5855] loop1: p43 start 150994944 is beyond EOD, truncated
[  150.758285][ T5855] loop1: p44 start 150994944 is beyond EOD, truncated
[  150.760981][ T5855] loop1: p45 start 150994944 is beyond EOD, truncated
[  150.764288][ T5855] loop1: p46 start 150994944 is beyond EOD, truncated
[  150.766423][ T5855] loop1: p47 start 150994944 is beyond EOD, truncated
[  150.769184][ T5855] loop1: p48 start 150994944 is beyond EOD, truncated
[  150.771392][ T5855] loop1: p49 start 150994944 is beyond EOD, truncated
[  150.773732][ T5855] loop1: p50 start 150994944 is beyond EOD, truncated
[  150.775847][ T5855] loop1: p51 start 150994944 is beyond EOD, truncated
[  150.777950][ T5855] loop1: p52 start 150994944 is beyond EOD, truncated
[  150.780530][ T5855] loop1: p53 start 150994944 is beyond EOD, truncated
[  150.784894][ T5855] loop1: p54 start 150994944 is beyond EOD, truncated
[  150.787052][ T5855] loop1: p55 start 150994944 is beyond EOD, truncated
[  150.789521][ T5855] loop1: p56 start 150994944 is beyond EOD, truncated
[  150.791778][ T5855] loop1: p57 start 150994944 is beyond EOD, truncated
[  150.794048][ T5855] loop1: p58 start 150994944 is beyond EOD, truncated
[  150.796240][ T5855] loop1: p59 start 150994944 is beyond EOD, truncated
[  150.798410][ T5855] loop1: p60 start 150994944 is beyond EOD, truncated
[  150.801745][ T5855] loop1: p61 start 150994944 is beyond EOD, truncated
[  150.804384][ T5855] loop1: p62 start 150994944 is beyond EOD, truncated
[  150.806489][ T5855] loop1: p63 start 150994944 is beyond EOD, truncated
[  150.808520][ T5855] loop1: p64 start 150994944 is beyond EOD, truncated
[  150.810900][ T5855] loop1: p65 start 150994944 is beyond EOD, truncated
[  150.813244][ T5855] loop1: p66 start 150994944 is beyond EOD, truncated
[  150.815384][ T5855] loop1: p67 start 150994944 is beyond EOD, truncated
[  150.817722][ T5855] loop1: p68 start 150994944 is beyond EOD, truncated
[  150.820681][ T5855] loop1: p69 start 150994944 is beyond EOD, truncated
[  150.823008][ T5855] loop1: p70 start 150994944 is beyond EOD, truncated
[  150.825132][ T5855] loop1: p71 start 150994944 is beyond EOD, truncated
[  150.827500][ T5855] loop1: p72 start 150994944 is beyond EOD, truncated
[  150.830265][ T5855] loop1: p73 start 150994944 is beyond EOD, truncated
[  150.832631][ T5855] loop1: p74 start 150994944 is beyond EOD, truncated
[  150.834877][ T5855] loop1: p75 start 150994944 is beyond EOD, truncated
[  150.837002][ T5855] loop1: p76 start 150994944 is beyond EOD, truncated
[  150.840822][ T5855] loop1: p77 start 150994944 is beyond EOD, truncated
[  150.843314][ T5855] loop1: p78 start 150994944 is beyond EOD, truncated
[  150.845555][ T5855] loop1: p79 start 150994944 is beyond EOD, truncated
[  150.847883][ T5855] loop1: p80 start 150994944 is beyond EOD, truncated
[  150.850805][ T5855] loop1: p81 start 150994944 is beyond EOD, truncated
[  150.853193][ T5855] loop1: p82 start 150994944 is beyond EOD, truncated
[  150.855256][ T5855] loop1: p83 start 150994944 is beyond EOD, truncated
[  150.857475][ T5855] loop1: p84 start 150994944 is beyond EOD, truncated
[  150.860364][ T5855] loop1: p85 start 150994944 is beyond EOD, truncated
[  150.862782][ T5855] loop1: p86 start 150994944 is beyond EOD, truncated
