last executing test programs:

3.173049593s ago: executing program 4 (id=8246):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x10, 0x1414, 0x211, 0x0, 0x25dfdbff}, 0x10}}, 0x0)

3.068891067s ago: executing program 4 (id=8247):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000f2d07c40501d89601dd0000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, &(0x7f0000000540)={0x20, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.612337752s ago: executing program 2 (id=8258):
r0 = syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})

2.451448844s ago: executing program 2 (id=8260):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f0000000140)={[{}]})

1.616836176s ago: executing program 0 (id=8272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc8f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x20004000)

1.502979651s ago: executing program 0 (id=8274):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@umask={'umask', 0x3d, 0x4}}, {@namecase}, {@namecase}, {@fmask={'fmask', 0x3d, 0x8}}, {@discard}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@discard}, {@errors_continue}]}, 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)

1.460380974s ago: executing program 3 (id=8276):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, 0x0)

1.305482043s ago: executing program 1 (id=8277):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, 0x0, 0x0)

1.263609884s ago: executing program 4 (id=8278):
r0 = syz_mount_image$nilfs2(&(0x7f00000008c0), &(0x7f0000000e00)='./file0\x00', 0x10000, &(0x7f0000000940)=ANY=[], 0x0, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==")
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00b'], 0x0)

1.263509444s ago: executing program 3 (id=8279):
r0 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r0, 0xffffffffffffffff, &(0x7f0000000080)=0x34)

1.094071577s ago: executing program 3 (id=8280):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x20000, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0xfd, 0x0, 0x5, 0x4, 0x4bfffffe}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @multicast2}}]}, 0x50}}, 0x0)

1.045019919s ago: executing program 1 (id=8281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

987.294975ms ago: executing program 0 (id=8282):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='numa_maps\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4112, 0x1010}], 0x1, 0x800, 0x0)

831.561767ms ago: executing program 4 (id=8283):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000002800)=ANY=[@ANYBLOB="73686f727461642c756e64656c6574652c73657373696f6e3d30303030000800003030303030303030303139302c6d6f64653d30303030303030303030303030303030303030303030352c726f6f746469723d30303030303030303030303030303030303030352c646d6f64653d30303030303030303030303030303030303030303030362c696f636861727365743d6370313235312c696f636861727365743d6b6f69382d722c6e6f7672732c0084f5b23d82aacbefd1de1daab7394a9b4696461da9ab46f2d71c895d8c"], 0xfc, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)

831.407579ms ago: executing program 1 (id=8284):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac141400000000001400000000000000000000000700000007038b01000000005e15f32aa9988e60da6af674011b2a455370163705ff6db8fe99e02d5c23fecd3922873c70484cf959be1be72e9341a96fb1aa0c825d8aa4d9b88e8108d7b4073aacafd32f94591c94ddb8ac0acc3aac8ac1960818c53bc0bca554f571a2a134f78b7d55c61c500139014cf38980f0ed12e5f086073d98727cfeb96c1caed1a11815ddb48dd3a6c091fb"], 0x38}, 0x0)

678.25625ms ago: executing program 2 (id=8285):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r0, 0x104, 0x6, 0x0, &(0x7f00000000c0))

677.960737ms ago: executing program 3 (id=8286):
r0 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000001400010000000016fffffff71e"], 0x18}}, 0x0)

610.52917ms ago: executing program 1 (id=8287):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f00000002c0)={0x0, 0x8, 0x0, 0x7, 0x18, 0x1, 0xfffffffc})

595.792646ms ago: executing program 0 (id=8288):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x20, 0x1, 0x80, 0x3d, 0x0, 0x6, 0x0})

486.151025ms ago: executing program 2 (id=8289):
r0 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_int(r0, 0x29, 0x4b, 0x0, 0x0)

485.391466ms ago: executing program 3 (id=8290):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000280)={&(0x7f0000000040)=@in6={0xa, 0x4e20, 0xdd, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x44}}, 0xa}, 0xf, &(0x7f00000000c0)=[{&(0x7f0000000540)=':', 0x1}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="3000000000000000840000000100000008000600040000007f01000009000000020000000900000001feffff", @ANYRES32=0x0, @ANYBLOB="2000000000000000840000000200000000000e000900000006020000", @ANYRES32=0x0], 0x50, 0x4040000}, 0xd0)

399.234424ms ago: executing program 4 (id=8291):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000230000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000dfb703000000000000850000006d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc)

355.609827ms ago: executing program 0 (id=8292):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000240)={0x200000, 0x0, 0x6}, 0x77)

355.462385ms ago: executing program 1 (id=8293):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000003c0)='./bus\x00', 0x4680, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRESHEX], 0xfd, 0x2a1, &(0x7f0000000400)="$eJzs3b9u01wYx/HfcdI270tV3D8ICTEVKjGhtgwglkqod8DChChNkKpaRYIi0U6BGXEB7NwCF8DIVDEjsTExMBaWoHN8Quw0jpMoqZP0+5ESJfZ57OfYxz1+UrURgAvrwfb3j3d+2IeRSipJui8FkipSWdIVXa28OjjcO4xq1W4bKrkI+zClrDa7B7VOi22c25cX2ndlzSeXYTQq31QvOgcUz139HQTSnL863frKuWc2Ghd90JtTneq1ForOAwBQLD//B36en48XKQikNT/tp+f/yZ5Aza+GU3QeI/M5Z31i/ndVVsPY83vZrWrVe3YI6K4PcVWi9KfvgzareGSlbjBNXlXpcgn+e7YX1W7vPo+qgd5qy5tpNVtxz9V46DY1a1r7+s3ZTa/GHfOZ5UpurT+XXB9mbB82g5NW/okmy8PdYz7zxZyYxybUB1X/3f+VG8YeDHc8wrYzFee/nr1F18tZuVbJs5Rosuh2ci19xLv2sqSMikTN87ao9AcEYV6eLmqpLSru3UZO1HLHqM2cqJX2qNZozo4cNfPePDKr+qlP2k7c/wf2aK+plyvTtnEt/cjo2p+yaxm6+cRfdfXrHVsGg/YIA3inp7qnhZdHx/s7UVR7MbUv7JU4BmkcHe//boxFGjtR1BwE45LP1L6wB7mQvTfnncG3U9hPJpyj1knvM5DfzUwLe99l4vovUa+su5s1+xSm79PnkrG5tWBiixsZtcGSe/4/u4JLMVJdjczKoK3m6rxHV3PduCXd7GWPsdDnOX62Bgky2/qqJ3z+DwAAAAAAAAAAAAAAAAAAMGmG9ycHFWWtKrqPAAAAAAAAAAAAAAAAAAAAAABMulF8/6//7/DmTJtevv/3oeJ3Zc1rZhg9BJDlbwAAAP//e1SAFg==")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x194)

300.56358ms ago: executing program 2 (id=8294):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'wg1\x00', &(0x7f0000000080)=@ethtool_cmd={0x7, 0x2, 0x226, 0xb317, 0xc, 0x1, 0x1, 0x9, 0x7, 0xac, 0x4, 0xffdfffff, 0x94, 0x5, 0xbd, 0xfffffffd, [0x200, 0x6]}})

232.766741ms ago: executing program 3 (id=8295):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newlink={0x5c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x71a2b}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @loopback}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x56}, @IFLA_TXQLEN={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

164.156903ms ago: executing program 0 (id=8296):
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, 0x0)

113.943926ms ago: executing program 4 (id=8297):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000080))

24.173406ms ago: executing program 2 (id=8298):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="200000006a006bb20000000000000000000002000000230008000a"], 0x20}}, 0x0)

0s ago: executing program 1 (id=8299):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd5)

kernel console output (not intermixed with test programs):

