last executing test programs:

2m2.959600779s ago: executing program 0 (id=1090):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r0, 0x0, 0x4, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x9, 0x0)

2m2.706754504s ago: executing program 0 (id=1092):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TCFLSH(r0, 0x40045436, 0x3)

2m2.618575037s ago: executing program 0 (id=1093):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)

2m2.558950239s ago: executing program 0 (id=1096):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x20, 0x5}}, 0x0)

2m2.27153149s ago: executing program 0 (id=1102):
umount2(&(0x7f00000002c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7)

2m1.808713125s ago: executing program 0 (id=1105):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x24}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

2m1.444390679s ago: executing program 32 (id=1105):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x24}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

1m50.736764155s ago: executing program 3 (id=1207):
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000300)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000080)="b7a4", 0x2}], 0x1, 0x0, 0x0, 0x40051}, 0x6000841)
recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000a40)=""/188, 0xbc}], 0x1, &(0x7f00000004c0)=""/95, 0x5f}, 0xfffffffc}], 0x1, 0x12260, 0x0)

1m50.638793383s ago: executing program 3 (id=1208):
statx(0xffffffffffffff9c, 0x0, 0x2000, 0x10, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB='nodots,dots,dots,nodots,dots,nodots,dots,quiet,dots,dots,showexec,dots,dots,dots,nfs,nodots,gid=', @ANYRESHEX=r0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c6e6f646f74732c636865636b3d6e6f726d616c2c636865636b3d7374726963746612d4aa43646f74732c00"], 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000380)={'syz0\x00', {0x4, 0x6, 0x7fff, 0x8d5}, 0x2, [0x10000, 0x6, 0xfff, 0xffffffff, 0x8, 0x1, 0x6, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0x842, 0x6, 0x3ff, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x3, 0xa7, 0xeb36, 0x2, 0x9, 0x76c9, 0x200, 0xd27e, 0x1, 0x1, 0x7, 0x9, 0x1000f, 0xb, 0x9, 0x7ffffffc, 0x9, 0xb50, 0x0, 0x800, 0x5, 0x0, 0x2000007, 0xfff7fffe, 0xfffffffa, 0x8, 0x24, 0x7fff, 0x8, 0x1, 0x200, 0x0, 0x3, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x8e, 0x7, 0x80000001, 0x9, 0x4, 0x85, 0x8, 0x7, 0x9, 0x8001, 0x6, 0x8, 0x2, 0xb, 0xfff, 0x7ff, 0x7ff, 0x7, 0xb, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0x6, 0x9, 0x9, 0x4d26, 0x10000, 0x4, 0x2, 0x7, 0xfffffffc, 0x4, 0x6, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x7, 0x81, 0x4b, 0x7d, 0x6, 0xb, 0x4, 0x9, 0x1, 0x8d1, 0x100008fd, 0xfffffffb, 0xe0, 0x8e, 0x7, 0x4, 0x401, 0x20000ade, 0x7f, 0x9], [0x8396, 0x7, 0x10000, 0x9, 0x8000, 0x2, 0x9, 0xe, 0x8, 0xff, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7fffffff, 0x3, 0x6, 0x5, 0x2, 0xcb, 0x2, 0x3, 0x0, 0x2, 0x8001, 0xc, 0x5, 0xb0f, 0x1e, 0x1, 0x800, 0x80009, 0x9, 0x3, 0x200, 0x800fc, 0x4, 0xe, 0x464b, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x6, 0x7f, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xffff, 0xd5e, 0xa0c787d, 0xffffff4e, 0x9, 0x4, 0x359, 0x3, 0x0, 0x4, 0x9, 0x1, 0x6], [0x10000010, 0x7, 0x9, 0x2, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0x2, 0x2, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0x7ff, 0xdaa, 0x4, 0x3, 0x103, 0x6, 0xcc, 0x6, 0x4000440, 0xffffffff, 0xfffffffb, 0x40, 0x1, 0x4, 0x7, 0xfff, 0x4, 0x9, 0x0, 0x6, 0x1, 0x0, 0x3, 0x8ac1, 0x3, 0x1, 0x80000002, 0x80040002, 0xff, 0x6, 0x3, 0xfffff801, 0xffefffff, 0x37d, 0xfffffff8, 0xd, 0x6, 0xf, 0x8, 0x6eaf, 0x0, 0x8, 0x5e02, 0x2, 0x3, 0x5, 0x2]}, 0x45c)
r7 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0xe2802)
read(r7, &(0x7f0000000240)=""/195, 0xc3)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x11e)
r8 = syz_open_procfs(0x0, &(0x7f00000021c0)='maps\x00')
preadv(r8, &(0x7f0000000200)=[{&(0x7f0000000240)=""/173, 0xad}], 0x1, 0x800, 0x4000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
io_getevents(0x0, 0x4, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)

1m49.72823466s ago: executing program 3 (id=1213):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x88010)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r1, 0x4010744d, &(0x7f0000000180))

1m49.59910921s ago: executing program 3 (id=1214):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x10092, &(0x7f00000000c0)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@gid}, {@errors_remount}, {@zero_size_dir}, {@dmask}, {@errors_continue}, {@keep_last_dots}]}, 0x1, 0x14e1, &(0x7f0000002ac0)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)

1m49.527667242s ago: executing program 3 (id=1215):
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x6}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="5e54e574da93883e8c628a600b17cbe584d2e73c68141965f3fbcf0e16db6e759d420151c6c57504", 0x28}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@pktinfo={{0x24, 0x29, 0x34, {@ipv4={'\x00', '\xff\xff', @local}}}}], 0x28}}], 0x2, 0x40)

1m49.246043568s ago: executing program 3 (id=1216):
openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x6, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000001280)={'filter\x00', 0x7, 0x2, 0x3e8, 0x0, 0x300, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @multicast1, @broadcast, 0x1}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8, 'syz0\x00', {0x3}}}}, {{@arp={@remote, @multicast2, 0x0, 0x0, 0x40, 0x10, {@mac, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, {}, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 'pim6reg\x00', 'vcan0\x00', {}, {}, 0x0, 0x280}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x1, 0x0, 0x0, r4})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000240)={0x6, 0x0, r4})
syz_open_procfs(0x0, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
ftruncate(0xffffffffffffffff, 0x5)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, 0xffffffffffffffff, 0x2f126000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_VERSION(r6, 0x0, 0x480, &(0x7f0000005680), &(0x7f0000009980)=0x40)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

1m49.066921958s ago: executing program 33 (id=1216):
openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x6, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000001280)={'filter\x00', 0x7, 0x2, 0x3e8, 0x0, 0x300, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @multicast1, @broadcast, 0x1}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8, 'syz0\x00', {0x3}}}}, {{@arp={@remote, @multicast2, 0x0, 0x0, 0x40, 0x10, {@mac, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, {}, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 'pim6reg\x00', 'vcan0\x00', {}, {}, 0x0, 0x280}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x1, 0x0, 0x0, r4})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000240)={0x6, 0x0, r4})
syz_open_procfs(0x0, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
ftruncate(0xffffffffffffffff, 0x5)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, 0xffffffffffffffff, 0x2f126000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_VERSION(r6, 0x0, 0x480, &(0x7f0000005680), &(0x7f0000009980)=0x40)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)

1m2.944534547s ago: executing program 4 (id=1715):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "9806d1267c49cd76", "c442e6adcb511ad19648396c5352e18f", "6086c2ca", "b973738a82366fb2"}, 0x28)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000040), 0x44)

1m2.84571154s ago: executing program 4 (id=1716):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
read$dsp(r0, &(0x7f0000000440)=""/4096, 0x1000)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000400)=0xfffffffd)

1m2.240651342s ago: executing program 4 (id=1730):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x60, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x4f}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x48}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x60}}, 0x2)

1m2.178801087s ago: executing program 4 (id=1732):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
socket(0x25, 0x1, 0x0)
gettid()
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
r1 = memfd_create(&(0x7f00000005c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00r\xbb\xdd\xe8\x87\x05=\xfb\x8b}\xfc\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18l\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93F\xb9\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~c,`\x02\xb8\x01r\x89\x82\x13\xd0}C7\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xef\x102\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{', 0x4)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
mount$nfs(0x0, 0x0, 0x0, 0x201008, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400000bde)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r2, 0x941c, 0x0)
write$P9_RSTATu(0xffffffffffffffff, 0x0, 0x20e)
ftruncate(r1, 0x400000)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x7018c0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x23254d8, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m0.811433633s ago: executing program 4 (id=1737):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0000040042800c0001800600060090390000100002800c000300080009"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0x40008810)

59.484773333s ago: executing program 4 (id=1743):
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
getsockname$unix(r0, 0x0, &(0x7f0000000100))

59.046429404s ago: executing program 34 (id=1743):
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
getsockname$unix(r0, 0x0, &(0x7f0000000100))

2.069493891s ago: executing program 2 (id=2323):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a868eaead4f19cdeb7cfc100ceabb4a3999cce5d36ecfe80def20f7187bab75515226f4d9b30e0567612210d492468781999ce795522b726bdf37b15e9afde32a7052cc909eb08cca312c557bff04cf1fbb0dcfe8ac00"/2832], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff4f}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000000c0)="76389e147583ddd0569ba56a5cfd", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

1.969327797s ago: executing program 2 (id=2325):
syz_usbip_server_init(0x1)

1.339692608s ago: executing program 2 (id=2331):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd\x00')
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
cachestat(r0, &(0x7f0000000000)={0x264, 0x1}, 0x0, 0xee)

870.374809ms ago: executing program 2 (id=2337):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000002c0)=0x8, 0x4)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000300)=0xc6c5, 0x4)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

639.926372ms ago: executing program 5 (id=2349):
syz_emit_ethernet(0x36, &(0x7f0000001480)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @remote, @void, {@ipv6={0x86dd, @generic={0xa, 0x6, "7abd6a", 0x0, 0x3b, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2}}}}, 0x0)

561.103537ms ago: executing program 1 (id=2350):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x5407, 0x0)

560.944173ms ago: executing program 5 (id=2351):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x10001, @local, 0x5}, 0x1c)
sendmmsg$inet(r0, &(0x7f0000001780)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x18, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}], 0x18}}], 0x1, 0x4880)

560.456272ms ago: executing program 5 (id=2352):
mq_open(&(0x7f0000000b40)='\aP\xdf\x80\xfeL\x007\xe8e\xda{`\x9e\xcd\xf1^{\xeb>P\xf1<@\x00\xba\x87\xd0\x0eB\x00\xf2\x02bw\xdeN\x02E\xa2\xe52}\x1e\"B1\xa3\x8a\x0e\x916\x00H=\xf2\t\x89Ej\x1a\x97\t5V\xca\xf0\xee-\xbf$f9~\x0f_\xe6\xc6\x19\x00X*\xc9v\xe5U\xe7z\x9b\xa9\x8b\xa6n\x14b\xfc\xff\xf1\xd4K/V\x1b\x10vZ\x8e\x1f\x95\xcf', 0x42, 0x25, &(0x7f0000000900)={0x1, 0x30a3, 0x2, 0xfffffffffffff220})

481.09756ms ago: executing program 5 (id=2353):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r0, 0x0, 0x10, 0x0, &(0x7f0000000280)="61dfb0020866c667fc53b9265583e283", 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

480.760697ms ago: executing program 5 (id=2354):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000080), &(0x7f00000000c0), 0x0)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000100), &(0x7f0000000140), 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x2, 0x0)
write(r2, &(0x7f0000000180)="01010101", 0x4)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)
execveat$binfmt(0xffffffffffffff9c, r0, &(0x7f0000000340), &(0x7f0000000380), 0x0)

480.547953ms ago: executing program 1 (id=2355):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
madvise(&(0x7f0000069000/0x2000)=nil, 0x2000, 0x8)

391.446875ms ago: executing program 5 (id=2356):
syz_usb_connect(0x0, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="120100001d9167204f17316a3f26010203010902120001000000000904"], 0x0)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)

391.036132ms ago: executing program 1 (id=2357):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0xfffe}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x4}]}], {0x14, 0x14, 0x1, 0x0, 0x0, {0x1}}}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

341.125827ms ago: executing program 1 (id=2358):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000003c0)={0x1, 0xb, 0x9f1, 0x0, 0x0, [{}]})

340.944161ms ago: executing program 1 (id=2359):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000440)="9f000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7811e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d00020039000140010000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff55e461247604821d35c86ee54bbab3eaf8956e2ca426", 0x9f}], 0x1}, 0x0)

271.29975ms ago: executing program 1 (id=2360):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000100)="23b8c638344ca929e7075acc3e9834a6cd039a14824285d39d85703c53e97e5a0d80c8fc00000000c6340909882d609c66b9ee89cc3432c5da4415a10fd135a56eb71ecbefe790873e0aaa4e0e30c8dfd51072000000000000000015ecc6fad80336f6af0e2c1ece958963715bcb930ae0a336229b702f0eea4c9488a71702da4394ff95af6eac00665bcae3ba8e78112945eaa90daec7d703f2d86620c1f8fc037cd665272754af4509a28dd2ea1fd560803e66a7dd21944db1", 0xfffffffffffffe1b, 0x4000082, 0x0, 0x0)

508.235µs ago: executing program 2 (id=2361):
unshare(0x22020600)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)

0s ago: executing program 2 (id=2362):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0xf0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000340)={0xfffff2d4, 0x200ffffe, 0x7, 0xffffffff, 0x0, "4d6b5ccb00"})
readv(r0, &(0x7f0000003a00)=[{&(0x7f0000003840)=""/166, 0xa6}], 0x1)
ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000300))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000a40))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0/../file0\x00'})
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x0)
readv(r3, &(0x7f00000002c0), 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x8e383, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xee01}}, './file0/../file0\x00'})
getegid()
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x90, 0xfffffffffffffffe, 0x4000000a74e, {0x1, 0x0, 0x0, 0xffff, 0xfffffff8, 0x84, {0x4, 0x5, 0x7, 0x80000000, 0xfff, 0xffff, 0x7d59, 0x7fff, 0x4, 0x2000, 0x7f, 0x0, 0x0, 0x78002, 0xff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000000)=0xc)
setregid(0xffffffffffffffff, r4)

kernel console output (not intermixed with test programs):