[  150.864981][ T5855] loop1: p87 start 150994944 is beyond EOD, truncated
[  150.867263][ T5855] loop1: p88 start 150994944 is beyond EOD, truncated
[  150.870260][ T5855] loop1: p89 start 150994944 is beyond EOD, truncated
[  150.872645][ T5855] loop1: p90 start 150994944 is beyond EOD, truncated
[  150.874789][ T5855] loop1: p91 start 150994944 is beyond EOD, truncated
[  150.877031][ T5855] loop1: p92 start 150994944 is beyond EOD, truncated
[  150.879561][ T5855] loop1: p93 start 150994944 is beyond EOD, truncated
[  150.881646][ T5855] loop1: p94 start 150994944 is beyond EOD, truncated
[  150.884074][ T5855] loop1: p95 start 150994944 is beyond EOD, truncated
[  150.886325][ T5855] loop1: p96 start 150994944 is beyond EOD, truncated
[  150.889267][ T5855] loop1: p97 start 150994944 is beyond EOD, truncated
[  150.891401][ T5855] loop1: p98 start 150994944 is beyond EOD, truncated
[  150.893794][ T5855] loop1: p99 start 150994944 is beyond EOD, truncated
[  150.896321][ T5855] loop1: p100 start 150994944 is beyond EOD, truncated
[  150.898495][ T5855] loop1: p101 start 150994944 is beyond EOD, truncated
[  150.901427][ T5855] loop1: p102 start 150994944 is beyond EOD, truncated
[  150.903979][ T5855] loop1: p103 start 150994944 is beyond EOD, truncated
[  150.906150][ T5855] loop1: p104 start 150994944 is beyond EOD, truncated
[  150.908387][ T5855] loop1: p105 start 150994944 is beyond EOD, truncated
[  150.910912][ T5855] loop1: p106 start 150994944 is beyond EOD, truncated
[  150.913314][ T5855] loop1: p107 start 150994944 is beyond EOD, truncated
[  150.915452][ T5855] loop1: p108 start 150994944 is beyond EOD, truncated
[  150.917718][ T5855] loop1: p109 start 150994944 is beyond EOD, truncated
[  150.920157][ T5855] loop1: p110 start 150994944 is beyond EOD, truncated
[  150.922469][ T5855] loop1: p111 start 150994944 is beyond EOD, truncated
[  150.924739][ T5855] loop1: p112 start 150994944 is beyond EOD, truncated
[  150.926900][ T5855] loop1: p113 start 150994944 is beyond EOD, truncated
[  150.929718][ T5855] loop1: p114 start 150994944 is beyond EOD, truncated
[  150.931982][ T5855] loop1: p115 start 150994944 is beyond EOD, truncated
[  150.934451][ T5855] loop1: p116 start 150994944 is beyond EOD, truncated
[  150.936562][ T5855] loop1: p117 start 150994944 is beyond EOD, truncated
[  150.938705][ T5855] loop1: p118 start 150994944 is beyond EOD, truncated
[  150.942805][ T5855] loop1: p119 start 150994944 is beyond EOD, truncated
[  150.945041][ T5855] loop1: p120 start 150994944 is beyond EOD, truncated
[  150.947425][ T5855] loop1: p121 start 150994944 is beyond EOD, truncated
[  150.950413][ T5855] loop1: p122 start 150994944 is beyond EOD, truncated
[  150.952563][ T5855] loop1: p123 start 150994944 is beyond EOD, truncated
[  150.954728][ T5855] loop1: p124 start 150994944 is beyond EOD, truncated
[  150.956913][ T5855] loop1: p125 start 150994944 is beyond EOD, truncated
[  150.959580][ T5855] loop1: p126 start 150994944 is beyond EOD, truncated
[  150.961768][ T5855] loop1: p127 start 150994944 is beyond EOD, truncated
[  150.963940][ T5855] loop1: p128 start 150994944 is beyond EOD, truncated
[  150.966121][ T5855] loop1: p129 start 150994944 is beyond EOD, truncated