4.389414][ T5961] usb 4-1: SerialNumber: syz
[  654.429564][T21221] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  654.434919][ T5961] usb 4-1: config 0 descriptor??
[  654.494374][ T5961] hub 4-1:0.0: bad descriptor, ignoring hub
[  654.553949][ T5961] hub 4-1:0.0: probe with driver hub failed with error -5
[  654.588827][ T5961] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input60
[  654.789705][T21237] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6702'.
[  654.800006][T21206] bcachefs (loop2): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=none,norecovery
[  654.800031][T21206]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  654.800062][T21206] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  654.801658][T21206] bcachefs (loop2): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing
[  654.872332][T21206] bcachefs (loop2): recovering from clean shutdown, journal seq 18
[  654.901212][T21206] bcachefs (loop2): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  654.901212][T21206]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  654.924107][    C0] vkms_vblank_simulate: vblank timer overrun
[  655.059037][T21206] bcachefs (loop2): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[  655.115649][T21206] bcachefs (loop2): check_topology...
[  655.132507][   T95] bcachefs (loop2): btree node read error at btree alloc level 0/1
[  655.132554][   T95]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 96d95157b8f08fd6 written 16 min_key 0:457:1 durability: 1 ptr: 0:171:0 gen 0
[  655.132572][   T95]   loop2 node offset 0/16 bset u64s 594: checksum error, type chacha20_poly1305_128: got 9b687af9e47c2f6ad770dcb743e6a9b7 should be beee080eb0e1e57af476ea0fcc323e5e
[  655.132589][   T95]   loop2 btree validate error
[  655.132599][   T95]   flagging btree alloc lost data
[  655.132610][   T95]   running recovery pass check_alloc_info (13), currently at check_topology (2)
[  655.132622][   T95]   ret fsck_errors_not_fixed
[  655.217803][T21206] bcachefs (loop2): btree node with incorrect max_key
[  655.217824][T21206]   at: btree=alloc level=1
[  655.217835][T21206]   parent: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 6418e625a07b578f written 24 min_key POS_MIN durability: 1 ptr: 0:147:0 gen 0
[  655.217852][T21206]   child: u64s 11 type btree_ptr_v2 0:457:0 len 0 ver 0: seq 4d46f54fbc35593d written 24 min_key 0:82:1 durability: 1 ptr: 0:146:0 gen 0, fixing
[  655.276674][T21206] bcachefs (loop2): set_node_max(): u64s 11 type btree_ptr_v2 0:457:0 len 0 ver 0: seq 4d46f54fbc35593d written 24 min_key 0:82:1 durability: 1 ptr: 0:146:0 gen 0 -> SPOS_MAX
[  655.296337][T21206]  done
[  655.299224][T21206] bcachefs (loop2): accounting_read... done
[  655.307523][T21206] bcachefs (loop2): alloc_read... done
[  655.314680][T21206] bcachefs (loop2): snapshots_read... done
[  655.321315][T21206] bcachefs (loop2): check_alloc_info...
[  655.330582][T21206] bcachefs (loop2): hole in alloc btree missing in freespace btree
[  655.330629][T21206]   device 0 buckets 458-512, fixing
[  655.472301][T21206]  done
[  655.482667][T21206] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean
[  655.503410][T21206] bcachefs (loop2): done starting filesystem
[  655.817151][ T5884] bcachefs (loop2): shutting down
[  655.861684][ T5884] bcachefs (loop2): shutdown complete
[  655.915366][ T5219] usb 4-1: reset high-speed USB device number 127 using dummy_hcd
[  655.955478][ T5219] usb 4-1: device reset changed ep0 maxpacket size!
[  655.981433][ T5961] usb 4-1: USB disconnect, device number 127
[  656.011518][T21243] loop1: detected capacity change from 0 to 32768
[  656.075478][T21243] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  656.156828][ T5961] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  656.181132][T21243] XFS (loop1): Ending clean mount
[  656.324802][ T5882] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  656.367670][ T5961] usb 4-1: config 0 has an invalid interface number: 69 but max is 0
[  656.384378][ T5961] usb 4-1: config 0 has no interface number 0
[  656.396173][ T5961] usb 4-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  656.430676][ T5961] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  656.451436][ T5961] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  656.464742][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.475858][ T5961] usb 4-1: Product: syz
[  656.480156][ T5961] usb 4-1: Manufacturer: syz
[  656.495939][ T5961] usb 4-1: SerialNumber: syz
[  656.522604][ T5961] usb 4-1: config 0 descriptor??
[  656.549186][T21259] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  656.585787][ T5961] cyberjack 4-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  656.610799][ T5961] usb 4-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  656.671077][T21261] loop0: detected capacity change from 0 to 40427
[  656.719872][T21261] F2FS-fs (loop0): invalid crc value
[  657.020697][T21261] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  657.036733][T21261] F2FS-fs (loop0): Start checkpoint disabled!
[  657.046041][T21261] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  657.055450][T21261] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  657.071778][ T5892] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[  657.120443][ T5961] usb 4-1: USB disconnect, device number 2
[  657.136872][ T5961] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  657.179289][ T5961] cyberjack 4-1:0.69: device disconnected
[  657.223375][   T49] kworker/u8:3: attempt to access beyond end of device
[  657.223375][   T49] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  657.243290][   T49] CPU: 0 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  657.243320][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  657.243333][   T49] Workqueue: writeback wb_workfn (flush-7:0)
[  657.243376][   T49] Call Trace:
[  657.243385][   T49]  <TASK>
[  657.243395][   T49]  dump_stack_lvl+0x189/0x250
[  657.243424][   T49]  ? __pfx_dump_stack_lvl+0x10/0x10
[  657.243446][   T49]  ? __pfx_queue_work_on+0x10/0x10
[  657.243463][   T49]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  657.243494][   T49]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  657.243537][   T49]  f2fs_handle_critical_error+0x37c/0x540
[  657.243576][   T49]  f2fs_write_end_io+0x886/0xb60
[  657.243619][   T49]  __submit_merged_bio+0x27a/0x6a0
[  657.243655][   T49]  __submit_merged_write_cond+0x255/0x530
[  657.243691][   T49]  f2fs_write_data_pages+0x261d/0x3000
[  657.243750][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  657.243788][   T49]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  657.243863][   T49]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  657.243883][   T49]  ? look_up_lock_class+0x74/0x170
[  657.243915][   T49]  ? trace_f2fs_writepages+0x7f/0x200
[  657.243943][   T49]  ? f2fs_write_node_pages+0x478/0x6e0
[  657.243974][   T49]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  657.244007][   T49]  ? __lock_acquire+0xab9/0xd20
[  657.244040][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  657.244062][   T49]  do_writepages+0x32e/0x550
[  657.244096][   T49]  ? reacquire_held_locks+0x127/0x1d0
[  657.244114][   T49]  ? writeback_sb_inodes+0x384/0x1010
[  657.244142][   T49]  __writeback_single_inode+0x145/0xff0
[  657.244163][   T49]  ? do_raw_spin_unlock+0x122/0x240
[  657.244189][   T49]  writeback_sb_inodes+0x6c7/0x1010
[  657.244240][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  657.244307][   T49]  ? rcu_is_watching+0x15/0xb0
[  657.244336][   T49]  wb_writeback+0x43b/0xaf0
[  657.244365][   T49]  ? queue_io+0x3b1/0x590
[  657.244388][   T49]  ? __pfx_wb_writeback+0x10/0x10
[  657.244419][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  657.244444][   T49]  wb_workfn+0x409/0xef0
[  657.244489][   T49]  ? __pfx_wb_workfn+0x10/0x10
[  657.244523][   T49]  ? __lock_acquire+0xab9/0xd20
[  657.244561][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  657.244597][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  657.244614][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  657.244640][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  657.244668][   T49]  process_scheduled_works+0xae1/0x17b0
[  657.244730][   T49]  ? __pfx_process_scheduled_works+0x10/0x10
[  657.244779][   T49]  worker_thread+0x8a0/0xda0
[  657.244847][   T49]  kthread+0x711/0x8a0
[  657.244874][   T49]  ? __pfx_worker_thread+0x10/0x10
[  657.244901][   T49]  ? __pfx_kthread+0x10/0x10
[  657.244926][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  657.244944][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  657.244961][   T49]  ? __pfx_kthread+0x10/0x10
[  657.244984][   T49]  ret_from_fork+0x4bc/0x870
[  657.245015][   T49]  ? __pfx_ret_from_fork+0x10/0x10
[  657.245051][   T49]  ? __switch_to_asm+0x39/0x70
[  657.245075][   T49]  ? __switch_to_asm+0x33/0x70
[  657.245095][   T49]  ? __pfx_kthread+0x10/0x10
[  657.245118][   T49]  ret_from_fork_asm+0x1a/0x30
[  657.245163][   T49]  </TASK>
[  657.246659][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  657.298222][ T5892] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  657.542001][T21296] binder: 21295:21296 ioctl c0306201 200000000780 returned -14
[  657.545285][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.601168][ T5892] usb 5-1: Product: syz
[  657.605466][ T5892] usb 5-1: Manufacturer: syz
[  657.611445][ T5892] usb 5-1: SerialNumber: syz
[  657.619509][ T5892] usb 5-1: config 0 descriptor??
[  657.752494][T21300] netlink: 4240 bytes leftover after parsing attributes in process `syz.1.6731'.
[  657.863078][ T5892] hso 5-1:0.0: Failed to find BULK IN ep
[  657.914940][ T5892] usb-storage 5-1:0.0: USB Mass Storage device detected
[  658.063402][ T5961] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  658.184969][    T9] usb 5-1: USB disconnect, device number 122
[  658.252284][ T5961] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  658.280461][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.299761][ T5961] usb 4-1: Product: syz
[  658.305214][ T5961] usb 4-1: Manufacturer: syz
[  658.310017][ T5961] usb 4-1: SerialNumber: syz