3.874318][ T9292] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.878688][ T9292] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  205.839653][ T9341] loop4: detected capacity change from 0 to 32768
[  205.857485][ T9341] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  205.870637][ T9341] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  205.892579][ T9341] (syz.4.1318,9341,0):ocfs2_read_blocks:239 ERROR: status = -12
[  205.895870][ T9341] (syz.4.1318,9341,0):ocfs2_xattr_block_find:2831 ERROR: status = -12
[  205.957810][ T9068] ocfs2: Unmounting device (7,4) on (node local)
[  206.049674][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1328'.
[  206.168214][ T9365] loop4: detected capacity change from 0 to 16
[  206.179167][ T9365] erofs (device loop4): mounted with root inode @ nid 36.
[  206.327635][ T9371] openvswitch: netlink: Message has 8 unknown bytes.
[  206.329805][ T9371] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  206.412416][ T9373] loop2: detected capacity change from 0 to 2048
[  206.422939][ T9373] NILFS (loop2): invalid segment: Inconsistency found
[  206.426286][ T9373] NILFS (loop2): trying rollback from an earlier position
[  206.434614][ T9373] NILFS (loop2): recovery complete
[  206.439001][ T9376] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  206.825935][ T9375] loop4: detected capacity change from 0 to 40427
[  206.829269][ T9375] F2FS-fs (loop4): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  206.832007][ T9375] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  206.834763][ T9375] F2FS-fs (loop4): build fault injection type: 0x6
[  206.843173][ T9375] F2FS-fs (loop4): invalid crc value
[  206.901523][ T9375] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  206.905793][ T9375] F2FS-fs (loop4): Start checkpoint disabled!
[  206.916714][ T9375] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  206.919014][ T9375] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  206.981625][    C0] hpet: Lost 1 RTC interrupts
[  207.111173][    C0] hpet: Lost 1 RTC interrupts
[  208.446600][ T9393] loop2: detected capacity change from 0 to 164
[  208.771456][   T10] IPVS: starting estimator thread 0...
[  208.773386][ T9409] IPVS: ip_vs_edit_dest(): server weight less than zero
[  208.871113][ T9410] IPVS: using max 64 ests per chain, 153600 per kthread
[  208.917216][ T9407] loop2: detected capacity change from 0 to 32768
[  208.947326][ T9407] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  208.990639][ T5851] (syz-executor,5851,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  208.998321][ T5851] ocfs2: Unmounting device (7,2) on (node local)
[  209.024794][ T9418] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'.
[  210.224983][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  210.431676][ T6184] kworker/u10:5: attempt to access beyond end of device
[  210.431676][ T6184] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  210.436459][ T6184] CPU: 1 UID: 0 PID: 6184 Comm: kworker/u10:5 Not tainted syzkaller #0 PREEMPT(full) 
[  210.436470][ T6184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  210.436476][ T6184] Workqueue: writeback wb_workfn (flush-7:4)
[  210.436492][ T6184] Call Trace:
[  210.436495][ T6184]  <TASK>
[  210.436500][ T6184]  dump_stack_lvl+0x189/0x250
[  210.436514][ T6184]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.436524][ T6184]  ? __pfx_queue_work_on+0x10/0x10
[  210.436532][ T6184]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  210.436544][ T6184]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  210.436560][ T6184]  f2fs_handle_critical_error+0x37c/0x540
[  210.436576][ T6184]  f2fs_write_end_io+0x886/0xb60
[  210.436593][ T6184]  __submit_merged_bio+0x27a/0x6a0
[  210.436608][ T6184]  __submit_merged_write_cond+0x255/0x530
[  210.436623][ T6184]  f2fs_write_data_pages+0x261d/0x3000
[  210.436652][ T6184]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  210.436672][ T6184]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  210.436698][ T6184]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  210.436709][ T6184]  ? look_up_lock_class+0x74/0x170
[  210.436726][ T6184]  ? trace_f2fs_writepages+0x7f/0x200
[  210.436738][ T6184]  ? f2fs_write_node_pages+0x478/0x6e0
[  210.436751][ T6184]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  210.436770][ T6184]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  210.436782][ T6184]  do_writepages+0x32e/0x550
[  210.436795][ T6184]  ? reacquire_held_locks+0x127/0x1d0
[  210.436804][ T6184]  ? writeback_sb_inodes+0x384/0x1010
[  210.436818][ T6184]  __writeback_single_inode+0x145/0xff0
[  210.436828][ T6184]  ? do_raw_spin_unlock+0x4d/0x240
[  210.436840][ T6184]  writeback_sb_inodes+0x6c7/0x1010
[  210.436853][ T6184]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  210.436873][ T6184]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  210.436905][ T6184]  ? rcu_is_watching+0x15/0xb0
[  210.436918][ T6184]  wb_writeback+0x43b/0xaf0
[  210.436932][ T6184]  ? queue_io+0x3d1/0x590
[  210.436943][ T6184]  ? __pfx_wb_writeback+0x10/0x10
[  210.436957][ T6184]  ? _raw_spin_unlock_irq+0x23/0x50
[  210.436970][ T6184]  wb_workfn+0x409/0xef0
[  210.436987][ T6184]  ? __pfx_wb_workfn+0x10/0x10
[  210.436997][ T6184]  ? __lock_acquire+0xab9/0xd20
[  210.437014][ T6184]  ? process_scheduled_works+0x9ef/0x17b0
[  210.437025][ T6184]  ? _raw_spin_unlock_irq+0x23/0x50
[  210.437035][ T6184]  ? process_scheduled_works+0x9ef/0x17b0
[  210.437041][ T6184]  ? process_scheduled_works+0x9ef/0x17b0
[  210.437050][ T6184]  process_scheduled_works+0xae1/0x17b0
[  210.437073][ T6184]  ? __pfx_process_scheduled_works+0x10/0x10
[  210.437089][ T6184]  worker_thread+0x8a0/0xda0
[  210.437099][ T6184]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  210.437114][ T6184]  ? __kthread_parkme+0x7b/0x200
[  210.437127][ T6184]  kthread+0x711/0x8a0
[  210.437139][ T6184]  ? __pfx_worker_thread+0x10/0x10
[  210.437146][ T6184]  ? __pfx_kthread+0x10/0x10
[  210.437157][ T6184]  ? _raw_spin_unlock_irq+0x23/0x50
[  210.437166][ T6184]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.437203][ T6184]  ? __pfx_kthread+0x10/0x10
[  210.437217][ T6184]  ret_from_fork+0x3fc/0x770
[  210.437233][ T6184]  ? __pfx_ret_from_fork+0x10/0x10
[  210.437250][ T6184]  ? __switch_to_asm+0x39/0x70
[  210.437260][ T6184]  ? __switch_to_asm+0x33/0x70
[  210.437269][ T6184]  ? __pfx_kthread+0x10/0x10
[  210.437279][ T6184]  ret_from_fork_asm+0x1a/0x30
[  210.437298][ T6184]  </TASK>
[  210.437302][ T6184] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  210.884235][ T9477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1377'.
[  210.888443][ T9477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1377'.
[  211.211080][    T9] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  211.365419][    T9] usb 5-1: config 0 has an invalid descriptor of length 91, skipping remainder of the config
[  211.369314][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  211.375038][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10
[  211.379142][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  211.391173][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  211.401259][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  211.405251][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.414305][    T9] usb 5-1: config 0 descriptor??
[  211.483829][    T9] rc_core: IR keymap rc-hauppauge not found
[  211.486143][    T9] Registered IR keymap rc-empty
[  211.488935][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.500237][ T9502] netlink: 146780 bytes leftover after parsing attributes in process `syz.2.1389'.
[  211.512701][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.536974][    T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  211.546933][    T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input14
[  211.555491][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.574298][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.606638][ T9509] loop2: detected capacity change from 0 to 128
[  211.610754][ T9509] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  211.616611][ T9509] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.707644][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.721328][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.742396][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.761308][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.782762][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.803443][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.823419][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.859191][    T9] mceusb 5-1:0.0: Error: mce write urb status = -71
[  211.911982][    T9] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[  211.929934][    T9] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  212.004851][    T9] usb 5-1: USB disconnect, device number 3
[  213.079830][ T9534] loop2: detected capacity change from 0 to 1024
[  213.089026][ T9534] EXT4-fs: inline encryption not supported
[  213.093715][ T9534] EXT4-fs: Ignoring removed bh option
[  213.123302][ T9534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.174663][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.245599][ T9530] loop1: detected capacity change from 0 to 32768
[  213.265916][ T9530] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  213.335319][ T5848] ocfs2: Unmounting device (7,1) on (node local)
[  213.519156][ T9558] input: syz1 as /devices/virtual/input/input15
[  213.658458][ T9567] netlink: 495 bytes leftover after parsing attributes in process `syz.2.1414'.
[  213.675688][ T5852] Bluetooth: hci0: command 0x1407 tx timeout
[  213.991160][ T2306] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  214.148873][ T2306] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  214.154734][ T2306] usb 3-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  214.157921][ T2306] usb 3-1: Product: syz
[  214.159604][ T2306] usb 3-1: Manufacturer: syz
[  214.161478][ T2306] usb 3-1: SerialNumber: syz
[  214.168878][ T2306] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  214.851579][ T2306] vp7045: USB control message 'in' went wrong.
[  214.859228][ T2306] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  214.863879][ T2306] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  214.869415][ T2306] usb 3-1: USB disconnect, device number 13
[  215.153510][ T9597] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1428'.
[  215.156477][ T9597] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1428'.
[  215.160689][ T9597] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1428'.
[  215.166450][ T9597] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  215.263788][ T9604] overlayfs: failed to clone lowerpath
[  215.296386][ T9608] loop1: detected capacity change from 0 to 128
[  215.299803][ T9608] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  215.309683][ T9608] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  215.579722][ T9616] syz.1.1434 uses obsolete (PF_INET,SOCK_PACKET)
[  215.941254][  T793] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  216.069246][ T9627] loop2: detected capacity change from 0 to 1764
[  216.322577][  T793] usb 2-1: not running at top speed; connect to a high speed hub
[  216.330802][  T793] usb 2-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  216.338874][  T793] usb 2-1: config 1 interface 0 has no altsetting 0
[  216.351826][  T793] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40
[  216.358107][  T793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.365911][  T793] usb 2-1: Product: syz
[  216.367945][  T793] usb 2-1: Manufacturer: syz
[  216.370005][  T793] usb 2-1: SerialNumber: syz
[  216.599334][  T793] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input16
[  216.605615][ T5282] bcm5974 2-1:1.0: could not read from device
[  216.612538][ T5282] bcm5974 2-1:1.0: could not read from device
[  216.665477][ T5282] bcm5974 2-1:1.0: could not read from device
[  216.691213][ T5282] bcm5974 2-1:1.0: could not read from device
[  216.698117][  T793] usb 2-1: USB disconnect, device number 21
[  216.725413][ T9647] loop4: detected capacity change from 0 to 128
[  216.734410][ T9647] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  216.737652][ T9647] System zones: 1-3, 19-19, 35-36
[  216.741599][ T9647] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  216.746344][ T9647] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  216.778770][ T9068] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  216.824800][ T9653] loop4: detected capacity change from 0 to 512
[  216.829843][ T9653] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  216.838142][ T9653] EXT4-fs (loop4): orphan cleanup on readonly fs
[  216.843142][ T9653] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1451: Block bitmap for bg 0 marked uninitialized
[  216.850634][ T9653] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  216.855813][ T9653] EXT4-fs (loop4): 1 orphan inode deleted
[  216.864684][ T9653] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  216.884953][ T9068] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.972637][ T9658] loop4: detected capacity change from 0 to 512
[  217.164212][ T9663] misc userio: Can't change port type on an already running userio instance
[  217.224621][ T9661] loop4: detected capacity change from 0 to 32768
[  217.228061][ T9661] bcachefs: bch2_fs_parse_param() Error parsing option gc_reserve_bytes: option_value
[  217.512454][ T9667] loop4: detected capacity change from 0 to 4096
[  217.518557][ T9667] ntfs3: Unknown parameter ''
[  218.327427][ T9691] sctp: [Deprecated]: syz.1.1468 (pid 9691) Use of int in max_burst socket option.
[  218.327427][ T9691] Use struct sctp_assoc_value instead
[  218.357066][ T9692] loop2: detected capacity change from 0 to 1024
[  218.367997][ T9692] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  218.383310][ T9692] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  218.389574][ T9692] EXT4-fs (loop2): orphan cleanup on readonly fs
[  218.404325][ T9692] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.1467: Invalid inode table block 0 in block_group 0
[  218.417690][ T9692] EXT4-fs (loop2): Remounting filesystem read-only
[  218.426481][ T9692] Quota error (device loop2): write_blk: dquota write failed
[  218.429454][ T9692] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  218.438665][ T9692] EXT4-fs (loop2): 1 truncate cleaned up
[  218.467395][ T9692] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.640142][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.855533][ T9701] sctp: [Deprecated]: syz.2.1471 (pid 9701) Use of struct sctp_assoc_value in delayed_ack socket option.
[  218.855533][ T9701] Use struct sctp_sack_info instead
[  220.041351][ T9728] loop1: detected capacity change from 0 to 256
[  220.104932][ T9728] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  220.227280][   T55] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  220.446469][ T9738] loop2: detected capacity change from 0 to 4096
[  220.449783][ T9738] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  220.453889][ T9738] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096)
[  220.469271][ T9739] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  220.754247][ T9745] loop4: detected capacity change from 0 to 256
[  220.795888][ T9745] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  220.851481][ T9743] loop2: detected capacity change from 0 to 8192
[  220.999271][ T9755] loop2: detected capacity change from 0 to 2048
[  221.004730][ T9755] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  221.072853][   T33] audit: type=1326 audit(1757332603.490:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.084116][   T33] audit: type=1326 audit(1757332603.490:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.094525][   T33] audit: type=1326 audit(1757332603.500:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.102022][   T33] audit: type=1326 audit(1757332603.500:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.110422][   T33] audit: type=1326 audit(1757332603.500:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.120128][   T33] audit: type=1326 audit(1757332603.500:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.183988][   T33] audit: type=1326 audit(1757332603.600:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.200167][   T33] audit: type=1326 audit(1757332603.600:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.2.1497" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x7ffc0000
[  221.306121][   T47] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  221.462860][   T47] usb 2-1: Using ep0 maxpacket: 16
[  221.514824][   T47] usb 2-1: unable to get BOS descriptor or descriptor too short
[  221.563430][   T47] usb 2-1: config 128 has an invalid interface number: 66 but max is 0
[  221.570894][   T47] usb 2-1: config 128 has no interface number 0
[  221.577997][   T47] usb 2-1: config 128 interface 66 has no altsetting 0
[  221.590877][   T47] usb 2-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=1e.90
[  221.598099][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.601999][   T47] usb 2-1: Product: syz
[  221.603831][   T47] usb 2-1: Manufacturer: syz
[  221.605912][   T47] usb 2-1: SerialNumber: syz
[  221.843465][   T47] comedi comedi5: could not set alternate setting 3 in high speed
[  221.846946][   T47] usbduxsigma 2-1:128.66: driver 'usbduxsigma' failed to auto-configure device.
[  221.882981][ T9777] loop6: detected capacity change from 0 to 63
[  221.887196][ T9777] Buffer I/O error on dev loop6, logical block 0, async page read
[  221.893264][ T9777] Buffer I/O error on dev loop6, logical block 0, async page read