[  150.968456][ T5855] loop1: p130 start 150994944 is beyond EOD, truncated
[  150.971618][ T5855] loop1: p131 start 150994944 is beyond EOD, truncated
[  150.974542][ T5855] loop1: p132 start 150994944 is beyond EOD, truncated
[  150.977484][ T5855] loop1: p133 start 150994944 is beyond EOD, truncated
[  150.980855][ T5855] loop1: p134 start 150994944 is beyond EOD, truncated
[  150.983877][ T5855] loop1: p135 start 150994944 is beyond EOD, truncated
[  150.986878][ T5855] loop1: p136 start 150994944 is beyond EOD, truncated
[  150.990228][ T5855] loop1: p137 start 150994944 is beyond EOD, truncated
[  150.993209][ T5855] loop1: p138 start 150994944 is beyond EOD, truncated
[  150.996182][ T5855] loop1: p139 start 150994944 is beyond EOD, truncated
[  150.999551][ T5855] loop1: p140 start 150994944 is beyond EOD, truncated
[  151.002542][ T5855] loop1: p141 start 150994944 is beyond EOD, truncated
[  151.005529][ T5855] loop1: p142 start 150994944 is beyond EOD, truncated
[  151.008532][ T5855] loop1: p143 start 150994944 is beyond EOD, truncated
[  151.012135][ T5855] loop1: p144 start 150994944 is beyond EOD, truncated
[  151.015021][ T5855] loop1: p145 start 150994944 is beyond EOD, truncated
[  151.018128][ T5855] loop1: p146 start 150994944 is beyond EOD, truncated
[  151.021559][ T5855] loop1: p147 start 150994944 is beyond EOD, truncated
[  151.024357][ T5855] loop1: p148 start 150994944 is beyond EOD, truncated
[  151.027244][ T5855] loop1: p149 start 150994944 is beyond EOD, truncated
[  151.030665][ T5855] loop1: p150 start 150994944 is beyond EOD, truncated
[  151.033734][ T5855] loop1: p151 start 150994944 is beyond EOD, truncated
[  151.036636][ T5855] loop1: p152 start 150994944 is beyond EOD, truncated
[  151.040013][ T5855] loop1: p153 start 150994944 is beyond EOD, truncated
[  151.042988][ T5855] loop1: p154 start 150994944 is beyond EOD, truncated
[  151.046707][ T5855] loop1: p155 start 150994944 is beyond EOD, truncated
[  151.050058][ T5855] loop1: p156 start 150994944 is beyond EOD, truncated
[  151.052933][ T5855] loop1: p157 start 150994944 is beyond EOD, truncated
[  151.055754][ T5855] loop1: p158 start 150994944 is beyond EOD, truncated
[  151.058602][ T5855] loop1: p159 start 150994944 is beyond EOD, truncated
[  151.061999][ T5855] loop1: p160 start 150994944 is beyond EOD, truncated
[  151.064948][ T5855] loop1: p161 start 150994944 is beyond EOD, truncated
[  151.067841][ T5855] loop1: p162 start 150994944 is beyond EOD, truncated
[  151.071188][ T5855] loop1: p163 start 150994944 is beyond EOD, truncated
[  151.073969][ T5855] loop1: p164 start 150994944 is beyond EOD, truncated
[  151.076860][ T5855] loop1: p165 start 150994944 is beyond EOD, truncated
[  151.080285][ T5855] loop1: p166 start 150994944 is beyond EOD, truncated
[  151.083041][ T5855] loop1: p167 start 150994944 is beyond EOD, truncated
[  151.085911][ T5855] loop1: p168 start 150994944 is beyond EOD, truncated
[  151.088721][ T5855] loop1: p169 start 150994944 is beyond EOD, truncated
[  151.091301][ T5855] loop1: p170 start 150994944 is beyond EOD, truncated
[  151.094108][ T5855] loop1: p171 start 150994944 is beyond EOD, truncated