[  658.332370][ T5961] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  658.350798][ T5936] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  658.550887][ T5892] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  658.605625][T21321] netlink: 'syz.1.6739': attribute type 10 has an invalid length.
[  658.632877][T21321] team0: Port device wlan1 removed
[  658.644840][T21321] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  658.728610][ T5892] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  658.759346][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.779517][ T5892] usb 1-1: Product: syz
[  658.789424][ T5892] usb 1-1: Manufacturer: syz
[  658.794527][ T5892] usb 1-1: SerialNumber: syz
[  658.830096][T21324] loop2: detected capacity change from 0 to 4096
[  658.835358][ T5966] usb 4-1: USB disconnect, device number 3
[  658.844686][ T5892] r8152-cfgselector 1-1: Unknown version 0x0000
[  658.851103][ T5892] r8152-cfgselector 1-1: config 0 descriptor??
[  658.868775][T21326] loop1: detected capacity change from 0 to 1024
[  658.896689][T21326] EXT4-fs: Ignoring removed mblk_io_submit option
[  658.915727][T21326] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  658.931361][T21326] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  658.961140][   T30] audit: type=1800 audit(1758826016.833:126): pid=21324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6740" name="file1" dev="loop2" ino=33 res=0 errno=0
[  659.040250][T21326] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.6741: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  659.064995][T21326] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.6741: couldn't read orphan inode 11 (err -117)
[  659.143399][T21326] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  659.250783][ T5882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.375951][ T5961] r8152-cfgselector 1-1: USB disconnect, device number 8
[  659.515303][ T5936] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  659.544991][ T5936] ath9k_htc: Failed to initialize the device
[  659.577314][ T5966] usb 4-1: ath9k_htc: USB layer deinitialized
[  659.946025][T21349] loop3: detected capacity change from 0 to 8192
[  660.295663][ T5961] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  660.486057][T21335] syz.4.6745 (21335): drop_caches: 2
[  660.490226][ T5961] usb 3-1: Using ep0 maxpacket: 16
[  660.532321][ T5961] usb 3-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=41.ba
[  660.575609][ T5961] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.600527][ T5961] usb 3-1: Product: syz
[  660.608404][ T5961] usb 3-1: Manufacturer: syz
[  660.608451][T21365] loop1: detected capacity change from 0 to 128
[  660.615047][ T5961] usb 3-1: SerialNumber: syz
[  660.640575][T21361] block device autoloading is deprecated and will be removed.
[  660.667948][ T5961] usb 3-1: config 0 descriptor??
[  660.698728][T21365] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  660.882337][T21373] loop4: detected capacity change from 0 to 512
[  660.889396][   T49] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  660.922428][T21373] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  660.962216][ T5961] snd-usb-hiface 3-1:0.0: probe with driver snd-usb-hiface failed with error -22
[  660.974512][T21373] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  661.002622][T21373] EXT4-fs (loop4): 1 truncate cleaned up
[  661.028156][T21373] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  661.119951][T21373] EXT4-fs error (device loop4): ext4_append:79: inode #2: comm syz.4.6761: Logical block already allocated
[  661.212148][ T5966] usb 3-1: USB disconnect, device number 8
[  661.322915][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  661.582910][T21377] loop0: detected capacity change from 0 to 32768
[  661.978897][T21406] netlink: 'syz.0.6777': attribute type 10 has an invalid length.
[  662.078227][T21409] loop2: detected capacity change from 0 to 1024
[  662.134129][T21409] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  662.180317][ T5936] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  662.213811][T21409] ext4 filesystem being mounted at /1281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  662.369598][ T5936] usb 4-1: Using ep0 maxpacket: 8
[  662.409965][ T5936] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  662.432321][ T5936] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  662.455990][ T5884] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  662.469707][ T5936] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  662.501369][ T5936] usb 4-1: Product: syz
[  662.516454][ T5936] usb 4-1: Manufacturer: syz
[  662.532363][ T5936] usb 4-1: SerialNumber: syz
[  662.760527][T21432] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  662.810240][ T5936] usb 4-1: Handspring Visor / Palm OS: No valid connect info available
[  662.852116][ T5936] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  662.860028][ T5936] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  662.882039][ T5936] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  663.038134][ T5936] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  663.046557][ T5936] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  663.083838][ T5936] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  663.126407][ T5936] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  663.163683][ T5936] usb 4-1: USB disconnect, device number 4
[  663.207094][ T5936] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  663.251011][ T5936] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  663.299185][ T5936] visor 4-1:1.0: device disconnected
[  663.397418][T21419] loop1: detected capacity change from 0 to 32768
[  663.482359][T21419] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  663.770356][T21462] loop2: detected capacity change from 0 to 2048
[  663.789342][T21419] XFS (loop1): Ending clean mount
[  663.831081][T21419] XFS (loop1): Quotacheck needed: Please wait.
[  663.837377][T21462] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  663.954226][T21419] XFS (loop1): Quotacheck: Done.
[  664.034012][T21468] loop4: detected capacity change from 0 to 512
[  664.116277][ T5882] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  664.148803][T21436] loop0: detected capacity change from 0 to 32768
[  664.165260][T21468] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  664.199003][T21468] ext4 filesystem being mounted at /1378/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  664.593394][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.627644][T21436] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  664.627674][T21436]   allowing incompatible features above 0.0: (unknown version)
[  664.627689][T21436]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  664.805048][T21475] loop3: detected capacity change from 0 to 32768
[  664.807368][T21475] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.6805 (21475)
[  664.821936][T21475] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  664.854262][T21436] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  664.892748][T21475] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  664.899861][T21436] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  664.909542][T21436] bcachefs (loop0): Version upgrade required:
[  664.909542][T21436] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  664.909542][T21436] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  664.909542][T21436]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  665.044181][T21436] bcachefs (loop0): dropping and reconstructing all alloc info
[  665.070793][T21490] loop2: detected capacity change from 0 to 1024
[  665.128136][T21436] bcachefs (loop0): accounting_read... done
[  665.189136][T21436] bcachefs (loop0): alloc_read...
[  665.192927][T21490] hfsplus: request for non-existent node 33423360 in B*Tree
[  665.221702][T21436]  done
[  665.224539][T21436] bcachefs (loop0): snapshots_read... done
[  665.251704][T21490] hfsplus: request for non-existent node 33423360 in B*Tree
[  665.268214][T21436] bcachefs (loop0): check_allocations...
[  665.313096][T21475] BTRFS info (device loop3): enabling ssd optimizations
[  665.365672][T21475] BTRFS info (device loop3): enabling free space tree
[  665.417770][T21436]  done
[  665.476828][T21436] bcachefs (loop0): going read-write
[  665.525147][T21436] bcachefs (loop0): done starting filesystem
[  665.695134][T21525] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  665.987508][ T5874] bcachefs (loop0): shutting down
[  666.010786][ T5874] bcachefs (loop0): going read-only
[  666.020188][ T5881] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  666.021530][ T5874] bcachefs (loop0): finished waiting for writes to stop
[  666.140394][ T5874] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  666.193107][ T5874] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 11
[  666.234299][ T5874] bcachefs (loop0): unclean shutdown complete, journal seq 12
[  666.269029][ T5874] bcachefs (loop0): done going read-only, filesystem not clean
[  666.440169][ T5874] bcachefs (loop0): shutdown complete
[  666.936945][ T5966] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[  667.134036][ T5966] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  667.143380][ T5966] usb 5-1: config 1 has an invalid descriptor of length 92, skipping remainder of the config
[  667.185817][ T5966] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  667.226071][ T5966] usb 5-1: config 1 has no interface number 0
[  667.254536][ T5966] usb 5-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  667.294085][ T5966] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  667.316154][T21538] loop2: detected capacity change from 0 to 32768
[  667.325702][ T5966] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  667.348334][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  667.358641][T21538] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.6825 (21538)
[  667.391435][ T5966] usb 5-1: Product: syz
[  667.395755][ T5966] usb 5-1: Manufacturer: syz
[  667.405501][T21567] dvmrp0: entered allmulticast mode
[  667.413536][ T5966] usb 5-1: SerialNumber: syz