[  221.944641][   T47] usbduxsigma 2-1:128.66: probe with driver usbduxsigma failed with error -71
[  221.962397][   T47] usb 2-1: USB disconnect, device number 22
[  221.984654][ T9783] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551613)
[  221.987883][ T9783] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  222.083976][ T9791] loop2: detected capacity change from 0 to 512
[  222.100603][ T9791] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1511: bad orphan inode 11862016
[  222.107413][ T9791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  222.111384][ T9791] ext4 filesystem being mounted at /568/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.306900][ T9801] loop4: detected capacity change from 0 to 1024
[  222.824607][ T9814] loop1: detected capacity change from 0 to 512
[  222.831994][ T9814] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1520: casefold flag without casefold feature
[  222.836737][ T9814] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1520: couldn't read orphan inode 15 (err -117)
[  222.846646][ T9814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.858630][ T9814] fscrypt (loop1, inode 18): Mutually exclusive encryption flags (0x1b)
[  222.874526][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.923823][   T47] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  223.005896][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  223.055923][ T9823] loop1: detected capacity change from 0 to 8
[  223.066184][ T9823] SQUASHFS error: Unable to read inode 0x6
[  223.130202][ T9827] loop2: detected capacity change from 0 to 256
[  223.139279][ T9827] exfat: Deprecated parameter 'namecase'
[  223.143864][ T9827] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  223.154645][ T9827] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  223.331072][   T47] usb 5-1: Using ep0 maxpacket: 8
[  223.349815][   T47] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  223.360091][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.372881][   T47] usb 5-1: config 0 descriptor??
[  223.403531][ T9834] loop1: detected capacity change from 0 to 256
[  223.471972][ T9834] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x40a90196, utbl_chksum : 0xe619d30d)
[  223.513156][ T9834] input: syz0 as /devices/virtual/input/input17
[  223.716700][   T47] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  224.052667][ T9842] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1531'.
[  224.217940][ T9848] dvmrp0: entered allmulticast mode
[  224.457473][ T9862] bridge_slave_1: left allmulticast mode
[  224.460001][ T9862] bridge_slave_1: left promiscuous mode
[  224.462664][ T9862] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.476880][ T9862] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  224.665356][ T9866] loop2: detected capacity change from 0 to 512
[  224.687969][ T9866] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  224.694943][ T9866] ext4 filesystem being mounted at /583/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  224.733279][ T9866] __quota_error: 5 callbacks suppressed
[  224.733298][ T9866] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  224.740300][ T9866] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  224.745792][ T9866] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1542: Failed to acquire dquot type 0
[  224.774188][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  224.812748][ T9870] netlink: 'syz.2.1543': attribute type 1 has an invalid length.
[  224.815160][ T9870] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1543'.
[  224.846681][ T9872] loop2: detected capacity change from 0 to 764
[  224.850445][ T9872] rock: directory entry would overflow storage
[  224.853137][ T9872] rock: sig=0x4654, size=5, remaining=4
[  224.954471][   T47] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  224.958295][   T47] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  224.968000][   T47] asix 5-1:0.0: probe with driver asix failed with error -71
[  224.975562][   T47] usb 5-1: USB disconnect, device number 4
[  225.353531][ T9883] loop1: detected capacity change from 0 to 40427
[  225.356938][ T9883] F2FS-fs: heap/no_heap options were deprecated
[  225.362584][ T9883] F2FS-fs (loop1): invalid crc value
[  225.401628][  T793] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  225.420213][ T9883] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  225.424755][ T9883] F2FS-fs (loop1): Start checkpoint disabled!
[  225.431366][ T9883] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  225.472686][ T1099] kworker/u9:8: attempt to access beyond end of device
[  225.472686][ T1099] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  225.477839][ T1099] CPU: 0 UID: 0 PID: 1099 Comm: kworker/u9:8 Not tainted syzkaller #0 PREEMPT(full) 
[  225.477853][ T1099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  225.477859][ T1099] Workqueue: writeback wb_workfn (flush-7:1)
[  225.477875][ T1099] Call Trace:
[  225.477879][ T1099]  <TASK>
[  225.477883][ T1099]  dump_stack_lvl+0x189/0x250
[  225.477897][ T1099]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.477907][ T1099]  ? __pfx_queue_work_on+0x10/0x10
[  225.477915][ T1099]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  225.477928][ T1099]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  225.477944][ T1099]  f2fs_handle_critical_error+0x37c/0x540
[  225.477960][ T1099]  f2fs_write_end_io+0x886/0xb60
[  225.477977][ T1099]  __submit_merged_bio+0x27a/0x6a0
[  225.477992][ T1099]  __submit_merged_write_cond+0x255/0x530
[  225.478007][ T1099]  f2fs_write_data_pages+0x261d/0x3000
[  225.478036][ T1099]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  225.478055][ T1099]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  225.478113][ T1099]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  225.478127][ T1099]  ? look_up_lock_class+0x74/0x170
[  225.478144][ T1099]  ? trace_f2fs_writepages+0x7f/0x200
[  225.478156][ T1099]  ? f2fs_write_node_pages+0x478/0x6e0
[  225.478169][ T1099]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  225.478187][ T1099]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  225.478200][ T1099]  do_writepages+0x32e/0x550
[  225.478233][ T1099]  ? reacquire_held_locks+0x127/0x1d0
[  225.478242][ T1099]  ? writeback_sb_inodes+0x384/0x1010
[  225.478257][ T1099]  __writeback_single_inode+0x145/0xff0
[  225.478267][ T1099]  ? do_raw_spin_unlock+0x4d/0x240
[  225.478279][ T1099]  writeback_sb_inodes+0x6c7/0x1010
[  225.478304][ T1099]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  225.478335][ T1099]  ? rcu_is_watching+0x15/0xb0
[  225.478349][ T1099]  wb_writeback+0x43b/0xaf0
[  225.478363][ T1099]  ? queue_io+0x3d1/0x590
[  225.478375][ T1099]  ? __pfx_wb_writeback+0x10/0x10
[  225.478389][ T1099]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.478402][ T1099]  wb_workfn+0x409/0xef0
[  225.478419][ T1099]  ? __pfx_wb_workfn+0x10/0x10
[  225.478430][ T1099]  ? __lock_acquire+0xab9/0xd20
[  225.478447][ T1099]  ? process_scheduled_works+0x9ef/0x17b0
[  225.478459][ T1099]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.478470][ T1099]  ? process_scheduled_works+0x9ef/0x17b0
[  225.478476][ T1099]  ? process_scheduled_works+0x9ef/0x17b0
[  225.478485][ T1099]  process_scheduled_works+0xae1/0x17b0
[  225.478507][ T1099]  ? __pfx_process_scheduled_works+0x10/0x10
[  225.478524][ T1099]  worker_thread+0x8a0/0xda0
[  225.478534][ T1099]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  225.478549][ T1099]  ? __kthread_parkme+0x7b/0x200
[  225.478562][ T1099]  kthread+0x711/0x8a0
[  225.478574][ T1099]  ? __pfx_worker_thread+0x10/0x10
[  225.478581][ T1099]  ? __pfx_kthread+0x10/0x10
[  225.478592][ T1099]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.478602][ T1099]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.478612][ T1099]  ? __pfx_kthread+0x10/0x10
[  225.478622][ T1099]  ret_from_fork+0x3fc/0x770
[  225.478632][ T1099]  ? __pfx_ret_from_fork+0x10/0x10
[  225.478643][ T1099]  ? __switch_to_asm+0x39/0x70
[  225.478653][ T1099]  ? __switch_to_asm+0x33/0x70
[  225.478662][ T1099]  ? __pfx_kthread+0x10/0x10
[  225.478672][ T1099]  ret_from_fork_asm+0x1a/0x30
[  225.478691][ T1099]  </TASK>
[  225.478694][ T1099] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  225.594814][  T793] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  225.615965][  T793] usb 3-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  225.627328][  T793] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  225.630211][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  225.637493][  T793] usb 3-1: SerialNumber: syz
[  225.829710][ T9892] loop4: detected capacity change from 0 to 40427
[  225.834631][ T9892] F2FS-fs (loop4): build fault injection rate: 771
[  225.839139][ T9892] F2FS-fs (loop4): invalid crc value
[  225.858912][  T793] usb 3-1: USB disconnect, device number 14
[  225.926227][ T9892] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  225.933001][ T9892] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  226.003568][ T9068] syz-executor: attempt to access beyond end of device
[  226.003568][ T9068] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  226.010370][ T9068] CPU: 1 UID: 0 PID: 9068 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  226.010384][ T9068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  226.010390][ T9068] Call Trace:
[  226.010394][ T9068]  <TASK>
[  226.010399][ T9068]  dump_stack_lvl+0x189/0x250
[  226.010415][ T9068]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.010425][ T9068]  ? __pfx_queue_work_on+0x10/0x10
[  226.010434][ T9068]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  226.010446][ T9068]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  226.010464][ T9068]  f2fs_handle_critical_error+0x37c/0x540
[  226.010480][ T9068]  f2fs_write_end_io+0x886/0xb60
[  226.010498][ T9068]  __submit_merged_bio+0x27a/0x6a0
[  226.010513][ T9068]  __submit_merged_write_cond+0x255/0x530
[  226.010528][ T9068]  f2fs_write_data_pages+0x261d/0x3000
[  226.010558][ T9068]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  226.010577][ T9068]  ? kernel_text_address+0xa5/0xe0
[  226.010604][ T9068]  ? stack_depot_save_flags+0x40/0x860
[  226.010628][ T9068]  ? __lock_acquire+0xab9/0xd20
[  226.010645][ T9068]  ? do_raw_spin_lock+0x121/0x290
[  226.010661][ T9068]  ? do_raw_spin_unlock+0x4d/0x240
[  226.010670][ T9068]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  226.010683][ T9068]  do_writepages+0x32e/0x550
[  226.010700][ T9068]  ? do_raw_spin_unlock+0x4d/0x240
[  226.010712][ T9068]  filemap_fdatawrite+0x199/0x240
[  226.010724][ T9068]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  226.010759][ T9068]  ? do_raw_spin_unlock+0x4d/0x240
[  226.010771][ T9068]  f2fs_sync_dirty_inodes+0x31f/0x830
[  226.010786][ T9068]  f2fs_write_checkpoint+0x95a/0x1df0
[  226.010833][ T9068]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  226.010871][ T9068]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  226.010882][ T9068]  ? kfree+0x18e/0x440
[  226.010899][ T9068]  ? kill_f2fs_super+0x298/0x6c0
[  226.010914][ T9068]  kill_f2fs_super+0x2c3/0x6c0
[  226.010925][ T9068]  ? __pfx_kill_f2fs_super+0x10/0x10
[  226.010932][ T9068]  ? radix_tree_delete_item+0x2b6/0x400
[  226.010949][ T9068]  ? shrinker_free+0x2ce/0x3e0
[  226.010960][ T9068]  deactivate_locked_super+0xbc/0x130
[  226.010973][ T9068]  cleanup_mnt+0x425/0x4c0
[  226.010984][ T9068]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.010999][ T9068]  task_work_run+0x1d4/0x260
[  226.011017][ T9068]  ? __pfx_task_work_run+0x10/0x10
[  226.011056][ T9068]  ? __x64_sys_umount+0x122/0x160
[  226.011071][ T9068]  ? exit_to_user_mode_loop+0x40/0x110
[  226.011086][ T9068]  exit_to_user_mode_loop+0xec/0x110
[  226.011098][ T9068]  do_syscall_64+0x2bd/0x3b0
[  226.011105][ T9068]  ? lockdep_hardirqs_on+0x9c/0x150
[  226.011116][ T9068]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.011124][ T9068]  ? exc_page_fault+0x9f/0xf0
[  226.011137][ T9068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.011144][ T9068] RIP: 0033:0x7f2fb2b8ff17
[  226.011154][ T9068] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  226.011162][ T9068] RSP: 002b:00007ffede3e75b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  226.011171][ T9068] RAX: 0000000000000000 RBX: 00007f2fb2c11c05 RCX: 00007f2fb2b8ff17
[  226.011176][ T9068] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffede3e7670
[  226.011181][ T9068] RBP: 00007ffede3e7670 R08: 0000000000000000 R09: 0000000000000000
[  226.011186][ T9068] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffede3e8700
[  226.011191][ T9068] R13: 00007f2fb2c11c05 R14: 000000000003722c R15: 00007ffede3e8740
[  226.011205][ T9068]  </TASK>
[  226.125382][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.140160][ T9068] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  226.434796][ T9917] loop4: detected capacity change from 0 to 2048
[  226.459985][ T9917] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  226.635804][ T9934] loop2: detected capacity change from 0 to 256
[  226.645390][ T9934] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[  226.716554][ T9940] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1574'.
[  226.885649][ T9939] loop1: detected capacity change from 0 to 32768
[  226.894164][ T9939] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  226.920568][ T9939] XFS (loop1): Ending clean mount
[  226.993569][ T5848] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.136806][ T9948] loop2: detected capacity change from 0 to 32768
[  227.155039][ T9948] (syz.2.1579,9948,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  227.159545][ T9948] (syz.2.1579,9948,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  227.207926][ T9948] JBD2: Ignoring recovery information on journal
[  227.267933][ T9948] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  227.469453][ T9948] (syz.2.1579,9948,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  227.614054][ T5851] ocfs2: Unmounting device (7,2) on (node local)
[  228.163907][ T9979] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1588'.
[  228.247140][ T9979] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.258676][ T9979] bridge_slave_1: left allmulticast mode
[  228.260735][ T9979] bridge_slave_1: left promiscuous mode
[  228.269479][ T9979] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.018479][ T9994] loop4: detected capacity change from 0 to 65536
[  229.041088][ T9994] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  229.076138][ T9994] XFS (loop4): Ending clean mount
[  229.091226][ T9994] XFS (loop4): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  229.095729][ T9994] XFS (loop4): Unmount and run xfs_repair
[  229.098074][ T9994] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  229.101371][ T9994] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  229.104768][ T9994] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  229.108959][ T9994] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  229.112619][ T9994] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  229.116145][ T9994] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  229.119733][ T9994] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  229.124031][ T9994] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.127508][ T9994] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  229.131770][ T9994] XFS (loop4): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  229.151610][ T9994] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  229.158379][ T9994] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  229.199307][ T9068] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  229.342170][ T5852] Bluetooth: hci2: command 0x0406 tx timeout
[  229.541107][  T793] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  229.695883][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  229.700554][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  229.717939][  T793] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=a2.bf
[  229.723652][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.726945][  T793] usb 3-1: Product: syz
[  229.728724][  T793] usb 3-1: Manufacturer: syz
[  229.730666][  T793] usb 3-1: SerialNumber: syz
[  229.737715][  T793] usb 3-1: config 0 descriptor??
[  229.747164][  T793] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  229.966788][  T793] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71
[  230.004378][  T793] usb 3-1: USB disconnect, device number 15
[  230.025848][T10038] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1611'.
[  230.164672][T10042] loop1: detected capacity change from 0 to 128
[  231.046182][T10051] loop2: detected capacity change from 0 to 64
[  231.331228][T10062] loop4: detected capacity change from 0 to 1024
[  231.368167][T10062] hfsplus: bad catalog entry type
[  231.421288][ T5852] Bluetooth: hci2: command 0x0406 tx timeout
[  231.435880][ T6464] hfsplus: b-tree write err: -5, ino 4
[  232.552651][T10089] loop1: detected capacity change from 0 to 32768
[  232.790998][ T2306] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  232.950326][ T2306] usb 3-1: Using ep0 maxpacket: 32
[  232.972682][ T2306] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.976863][ T2306] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.982182][ T2306] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  232.987321][ T2306] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.009081][ T2306] usb 3-1: config 0 descriptor??
[  233.446187][ T2306] savu 0003:1E7D:2D5A.0009: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  233.627949][T10121] mac80211_hwsim hwsim14 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  233.716329][  T793] usb 3-1: USB disconnect, device number 16