[  151.096803][ T5855] loop1: p172 start 150994944 is beyond EOD, truncated
[  151.100716][ T5855] loop1: p173 start 150994944 is beyond EOD, truncated
[  151.103150][ T5855] loop1: p174 start 150994944 is beyond EOD, truncated
[  151.105665][ T5855] loop1: p175 start 150994944 is beyond EOD, truncated
[  151.108111][ T5855] loop1: p176 start 150994944 is beyond EOD, truncated
[  151.110673][ T5855] loop1: p177 start 150994944 is beyond EOD, truncated
[  151.112897][ T5855] loop1: p178 start 150994944 is beyond EOD, truncated
[  151.115234][ T5855] loop1: p179 start 150994944 is beyond EOD, truncated
[  151.118069][ T5855] loop1: p180 start 150994944 is beyond EOD, truncated
[  151.121048][ T5855] loop1: p181 start 150994944 is beyond EOD, truncated
[  151.123860][ T5855] loop1: p182 start 150994944 is beyond EOD, truncated
[  151.126261][ T5855] loop1: p183 start 150994944 is beyond EOD, truncated
[  151.128662][ T5855] loop1: p184 start 150994944 is beyond EOD, truncated
[  151.131327][ T5855] loop1: p185 start 150994944 is beyond EOD, truncated
[  151.133609][ T5855] loop1: p186 start 150994944 is beyond EOD, truncated
[  151.135763][ T5855] loop1: p187 start 150994944 is beyond EOD, truncated
[  151.138047][ T5855] loop1: p188 start 150994944 is beyond EOD, truncated
[  151.140670][ T5855] loop1: p189 start 150994944 is beyond EOD, truncated
[  151.142849][ T5855] loop1: p190 start 150994944 is beyond EOD, truncated
[  151.144961][ T5855] loop1: p191 start 150994944 is beyond EOD, truncated
[  151.148440][ T5855] loop1: p192 start 150994944 is beyond EOD, truncated
[  151.151465][ T5855] loop1: p193 start 150994944 is beyond EOD, truncated
[  151.153663][ T5855] loop1: p194 start 150994944 is beyond EOD, truncated
[  151.155811][ T5855] loop1: p195 start 150994944 is beyond EOD, truncated
[  151.158577][ T5855] loop1: p196 start 150994944 is beyond EOD, truncated
[  151.161327][ T5855] loop1: p197 start 150994944 is beyond EOD, truncated
[  151.164049][ T5855] loop1: p198 start 150994944 is beyond EOD, truncated
[  151.166884][ T5855] loop1: p199 start 150994944 is beyond EOD, truncated
[  151.170124][ T5855] loop1: p200 start 150994944 is beyond EOD, truncated
[  151.172799][ T5855] loop1: p201 start 150994944 is beyond EOD, truncated
[  151.175705][ T5855] loop1: p202 start 150994944 is beyond EOD, truncated
[  151.178499][ T5855] loop1: p203 start 150994944 is beyond EOD, truncated
[  151.181724][ T5855] loop1: p204 start 150994944 is beyond EOD, truncated
[  151.184600][ T5855] loop1: p205 start 150994944 is beyond EOD, truncated
[  151.187438][ T5855] loop1: p206 start 150994944 is beyond EOD, truncated
[  151.192605][ T5855] loop1: p207 start 150994944 is beyond EOD, truncated
[  151.198537][ T5855] loop1: p208 start 150994944 is beyond EOD, truncated
[  151.202909][ T5855] loop1: p209 start 150994944 is beyond EOD, truncated
[  151.208268][ T5855] loop1: p210 start 150994944 is beyond EOD, truncated
[  151.211717][ T5855] loop1: p211 start 150994944 is beyond EOD, truncated
[  151.215114][ T5855] loop1: p212 start 150994944 is beyond EOD, truncated
[  151.218382][ T5855] loop1: p213 start 150994944 is beyond EOD, truncated
[  151.222041][ T5855] loop1: p214 start 150994944 is beyond EOD, truncated