[  667.450365][T21538] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  667.467141][ T5966] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  667.487043][ T5966] cdc_ncm 5-1:1.1: bind() failure
[  667.498339][T21538] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  667.781444][  T938] usb 5-1: USB disconnect, device number 123
[  667.795628][T21538] BTRFS info (device loop2): enabling ssd optimizations
[  667.802732][T21538] BTRFS info (device loop2): enabling free space tree
[  667.874105][T21592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6842'.
[  667.970390][ T5884] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  668.669049][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  668.724345][T21616] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6853'.
[  668.876649][    T9] usb 4-1: Using ep0 maxpacket: 32
[  668.900828][    T9] usb 4-1: config 0 has an invalid interface number: 146 but max is 0
[  668.909185][    T9] usb 4-1: config 0 has no interface number 0
[  668.920411][    T9] usb 4-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  668.942074][    T9] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  668.975140][    T9] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  669.004264][    T9] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  669.029113][    T9] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  669.072892][    T9] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  669.087871][    T9] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  669.105553][    T9] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  669.128201][    T9] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  669.157590][    T9] usb 4-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  669.213752][    T9] usb 4-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  669.230358][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  669.286777][    T9] usb 4-1: Product: syz
[  669.292216][    T9] usb 4-1: Manufacturer: syz
[  669.297152][    T9] usb 4-1: SerialNumber: syz
[  669.332314][    T9] usb 4-1: config 0 descriptor??
[  669.342320][T21604] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  669.367377][    T9] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  669.391454][    T9] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  669.445211][T21640] netlink: 248 bytes leftover after parsing attributes in process `syz.2.6864'.
[  669.455993][    T9] scsi host1: microtekX6
[  669.535211][T20460] microtek usb (rev 0.4.3): error -90 submitting URB
[  669.572615][T20460] microtek usb (rev 0.4.3): error -90 submitting URB
[  669.610457][    T9] usb 4-1: USB disconnect, device number 5
[  669.620302][   T95] microtek usb (rev 0.4.3): error -19 submitting URB
[  669.659343][T21644] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  669.665916][T21644] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  669.673668][   T95] microtek usb (rev 0.4.3): error -19 submitting URB
[  669.712045][T21644] vhci_hcd vhci_hcd.0: Device attached
[  669.905220][ T5966] vhci_hcd: vhci_device speed not set
[  669.908913][T21655] netlink: 'syz.2.6870': attribute type 15 has an invalid length.
[  669.938112][T21655] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6870'.
[  669.971117][ T5966] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  670.047860][ T5961] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[  670.232944][ T5961] usb 5-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  670.278173][ T5961] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  670.351590][ T5961] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  670.392778][ T5961] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  670.422723][ T5961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.457517][T21649] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  670.693773][ T5961] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  670.704039][ T5961] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input61
[  670.708677][T21646] vhci_hcd: connection reset by peer
[  670.710443][T20452] vhci_hcd: stop threads
[  670.710474][T20452] vhci_hcd: release socket
[  670.710646][T20452] vhci_hcd: disconnect device
[  670.865258][ T5961] usb 5-1: USB disconnect, device number 124
[  670.865403][    C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  671.824869][T21711] binder: Bad value for 'stats'
[  672.284697][T21715] loop2: detected capacity change from 0 to 8192
[  672.354265][T21715] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  672.413526][T21723] comedi comedi3: comedi_config --init_data is deprecated
[  672.424355][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.448873][T21715] FAT-fs (loop2): Filesystem has been set read-only
[  672.481745][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.514642][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.532730][T21695] loop3: detected capacity change from 0 to 40427
[  672.542740][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.556882][T21695] F2FS-fs (loop3): invalid crc value
[  672.582044][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.637438][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.676146][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.729866][T21706] loop4: detected capacity change from 0 to 32768
[  672.739141][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.800829][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.804724][T21706] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.6889 (21706)
[  672.839019][T21715] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  672.900577][T21706] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  672.926613][   T30] audit: type=1800 audit(1758826029.727:127): pid=21715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6892" name="file2" dev="loop2" ino=1048651 res=0 errno=0
[  672.958450][T21706] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  673.045083][T21695] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  673.083215][T21695] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  673.268588][T21706] BTRFS info (device loop4): enabling ssd optimizations
[  673.307395][T21706] BTRFS info (device loop4): enabling free space tree
[  673.445954][T21706] BTRFS error (device loop4): balance: invalid convert data profile raid1c4
[  673.575835][ T5873] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  673.621320][T21769] loop0: detected capacity change from 0 to 128
[  673.649946][T21769] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  673.690869][T21769] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  674.563317][T21788] loop2: detected capacity change from 0 to 4096
[  674.706619][T21788] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  674.928236][T21805] loop0: detected capacity change from 0 to 1764
[  675.139401][T21813] netlink: 'syz.2.6923': attribute type 1 has an invalid length.
[  675.147331][T21813] netlink: 'syz.2.6923': attribute type 3 has an invalid length.
[  675.172966][T21813] netlink: 224 bytes leftover after parsing attributes in process `syz.2.6923'.
[  675.445183][T21820] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.6929'.
[  675.568906][ T5966] vhci_hcd: vhci_device speed not set
[  676.695520][T21823] loop0: detected capacity change from 0 to 32768
[  676.727983][T21836] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  676.738709][T21823] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.6926 (21823)
[  676.781658][T21815] syz.3.6925 (21815): drop_caches: 2
[  676.809604][T21823] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  676.839075][T21823] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  677.003673][T21852] loop1: detected capacity change from 0 to 256
[  677.035183][T21852] exfat: Deprecated parameter 'namecase'
[  677.065673][T21823] BTRFS info (device loop0): enabling ssd optimizations
[  677.120235][T21852] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x2b52634e, utbl_chksum : 0xe619d30d)
[  677.142408][T21823] BTRFS info (device loop0): enabling free space tree
[  677.511695][ T5874] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  677.572463][T21876] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  677.579767][T21876] IPv6: NLM_F_CREATE should be set when creating new route
[  678.354746][T21899] netlink: 'syz.0.6957': attribute type 11 has an invalid length.
[  678.394942][T21899] netlink: 140 bytes leftover after parsing attributes in process `syz.0.6957'.
[  678.516302][T21901] loop1: detected capacity change from 0 to 1764
[  678.535548][T21839] loop4: detected capacity change from 0 to 32768
[  678.601834][T21901] iso9660: Corrupted directory entry in block 2 of inode 1920
[  678.661352][T21839] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  678.768254][T21910] loop0: detected capacity change from 0 to 2048
[  678.792763][T21839] XFS (loop4): Ending clean mount
[  678.845829][T21839] XFS (loop4): Quotacheck needed: Please wait.
[  678.865054][T21910] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  678.942389][T21910] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  678.994748][T21839] XFS (loop4): Quotacheck: Done.
[  679.205778][ T5873] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  679.299772][T21924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6966'.
[  680.167444][T21962] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6985'.
[  680.241328][ T5966] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  680.316612][T21969] loop4: detected capacity change from 0 to 16
[  680.332636][T21966] loop3: detected capacity change from 0 to 2048
[  680.348825][T21971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6989'.
[  680.348947][T21969] erofs (device loop4): mounted with root inode @ nid 36.
[  680.400601][T21966] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  680.432377][ T5966] usb 1-1: Using ep0 maxpacket: 16
[  680.450057][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  680.514268][ T5966] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  680.535754][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.543811][ T5966] usb 1-1: Product: syz
[  680.569131][ T5966] usb 1-1: Manufacturer: syz
[  680.574041][T21975] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6991'.