[  233.747199][T10125] loop4: detected capacity change from 0 to 4096
[  233.942932][   T47] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  234.046992][T10139] loop4: detected capacity change from 0 to 1024
[  234.082363][ T1099] hfsplus: b-tree write err: -5, ino 3
[  234.104635][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.109076][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.114168][   T47] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  234.117740][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.128536][   T47] usb 2-1: config 0 descriptor??
[  234.191788][T10145] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  234.242966][T10147] loop4: detected capacity change from 0 to 256
[  234.583755][   T47] cm6533_jd 0003:0D8C:0022.000A: invalid report_size -101239751
[  234.598730][   T47] cm6533_jd 0003:0D8C:0022.000A: item 0 4 1 7 parsing failed
[  234.606463][   T47] cm6533_jd 0003:0D8C:0022.000A: parse failed
[  234.608593][   T47] cm6533_jd 0003:0D8C:0022.000A: probe with driver cm6533_jd failed with error -22
[  234.977618][ T5917] usb 2-1: USB disconnect, device number 23
[  235.245656][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1664'.
[  235.580708][T10201] netlink: 'syz.2.1670': attribute type 15 has an invalid length.
[  235.587586][T10201] netlink: 'syz.2.1670': attribute type 7 has an invalid length.
[  235.688541][T10207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1672'.
[  235.709148][T10207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1672'.
[  235.900992][   T28] wlan1: Trigger new scan to find an IBSS to join
[  236.012707][T10245] netlink: 'syz.2.1684': attribute type 11 has an invalid length.
[  236.301632][ T5319] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  236.470412][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.481342][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.485381][ T5319] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  236.490507][ T5319] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  236.506752][ T5319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.522790][ T5319] usb 2-1: config 0 descriptor??
[  236.526842][ T5319] hub 2-1:0.0: USB hub found
[  236.736721][ T5319] hub 2-1:0.0: 14 ports detected
[  236.748767][ T5319] hub 2-1:0.0: insufficient power available to use all downstream ports
[  236.941624][ T5319] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  236.950621][ T5319] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  237.003616][ T5319] usb 2-1: USB disconnect, device number 24
[  238.070119][T10349] loop1: detected capacity change from 0 to 1024
[  238.088944][T10349] EXT4-fs: Ignoring removed nobh option
[  238.098916][T10349] EXT4-fs: Ignoring removed bh option
[  238.240556][T10349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.341514][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.861410][   T65] wlan1: Trigger new scan to find an IBSS to join
[  239.055883][T10365] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in;
[  239.055883][T10365]    program syz.4.1711 not setting count and/or reply_len properly
[  239.963065][   T33] audit: type=1326 audit(1757332622.370:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10386 comm="syz.1.1722" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f70a0b8ebe9 code=0x0
[  240.281019][ T2306] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  240.437150][ T2306] usb 3-1: Using ep0 maxpacket: 32
[  240.447584][ T2306] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  240.457417][ T2306] usb 3-1: config 0 has no interface number 0
[  240.483335][ T2306] usb 3-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2
[  240.490247][ T2306] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.497493][ T2306] usb 3-1: Product: syz
[  240.499278][ T2306] usb 3-1: Manufacturer: syz
[  240.504877][ T2306] usb 3-1: SerialNumber: syz
[  240.514839][ T2306] usb 3-1: config 0 descriptor??
[  240.525231][ T2306] etas_es58x 3-1:0.2: Starting syz syz (Serial Number syz)
[  240.791838][ T2306] usb 3-1: USB disconnect, device number 17
[  240.811051][ T5917] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  240.964262][ T5917] usb 2-1: Using ep0 maxpacket: 32
[  240.970290][ T5917] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  240.974349][ T5917] usb 2-1: config 0 has no interface number 0
[  240.983912][ T5917] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  240.987797][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.991340][ T5917] usb 2-1: Product: syz
[  240.993179][ T5917] usb 2-1: Manufacturer: syz
[  240.995234][ T5917] usb 2-1: SerialNumber: syz
[  241.025425][ T5917] usb 2-1: config 0 descriptor??
[  241.040596][ T5917] smsc95xx v2.0.0
[  241.241552][ T5917] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  241.246786][ T5917] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  241.267285][ T5917] usb 2-1: USB disconnect, device number 25
[  241.675410][T10419] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  242.612883][T10425] loop1: detected capacity change from 0 to 131072
[  242.633330][T10425] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  242.636849][T10425] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  242.641555][ T1091] wlan1: Trigger new scan to find an IBSS to join
[  242.648799][T10425] F2FS-fs (loop1): invalid crc value
[  242.714850][T10425] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  242.720413][T10425] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  242.723981][T10425] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  243.093809][ T5882] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.361905][ T5882] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.468604][T10423] loop2: detected capacity change from 0 to 262144
[  243.472877][T10423] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1740 (10423)
[  243.481721][T10423] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  243.486673][T10423] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  243.533397][ T5882] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.601286][T10423] BTRFS info (device loop2): enabling ssd optimizations
[  243.604105][T10423] BTRFS info (device loop2): enabling free space tree
[  243.659772][T10423] BTRFS info (device loop2): balance: start -d -mdevid=17179869184,vrange=16448..0 -sdevid=17179869184,vrange=16448..0
[  243.684648][T10423] BTRFS info (device loop2): relocating block group 22020096 flags system|dup
[  243.778547][T10423] BTRFS info (device loop2): relocating block group 13631488 flags data
[  243.801677][T10423] BTRFS info (device loop2): balance: canceled
[  243.811231][ T3579] wlan1: Creating new IBSS network, BSSID 7e:bc:90:22:a5:16
[  243.848827][ T5851] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  243.952426][ T5882] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.172331][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  244.194368][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.202015][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.239144][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.246843][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.295445][ T5882] bridge_slave_0: left allmulticast mode
[  244.297598][ T5882] bridge_slave_0: left promiscuous mode
[  244.300011][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.269288][ T5882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  245.309255][ T5882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.320198][ T5882] bond0 (unregistering): Released all slaves
[  246.062683][ T5882] hsr_slave_0: left promiscuous mode
[  246.066698][ T5882] hsr_slave_1: left promiscuous mode
[  246.078890][ T5882] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.084528][ T5882] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.090141][ T5882] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.094869][ T5882] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.129693][ T5882] veth1_macvtap: left promiscuous mode
[  246.132266][ T5882] veth0_macvtap: left promiscuous mode
[  246.135038][ T5882] veth1_vlan: left promiscuous mode
[  246.138125][ T5882] veth0_vlan: left promiscuous mode
[  246.231527][ T5319] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  246.302462][   T55] Bluetooth: hci2: command tx timeout
[  246.401107][ T5319] usb 3-1: Using ep0 maxpacket: 32
[  246.445406][ T5319] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  246.447685][T10477] loop1: detected capacity change from 0 to 8
[  246.448505][ T5319] usb 3-1: config 0 has no interface number 0
[  246.453229][T10477] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  246.465625][ T5319] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  246.470449][ T5319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.477673][T10477] cramfs: Error -3 while decompressing!
[  246.484732][T10477] cramfs: ffffffff99bef668(26)->ffff8880393c6000(4096)
[  246.487977][ T5319] usb 3-1: Product: syz
[  246.489238][T10477] cramfs: Error -3 while decompressing!
[  246.489846][ T5319] usb 3-1: Manufacturer: syz
[  246.492039][T10477] cramfs: ffffffff99bef682(26)->ffff8880393c5000(4096)
[  246.492077][T10477] cramfs: Error -3 while decompressing!
[  246.492086][T10477] cramfs: ffffffff99bef69c(16)->ffff8880393c4000(4096)
[  246.492146][T10477] cramfs: Error -3 while decompressing!
[  246.492154][T10477] cramfs: ffffffff99bef668(26)->ffff8880393c6000(4096)
[  246.501621][   T33] audit: type=1800 audit(1757332628.910:105): pid=10477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1757" name="file2" dev="loop1" ino=348 res=0 errno=0
[  246.515606][ T5319] usb 3-1: SerialNumber: syz
[  246.565847][ T5319] usb 3-1: config 0 descriptor??
[  246.573941][ T5319] smsc95xx v2.0.0
[  246.785219][T10483] netlink: 'syz.1.1760': attribute type 10 has an invalid length.
[  247.174469][ T5882] team0 (unregistering): Port device team_slave_1 removed
[  247.202335][ T5319] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  247.207794][ T5319] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  247.213274][ T5319] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  247.218217][ T5319] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  247.223985][ T5882] team0 (unregistering): Port device team_slave_0 removed
[  247.229249][ T5319] usb 3-1: USB disconnect, device number 18
[  247.788925][T10483] team0: Port device netdevsim0 added
[  247.862807][T10490] openvswitch: netlink: Missing valid actions attribute.
[  247.865171][T10490] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.878580][T10488] netlink: 'syz.2.1762': attribute type 10 has an invalid length.
[  247.885040][T10488] netlink: 'syz.2.1762': attribute type 28 has an invalid length.
[  247.906181][T10488] netlink: 'syz.2.1762': attribute type 5 has an invalid length.
[  247.912480][T10488] netlink: 'syz.2.1762': attribute type 12 has an invalid length.
[  247.915597][T10488] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1762'.
[  247.930476][T10454] chnl_net:caif_netlink_parms(): no params data found
[  248.066063][T10454] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.068587][T10454] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.072267][T10454] bridge_slave_0: entered allmulticast mode
[  248.076230][T10454] bridge_slave_0: entered promiscuous mode
[  248.106565][T10454] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.109734][T10454] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.112822][T10454] bridge_slave_1: entered allmulticast mode
[  248.116649][T10454] bridge_slave_1: entered promiscuous mode
[  248.167844][T10454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.176812][T10454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.246959][T10454] team0: Port device team_slave_0 added
[  248.255476][T10454] team0: Port device team_slave_1 added
[  248.312510][T10454] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.315969][T10454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.333061][T10454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.342186][T10454] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.351020][T10454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.362076][T10454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.381085][   T55] Bluetooth: hci2: command tx timeout
[  248.496852][T10454] hsr_slave_0: entered promiscuous mode
[  248.501734][T10454] hsr_slave_1: entered promiscuous mode
[  248.504905][T10454] debugfs: 'hsr0' already exists in 'hsr'
[  248.507233][T10454] Cannot create hsr debugfs directory
[  249.152840][T10454] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  249.167757][T10454] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  249.214648][T10454] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  249.252684][T10454] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  249.619679][T10454] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.663186][T10525] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1774'.
[  249.687778][T10454] 8021q: adding VLAN 0 to HW filter on device team0
[  249.714927][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.717480][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.734907][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.737769][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.109156][T10540] loop1: detected capacity change from 0 to 128
[  250.155621][T10540] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  250.160669][T10540] ext4 filesystem being mounted at /602/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.171352][T10454] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.262397][T10546] lo speed is unknown, defaulting to 1000
[  250.265495][T10546] lo speed is unknown, defaulting to 1000
[  250.286214][T10546] lo speed is unknown, defaulting to 1000
[  250.314510][T10546] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  250.350665][T10546] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  250.511582][   T55] Bluetooth: hci2: command tx timeout
[  250.538809][T10546] lo speed is unknown, defaulting to 1000
[  250.553461][T10546] lo speed is unknown, defaulting to 1000
[  250.557575][T10546] lo speed is unknown, defaulting to 1000
[  250.561617][T10546] lo speed is unknown, defaulting to 1000
[  250.587693][ T5848] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  250.747400][T10454] veth0_vlan: entered promiscuous mode
[  250.760029][T10454] veth1_vlan: entered promiscuous mode
[  250.797074][T10454] veth0_macvtap: entered promiscuous mode
[  250.806996][T10454] veth1_macvtap: entered promiscuous mode
[  250.832357][T10454] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.853989][T10454] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.917279][ T5865] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.921497][ T5865] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.935743][ T5865] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.946511][ T5865] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.039386][T10565] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1786'.
[  251.043456][T10565] netlink: zone id is out of range
[  251.045468][T10565] netlink: get zone limit has 8 unknown bytes
[  251.047601][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.054683][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.087296][ T3579] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.090316][ T3579] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.511675][ T9583] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  251.662189][ T9583] usb 6-1: Using ep0 maxpacket: 8
[  251.669701][ T9583] usb 6-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[  251.674086][ T9583] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  251.676962][ T9583] usb 6-1: Product: syz
[  251.678483][ T9583] usb 6-1: Manufacturer: syz
[  251.680344][ T9583] usb 6-1: SerialNumber: syz
[  251.686130][ T9583] usb 6-1: config 0 descriptor??
[  251.753114][ T5916] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  251.903360][ T5916] usb 3-1: Using ep0 maxpacket: 32
[  251.908351][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10168, setting to 1024
[  251.915886][ T5916] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  251.919304][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.924995][ T5916] usb 3-1: config 0 descriptor??
[  251.927674][T10592] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  251.932147][ T5916] hub 3-1:0.0: USB hub found
[  252.150334][ T5916] hub 3-1:0.0: 1 port detected
[  252.561047][   T55] Bluetooth: hci2: command tx timeout
[  252.737400][ T9583] usb 6-1: USB disconnect, device number 2
[  252.811263][    C0] hpet: Lost 3 RTC interrupts
[  252.995679][T10610] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1806'.
[  253.083086][ T5916] usb 3-1: reset high-speed USB device number 19 using dummy_hcd
[  254.152175][ T9583] usb 3-1: USB disconnect, device number 19
[  254.436562][T10624] loop5: detected capacity change from 0 to 1024
[  254.501695][    C0] hpet: Lost 1 RTC interrupts
[  254.617966][T10624] hfsplus: request for non-existent node 134217728 in B*Tree
[  254.622307][T10624] hfsplus: request for non-existent node 134217728 in B*Tree
[  254.881978][ T5319] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  255.031006][ T5319] usb 2-1: Using ep0 maxpacket: 32
[  255.034998][ T5319] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  255.038094][ T5319] usb 2-1: config 0 has no interface number 0
[  255.044019][ T5319] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  255.047579][ T5319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.050597][ T5319] usb 2-1: Product: syz
[  255.053248][ T5319] usb 2-1: Manufacturer: syz