[  151.224965][ T5855] loop1: p215 start 150994944 is beyond EOD, truncated
[  151.227842][ T5855] loop1: p216 start 150994944 is beyond EOD, truncated
[  151.231058][ T5855] loop1: p217 start 150994944 is beyond EOD, truncated
[  151.233920][ T5855] loop1: p218 start 150994944 is beyond EOD, truncated
[  151.236719][ T5855] loop1: p219 start 150994944 is beyond EOD, truncated
[  151.239746][ T5855] loop1: p220 start 150994944 is beyond EOD, truncated
[  151.242758][ T5855] loop1: p221 start 150994944 is beyond EOD, truncated
[  151.245627][ T5855] loop1: p222 start 150994944 is beyond EOD, truncated
[  151.248580][ T5855] loop1: p223 start 150994944 is beyond EOD, truncated
[  151.252600][ T5855] loop1: p224 start 150994944 is beyond EOD, truncated
[  151.255986][ T5855] loop1: p225 start 150994944 is beyond EOD, truncated
[  151.259220][ T5855] loop1: p226 start 150994944 is beyond EOD, truncated
[  151.262364][ T5855] loop1: p227 start 150994944 is beyond EOD, truncated
[  151.265125][ T5855] loop1: p228 start 150994944 is beyond EOD, truncated
[  151.268424][ T5855] loop1: p229 start 150994944 is beyond EOD, truncated
[  151.272751][ T5855] loop1: p230 start 150994944 is beyond EOD, truncated
[  151.275768][ T5855] loop1: p231 start 150994944 is beyond EOD, truncated
[  151.278556][ T5855] loop1: p232 start 150994944 is beyond EOD, truncated
[  151.281541][ T5855] loop1: p233 start 150994944 is beyond EOD, truncated
[  151.284447][ T5855] loop1: p234 start 150994944 is beyond EOD, truncated
[  151.287190][ T5855] loop1: p235 start 150994944 is beyond EOD, truncated
[  151.290134][ T5855] loop1: p236 start 150994944 is beyond EOD, truncated
[  151.292807][ T5855] loop1: p237 start 150994944 is beyond EOD, truncated
[  151.295485][ T5855] loop1: p238 start 150994944 is beyond EOD, truncated
[  151.298209][ T5855] loop1: p239 start 150994944 is beyond EOD, truncated
[  151.301020][ T5855] loop1: p240 start 150994944 is beyond EOD, truncated
[  151.303649][ T5855] loop1: p241 start 150994944 is beyond EOD, truncated
[  151.306438][ T5855] loop1: p242 start 150994944 is beyond EOD, truncated
[  151.309310][ T5855] loop1: p243 start 150994944 is beyond EOD, truncated
[  151.312036][ T5855] loop1: p244 start 150994944 is beyond EOD, truncated
[  151.314796][ T5855] loop1: p245 start 150994944 is beyond EOD, truncated
[  151.317662][ T5855] loop1: p246 start 150994944 is beyond EOD, truncated
[  151.320541][ T5855] loop1: p247 start 150994944 is beyond EOD, truncated
[  151.323465][ T5855] loop1: p248 start 150994944 is beyond EOD, truncated
[  151.326218][ T5855] loop1: p249 start 150994944 is beyond EOD, truncated
[  151.329243][ T5855] loop1: p250 start 150994944 is beyond EOD, truncated
[  151.332041][ T5855] loop1: p251 start 150994944 is beyond EOD, truncated
[  151.334917][ T5855] loop1: p252 start 150994944 is beyond EOD, truncated
[  151.337584][ T5855] loop1: p253 start 150994944 is beyond EOD, truncated
[  151.340744][ T5855] loop1: p254 start 150994944 is beyond EOD, truncated
[  151.343578][ T5855] loop1: p255 start 150994944 is beyond EOD, truncated
[  151.382219][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  151.443955][ T8392] sctp: Trying to GSO but underlying device doesn't support it.