[  680.593008][ T5966] usb 1-1: SerialNumber: syz
[  680.616064][ T5966] usb 1-1: config 0 descriptor??
[  680.645807][ T5966] hub 1-1:0.0: bad descriptor, ignoring hub
[  680.674844][ T5966] hub 1-1:0.0: probe with driver hub failed with error -5
[  680.725312][ T5966] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input62
[  680.852733][T21986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6997'.
[  681.451136][T22007] program syz.4.7007 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  682.292055][ T5966] usb 1-1: USB disconnect, device number 9
[  682.458975][T22054] loop2: detected capacity change from 0 to 16
[  682.509796][T22054] erofs (device loop2): mounted with root inode @ nid 36.
[  682.533538][T22060] netlink: 'syz.0.7032': attribute type 1 has an invalid length.
[  682.558156][T22054] syz.2.7030: attempt to access beyond end of device
[  682.558156][T22054] loop2: rw=524288, sector=128, nr_sectors = 1 limit=16
[  682.574505][T22060] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7032'.
[  682.592066][ T5892] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[  682.619813][T22054] syz.2.7030: attempt to access beyond end of device
[  682.619813][T22054] loop2: rw=524288, sector=0, nr_sectors = 1024 limit=16
[  682.684213][T22054] syz.2.7030: attempt to access beyond end of device
[  682.684213][T22054] loop2: rw=0, sector=128, nr_sectors = 1 limit=16
[  682.702708][T22054] syz.2.7030: attempt to access beyond end of device
[  682.702708][T22054] loop2: rw=0, sector=0, nr_sectors = 1024 limit=16
[  682.719356][T22054] erofs (device loop2): read error -5 @ 0 of nid 89
[  682.787636][   T30] audit: type=1800 audit(1758826038.819:128): pid=22054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7030" name="file2" dev="loop2" ino=89 res=0 errno=0
[  682.841261][ T5892] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  682.850361][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  682.871504][ T5892] usb 5-1: Product: syz
[  682.898184][ T5892] usb 5-1: Manufacturer: syz
[  682.902916][ T5892] usb 5-1: SerialNumber: syz
[  682.937270][ T5892] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  683.011674][  T938] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  683.272566][T22080] 8021q: adding VLAN 0 to HW filter on device bond2
[  683.322242][T22085] netlink: 'syz.2.7044': attribute type 1 has an invalid length.
[  683.331444][T22085] netlink: 216 bytes leftover after parsing attributes in process `syz.2.7044'.
[  683.553939][ T5892] usb 5-1: USB disconnect, device number 125
[  683.635352][T22095] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7049'.
[  683.659397][T22095] netlink: 43 bytes leftover after parsing attributes in process `syz.3.7049'.
[  683.700017][T22095] netlink: 'syz.3.7049': attribute type 5 has an invalid length.
[  683.712949][T22097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7050'.
[  683.732559][T22095] netlink: 43 bytes leftover after parsing attributes in process `syz.3.7049'.
[  684.111465][T22115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7058'.
[  684.217568][  T938] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  684.230468][  T938] ath9k_htc: Failed to initialize the device
[  684.251390][ T5892] usb 5-1: ath9k_htc: USB layer deinitialized
[  684.270889][T22117] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  684.505882][T22130] loop2: detected capacity change from 0 to 128
[  684.617252][T22130] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  684.674746][T22130] ext4 filesystem being mounted at /1345/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  684.849547][ T5884] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  685.049950][T22155] netlink: 'syz.2.7072': attribute type 12 has an invalid length.
[  685.072030][T22157] netlink: 'syz.0.7074': attribute type 2 has an invalid length.
[  685.103676][T22157] netlink: 119 bytes leftover after parsing attributes in process `syz.0.7074'.
[  685.468622][T22171] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  685.475976][T22171] IPv6: NLM_F_CREATE should be set when creating new route
[  685.483301][T22171] IPv6: NLM_F_CREATE should be set when creating new route
[  685.989187][T22192] loop0: detected capacity change from 0 to 64
[  686.236678][T22201] loop2: detected capacity change from 0 to 128
[  686.288197][T22201] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  686.323574][T22134] loop1: detected capacity change from 0 to 40427
[  686.349410][T22201] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  686.355371][T22134] F2FS-fs (loop1): Invalid log_blocksize (64), supports only 12
[  686.417997][T22134] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  686.477588][T22134] F2FS-fs (loop1): invalid crc value
[  686.837057][T22223] loop0: detected capacity change from 0 to 2048
[  686.877659][T22134] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  686.917698][T22223] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  686.939547][T22134] F2FS-fs (loop1): Start checkpoint disabled!
[  687.001534][T22134] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  687.020505][   T30] audit: type=1800 audit(1758826042.732:129): pid=22223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7099" name="file1" dev="loop0" ino=1367 res=0 errno=0
[  687.065813][T22134] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  687.131520][T22134] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  687.638030][T22249] macvtap0: entered allmulticast mode
[  687.662915][T22249] veth0_macvtap: entered allmulticast mode
[  688.059794][T22220] loop2: detected capacity change from 0 to 32768
[  688.076733][T22265] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7115'.
[  688.098571][T22220] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.7097 (22220)
[  688.144867][T22220] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  688.192552][T22220] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  688.368422][T22220] BTRFS info (device loop2): enabling ssd optimizations
[  688.377990][T22220] BTRFS info (device loop2): enabling free space tree
[  688.618594][ T5884] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  688.981230][ T5961] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[  689.017730][   T30] audit: type=1326 audit(1758826044.588:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22311 comm="syz.0.7127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  689.119658][   T30] audit: type=1326 audit(1758826044.606:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22311 comm="syz.0.7127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  689.136506][T22317] (unnamed net_device) (uninitialized): up delay (4) is not a multiple of miimon (7), value rounded to 0 ms
[  689.215966][   T30] audit: type=1326 audit(1758826044.652:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22311 comm="syz.0.7127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  689.227994][ T5961] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  689.304531][ T5961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  689.340340][   T30] audit: type=1326 audit(1758826044.652:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22311 comm="syz.0.7127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  689.385158][   T30] audit: type=1326 audit(1758826044.652:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22311 comm="syz.0.7127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  689.396923][ T5961] usb 5-1: config 0 descriptor??
[  689.436195][T22317] bond3: entered allmulticast mode
[  689.498028][ T5961] cp210x 5-1:0.0: cp210x converter detected
[  689.758606][   T30] audit: type=1326 audit(1758826045.261:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22333 comm="syz.2.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f2b8eec9 code=0x7ffc0000
[  689.868222][   T30] audit: type=1326 audit(1758826045.261:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22333 comm="syz.2.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f2b8eec9 code=0x7ffc0000
[  689.977328][ T5961] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -71
[  689.997130][   T30] audit: type=1326 audit(1758826045.261:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22333 comm="syz.2.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7ff8f2b8eec9 code=0x7ffc0000
[  690.024392][ T5961] cp210x 5-1:0.0: failed to get vendor val 0x370c size 73: -71
[  690.040436][ T5961] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  690.066098][   T30] audit: type=1326 audit(1758826045.261:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22333 comm="syz.2.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f2b8eec9 code=0x7ffc0000
[  690.119331][ T5961] usb 5-1: cp210x converter now attached to ttyUSB0
[  690.147785][ T5961] usb 5-1: USB disconnect, device number 126
[  690.184506][   T30] audit: type=1326 audit(1758826045.261:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22333 comm="syz.2.7135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f2b8eec9 code=0x7ffc0000
[  690.220125][ T5961] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  690.264851][ T5961] cp210x 5-1:0.0: device disconnected
[  690.766006][T22374] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7150'.
[  691.181927][T22380] loop4: detected capacity change from 0 to 4096
[  691.260400][T22394] IPv6: Can't replace route, no match found
[  691.289107][T22380] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  691.300959][T22397] loop1: detected capacity change from 0 to 256
[  691.320666][T22380] ntfs3(loop4): Failed to load $Extend (-22).
[  691.330801][T22380] ntfs3(loop4): Failed to initialize $Extend.
[  691.452882][T22380] ntfs3(loop4): ino=21, The size of extended attributes must not exceed 64KiB
[  692.347769][T22441] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  692.384268][T22441] overlayfs: missing 'lowerdir'
[  692.629870][T22450] wg1 speed is unknown, defaulting to 1000
[  692.648070][T22450] wg1 speed is unknown, defaulting to 1000
[  692.659272][T22454] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7191'.
[  692.682105][T22454] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7191'.