[  255.055163][ T5319] usb 2-1: SerialNumber: syz
[  255.059446][ T5319] usb 2-1: config 0 descriptor??
[  255.064283][ T5319] quatech2 2-1:0.1: Quatech 2nd gen USB to Serial Driver converter detected
[  255.280691][ T5319] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  255.286947][ T5319] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  255.472851][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - port change to invalid port: 2
[  255.673508][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  255.674048][ T2306] usb 2-1: USB disconnect, device number 26
[  255.685446][ T2306] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  255.693156][ T2306] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  255.698830][ T2306] quatech2 2-1:0.1: device disconnected
[  255.748129][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.750776][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  255.787516][T10646] loop5: detected capacity change from 0 to 2048
[  255.797679][T10646] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  255.899972][T10649] loop5: detected capacity change from 0 to 128
[  255.959902][T10651] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1823'.
[  255.968025][T10651] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1823'.
[  256.544476][T10667] overlayfs: failed to resolve './file1': -2
[  257.411140][ T2306] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  257.461081][ T9583] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  257.561040][ T2306] usb 6-1: Using ep0 maxpacket: 32
[  257.564352][ T2306] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.567803][ T2306] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.574130][ T2306] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  257.579288][ T2306] usb 6-1: config 0 interface 0 has no altsetting 0
[  257.583825][ T2306] usb 6-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00
[  257.587673][ T2306] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.598752][ T2306] usb 6-1: config 0 descriptor??
[  257.616795][ T9583] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  257.621183][ T9583] usb 2-1: config 0 has no interface number 0
[  257.626877][ T9583] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  257.635971][ T9583] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.639230][ T9583] usb 2-1: Product: syz
[  257.641924][ T9583] usb 2-1: Manufacturer: syz
[  257.643917][ T9583] usb 2-1: SerialNumber: syz
[  257.649231][ T9583] usb 2-1: config 0 descriptor??
[  257.864648][ T9583] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  257.875054][ T9583] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  257.879341][ T9583] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  257.882924][ T9583] usb 2-1: media controller created
[  257.905863][ T9583] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  258.010097][ T2306] hid-retrode 0003:0403:97C1.000B: global environment stack underflow
[  258.014436][ T2306] hid-retrode 0003:0403:97C1.000B: item 0 4 1 11 parsing failed
[  258.018057][ T2306] hid-retrode 0003:0403:97C1.000B: probe with driver hid-retrode failed with error -22
[  258.066389][ T9583] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[  258.096714][ T9583] usb 2-1: USB disconnect, device number 27
[  258.148520][   T47] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  258.208800][ T2306] usb 6-1: USB disconnect, device number 3
[  258.303717][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  258.311143][   T47] usb 3-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[  258.314756][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.318748][   T47] usb 3-1: config 0 descriptor??
[  258.751285][   T47] aquacomputer_d5next 0003:0C70:F011.000C: hidraw0: USB HID v0.00 Device [HID 0c70:f011] on usb-dummy_hcd.2-1/input0
[  258.943860][ T2306] usb 3-1: USB disconnect, device number 20
[  259.059826][T10696] loop1: detected capacity change from 0 to 32768
[  259.069162][T10696] JBD2: Ignoring recovery information on journal
[  259.124550][T10696] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  259.267055][T10707] loop5: detected capacity change from 0 to 2048
[  259.340014][T10696] (syz.1.1844,10696,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=51539607617, rec_len=0, name_len=0
[  259.375380][T10707] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  259.391766][T10707] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.638367][ T5848] ocfs2: Unmounting device (7,1) on (node local)
[  259.742583][T10713] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1849'.
[  259.916456][T10717] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1851'.
[  259.919681][T10717] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1851'.
[  259.923215][T10717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1851'.
[  260.063333][T10721] fuse: Bad value for 'fd'
[  260.185956][T10727] loop5: detected capacity change from 0 to 128
[  260.328532][T10712] loop1: detected capacity change from 0 to 131072
[  260.332920][T10712] F2FS-fs (loop1): invalid crc value
[  260.341107][   T47] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  260.373659][T10712] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  260.378021][T10712] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  260.497973][   T47] usb 3-1: Using ep0 maxpacket: 32
[  260.505337][   T47] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  260.510116][   T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  260.522834][   T47] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  260.527169][   T47] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  260.544109][   T47] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  260.548194][   T47] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  260.551945][   T47] usb 3-1: Product: syz
[  260.553731][   T47] usb 3-1: Manufacturer: syz
[  260.555619][   T47] usb 3-1: SerialNumber: syz
[  260.561064][T10723] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  260.573619][   T47] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input20
[  260.579817][T10743] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  260.659122][T10745] loop5: detected capacity change from 0 to 1024
[  260.695155][   T36] hfsplus: b-tree write err: -5, ino 4
[  260.772356][   T47] usb 3-1: USB disconnect, device number 21
[  260.790462][   T47] appletouch 3-1:1.0: input: appletouch disconnected
[  260.882698][T10747] loop5: detected capacity change from 0 to 32768
[  260.886979][T10747] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1865 (10747)
[  260.902767][T10747] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  260.902864][T10747] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  260.902916][T10747] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  260.942894][T10747] BTRFS info (device loop5): rebuilding free space tree
[  260.989180][T10747] BTRFS info (device loop5): disabling free space tree
[  260.992149][T10747] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  260.995934][T10747] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  261.010091][T10747] BTRFS info (device loop5): setting nodatasum
[  261.015681][T10747] BTRFS info (device loop5): setting nodatacow
[  261.018170][T10747] BTRFS info (device loop5): enabling ssd optimizations
[  261.026609][T10747] BTRFS info (device loop5): turning off barriers
[  261.034986][T10747] BTRFS info (device loop5): turning on flush-on-commit
[  261.038103][T10747] BTRFS info (device loop5): enabling disk space caching
[  261.041487][T10747] BTRFS info (device loop5): force clearing of disk cache
[  261.044797][T10747] BTRFS info (device loop5): doing ref verification
[  261.047367][T10747] BTRFS info (device loop5): max_inline set to 4096
[  261.108441][T10768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1867'.
[  261.147254][T10454] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  261.589352][T10780] loop5: detected capacity change from 0 to 32768
[  261.633553][T10778] loop2: detected capacity change from 0 to 32768
[  261.641510][T10780] ERROR: (device loop5): xtTruncate: xt_getpage: xtree page corrupt
[  261.641510][T10780] 
[  261.656216][T10776] loop1: detected capacity change from 0 to 32768
[  261.659191][   T33] audit: type=1800 audit(1757332644.060:106): pid=10778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1872" name="file1" dev="loop2" ino=4 res=0 errno=0
[  261.670977][T10780] ERROR: (device loop5): remounting filesystem as read-only
[  261.687147][T10776] XFS: ikeep mount option is deprecated.
[  261.720577][T10776] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  261.754761][T10776] XFS (loop1): Ending clean mount
[  261.763548][T10776] XFS (loop1): Quotacheck needed: Please wait.
[  261.801549][T10776] XFS (loop1): Quotacheck: Done.
[  261.819567][T10790] capability: warning: `syz.5.1875' uses 32-bit capabilities (legacy support in use)
[  261.829314][   T33] audit: type=1800 audit(1757332644.240:107): pid=10776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1871" name="bus" dev="loop1" ino=9290 res=0 errno=0
[  261.846227][   T33] audit: type=1800 audit(1757332644.260:108): pid=10776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1871" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  261.945815][ T5848] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  262.156563][   T33] audit: type=1326 audit(1757332644.570:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10799 comm="syz.5.1881" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe512d8ebe9 code=0x0
[  262.388582][T10820] block nbd0: Unsupported socket: shutdown callout must be supported.
[  262.593531][ T9583] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  262.598673][T10836] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1897'.
[  262.604957][T10836] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1897'.
[  262.643719][T10838] loop5: detected capacity change from 0 to 128
[  262.712399][ T5916] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  262.741113][ T9583] usb 2-1: Using ep0 maxpacket: 8
[  262.747682][ T9583] usb 2-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  262.756102][ T9583] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.759008][ T9583] usb 2-1: Product: syz
[  262.761499][ T9583] usb 2-1: Manufacturer: syz
[  262.763351][ T9583] usb 2-1: SerialNumber: syz
[  262.766980][ T9583] usb 2-1: config 0 descriptor??
[  262.768695][T10844] tmpfs: Bad value for 'mpol'
[  262.772611][ T9583] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  262.863537][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86
[  262.867274][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  262.876349][ T5916] usb 3-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[  262.879617][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.882553][ T5916] usb 3-1: Product: syz
[  262.884480][ T5916] usb 3-1: Manufacturer: syz
[  262.886707][ T5916] usb 3-1: SerialNumber: syz
[  262.892403][ T5916] usb 3-1: config 0 descriptor??
[  262.976608][ T9583] gspca_sonixj: reg_w1 err -71
[  262.978275][ T9583] sonixj 2-1:0.0: probe with driver sonixj failed with error -71
[  262.983278][ T9583] usb 2-1: USB disconnect, device number 28
[  263.061049][    T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  263.098217][ T5916] powermate: unknown product id 0240
[  263.103112][ T5916] input: Griffin SoundKnob as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input21
[  263.110049][    C0] powermate: config urb returned -71
[  263.112277][    C0] powermate: config urb returned -71
[  263.114142][    C0] powermate: config urb returned -71
[  263.119771][    C0] powermate: config urb returned -71
[  263.122743][ T5916] usb 3-1: USB disconnect, device number 22
[  263.124676][    C0] powermate 3-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[  263.211114][    T9] usb 6-1: Using ep0 maxpacket: 16
[  263.216392][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.220283][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  263.225220][    T9] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  263.229362][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.232566][    T9] usb 6-1: Product: syz
[  263.234099][    T9] usb 6-1: Manufacturer: syz
[  263.235528][    T9] usb 6-1: SerialNumber: syz
[  263.239375][    T9] usb 6-1: config 0 descriptor??
[  263.445217][    T9] usb 6-1: Can not set alternate setting to 1, error: -71
[  263.448720][    T9] synaptics_usb 6-1:0.0: probe with driver synaptics_usb failed with error -71
[  263.454562][    T9] usb 6-1: USB disconnect, device number 4
[  263.823760][T10851] loop2: detected capacity change from 0 to 4096
[  263.865182][T10852] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  264.136783][T10854] trusted_key: encrypted_key: key trusted:syz not found
[  264.340416][ T5916] kernel write not supported for file bpf-prog (pid: 5916 comm: kworker/0:4)
[  264.462349][T10860] loop2: detected capacity change from 0 to 1024
[  264.519058][T10860] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.611934][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.945414][T10888] cgroup: subsys name conflicts with all
[  265.066782][T10896] Bluetooth: MGMT ver 1.23
[  265.117262][T10900] comedi comedi0: pcmmio: I/O port conflict (0x3,32)
[  265.123302][   T47] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  265.285244][   T47] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  265.294486][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.310507][   T47] usb 6-1: config 0 descriptor??
[  265.319853][   T47] cp210x 6-1:0.0: cp210x converter detected
[  265.735511][   T47] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  265.752145][   T47] usb 6-1: cp210x converter now attached to ttyUSB0
[  265.945636][   T47] usb 6-1: USB disconnect, device number 5
[  265.954135][   T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  266.018008][T10915] usb usb8: usbfs: process 10915 (syz.1.1932) did not claim interface 0 before use
[  266.032773][   T47] cp210x 6-1:0.0: device disconnected
[  266.193778][T10922] vivid-000: disconnect
[  266.202196][T10920] vivid-000: reconnect
[  266.344962][T10926] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input22
[  266.471721][   T33] audit: type=1326 audit(1757332648.860:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10932 comm="syz.2.1940" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe36478ebe9 code=0x0
[  267.970591][T10969] loop2: detected capacity change from 0 to 256
[  267.994926][T10969] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  268.284964][T10950] loop5: detected capacity change from 0 to 32768
[  268.298917][T10950] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  268.319805][T10950] XFS (loop5): Ending clean mount
[  268.348656][T10454] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  268.524351][ T2306] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  268.536855][T10981] loop5: detected capacity change from 0 to 512
[  268.566950][T10981] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.571825][T10981] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.609654][T10981] EXT4-fs error (device loop5): ext4_empty_dir:3077: inode #12: comm syz.5.1957: invalid size
[  268.627347][T10981] EXT4-fs (loop5): Remounting filesystem read-only
[  268.643351][T10986] sctp: [Deprecated]: syz.2.1958 (pid 10986) Use of int in max_burst socket option deprecated.
[  268.643351][T10986] Use struct sctp_assoc_value instead
[  268.651276][T10454] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.663109][   T27] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  268.667800][   T27] Quota error (device loop5): write_blk: dquota write failed
[  268.670278][   T27] Quota error (device loop5): free_dqentry: Can't write quota data block 5
[  268.752685][ T2306] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  268.756165][ T2306] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  268.761106][T10993] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0
[  268.767774][ T2306] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  268.770619][ T2306] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  268.778028][ T2306] usb 2-1: SerialNumber: syz
[  268.806538][T10995] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  268.810078][T10995] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1962'.
[  268.819961][T10995] tipc: Disabling bearer <udp:syz2>
[  269.006304][ T2306] usb 2-1: 0:2 : does not exist
[  269.007974][ T2306] usb 2-1: unit 5: unexpected type 0x03
[  269.038072][ T2306] usb 2-1: USB disconnect, device number 29
[  271.444350][T11040] loop1: detected capacity change from 0 to 64
[  271.545004][T11049] loop1: detected capacity change from 0 to 16
[  271.549023][T11049] erofs (device loop1): mounted with root inode @ nid 36.
[  271.696138][T11060] loop2: detected capacity change from 0 to 512
[  271.699649][T11060] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  271.708514][T11060] EXT4-fs (loop2): invalid journal inode
[  271.713635][T11060] EXT4-fs (loop2): can't get journal size
[  271.717444][T11060] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  271.724037][T11060] System zones: 1-12, 13-13
[  271.726121][T11060] EXT4-fs (loop2): orphan cleanup on readonly fs
[  271.731961][T11060] EXT4-fs (loop2): 1 truncate cleaned up
[  271.735123][T11060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  271.760459][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.320973][    T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  272.431047][   T47] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  272.473464][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[  272.477520][    T9] usb 3-1: config 249 has an invalid interface number: 177 but max is 0