[  152.821385][ T8430] netlink: 'syz.2.944': attribute type 39 has an invalid length.
[  153.394152][ T8448] loop1: detected capacity change from 0 to 32768
[  153.398244][ T8448] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.953 (8448)
[  153.412041][ T8448] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.415269][ T8448] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  153.418329][ T8448] BTRFS info (device loop1): using free-space-tree
[  153.623543][ T5850] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  154.443459][   T24] libceph: connect (1)[c::]:6789 error -101
[  154.445809][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  154.512053][ T8489] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.516904][ T8489] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.575599][ T8489] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  154.582666][ T8489] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  154.674556][ T5742] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.677691][ T5742] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.681058][ T5742] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.684103][ T5742] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  154.721056][   T47] libceph: connect (1)[c::]:6789 error -101
[  154.723262][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  154.792387][ T8494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  154.861341][ T8483] ceph: No mds server is up or the cluster is laggy
[  154.991944][ T8500] netlink: 32 bytes leftover after parsing attributes in process `syz.1.966'.
[  155.299039][ T5898] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  155.448934][ T5898] usb 2-1: Using ep0 maxpacket: 16
[  155.452604][ T5898] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  155.455890][ T5898] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.460869][ T5898] usb 2-1: config 0 has no interface number 0
[  155.465694][ T5898] usb 2-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  155.469602][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.472634][ T5898] usb 2-1: Product: syz
[  155.474234][ T5898] usb 2-1: Manufacturer: syz
[  155.476008][ T5898] usb 2-1: SerialNumber: syz
[  155.480511][ T5898] usb 2-1: config 0 descriptor??
[  155.488462][ T5898] usb 2-1: Found UVC 0.00 device syz (046c:14e8)
[  155.491055][ T5898] usb 2-1: No valid video chain found.
[  155.663852][ T8506] loop2: detected capacity change from 0 to 512
[  155.667098][ T8506] EXT4-fs: Ignoring removed oldalloc option
[  155.685037][ T8506] loop2: detected capacity change from 0 to 1024
[  155.703976][ T5898] usb 2-1: USB disconnect, device number 12
[  156.459002][   T55] Bluetooth: hci1: command 0x0405 tx timeout
[  156.884914][ T8519] macvtap0: refused to change device tx_queue_len
[  157.244259][ T8530] netlink: 'syz.1.979': attribute type 83 has an invalid length.
[  157.424079][ T8532] random: crng reseeded on system resumption
[  157.481242][ T8532] Restarting kernel threads ...
[  157.486815][ T8532] Done restarting kernel threads.
[  158.539125][   T55] Bluetooth: hci1: command 0x0405 tx timeout
[  158.973498][ T8562] loop1: detected capacity change from 0 to 128
[  159.011018][ T8562] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  159.016664][ T8562] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.061589][ T5850] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  159.197760][ T8574] fuse: Bad value for 'fd'
[  159.217938][ T8574] loop0: detected capacity change from 0 to 512
[  159.222106][ T8574] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  159.228970][ T2214] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  159.237629][ T8574] EXT4-fs (loop0): 1 truncate cleaned up
[  159.249514][ T8574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.279426][ T5841] EXT4-fs error (device loop0): ext4_lookup:1787: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[  159.291008][ T5841] EXT4-fs (loop0): Remounting filesystem read-only
[  159.379605][ T2214] usb 3-1: Using ep0 maxpacket: 32
[  159.382952][ T2214] usb 3-1: config 0 has an invalid interface number: 96 but max is 0
[  159.385566][ T2214] usb 3-1: config 0 has no interface number 0
[  159.387950][ T2214] usb 3-1: config 0 interface 96 has no altsetting 0
[  159.393920][ T2214] usb 3-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=b2.44
[  159.397243][ T2214] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.400536][ T2214] usb 3-1: Product: syz
[  159.402139][ T2214] usb 3-1: Manufacturer: syz
[  159.403778][ T2214] usb 3-1: SerialNumber: syz
[  159.408328][ T2214] usb 3-1: config 0 descriptor??