[  692.691068][   T10] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[  692.709127][T22450] wg1 speed is unknown, defaulting to 1000
[  692.754109][T22450] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  692.829133][T22450] wg1 speed is unknown, defaulting to 1000
[  692.847459][T22450] wg1 speed is unknown, defaulting to 1000
[  692.852163][   T10] usb 5-1: Using ep0 maxpacket: 16
[  692.864726][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  692.865416][T22450] wg1 speed is unknown, defaulting to 1000
[  692.888952][   T10] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  692.894206][T22450] wg1 speed is unknown, defaulting to 1000
[  692.906934][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  692.915729][T22450] wg1 speed is unknown, defaulting to 1000
[  692.917494][   T10] usb 5-1: Product: syz
[  692.948918][   T10] usb 5-1: Manufacturer: syz
[  692.970787][   T10] usb 5-1: SerialNumber: syz
[  692.976538][ T5961] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  693.003514][   T10] usb 5-1: config 0 descriptor??
[  693.009550][   T10] hub 5-1:0.0: bad descriptor, ignoring hub
[  693.009583][   T10] hub 5-1:0.0: probe with driver hub failed with error -5
[  693.013810][   T10] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input63
[  693.157322][ T5961] usb 2-1: Using ep0 maxpacket: 16
[  693.159573][ T5961] usb 2-1: config 4 has an invalid interface number: 51 but max is 0
[  693.159603][ T5961] usb 2-1: config 4 has no interface number 0
[  693.159648][ T5961] usb 2-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  693.159674][ T5961] usb 2-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  693.159699][ T5961] usb 2-1: config 4 interface 51 has no altsetting 0
[  693.171875][ T5961] usb 2-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  693.171939][ T5961] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  693.171961][ T5961] usb 2-1: Product: syz
[  693.171976][ T5961] usb 2-1: Manufacturer: syz
[  693.171991][ T5961] usb 2-1: SerialNumber: syz
[  693.192521][T22456] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  693.306232][T22456] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  693.463135][T22472] loop3: detected capacity change from 0 to 64
[  693.615675][T22456] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  693.642669][T22456] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  693.714886][ T5961] cdc_eem 2-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.1-1, CDC EEM Device, 9e:a2:9e:dd:4a:6a
[  693.783347][T22482] loop3: detected capacity change from 0 to 512
[  693.820267][T22482] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  693.863125][T22482] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7204: invalid indirect mapped block 4294967295 (level 1)
[  693.866409][T22486] loop2: detected capacity change from 0 to 256
[  693.902334][T22482] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.7204: invalid indirect mapped block 4294967295 (level 1)
[  693.934486][T22482] EXT4-fs (loop3): 2 truncates cleaned up
[  693.951034][ T8454] usb 2-1: USB disconnect, device number 3
[  693.970800][ T8454] cdc_eem 2-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.1-1, CDC EEM Device
[  693.973651][T22482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.272942][ T5881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.817576][T22558] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7233'.
[  695.950858][T22512] loop4: detected capacity change from 0 to 32768
[  696.043272][T22512] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  696.117531][T22581] netlink: 'syz.1.7240': attribute type 10 has an invalid length.
[  696.179853][ T8454] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  696.199404][T22581] netlink: 55 bytes leftover after parsing attributes in process `syz.1.7240'.
[  696.229708][T22512] XFS (loop4): Ending clean mount
[  696.378851][T22591] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7243'.
[  696.389965][T22589] netlink: 'syz.3.7242': attribute type 8 has an invalid length.
[  696.413956][ T8454] usb 1-1: Using ep0 maxpacket: 8
[  696.431433][ T8454] usb 1-1: config 11 has an invalid interface number: 95 but max is 0
[  696.452863][ T8454] usb 1-1: config 11 has no interface number 0
[  696.483512][ T8454] usb 1-1: config 11 interface 95 altsetting 64 endpoint 0x82 has an invalid bInterval 147, changing to 7
[  696.520108][ T8454] usb 1-1: config 11 interface 95 altsetting 64 endpoint 0x82 has invalid maxpacket 1293, setting to 1024
[  696.554220][ T5873] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  696.568538][ T8454] usb 1-1: config 11 interface 95 has no altsetting 0
[  696.586183][ T8454] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d
[  696.602500][ T8454] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  696.610731][ T8454] usb 1-1: Product: syz
[  696.618653][ T8454] usb 1-1: Manufacturer: syz
[  696.624219][ T8454] usb 1-1: SerialNumber: syz
[  696.868203][ T8454] usbtouchscreen 1-1:11.95: probe with driver usbtouchscreen failed with error -22
[  696.980763][ T8454] usb 1-1: USB disconnect, device number 10
[  697.062547][T22608] netlink: 76 bytes leftover after parsing attributes in process `syz.1.7250'.
[  697.123277][ T5892] usb 5-1: USB disconnect, device number 127
[  697.183748][T22606] loop3: detected capacity change from 0 to 4096
[  697.239502][T22606] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  697.346667][T22606] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  697.388552][T22606] ntfs3(loop3): ino=19, mi_enum_attr
[  697.484336][T22606] ntfs3(loop3): failed to convert "c46c" to cp860
[  697.532539][T22606] ntfs3(loop3): ino=20, mi_enum_attr
[  698.068541][T22641] loop3: detected capacity change from 0 to 512
[  698.089576][T22641] EXT4-fs: Ignoring removed bh option
[  698.110720][T22641] EXT4-fs: Ignoring removed mblk_io_submit option
[  698.119923][T22641] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  698.129905][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  698.141936][T22641] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  698.152185][T22641] EXT4-fs (loop3): orphan cleanup on readonly fs
[  698.160111][T22641] Quota error (device loop3): do_insert_tree: Free block already used in tree: block 4
[  698.170292][T22641] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota
[  698.182004][T22641] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.7264: Failed to acquire dquot type 1
[  698.200061][T22641] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.7264: Invalid block bitmap block 0 in block_group 0
[  698.222762][T22641] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.7264: Invalid block bitmap block 0 in block_group 0
[  698.237835][T22617] loop1: detected capacity change from 0 to 32768
[  698.254170][T22617] (syz.1.7252,22617,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  698.302892][   T10] usb 5-1: Using ep0 maxpacket: 8
[  698.310289][T22641] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.7264: Invalid block bitmap block 0 in block_group 0
[  698.336389][   T10] usb 5-1: config index 0 descriptor too short (expected 63, got 34)
[  698.344575][   T10] usb 5-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  698.364821][T22617] (syz.1.7252,22617,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  698.405102][T22641] Quota error (device loop3): write_blk: dquota write failed
[  698.413696][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.435422][T22641] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  698.448893][   T10] usb 5-1: config 0 descriptor??
[  698.462992][T22617] JBD2: Ignoring recovery information on journal
[  698.496781][T22641] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.7264: Failed to acquire dquot type 1
[  698.524737][T22641] Quota error (device loop3): write_blk: dquota write failed
[  698.544628][T22617] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  698.547884][T22641] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  698.583520][T22641] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.7264: Failed to acquire dquot type 1
[  698.608133][T22641] EXT4-fs (loop3): 1 orphan inode deleted
[  698.630298][T22641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  698.656111][T22658] vivid-000: =================  START STATUS  =================
[  698.666947][T22658] vivid-000: Radio HW Seek Mode: Bounded
[  698.685577][   T10] usb 5-1: string descriptor 0 read error: -71
[  698.701187][T22658] vivid-000: Radio Programmable HW Seek: false
[  698.708486][   T10] uvcvideo 5-1:0.0: Found UVC 0.00 device <unnamed> (2833:0201)
[  698.715586][T22658] vivid-000: RDS Rx I/O Mode: Block I/O
[  698.719669][   T10] uvcvideo 5-1:0.0: No valid video chain found.
[  698.728447][T22641] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  698.736995][T22658] vivid-000: Generate RBDS Instead of RDS: false
[  698.739531][   T10] usb 5-1: USB disconnect, device number 2
[  698.756177][T22658] vivid-000: RDS Reception: true
[  698.773012][T22658] vivid-000: RDS Program Type: 0 inactive
[  698.782133][T22658] vivid-000: RDS PS Name:  inactive
[  698.787605][T22658] vivid-000: RDS Radio Text:  inactive
[  698.807333][T22658] vivid-000: RDS Traffic Announcement: false inactive
[  698.815330][T22658] vivid-000: RDS Traffic Program: false inactive
[  698.822039][T22658] vivid-000: RDS Music: false inactive
[  698.823575][ T5882] ocfs2: Unmounting device (7,1) on (node local)
[  698.827709][T22658] vivid-000: ==================  END STATUS  ==================
[  698.873831][ T5881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.276211][T22671] netlink: 'syz.0.7277': attribute type 2 has an invalid length.
[  699.839609][T22696] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7289'.
[  699.972849][T22698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7290'.
[  700.685824][T22676] loop1: detected capacity change from 0 to 32768
[  700.876678][T22676] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  700.966842][T22730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7303'.
[  701.017515][T22730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7303'.
[  701.066003][T22730] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  701.259434][ T5882] ocfs2: Unmounting device (7,1) on (node local)