[  272.480776][    T9] usb 3-1: config 249 has no interface number 0
[  272.490944][    T9] usb 3-1: config 249 interface 177 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  272.495350][    T9] usb 3-1: config 249 interface 177 altsetting 0 has an endpoint descriptor with address 0x53, changing to 0x3
[  272.498796][    T9] usb 3-1: config 249 interface 177 altsetting 0 endpoint 0x3 has invalid maxpacket 65199, setting to 1024
[  272.502696][    T9] usb 3-1: config 249 interface 177 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  272.510906][    T9] usb 3-1: config 249 interface 177 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  272.519809][    T9] usb 3-1: New USB device found, idVendor=057c, idProduct=3800, bcdDevice=5a.9d
[  272.526369][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.529174][    T9] usb 3-1: Product: syz
[  272.530547][    T9] usb 3-1: Manufacturer: syz
[  272.533363][    T9] usb 3-1: SerialNumber: syz
[  272.538445][T11080] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  272.592964][   T47] usb 2-1: config 135 has an invalid interface number: 230 but max is 0
[  272.596518][   T47] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  272.600677][   T47] usb 2-1: config 135 has no interface number 0
[  272.603762][   T47] usb 2-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  272.614978][   T47] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  272.618878][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.622851][   T47] usb 2-1: Product: syz
[  272.624814][   T47] usb 2-1: Manufacturer: syz
[  272.626814][   T47] usb 2-1: SerialNumber: syz
[  272.635786][   T47] usb 2-1: Found UVC 0.00 device syz (18ec:3288)
[  272.638424][   T47] usb 2-1: No valid video chain found.
[  272.753296][    T9] usb 3-1: USB disconnect, device number 23
[  272.838817][   T47] usb 2-1: USB disconnect, device number 30
[  273.095759][T11089] loop5: detected capacity change from 0 to 256
[  273.102831][T11089] exFAT-fs (loop5): error, invalid access to FAT bad cluster (entry 0x00000005)
[  273.106618][T11089] exFAT-fs (loop5): Filesystem has been set read-only
[  273.109500][T11089] exFAT-fs (loop5): failed to count the number of clusters in root
[  273.112827][T11089] exFAT-fs (loop5): failed to recognize exfat type
[  273.483125][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  273.915030][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.920122][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.924482][    T9] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  273.928016][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.935735][    T9] usb 6-1: config 0 descriptor??
[  274.292331][T11110] loop2: detected capacity change from 0 to 1024
[  274.548891][    T9] usb 6-1: string descriptor 0 read error: -22
[  274.678900][T11103] delete_channel: no stack
[  274.758289][    T9] input: HID 256c:006d as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.000D/input/input24
[  274.836560][    T9] uclogic 0003:256C:006D.000D: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.5-1/input0
[  274.857773][T11129] loop1: detected capacity change from 0 to 128
[  274.870610][T11129] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  274.876261][T11129] ext4 filesystem being mounted at /683/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  274.883713][T11129] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 25 (only 1 groups)
[  274.906406][ T5848] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  274.950060][T11133] loop1: detected capacity change from 0 to 512
[  274.961414][T11133] EXT4-fs: Ignoring removed i_version option
[  274.962965][   T47] usb 6-1: USB disconnect, device number 6
[  274.965187][T11133] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  274.966400][ T5917] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  274.987945][T11133] EXT4-fs (loop1): 1 truncate cleaned up
[  274.991574][T11133] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.022287][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.130963][ T5917] usb 3-1: Using ep0 maxpacket: 32
[  275.135505][ T5917] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  275.141547][ T5917] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.146967][ T5917] usb 3-1: config 0 descriptor??
[  275.303194][    T9] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  275.355515][ T5917] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  275.360396][ T5917] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  275.365107][ T5917] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  275.368000][ T5917] usb 3-1: media controller created
[  275.388005][ T5917] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  275.450973][    T9] usb 2-1: Using ep0 maxpacket: 8
[  275.455545][    T9] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.459662][    T9] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.464147][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  275.466696][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=1440, bcdDevice= 0.00
[  275.470145][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.475076][    T9] usb 2-1: config 0 descriptor??
[  275.560439][ T5917] az6027: usb out operation failed. (-71)
[  275.563371][ T5917] az6027: usb out operation failed. (-71)
[  275.565616][ T5917] stb0899_attach: Driver disabled by Kconfig
[  275.567953][ T5917] az6027: no front-end attached
[  275.567953][ T5917] 
[  275.573350][ T5917] az6027: usb out operation failed. (-71)
[  275.575640][ T5917] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  275.579991][ T5917] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input25
[  275.587542][ T5917] dvb-usb: schedule remote query interval to 400 msecs.
[  275.590264][ T5917] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  275.598928][ T5917] usb 3-1: USB disconnect, device number 24
[  275.627615][ T5917] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  275.800076][T11138] loop5: detected capacity change from 0 to 40427
[  275.806182][T11138] F2FS-fs (loop5): invalid crc value
[  275.845632][T11138] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  275.850549][T11138] F2FS-fs (loop5): Start checkpoint disabled!
[  275.857944][T11138] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  275.885848][    T9] appleir 0003:05AC:1440.000E: unknown main item tag 0x0
[  275.891245][    T9] appleir 0003:05AC:1440.000E: unknown main item tag 0x0
[  275.894092][    T9] appleir 0003:05AC:1440.000E: item fetching failed at offset 4/5
[  275.897834][    T9] appleir 0003:05AC:1440.000E: parse failed
[  275.904044][    T9] appleir 0003:05AC:1440.000E: probe with driver appleir failed with error -22
[  276.085000][ T5917] usb 2-1: USB disconnect, device number 31
[  276.207819][T11149] loop2: detected capacity change from 0 to 128
[  276.207820][T11150] loop5: detected capacity change from 0 to 128
[  276.215181][T11150] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  276.220225][T11150] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  276.246425][T11150] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.5.2027: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  276.293064][T10454] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  276.344393][T11155] loop5: detected capacity change from 0 to 1764
[  276.403428][T11159] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2031'.
[  276.408066][T11159] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2031'.
[  276.468046][T11162] netlink: 'syz.2.2032': attribute type 4 has an invalid length.
[  276.488496][T11164] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2033'.
[  276.502072][ T5889] lo speed is unknown, defaulting to 1000
[  276.504835][ T5889] syz0: Port: 1 Link DOWN
[  276.511027][T11162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2032'.
[  276.534730][T11166] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  276.566308][   T33] audit: type=1326 audit(1757332658.980:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11167 comm="syz.2.2035" exe="/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fe364785ba7 code=0x0
[  276.625829][T11172] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  276.726824][T11180] netlink: 'syz.1.2041': attribute type 1 has an invalid length.
[  276.778405][   T33] audit: type=1326 audit(1757332659.190:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f70a0b85ba7 code=0x7ffc0000
[  276.795578][   T33] audit: type=1326 audit(1757332659.200:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f70a0b2adb9 code=0x7ffc0000
[  276.824476][   T33] audit: type=1326 audit(1757332659.200:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f70a0b85ba7 code=0x7ffc0000
[  276.839584][   T33] audit: type=1326 audit(1757332659.200:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f70a0b2adb9 code=0x7ffc0000
[  276.851481][   T33] audit: type=1326 audit(1757332659.200:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a0b8ebe9 code=0x7ffc0000
[  276.860251][   T33] audit: type=1326 audit(1757332659.200:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a0b8ebe9 code=0x7ffc0000
[  276.875660][   T33] audit: type=1326 audit(1757332659.210:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f70a0b8ebe9 code=0x7ffc0000
[  276.890967][   T33] audit: type=1326 audit(1757332659.210:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11183 comm="syz.1.2043" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a0b8ebe9 code=0x7ffc0000
[  277.084382][ T5882] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.168852][ T5882] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.251293][ T5882] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.341392][ T5882] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.435740][T11203] loop5: detected capacity change from 0 to 2048
[  277.485954][T11203] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.498034][T11203] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.540415][T11203] ptrace attach of "/syz-executor exec"[10454] was attempted by "FGϞ}aF׷_엷|g'/>d0;#Y5fk  ӈr_Ceу\x0c   +#M   ࡗD+     nV7/E{׷G-O8΄dm+WEč.>_.޻Zƻ]֟NإoNC=ֿ\x0b;qd7=_xb[d+#+;wzi}\x22o?vqOm^_a?\x5c?sbϿ[9N4\x22m[:r<}s>OvWo×                                            @)Hl+N,8ű\x1bjK\x22c0)шlLuFģ~8֊~7                                                              1IEDU4]   ]    \x5c  ?                                                                                                                  p .?ښkxlɼ>-Ujmq!զ<uV[8KWFy1R_^4W[o\x5c/\x07                                                               P%iiiE?\x22c0)шx$\x22\x0cih                                                             
[  277.563261][T11208] loop2: detected capacity change from 0 to 8192
[  277.593996][    C0] hpet: Lost 1 RTC interrupts
[  277.601070][ T5882] bridge_slave_1: left allmulticast mode
[  277.613043][ T5882] bridge_slave_1: left promiscuous mode
[  277.619202][T10454] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.625976][ T5882] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.648011][ T5882] bridge_slave_0: left allmulticast mode
[  277.650377][ T5882] bridge_slave_0: left promiscuous mode
[  277.658495][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.763483][T11212] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2055'.
[  278.110977][ T5889] usb 2-1: new low-speed USB device number 32 using dummy_hcd
[  278.280708][ T5882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.282053][ T5889] usb 2-1: unable to get BOS descriptor or descriptor too short
[  278.289251][ T5889] usb 2-1: config 7 has an invalid interface number: 83 but max is 0
[  278.293569][ T5882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.295325][ T5889] usb 2-1: config 7 has no interface number 0
[  278.299642][ T5889] usb 2-1: config 7 interface 83 altsetting 254 endpoint 0x7 has invalid maxpacket 16, setting to 0
[  278.302573][ T5882] bond0 (unregistering): Released all slaves
[  278.308476][ T5889] usb 2-1: No eUSB2 isoc ep 7 companion for config 7 interface 83 altsetting 254
[  278.320011][ T5889] usb 2-1: config 7 interface 83 has no altsetting 0
[  278.323532][T11218] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2057'.
[  278.341008][ T5889] usb 2-1: string descriptor 0 read error: -22
[  278.343573][ T5889] usb 2-1: New USB device found, idVendor=19d2, idProduct=0145, bcdDevice=44.f5
[  278.347037][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.396951][ T5889] option 2-1:7.83: GSM modem (1-port) converter detected
[  278.596801][ T5916] usb 2-1: USB disconnect, device number 32
[  278.615758][T11228] program syz.5.2063 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.621821][ T5916] option 2-1:7.83: device disconnected
[  278.730343][ T5882] hsr_slave_0: left promiscuous mode
[  278.733767][T11234] loop5: detected capacity change from 0 to 512
[  278.737747][ T5882] hsr_slave_1: left promiscuous mode
[  278.740588][ T5882] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  278.742572][T11234] EXT4-fs (loop5): ea_inode feature is not supported for Hurd
[  278.749433][ T5882] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.754585][ T5882] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  278.758821][ T5882] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.790743][ T5882] veth1_macvtap: left promiscuous mode
[  278.795570][ T5882] veth0_macvtap: left promiscuous mode
[  278.798128][ T5882] veth1_vlan: left promiscuous mode
[  278.800278][ T5882] veth0_vlan: left promiscuous mode
[  279.926605][ T5882] team0 (unregistering): Port device team_slave_1 removed
[  279.992596][ T5882] team0 (unregistering): Port device team_slave_0 removed
[  280.596435][T11253] vxcan3: entered promiscuous mode
[  280.598681][T11253] vxcan3: entered allmulticast mode
[  281.648826][ T2306] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  281.706035][T11284] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  281.708645][T11284] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  281.833588][ T2306] usb 6-1: config 0 has an invalid interface number: 197 but max is 0
[  281.837523][ T2306] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  281.847378][ T2306] usb 6-1: config 0 has no interface number 0
[  281.851079][ T2306] usb 6-1: config 0 interface 197 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  281.856095][ T2306] usb 6-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  281.859962][ T2306] usb 6-1: config 0 interface 197 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  281.869600][ T2306] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[  281.873582][ T2306] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.876868][ T2306] usb 6-1: Product: syz
[  281.878559][ T2306] usb 6-1: Manufacturer: syz
[  281.880425][ T2306] usb 6-1: SerialNumber: syz
[  281.890322][ T2306] usb 6-1: config 0 descriptor??
[  282.292740][ T5917] usb 6-1: USB disconnect, device number 7
[  282.574995][T11304] loop1: detected capacity change from 0 to 1024
[  282.578392][T11304] EXT4-fs: Ignoring removed nomblk_io_submit option
[  282.596262][T11304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.650147][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.874984][T11313] 9pnet: p9_errstr2errno: server reported unknown error 0000
[  282.944285][T11311] loop1: detected capacity change from 0 to 32768
[  282.948788][T11311] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2097 (11311)
[  282.959812][T11311] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  282.970389][T11311] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  282.998820][T11316] loop2: detected capacity change from 0 to 128
[  283.054787][T11311] BTRFS info (device loop1): setting nodatasum
[  283.057263][T11311] BTRFS info (device loop1): setting nodatacow
[  283.059342][T11311] BTRFS info (device loop1): enabling free space tree
[  283.061983][T11311] BTRFS info (device loop1): max_inline set to 0
[  283.169938][ T5848] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  283.556716][T11338] loop2: detected capacity change from 0 to 4096
[  283.578364][T11338] ntfs3(loop2): ino=3, Correct links count -> 2.
[  283.644784][T11338] ntfs3(loop2): ino=1a, mi_enum_attr
[  283.646971][T11338] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  283.650511][T11338] ntfs3(loop2): Failed to load root (-22).
[  283.909065][T11342] loop1: detected capacity change from 0 to 32768
[  283.915673][T11342] (syz.1.2105,11342,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  283.923852][T11342] (syz.1.2105,11342,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  283.956426][T11342] JBD2: Ignoring recovery information on journal
[  284.024728][T11342] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  284.187551][T11353] loop2: detected capacity change from 0 to 32768
[  284.271379][ T5848] ocfs2: Unmounting device (7,1) on (node local)
[  284.300666][T11353] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  284.300681][T11353]   allowing incompatible features above 0.0: (unknown version)
[  284.300687][T11353]   features: 
[  284.317774][T11353] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  284.456032][T11353] bcachefs (loop2): initializing new filesystem
[  284.565072][T11353] bcachefs (loop2): going read-write
[  284.570502][T11353] bcachefs (loop2): marking superblocks
[  284.586339][T11353] bcachefs (loop2): initializing freespace
[  284.594226][T11353] bcachefs (loop2): done initializing freespace
[  284.602006][T11353] bcachefs (loop2): reading snapshots table
[  284.611370][T11353] bcachefs (loop2): reading snapshots done
[  284.634604][T11372] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2113'.
[  284.656682][T11372] loop1: detected capacity change from 0 to 1024
[  284.659764][T11353] bcachefs (loop2): done starting filesystem