[  159.417649][ T2214] legousbtower 3-1:0.96: interrupt endpoints not found
[  159.471822][ T5841] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.615416][ T2214] usb 3-1: USB disconnect, device number 20
[  159.930860][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  159.935171][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  159.941364][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  159.945654][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  159.949770][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  160.107724][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.155520][ T8584] lo speed is unknown, defaulting to 1000
[  160.203897][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.287815][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.384248][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.403231][ T8600] loop2: detected capacity change from 0 to 512
[  160.468131][ T8604] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  160.473580][ T8604] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  160.477024][ T8604] CPU: 0 UID: 0 PID: 8604 Comm: syz.1.1013 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  160.482591][ T8604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  160.486553][ T8604] RIP: 0010:xfrm_state_find+0x4c9b/0x5400
[  160.488895][ T8604] Code: 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 ff e8 99 46 03 f8 49 8b 1f 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 67 47 03 f8 4c 89 23 48 b8 00 00 00
[  160.496656][ T8604] RSP: 0018:ffffc90003a471a0 EFLAGS: 00010246
[  160.499088][ T8604] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  160.502258][ T8604] RDX: ffffc90003fb1000 RSI: 0000000000000dc6 RDI: 0000000000000dc7
[  160.505386][ T8604] RBP: ffffc90003a473c0 R08: dffffc0000000000 R09: 0000000000000002
[  160.508567][ T8604] R10: 000000000000000a R11: 0000000000000002 R12: ffff8880305104a8
[  160.511753][ T8604] R13: ffff888030510480 R14: ffff888030510028 R15: ffff8880305104b0
[  160.514867][ T8604] FS:  00007f92fa92d6c0(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  160.518406][ T8604] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  160.521063][ T8604] CR2: 0000001b32120ff8 CR3: 0000000035004000 CR4: 00000000000006f0
[  160.524240][ T8604] Call Trace:
[  160.525621][ T8604]  <TASK>
[  160.526839][ T8604]  ? xfrm_state_find+0x1da/0x5400
[  160.528889][ T8604]  ? __pfx_xfrm_state_find+0x10/0x10
[  160.531032][ T8604]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[  160.533647][ T8604]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  160.536057][ T8604]  ? xfrm_policy_lookup_bytype+0x2a7/0x1250
[  160.538429][ T8604]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  160.541037][ T8604]  ? __rcu_read_unlock+0x84/0xe0
[  160.543049][ T8604]  ? xfrm_policy_lookup_bytype+0x11ef/0x1250
[  160.545480][ T8604]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  160.547648][ T8604]  ? xfrm_expand_policies+0x41f/0x6a0
[  160.549808][ T8604]  xfrm_lookup_with_ifid+0x58a/0x1a70
[  160.551975][ T8604]  ? ip6_dst_lookup_tail+0x2ca/0x1510
[  160.554128][ T8604]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  160.556515][ T8604]  ? sk_dst_check+0x25/0x480
[  160.558378][ T8604]  xfrm_lookup_route+0x3c/0x1c0
[  160.560380][ T8604]  ip6_sk_dst_lookup_flow+0x790/0x980
[  160.562593][ T8604]  ? udpv6_sendmsg+0x1656/0x24b0
[  160.564618][ T8604]  udpv6_sendmsg+0x183b/0x24b0
[  160.566599][ T8604]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  160.568847][ T8604]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  160.570939][ T8604]  ? __lock_acquire+0xab9/0xd20
[  160.572933][ T8604]  ? __local_bh_enable_ip+0x12d/0x1c0
[  160.575113][ T8604]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  160.577476][ T8604]  ? inet_send_prepare+0x1b9/0x270
[  160.579594][ T8604]  ? inet_send_prepare+0x1b9/0x270