[  703.093794][T22802] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  703.133903][ T5892] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  703.345383][ T5892] usb 1-1: unable to get BOS descriptor or descriptor too short
[  703.363812][ T5892] usb 1-1: config 3 has an invalid interface number: 8 but max is 3
[  703.396101][ T5892] usb 1-1: config 3 has an invalid descriptor of length 70, skipping remainder of the config
[  703.439244][ T5892] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 4
[  703.479840][ T5892] usb 1-1: config 3 has no interface number 0
[  703.504580][ T5892] usb 1-1: config 3 interface 8 altsetting 6 endpoint 0x82 has an invalid bInterval 248, changing to 11
[  703.550324][ T5892] usb 1-1: config 3 interface 8 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  703.599689][ T5892] usb 1-1: config 3 interface 8 has no altsetting 0
[  703.628258][ T5892] usb 1-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=c2.be
[  703.653901][ T5892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.673178][T22825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7347'.
[  703.683901][ T5892] usb 1-1: Product: syz
[  703.707910][ T5892] usb 1-1: Manufacturer: syz
[  703.718787][ T5892] usb 1-1: SerialNumber: syz
[  703.769036][T22830] Sensor B: =================  START STATUS  =================
[  703.798629][T22830] Sensor B: Test Pattern: 75% Colorbar
[  703.825234][T22830] Sensor B: Show Information: All
[  703.892827][T22830] Sensor B: Vertical Flip: false
[  703.914122][T22830] Sensor B: Horizontal Flip: false
[  703.929744][T22830] Sensor B: Brightness: 128
[  703.941855][T22830] Sensor B: Contrast: 128
[  703.950443][T22830] Sensor B: Hue: 0
[  703.968064][T22830] Sensor B: Saturation: 128
[  703.977457][T22830] Sensor B: ==================  END STATUS  ==================
[  704.021074][ T5892] appledisplay 1-1:3.8: Error while getting initial brightness: -71
[  704.085842][ T5892] appledisplay 1-1:3.8: probe with driver appledisplay failed with error -71
[  704.118832][ T5892] usbhid 1-1:3.8: can't add hid device: -22
[  704.146198][ T5892] usbhid 1-1:3.8: probe with driver usbhid failed with error -22
[  704.204247][ T5892] usb 1-1: USB disconnect, device number 11
[  704.739334][ T5966] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  704.917356][T22875] loop2: detected capacity change from 0 to 128
[  704.918404][T22874] netlink: 36 bytes leftover after parsing attributes in process `syz.3.7368'.
[  704.946243][ T5966] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  704.984845][ T5966] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  705.029316][ T5966] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  705.040504][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.048698][ T5966] usb 5-1: Product: syz
[  705.079742][ T5966] usb 5-1: Manufacturer: syz
[  705.101799][ T5966] usb 5-1: SerialNumber: syz
[  705.135092][ T5966] usb 5-1: config 0 descriptor??
[  705.163445][T22857] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  705.181568][T22857] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  705.303686][T22889] loop2: detected capacity change from 0 to 8
[  705.372605][T22889] SQUASHFS error: Failed to read block 0x63a: -5
[  705.398188][T22889] SQUASHFS error: Unable to read metadata cache entry [638]
[  705.426834][T22889] SQUASHFS error: Unable to read directory block [26067d:ffff]
[  705.451546][T22857] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  705.483949][T22857] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  705.734769][ T5966] Error reading MAC address
[  705.776458][ T5966] usb 5-1: USB disconnect, device number 3
[  705.797374][T22911] loop0: detected capacity change from 0 to 256
[  705.832728][T22911] exfat: Deprecated parameter 'utf8'
[  705.839066][T22911] exfat: Deprecated parameter 'namecase'
[  705.864004][T22911] exfat: Deprecated parameter 'namecase'
[  705.896922][T22911] exfat: Deprecated parameter 'utf8'
[  705.956132][T22913] netlink: 'syz.2.7385': attribute type 1 has an invalid length.
[  705.978074][T22913] netlink: 232 bytes leftover after parsing attributes in process `syz.2.7385'.
[  705.989911][T22911] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x0fac38ce, utbl_chksum : 0xe619d30d)
[  706.051627][T22911] exFAT-fs (loop0): start_clu is invalid cluster(0x400)
[  706.207288][T22918] loop2: detected capacity change from 0 to 1764
[  706.248476][T22918] ISOFS: Logical zone size(0) < hardware blocksize(1024)
[  706.301960][T22923] loop3: detected capacity change from 0 to 256
[  706.350840][T22923] vfat: Deprecated parameter 'posix'
[  706.369168][T22923] FAT-fs: "posix" option is obsolete, not supported now
[  706.627463][T22933] netlink: 'syz.4.7395': attribute type 10 has an invalid length.
[  706.668246][T22933] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  706.697967][T22933] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  706.746329][T22937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7398'.
[  706.822846][T22908] loop1: detected capacity change from 0 to 32768
[  706.956872][T22908] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  707.200857][T22964] netlink: 'syz.3.7406': attribute type 3 has an invalid length.
[  707.327567][T22908] XFS (loop1): Ending clean mount
[  707.349301][T22908] XFS (loop1): Quotacheck needed: Please wait.
[  707.434181][T22908] XFS (loop1): Quotacheck: Done.
[  707.682287][ T5882] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  708.172451][T22994] loop4: detected capacity change from 0 to 256
[  708.172914][T22991] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  708.205392][T22994] exfat: Deprecated parameter 'utf8'
[  708.261348][T22994] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  708.270008][T22966] loop0: detected capacity change from 0 to 32768
[  708.393903][T22998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7423'.
[  708.449713][T22998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7423'.
[  708.815192][T23011] loop3: detected capacity change from 0 to 1024
[  709.011651][ T1164] hfsplus: b-tree write err: -5, ino 4
[  709.476528][ T5961] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  709.690164][ T5961] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  709.715508][ T5961] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.753178][ T5961] usb 5-1: Product: syz
[  709.768962][ T5961] usb 5-1: Manufacturer: syz
[  709.773663][ T5961] usb 5-1: SerialNumber: syz
[  709.844419][ T5961] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  709.868108][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  710.119408][T23065] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  710.329655][T23075] netlink: 'syz.0.7462': attribute type 2 has an invalid length.
[  710.358622][T23075] netlink: 187320 bytes leftover after parsing attributes in process `syz.0.7462'.
[  710.385353][T23077] bridge4: entered promiscuous mode
[  710.488958][ T5892] usb 5-1: USB disconnect, device number 4
[  710.703752][T23090] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  710.792257][T23093] siw: device registration error -23
[  711.010218][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  711.037428][   T10] ath9k_htc: Failed to initialize the device
[  711.055409][ T5892] usb 5-1: ath9k_htc: USB layer deinitialized
[  711.102636][T23107] netlink: 248 bytes leftover after parsing attributes in process `syz.3.7477'.
[  711.561294][T23128] loop3: detected capacity change from 0 to 256
[  711.598949][T23128] FAT-fs (loop3): Directory bread(block 1285) failed
[  711.649580][T23128] FAT-fs (loop3): Directory bread(block 1285) failed
[  711.668786][T23128] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  712.060113][T23150] netlink: 'syz.2.7496': attribute type 1 has an invalid length.
[  712.092007][T23150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7496'.
[  712.387159][T23164] netlink: 'syz.2.7499': attribute type 8 has an invalid length.
[  712.429295][T23166] CIFS: VFS: Malformed UNC in devname
[  713.469747][ T8454] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  713.668427][ T8454] usb 1-1: unable to get BOS descriptor or descriptor too short
[  713.708226][ T8454] usb 1-1: not running at top speed; connect to a high speed hub
[  713.764234][ T8454] usb 1-1: config 7 has an invalid interface number: 44 but max is 0
[  713.772388][ T8454] usb 1-1: config 7 has no interface number 0
[  713.800478][ T8454] usb 1-1: config 7 interface 44 altsetting 14 endpoint 0x6 has invalid maxpacket 96, setting to 64
[  713.846439][ T8454] usb 1-1: config 7 interface 44 has no altsetting 0
[  713.877898][ T8454] usb 1-1: New USB device found, idVendor=798d, idProduct=9787, bcdDevice=fc.51
[  713.895349][ T8454] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.930064][ T8454] usb 1-1: Product: syz
[  713.934292][ T8454] usb 1-1: Manufacturer: syz
[  713.971919][ T8454] usb 1-1: SerialNumber: syz
[  714.010230][T23194] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  714.279529][ T8454] usb-storage 1-1:7.44: USB Mass Storage device detected
[  714.361715][T23187] loop2: detected capacity change from 0 to 32768
[  714.442886][ T8454] usb 1-1: USB disconnect, device number 12
[  714.618198][ T5966] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  714.843690][ T5966] usb 4-1: config 0 has an invalid interface number: 135 but max is 0
[  714.865143][ T5966] usb 4-1: config 0 has no interface number 0
[  714.916062][ T5966] usb 4-1: config 0 interface 135 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 32
[  714.948551][ T5966] usb 4-1: config 0 interface 135 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  715.014580][ T5966] usb 4-1: New USB device found, idVendor=05ac, idProduct=1402, bcdDevice=45.65
[  715.046648][ T5966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.081120][ T5966] usb 4-1: Product: syz
[  715.094665][ T5966] usb 4-1: Manufacturer: syz
[  715.099413][ T5966] usb 4-1: SerialNumber: syz
[  715.185469][ T5966] usb 4-1: config 0 descriptor??