[  284.679362][T11372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  284.685595][T11372] ext4 filesystem being mounted at /709/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.711251][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  284.731169][ T5851] bcachefs (loop2): shutting down
[  284.737172][ T5851] bcachefs (loop2): going read-only
[  284.740240][ T5851] bcachefs (loop2): finished waiting for writes to stop
[  284.750646][ T5851] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  284.808052][ T5851] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  284.819396][ T5851] bcachefs (loop2): clean shutdown complete, journal seq 4
[  284.823740][ T5851] bcachefs (loop2): marking filesystem clean
[  284.855501][ T5851] bcachefs (loop2): shutdown complete
[  286.131102][ T5917] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  286.142039][ T9583] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  286.308487][ T5917] usb 2-1: Using ep0 maxpacket: 32
[  286.311440][ T9583] usb 6-1: not running at top speed; connect to a high speed hub
[  286.323882][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.327494][ T5917] usb 2-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[  286.334114][ T9583] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  286.334391][ T5917] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.338817][ T9583] usb 6-1: config 1 has no interface number 1
[  286.344700][ T5917] usb 2-1: config 0 descriptor??
[  286.351726][ T9583] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  286.364295][ T9583] usb 6-1: string descriptor 0 read error: -22
[  286.366841][ T9583] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  286.381147][ T9583] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.401320][ T9583] usb 6-1: 2:1 : no UAC_FORMAT_TYPE desc
[  286.607368][ T9583] usb 6-1: USB disconnect, device number 8
[  286.700984][ T5852] Bluetooth: hci0: Opcode 0x206a failed: -110
[  286.703520][ T5852] Bluetooth: hci0: command 0x1407 tx timeout
[  286.762921][ T5917] elo 0003:04E7:0009.000F: ignoring exceeding usage max
[  286.770553][ T5917] elo 0003:04E7:0009.000F: hidraw0: USB HID v0.00 Device [HID 04e7:0009] on usb-dummy_hcd.1-1/input0
[  286.817983][T11419] loop2: detected capacity change from 0 to 40427
[  286.822492][T11419] F2FS-fs: heap/no_heap options were deprecated
[  286.825858][T11419] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 2305)
[  286.828869][T11419] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  286.834391][T11419] F2FS-fs (loop2): invalid crc value
[  286.838743][T11419] F2FS-fs (loop2): Invalid segment type: 8, segno: 11
[  286.852994][T11419] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[  286.989215][T11415] loop1: detected capacity change from 0 to 512
[  287.001279][T11415] EXT4-fs (loop1): Test dummy encryption mode enabled
[  287.003912][T11415] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  287.012918][T11415] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.2130: bad orphan inode 131083
[  287.019272][T11415] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.028724][ T9583] usb 2-1: USB disconnect, device number 33
[  287.065773][T11424] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2133'.
[  287.280021][T11432] sctp: [Deprecated]: syz.2.2137 (pid 11432) Use of struct sctp_assoc_value in delayed_ack socket option.
[  287.280021][T11432] Use struct sctp_sack_info instead
[  287.531956][T11430] loop5: detected capacity change from 0 to 32768
[  287.607583][T11430] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  287.694232][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.001415][T10454] ocfs2: Unmounting device (7,5) on (node local)
[  288.249762][T11447] netlink: 'syz.1.2143': attribute type 10 has an invalid length.
[  288.266119][T11447] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  288.785251][T11461] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2149'.
[  289.440608][T11468] loop1: detected capacity change from 0 to 32768
[  289.457457][T11468] ERROR: (device loop1): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  289.457457][T11468] 
[  289.701513][   T47] usb 3-1: new low-speed USB device number 25 using dummy_hcd
[  289.851125][ T5916] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  289.885010][   T47] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  289.888381][   T47] usb 3-1: config 0 has no interface number 0
[  289.890764][   T47] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  289.894995][   T47] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  289.899324][   T47] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  289.903984][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.909639][   T47] usb 3-1: config 0 descriptor??
[  289.912604][T11476] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  289.919836][   T47] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  290.010967][ T5916] usb 6-1: Using ep0 maxpacket: 8
[  290.015554][ T5916] usb 6-1: unable to get BOS descriptor or descriptor too short
[  290.019933][ T5916] usb 6-1: config 17 has an invalid interface number: 8 but max is 1
[  290.023069][ T5916] usb 6-1: config 17 has 1 interface, different from the descriptor's value: 2
[  290.026861][ T5916] usb 6-1: config 17 has no interface number 0
[  290.029302][ T5916] usb 6-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  290.033053][ T5916] usb 6-1: config 17 interface 8 has no altsetting 0
[  290.038091][ T5916] usb 6-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  290.042246][ T5916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.045181][ T5916] usb 6-1: Product: syz
[  290.046692][ T5916] usb 6-1: Manufacturer: syz
[  290.048449][ T5916] usb 6-1: SerialNumber: syz
[  290.175671][   T47] usb 3-1: USB disconnect, device number 25
[  290.267483][ T5916] usb 6-1: selecting invalid altsetting 0
[  290.283522][ T5916] usb 6-1: USB disconnect, device number 9
[  291.235370][T11514] loop5: detected capacity change from 0 to 512
[  291.238903][T11514] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  291.268669][T11514] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  291.274518][T11514] block device autoloading is deprecated and will be removed.
[  291.279557][T11514] EXT4-fs (loop5): couldn't read superblock of external journal
[  291.348663][T11518] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2172'.
[  291.468790][T11524] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  291.472319][T11524] macsec1: entered promiscuous mode
[  291.482380][T11524] netdevsim netdevsim5 netdevsim0: left promiscuous mode
[  291.881088][ T5917] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  292.041097][   T47] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  292.043972][ T5917] usb 6-1: Using ep0 maxpacket: 16
[  292.048276][ T5917] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  292.052602][ T5917] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.056693][ T5917] usb 6-1: config 0 has no interface number 0
[  292.063995][ T5917] usb 6-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  292.067823][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.071293][ T5917] usb 6-1: Product: syz
[  292.073028][ T5917] usb 6-1: Manufacturer: syz
[  292.074999][ T5917] usb 6-1: SerialNumber: syz
[  292.079089][ T5917] usb 6-1: config 0 descriptor??
[  292.088863][ T5917] uvcvideo 6-1:0.105: probe with driver uvcvideo failed with error -22
[  292.200985][   T47] usb 3-1: Using ep0 maxpacket: 8
[  292.204794][   T47] usb 3-1: config 0 has an invalid interface number: 25 but max is 0
[  292.208050][   T47] usb 3-1: config 0 has no interface number 0
[  292.210619][   T47] usb 3-1: config 0 interface 25 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[  292.217427][   T47] usb 3-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice= f.2b
[  292.223388][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.226664][   T47] usb 3-1: Product: syz
[  292.228338][   T47] usb 3-1: Manufacturer: syz
[  292.230103][   T47] usb 3-1: SerialNumber: syz
[  292.236907][   T47] usb 3-1: config 0 descriptor??
[  292.297502][ T5889] usb 6-1: USB disconnect, device number 10
[  292.452859][   T47] kobil_sct 3-1:0.25: KOBIL USB smart card terminal converter detected
[  292.458676][   T47] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  292.463824][ T5917] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  292.469550][   T47] usb 3-1: USB disconnect, device number 26
[  292.476176][   T47] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  292.480408][   T47] kobil_sct 3-1:0.25: device disconnected
[  292.622981][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 4
[  292.629633][ T5917] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  292.633606][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.636659][ T5917] usb 2-1: Product: syz
[  292.638460][ T5917] usb 2-1: Manufacturer: syz
[  292.640269][ T5917] usb 2-1: SerialNumber: syz
[  292.645278][ T5917] usb 2-1: config 0 descriptor??
[  292.650794][ T5917] hub 2-1:0.0: bad descriptor, ignoring hub
[  292.653290][ T5917] hub 2-1:0.0: probe with driver hub failed with error -5
[  292.659322][ T5917] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input26
[  292.836943][T11551] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2187'.
[  292.933591][T11555] loop5: detected capacity change from 0 to 8
[  293.077324][ T9583] usb 2-1: USB disconnect, device number 34
[  293.117763][T11565] netlink: 'syz.2.2195': attribute type 5 has an invalid length.
[  293.457956][T11575] loop5: detected capacity change from 0 to 32768
[  293.466975][T11575] XFS (loop5): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  293.500687][T11575] XFS (loop5): Ending clean mount
[  293.532480][T10454] XFS (loop5): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  293.612324][ T5917] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  293.686111][T11596] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2206'.
[  293.693655][T11595] delete_channel: no stack
[  293.732637][T11600] loop1: detected capacity change from 0 to 1024
[  293.745048][T11600] syz.1.2207: attempt to access beyond end of device
[  293.745048][T11600] loop1: rw=0, sector=393220, nr_sectors = 2 limit=1024
[  293.783633][ T5917] usb 3-1: config 0 has no interfaces?
[  293.792596][ T5917] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  293.795933][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.798591][ T5917] usb 3-1: Product: syz
[  293.800176][ T5917] usb 3-1: Manufacturer: syz
[  293.808922][ T5917] usb 3-1: SerialNumber: syz
[  293.812398][ T5917] usb 3-1: config 0 descriptor??
[  293.829225][T11606] netlink: 'syz.1.2210': attribute type 4 has an invalid length.
[  293.850247][T11608] loop5: detected capacity change from 0 to 128
[  294.023376][ T5917] usb 3-1: USB disconnect, device number 27
[  294.045477][T11624] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2219'.
[  294.051196][T11626] mmap: syz.1.2218 (11626): VmData 175878144 exceed data ulimit 5. Update limits or use boot option ignore_rlimit_data.
[  294.591685][T11663] bridge0: port 2(hsr_slave_1) entered blocking state
[  294.596751][T11663] bridge0: port 2(hsr_slave_1) entered disabled state
[  294.604892][T11663] hsr_slave_1: entered allmulticast mode
[  294.608824][T11663] hsr_slave_1: left allmulticast mode
[  295.751491][ T5917] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  295.939288][T11696] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2251'.
[  295.943130][ T5917] usb 6-1: Using ep0 maxpacket: 8
[  295.951409][ T5917] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  295.958972][ T5917] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  295.972996][ T5917] usb 6-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  295.982724][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.990285][ T5917] usb 6-1: Product: syz
[  295.993217][ T5917] usb 6-1: Manufacturer: syz
[  295.995293][ T5917] usb 6-1: SerialNumber: syz
[  295.999789][ T5917] usb 6-1: config 0 descriptor??
[  296.218897][ T5917] usb 6-1: USB disconnect, device number 11
[  296.338404][T11710] loop1: detected capacity change from 0 to 512
[  296.353756][T11710] EXT4-fs (loop1): bad geometry: first data block 0 is beyond end of filesystem (0)
[  296.480421][T11720] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  296.817116][T11752] loop2: detected capacity change from 0 to 512
[  296.850978][ T5917] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  296.854428][T11752] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.859910][T11752] ext4 filesystem being mounted at /845/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.880194][T11759] loop5: detected capacity change from 0 to 512
[  296.902554][T11759] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.907725][T11759] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  296.939967][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.982232][T11763] loop2: detected capacity change from 0 to 8
[  296.986614][T11763] SQUASHFS error: Failed to read block 0x62: -5
[  296.988611][T11763] squashfs image failed sanity check
[  297.033590][ T5917] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  297.041388][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.049567][ T5917] usb 2-1: Product: syz
[  297.054840][ T5917] usb 2-1: Manufacturer: syz
[  297.056364][ T5917] usb 2-1: SerialNumber: syz
[  297.071006][ T5917] r8152-cfgselector 2-1: Unknown version 0x0000
[  297.074180][ T5917] r8152-cfgselector 2-1: config 0 descriptor??
[  297.080345][T10454] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.522193][ T2306] r8152-cfgselector 2-1: USB disconnect, device number 35
[  297.713427][T11772] netlink: 'syz.5.2283': attribute type 5 has an invalid length.
[  298.824185][T11785] overlayfs: failed to clone upperpath
[  298.884638][T11793] openvswitch: netlink: Message has 16 unknown bytes.
[  298.950752][T11794] loop2: detected capacity change from 0 to 8192
[  298.959431][T11794] FAT-fs (loop2): bogus logical sector size 0
[  298.965850][T11794] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  298.969638][T11794] FAT-fs (loop2): Can't find a valid FAT filesystem
[  299.050983][ T5319] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  299.133536][T11802] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2296'.
[  299.137146][T11802] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2296'.
[  299.140618][T11802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2296'.
[  299.201092][ T5319] usb 6-1: Using ep0 maxpacket: 16
[  299.214002][ T5319] usb 6-1: unable to get BOS descriptor or descriptor too short
[  299.217334][ T5319] usb 6-1: config 5 has an invalid interface number: 118 but max is 0
[  299.220461][ T5319] usb 6-1: config 5 has no interface number 0
[  299.222727][ T5319] usb 6-1: config 5 interface 118 has no altsetting 0
[  299.228010][ T5319] usb 6-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=1c.96
[  299.233508][ T5319] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.236744][ T5319] usb 6-1: Product: syz
[  299.238423][ T5319] usb 6-1: Manufacturer: syz
[  299.240297][ T5319] usb 6-1: SerialNumber: syz
[  299.462472][ T5319] imon_raw 6-1:5.118: IR endpoint missing
[  299.473016][ T5319] usb 6-1: USB disconnect, device number 12
[  299.646157][T11823] loop2: detected capacity change from 0 to 4096
[  299.649731][T11823] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  299.663878][T11823] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  299.666464][T11823] ntfs3(loop2): Failed to load $Extend (-22).
[  299.668998][T11823] ntfs3(loop2): Failed to initialize $Extend.
[  300.146655][T11851] loop2: detected capacity change from 0 to 8
[  300.164292][T11851] squashfs image failed sanity check
[  300.216368][T11845] loop1: detected capacity change from 0 to 32768
[  300.223954][T11845] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2317 (11845)
[  300.236799][T11845] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  300.240427][T11845] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  300.245136][T11853] loop2: detected capacity change from 0 to 1024
[  300.286543][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  300.286554][   T33] audit: type=1800 audit(1757332682.700:120): pid=11853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2321" name="file2" dev="loop2" ino=21 res=0 errno=0
[  300.300012][T11847] loop5: detected capacity change from 0 to 32768
[  300.327835][T11847] ialloc: diAlloc returned -17!
[  300.374209][T11845] BTRFS info (device loop1): rebuilding free space tree
[  300.389008][T11845] BTRFS info (device loop1): setting nodatasum
[  300.391761][T11845] BTRFS info (device loop1): allowing degraded mounts
[  300.394606][T11845] BTRFS info (device loop1): enabling ssd optimizations
[  300.397488][T11845] BTRFS info (device loop1): enabling free space tree
[  300.400364][T11845] BTRFS info (device loop1): force clearing of disk cache
[  300.403446][T11845] BTRFS info (device loop1): doing ref verification
[  300.406170][T11845] BTRFS info (device loop1): force zlib compression, level 3
[  300.493614][ T5848] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  300.510959][T11874] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  300.514272][T11874] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  300.537977][T11874] vhci_hcd vhci_hcd.0: Device attached
[  300.545670][T11875] vhci_hcd: connection closed
[  300.553622][ T5882] vhci_hcd: stop threads
[  300.559597][ T5882] vhci_hcd: release socket
[  300.561942][ T5882] vhci_hcd: disconnect device
[  301.007374][T11891] loop5: detected capacity change from 0 to 256
[  301.024293][T11891] FAT-fs (loop5): Directory bread(block 64) failed