[  160.581676][ T8604]  ? inet6_sendmsg+0xe4/0x120
[  160.583611][ T8604]  __sock_sendmsg+0xe5/0x270
[  160.585481][ T8604]  __sys_sendto+0x3bd/0x520
[  160.587324][ T8604]  ? __pfx___sys_sendto+0x10/0x10
[  160.589407][ T8604]  ? do_futex+0x395/0x420
[  160.591216][ T8604]  ? rcu_is_watching+0x15/0xb0
[  160.593199][ T8604]  __x64_sys_sendto+0xde/0x100
[  160.595206][ T8604]  do_syscall_64+0xfa/0x3b0
[  160.597047][ T8604]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.599219][ T8604]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.601694][ T8604]  ? exc_page_fault+0x9f/0xf0
[  160.603645][ T8604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.606048][ T8604] RIP: 0033:0x7f92f9b8ebe9
[  160.607862][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.615808][ T8604] RSP: 002b:00007f92fa92d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  160.619191][ T8604] RAX: ffffffffffffffda RBX: 00007f92f9db5fa0 RCX: 00007f92f9b8ebe9
[  160.622340][ T8604] RDX: ffffffffffffff69 RSI: 0000000000000000 RDI: 0000000000000005
[  160.625540][ T8604] RBP: 00007f92f9c11e19 R08: 0000200000000540 R09: 000000000000001c
[  160.628755][ T8604] R10: 0000000000044854 R11: 0000000000000246 R12: 0000000000000000
[  160.631960][ T8604] R13: 00007f92f9db6038 R14: 00007f92f9db5fa0 R15: 00007ffefa2aa718
[  160.635209][ T8604]  </TASK>
[  160.636449][ T8604] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  160.638277][ T8604] ---[ end trace 0000000000000000 ]---
[  160.640705][ T8604] RIP: 0010:xfrm_state_find+0x4c9b/0x5400
[  160.643007][ T8604] Code: 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 ff e8 99 46 03 f8 49 8b 1f 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 67 47 03 f8 4c 89 23 48 b8 00 00 00
[  160.650959][ T8604] RSP: 0018:ffffc90003a471a0 EFLAGS: 00010246
[  160.653392][ T8604] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  160.656621][ T8604] RDX: ffffc90003fb1000 RSI: 0000000000000dc6 RDI: 0000000000000dc7
[  160.659954][ T8604] RBP: ffffc90003a473c0 R08: dffffc0000000000 R09: 0000000000000002
[  160.663226][ T8604] R10: 000000000000000a R11: 0000000000000002 R12: ffff8880305104a8
[  160.666575][ T8604] R13: ffff888030510480 R14: ffff888030510028 R15: ffff8880305104b0
[  160.669819][ T8604] FS:  00007f92fa92d6c0(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  160.673383][ T8604] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  160.675892][ T8604] CR2: 0000001b32120ff8 CR3: 0000000035004000 CR4: 00000000000006f0
[  160.679552][ T8604] Kernel panic - not syncing: Fatal exception in interrupt
[  160.682977][ T8604] Kernel Offset: disabled
[  160.684425][ T8604] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:15:36  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000034 RBX=0000000000000034 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001faf RDI=0000000000001fb0 RBP=00000000000003f8 RSP=ffffc90003a46930
R8 =ffff8881075f8237 R9 =1ffff11020ebf046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af18c8 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f92fa92d6c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32120ff8 CR3=0000000035004000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=0000000000000000 00007f92f9c12ee7 XMM09=0000000000000000 00007f92f9c12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffff888135400000 RBX=0000000000000000 RCX=0000000000bb0c10 RDX=00000000f6e7d1db
RSI=0000000000000001 RDI=00000000f8da1f37 RBP=00000000ccabb0c1 RSP=ffffc90002f7f1e8
R8 =0000000030783c0f R9 =000000006863fb8e R10=000000000000000e R11=ffffffff81ac3890
R12=ffff888135fb0c10 R13=000000000000000e R14=ffffc90002f7f250 R15=ffff888105d57b20
RIP=ffffffff84fe197b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fbaa36a4800 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055558f681608 CR3=000000010c7ca000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