[  301.030919][T11891] FAT-fs (loop5): Directory bread(block 65) failed
[  301.033447][T11891] FAT-fs (loop5): Directory bread(block 66) failed
[  301.035501][T11891] FAT-fs (loop5): Directory bread(block 67) failed
[  301.038188][T11891] FAT-fs (loop5): Directory bread(block 68) failed
[  301.040407][T11891] FAT-fs (loop5): Directory bread(block 69) failed
[  301.051318][T11891] FAT-fs (loop5): Directory bread(block 70) failed
[  301.054856][T11891] FAT-fs (loop5): Directory bread(block 71) failed
[  301.057267][T11891] FAT-fs (loop5): Directory bread(block 72) failed
[  301.059786][T11891] FAT-fs (loop5): Directory bread(block 73) failed
[  301.362207][T11899] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2334'.
[  301.671213][T11917] netlink: 'syz.5.2340': attribute type 1 has an invalid length.
[  301.682126][T11918] ALSA: mixer_oss: invalid OSS volume ''
[  301.684012][T11918] ALSA: mixer_oss: invalid OSS volume '+]OؓOGec9bx'ĮC'
[  301.686802][T11918] ALSA: mixer_oss: invalid OSS volume '_*[bYcq~lr<W|3z'
[  301.689349][T11918] ALSA: mixer_oss: invalid OSS volume '{۱HJ:'
[  301.695208][T11918] ALSA: mixer_oss: invalid OSS volume 'B}s둥"f0^C'
[  301.698581][T11918] ALSA: mixer_oss: invalid OSS volume 'gRy'G!P'
[  301.702678][T11918] ALSA: mixer_oss: invalid OSS volume '{ouD1*ڦi&qrm4_Xn'
[  301.706023][T11918] ALSA: mixer_oss: invalid OSS volume '/U~d?":9S'
[  301.709055][T11918] ALSA: mixer_oss: invalid OSS volume '(8'
[  301.712953][T11918] ALSA: mixer_oss: invalid OSS volume '')3loX+iG9SNW'
[  301.716234][T11918] ALSA: mixer_oss: invalid OSS volume '%X%Ň9WsE?%73'
[  301.719150][T11918] ALSA: mixer_oss: invalid OSS volume 'Ji'
[  301.722004][T11918] ALSA: mixer_oss: invalid OSS volume 'OfSҖ[sx'
[  301.724953][T11918] ALSA: mixer_oss: invalid OSS volume '::IJUTTځA"B^Csb;`c'
[  301.728450][T11918] ALSA: mixer_oss: invalid OSS volume 'cۉ<S٪3nF/Pf'
[  301.732884][T11918] ALSA: mixer_oss: invalid OSS volume '9hĨy^7]'
[  301.736240][T11918] ALSA: mixer_oss: invalid OSS volume '?6<g$/uXAd>=V'
[  301.736297][T11923] netlink: 'syz.5.2343': attribute type 6 has an invalid length.
[  301.739521][T11918] ALSA: mixer_oss: invalid OSS volume '+ͿnU<$^EKʘr+'
[  301.744247][T11923] netlink: 'syz.5.2343': attribute type 6 has an invalid length.
[  301.745969][T11918] ALSA: mixer_oss: invalid OSS volume '+8iYJz'
[  301.895177][T11937] sp0: Synchronizing with TNC
[  302.281023][ T9583] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  302.430979][ T9583] usb 6-1: Using ep0 maxpacket: 32
[  302.437758][ T9583] usb 6-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  302.441960][ T9583] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.445975][ T9583] usb 6-1: Product: syz
[  302.447784][ T9583] usb 6-1: Manufacturer: syz
[  302.449859][ T9583] usb 6-1: SerialNumber: syz
[  302.454516][ T9583] usb 6-1: config 0 descriptor??
[  302.459950][ T9583] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  302.670554][ T9583] gspca_stk1135: reg_w 0x2 err -71
[  302.675329][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.678185][ T9583] gspca_stk1135: Sensor write failed
[  302.681908][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.684647][ T9583] gspca_stk1135: Sensor write failed
[  302.687059][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.689552][ T9583] gspca_stk1135: Sensor read failed
[  302.693019][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.695664][ T9583] gspca_stk1135: Sensor read failed
[  302.697674][ T9583] gspca_stk1135: Detected sensor type unknown (0x0)
[  302.700464][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.709459][ T9583] gspca_stk1135: Sensor read failed
[  302.713310][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.715747][ T9583] gspca_stk1135: Sensor read failed
[  302.717503][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.719688][ T9583] gspca_stk1135: Sensor write failed
[  302.721963][ T9583] gspca_stk1135: serial bus timeout: status=0x00
[  302.724213][ T9583] gspca_stk1135: Sensor write failed
[  302.727008][ T9583] stk1135 6-1:0.0: probe with driver stk1135 failed with error -71
[  302.732298][ T9583] usb 6-1: USB disconnect, device number 13
[  303.109978][T11966] ==================================================================
[  303.112934][T11966] BUG: KASAN: use-after-free in xfrm_alloc_spi+0x570/0xf30
[  303.115465][T11966] Read of size 4 at addr ffff8881104689c4 by task syz.1.2363/11966
[  303.118308][T11966] 
[  303.119575][T11966] CPU: 0 UID: 0 PID: 11966 Comm: syz.1.2363 Not tainted syzkaller #0 PREEMPT(full) 
[  303.119589][T11966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  303.119597][T11966] Call Trace:
[  303.119603][T11966]  <TASK>
[  303.119608][T11966]  dump_stack_lvl+0x189/0x250
[  303.119623][T11966]  ? __kasan_check_byte+0x12/0x40
[  303.119638][T11966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.119648][T11966]  ? lock_release+0x4b/0x3e0
[  303.119661][T11966]  ? __virt_addr_valid+0x4a5/0x5c0
[  303.119673][T11966]  print_report+0xca/0x240
[  303.119681][T11966]  ? xfrm_alloc_spi+0x570/0xf30
[  303.119690][T11966]  kasan_report+0x118/0x150
[  303.119701][T11966]  ? xfrm_alloc_spi+0x570/0xf30
[  303.119710][T11966]  xfrm_alloc_spi+0x570/0xf30
[  303.119719][T11966]  ? xfrm_alloc_spi+0x2a0/0xf30
[  303.119731][T11966]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  303.119739][T11966]  ? xfrm_find_acq+0x87/0xa0
[  303.119749][T11966]  xfrm_alloc_userspi+0x70b/0xc90
[  303.119761][T11966]  ? apparmor_capable+0x137/0x1b0
[  303.119771][T11966]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  303.119781][T11966]  ? __nla_parse+0x40/0x60
[  303.119793][T11966]  xfrm_user_rcv_msg+0x7a3/0xab0
[  303.119803][T11966]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  303.119818][T11966]  ? __pfx___mutex_trylock_common+0x10/0x10
[  303.119827][T11966]  ? rcu_is_watching+0x15/0xb0
[  303.119835][T11966]  ? trace_contention_end+0x39/0x120
[  303.119850][T11966]  ? __mutex_lock+0x335/0x1350
[  303.119859][T11966]  netlink_rcv_skb+0x208/0x470
[  303.119879][T11966]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  303.119894][T11966]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  303.119915][T11966]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.119931][T11966]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.119950][T11966]  xfrm_netlink_rcv+0x79/0x90
[  303.119965][T11966]  netlink_unicast+0x82f/0x9e0
[  303.119985][T11966]  ? __pfx_netlink_unicast+0x10/0x10
[  303.120002][T11966]  ? netlink_sendmsg+0x642/0xb30
[  303.120013][T11966]  ? skb_put+0x11b/0x210
[  303.120029][T11966]  netlink_sendmsg+0x805/0xb30
[  303.120042][T11966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.120051][T11966]  ? aa_sock_msg_perm+0xf1/0x1d0
[  303.120060][T11966]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  303.120069][T11966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.120077][T11966]  __sock_sendmsg+0x21c/0x270
[  303.120091][T11966]  ____sys_sendmsg+0x505/0x830
[  303.120103][T11966]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.120113][T11966]  ? import_iovec+0x74/0xa0
[  303.120123][T11966]  ___sys_sendmsg+0x21f/0x2a0
[  303.120131][T11966]  ? __pfx____sys_sendmsg+0x10/0x10
[  303.120145][T11966]  ? __fget_files+0x2a/0x420
[  303.120151][T11966]  ? __fget_files+0x3a0/0x420
[  303.120159][T11966]  __x64_sys_sendmsg+0x19b/0x260
[  303.120168][T11966]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  303.120178][T11966]  ? rcu_is_watching+0x15/0xb0
[  303.120186][T11966]  ? do_syscall_64+0xbe/0x3b0
[  303.120194][T11966]  do_syscall_64+0xfa/0x3b0
[  303.120200][T11966]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.120210][T11966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.120218][T11966]  ? exc_page_fault+0x9f/0xf0
[  303.120228][T11966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.120236][T11966] RIP: 0033:0x7f70a0b8ebe9
[  303.120246][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.120256][T11966] RSP: 002b:00007f70a1a2a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.120266][T11966] RAX: ffffffffffffffda RBX: 00007f70a0dc5fa0 RCX: 00007f70a0b8ebe9
[  303.120272][T11966] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000003
[  303.120278][T11966] RBP: 00007f70a0c11e19 R08: 0000000000000000 R09: 0000000000000000
[  303.120284][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.120290][T11966] R13: 00007f70a0dc6038 R14: 00007f70a0dc5fa0 R15: 00007ffcc85c54b8
[  303.120299][T11966]  </TASK>
[  303.120303][T11966] 
[  303.252968][T11966] The buggy address belongs to the physical page:
[  303.255410][T11966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888110468900 pfn:0x110468
[  303.259249][T11966] flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff)
[  303.262041][T11966] page_type: f0(buddy)
[  303.263687][T11966] raw: 057ff00000000000 ffffea000419e708 ffffea0004393308 0000000000000000
[  303.267048][T11966] raw: ffff888110468900 0000000000000002 00000000f0000000 0000000000000000
[  303.270457][T11966] page dumped because: kasan: bad access detected
[  303.272877][T11966] page_owner tracks the page as freed
[  303.274930][T11966] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6921, tgid 6920 (syz.2.389), ts 110811180494, free_ts 262466958088
[  303.282344][T11966]  post_alloc_hook+0x240/0x2a0
[  303.284306][T11966]  get_page_from_freelist+0x21e4/0x22c0
[  303.286287][T11966]  __alloc_frozen_pages_noprof+0x181/0x370
[  303.288098][T11966]  alloc_pages_mpol+0x232/0x4a0
[  303.289652][T11966]  allocate_slab+0x8a/0x370
[  303.291073][T11966]  ___slab_alloc+0xbeb/0x1410
[  303.292791][T11966]  kmem_cache_alloc_noprof+0x283/0x3c0
[  303.295074][T11966]  xfrm_state_alloc+0x24/0x2f0
[  303.296976][T11966]  __find_acq_core+0x8a7/0x1c00
[  303.298856][T11966]  xfrm_find_acq+0x78/0xa0
[  303.300705][T11966]  xfrm_alloc_userspi+0x6b3/0xc90
[  303.302712][T11966]  xfrm_user_rcv_msg+0x7a3/0xab0
[  303.304803][T11966]  netlink_rcv_skb+0x208/0x470
[  303.306281][T11966]  xfrm_netlink_rcv+0x79/0x90
[  303.307818][T11966]  netlink_unicast+0x82f/0x9e0
[  303.309427][T11966]  netlink_sendmsg+0x805/0xb30
[  303.310967][T11966] page last free pid 10827 tgid 10827 stack trace:
[  303.313179][T11966]  __free_frozen_pages+0xbc4/0xd30
[  303.314787][T11966]  __slab_free+0x303/0x3c0
[  303.316225][T11966]  qlist_free_all+0x97/0x140
[  303.317733][T11966]  kasan_quarantine_reduce+0x148/0x160
[  303.319448][T11966]  __kasan_slab_alloc+0x22/0x80
[  303.320966][T11966]  __kmalloc_noprof+0x224/0x4f0
[  303.322791][T11966]  tomoyo_encode+0x28b/0x550
[  303.324472][T11966]  tomoyo_path_perm+0x2b3/0x4b0
[  303.325963][T11966]  tomoyo_path_symlink+0xa3/0xe0
[  303.327501][T11966]  security_path_symlink+0x177/0x380
[  303.329116][T11966]  do_symlinkat+0x107/0x3f0
[  303.330583][T11966]  __x64_sys_symlinkat+0x95/0xb0
[  303.332109][T11966]  do_syscall_64+0xfa/0x3b0
[  303.333726][T11966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.335541][T11966] 
[  303.336277][T11966] Memory state around the buggy address:
[  303.338119][T11966]  ffff888110468880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  303.340604][T11966]  ffff888110468900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  303.343105][T11966] >ffff888110468980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  303.345574][T11966]                                            ^
[  303.347996][T11966]  ffff888110468a00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  303.351052][T11966]  ffff888110468a80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  303.353801][T11966] ==================================================================
[  303.358030][    C0] hpet: Lost 15 RTC interrupts
[  303.360433][T11966] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  303.362932][T11966] CPU: 0 UID: 0 PID: 11966 Comm: syz.1.2363 Not tainted syzkaller #0 PREEMPT(full) 
[  303.365995][T11966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  303.369393][T11966] Call Trace:
[  303.370527][T11966]  <TASK>
[  303.371532][T11966]  dump_stack_lvl+0x99/0x250
[  303.373231][T11966]  ? __asan_memcpy+0x40/0x70
[  303.374874][T11966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.376707][T11966]  ? __pfx__printk+0x10/0x10
[  303.378510][T11966]  vpanic+0x281/0x750
[  303.379908][T11966]  ? __pfx_vpanic+0x10/0x10
[  303.381374][T11966]  ? irqentry_exit+0x74/0x90
[  303.383120][T11966]  panic+0xb9/0xc0
[  303.384728][T11966]  ? __pfx_panic+0x10/0x10
[  303.386660][T11966]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  303.388640][T11966]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  303.390497][T11966]  ? xfrm_alloc_spi+0x570/0xf30
[  303.392191][T11966]  check_panic_on_warn+0x89/0xb0
[  303.393971][T11966]  ? xfrm_alloc_spi+0x570/0xf30
[  303.395829][T11966]  end_report+0x78/0x160
[  303.397254][T11966]  kasan_report+0x129/0x150
[  303.399059][T11966]  ? xfrm_alloc_spi+0x570/0xf30
[  303.400584][T11966]  xfrm_alloc_spi+0x570/0xf30
[  303.402262][T11966]  ? xfrm_alloc_spi+0x2a0/0xf30
[  303.404271][T11966]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  303.406473][T11966]  ? xfrm_find_acq+0x87/0xa0
[  303.408046][T11966]  xfrm_alloc_userspi+0x70b/0xc90
[  303.409643][T11966]  ? apparmor_capable+0x137/0x1b0
[  303.411248][T11966]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  303.413540][T11966]  ? __nla_parse+0x40/0x60
[  303.415218][T11966]  xfrm_user_rcv_msg+0x7a3/0xab0
[  303.417004][T11966]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  303.419148][T11966]  ? __pfx___mutex_trylock_common+0x10/0x10
[  303.421538][T11966]  ? rcu_is_watching+0x15/0xb0
[  303.423503][T11966]  ? trace_contention_end+0x39/0x120
[  303.425677][T11966]  ? __mutex_lock+0x335/0x1350
[  303.427669][T11966]  netlink_rcv_skb+0x208/0x470
[  303.429656][T11966]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  303.431899][T11966]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  303.434008][T11966]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.436112][T11966]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.438232][T11966]  xfrm_netlink_rcv+0x79/0x90
[  303.440161][T11966]  netlink_unicast+0x82f/0x9e0
[  303.442112][T11966]  ? __pfx_netlink_unicast+0x10/0x10
[  303.444138][T11966]  ? netlink_sendmsg+0x642/0xb30
[  303.446146][T11966]  ? skb_put+0x11b/0x210
[  303.447842][T11966]  netlink_sendmsg+0x805/0xb30
[  303.449505][T11966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.451179][T11966]  ? aa_sock_msg_perm+0xf1/0x1d0
[  303.452881][T11966]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  303.455037][T11966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.457173][T11966]  __sock_sendmsg+0x21c/0x270
[  303.459089][T11966]  ____sys_sendmsg+0x505/0x830
[  303.461043][T11966]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.462912][T11966]  ? import_iovec+0x74/0xa0
[  303.464319][T11966]  ___sys_sendmsg+0x21f/0x2a0
[  303.465775][T11966]  ? __pfx____sys_sendmsg+0x10/0x10
[  303.467417][T11966]  ? __fget_files+0x2a/0x420
[  303.468842][T11966]  ? __fget_files+0x3a0/0x420
[  303.470401][T11966]  __x64_sys_sendmsg+0x19b/0x260
[  303.471948][T11966]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  303.473680][T11966]  ? rcu_is_watching+0x15/0xb0
[  303.475177][T11966]  ? do_syscall_64+0xbe/0x3b0
[  303.476645][T11966]  do_syscall_64+0xfa/0x3b0
[  303.478279][T11966]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.480414][T11966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.482798][T11966]  ? exc_page_fault+0x9f/0xf0
[  303.484416][T11966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.486814][T11966] RIP: 0033:0x7f70a0b8ebe9
[  303.488653][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.494749][T11966] RSP: 002b:00007f70a1a2a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.497418][T11966] RAX: ffffffffffffffda RBX: 00007f70a0dc5fa0 RCX: 00007f70a0b8ebe9
[  303.499823][T11966] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000003
[  303.502433][T11966] RBP: 00007f70a0c11e19 R08: 0000000000000000 R09: 0000000000000000
[  303.505591][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.507977][T11966] R13: 00007f70a0dc6038 R14: 00007f70a0dc5fa0 R15: 00007ffcc85c54b8
[  303.510596][T11966]  </TASK>
[  303.512182][T11966] Kernel Offset: disabled
[  303.513836][T11966] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:58:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000036 RBX=0000000000000036 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001437 RDI=0000000000001438 RBP=00000000000003f8 RSP=ffffc9000360e9f0
R8 =ffff88801fb38237 R9 =1ffff11003f67046 R10=dffffc0000000000 R11=ffffffff854f3b80
R12=dffffc0000000000 R13=ffffffff99afd8d5 R14=ffffffff99df2420 R15=0000000000000000
RIP=ffffffff854f3bfc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f70a1a2a6c0 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000840 CR3=0000000029aa0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f70a0d97498 00007f70a0d97470 XMM03=00007f70a0d974a8 00007f70a0d974a0
XMM04=00007f70a18fd100 00007f70a0d97460 XMM05=00007f70a0d97478 00007f70a0d974c0
XMM06=00007f70a0d974b8 00007f70a0d974b0 XMM07=00007f70a0d974a8 00007f70a0d974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f70a0c12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff1c27e01 RBX=0000000000000000 RCX=b25fdc481aaee200 RDX=dffffc0000000000
RSI=00000000ffffffff RDI=ffffffff8e139fe0 RBP=ffffc900026af4e0 RSP=ffffc900026af450
R8 =0000000000000004 R9 =ffffffff819b8903 R10=dffffc0000000000 R11=ffffed1021031ac9
R12=0000000000000000 R13=dffffc0000000000 R14=1ffff920004d5e8c R15=dffffc0000000000
RIP=ffffffff8b79caf5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000007000 CR3=0000000121012000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000001a4 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