[  715.213342][T23236] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  715.235052][T23236] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  715.528678][T23236] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  715.550282][T23236] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  715.687090][T23283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7548'.
[  715.720316][T23283] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7548'.
[  715.774608][T23283] tc_dump_action: action bad kind
[  715.796551][ T5966] asix 4-1:0.135 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  715.832588][ T5966] asix 4-1:0.135: probe with driver asix failed with error -71
[  715.861293][ T5966] usb 4-1: USB disconnect, device number 6
[  716.286083][   T30] audit: type=1326 audit(1758826069.749:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23309 comm="syz.1.7562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  716.369359][T23314] netlink: 'syz.2.7564': attribute type 1 has an invalid length.
[  716.382648][   T30] audit: type=1326 audit(1758826069.749:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23309 comm="syz.1.7562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  716.415586][T23314] netlink: 'syz.2.7564': attribute type 2 has an invalid length.
[  716.481693][   T30] audit: type=1326 audit(1758826069.776:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23309 comm="syz.1.7562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  716.516064][   T30] audit: type=1326 audit(1758826069.776:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23309 comm="syz.1.7562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  716.656933][   T30] audit: type=1326 audit(1758826069.776:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23309 comm="syz.1.7562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  716.813146][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  717.300931][T23350] bond0: (slave erspan0): Opening slave failed
[  717.882394][T23378] netlink: 'syz.2.7596': attribute type 10 has an invalid length.
[  717.931351][T23378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  717.960127][T23378] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  718.158638][T23392] loop0: detected capacity change from 0 to 256
[  718.178832][T23396] netlink: 'syz.2.7604': attribute type 3 has an invalid length.
[  718.241867][T23392] FAT-fs (loop0): Directory bread(block 64) failed
[  718.263435][T23392] FAT-fs (loop0): Directory bread(block 65) failed
[  718.291058][T23392] FAT-fs (loop0): Directory bread(block 66) failed
[  718.311793][T23392] FAT-fs (loop0): Directory bread(block 67) failed
[  718.341568][T23392] FAT-fs (loop0): Directory bread(block 68) failed
[  718.352853][T23389] loop3: detected capacity change from 0 to 4096
[  718.355819][T23392] FAT-fs (loop0): Directory bread(block 69) failed
[  718.398920][T23389] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  718.399236][T23392] FAT-fs (loop0): Directory bread(block 70) failed
[  718.439126][T23392] FAT-fs (loop0): Directory bread(block 71) failed
[  718.452479][T23392] FAT-fs (loop0): Directory bread(block 72) failed
[  718.471089][T23392] FAT-fs (loop0): Directory bread(block 73) failed
[  718.475181][T23389] ntfs3(loop3): ino=3, mi_enum_attr
[  719.390072][T23437] loop1: detected capacity change from 0 to 64
[  719.592007][T23445] netlink: 736 bytes leftover after parsing attributes in process `syz.0.7628'.
[  720.166432][T23427] loop3: detected capacity change from 0 to 32768
[  720.252110][T23427] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  720.395939][T23427] XFS (loop3): Ending clean mount
[  720.478593][T23427] XFS (loop3): Quotacheck needed: Please wait.
[  720.603874][T23427] XFS (loop3): Quotacheck: Done.
[  720.777800][ T5881] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  720.876665][T23494] loop4: detected capacity change from 0 to 1024
[  720.900104][T23500] loop0: detected capacity change from 0 to 256
[  720.943529][T23494] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  720.962132][T23500] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  721.048166][T23494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  721.119881][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.149514][T23485] loop1: detected capacity change from 0 to 40427
[  721.158554][T23500] FAT-fs (loop0): Filesystem has been set read-only
[  721.165912][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.177653][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.195074][T23485] F2FS-fs (loop1): invalid crc value
[  721.204781][T23494] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.7648: missing EA_INODE flag
[  721.206907][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.272760][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.282794][T23494] EXT4-fs (loop4): Remounting filesystem read-only
[  721.314981][ T5936] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  721.341488][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.368755][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.389711][T23500] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  721.410185][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.431736][   T30] audit: type=1800 audit(1758826074.493:145): pid=23500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7652" name="file1" dev="loop0" ino=1048658 res=0 errno=0
[  721.529417][ T5936] usb 3-1: Using ep0 maxpacket: 8
[  721.550415][T23485] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  721.551278][ T5936] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  721.611889][ T5936] usb 3-1: config 0 has no interface number 0
[  721.618326][T23485] F2FS-fs (loop1): Start checkpoint disabled!
[  721.637147][ T5936] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  721.660482][T23485] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  721.675336][ T5936] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  721.707992][ T5936] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  721.721751][T23485] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  721.726248][ T5936] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  721.759980][ T5936] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  721.813029][ T5936] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  721.842242][ T5936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.898393][T23520] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7658'.
[  721.910103][ T5936] usb 3-1: config 0 descriptor??
[  721.934982][ T5936] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  721.979163][   T30] audit: type=1326 audit(1758826075.010:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23521 comm="syz.0.7659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  722.038613][   T30] audit: type=1326 audit(1758826075.028:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23521 comm="syz.0.7659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  722.088354][   T30] audit: type=1326 audit(1758826075.037:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23521 comm="syz.0.7659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  722.121308][   T30] audit: type=1326 audit(1758826075.037:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23521 comm="syz.0.7659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  722.165519][T23505] ldusb 3-1:0.55: Couldn't submit interrupt_in_urb -90
[  722.178129][   T30] audit: type=1326 audit(1758826075.037:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23521 comm="syz.0.7659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  722.182306][  T938] usb 3-1: USB disconnect, device number 9
[  722.250686][  T938] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  722.344170][T23532] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7665'.
[  722.974469][T23558] netlink: 'syz.4.7678': attribute type 25 has an invalid length.
[  723.294010][T23574] dlm: plock device version mismatch: kernel (1.2.0), user (1.33554432.0)
[  724.157571][   T30] audit: type=1326 audit(1758826077.013:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23609 comm="syz.0.7703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  724.242217][T23612] loop3: detected capacity change from 0 to 512
[  724.248670][   T30] audit: type=1326 audit(1758826077.013:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23609 comm="syz.0.7703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  724.297929][T23612] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  724.335610][T23612] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  724.343998][   T30] audit: type=1326 audit(1758826077.049:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23609 comm="syz.0.7703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  724.394988][T23616] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7706'.
[  724.406641][T23612] EXT4-fs (loop3): orphan cleanup on readonly fs
[  724.450193][T23612] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.7704: bad orphan inode 267
[  724.465058][T23616] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7706'.
[  724.496505][T23616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7706'.
[  724.506592][   T30] audit: type=1326 audit(1758826077.049:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23609 comm="syz.0.7703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  724.542644][T23612] EXT4-fs (loop3): Remounting filesystem read-only
[  724.556996][T23612] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  724.580413][   T30] audit: type=1326 audit(1758826077.049:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23609 comm="syz.0.7703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  724.619819][T23612] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.7704: dx entry: limit 0 != root limit 125
[  724.633198][T23620] loop2: detected capacity change from 0 to 764
[  724.658127][T23590] loop4: detected capacity change from 0 to 32768
[  724.672362][T23612] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.7704: Corrupt directory, running e2fsck is recommended
[  724.704276][T23620] rock: directory entry would overflow storage
[  724.786181][T23620] rock: sig=0x4654, size=5, remaining=4
[  724.826012][ T5881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  724.991629][T23606] loop1: detected capacity change from 0 to 32768
[  725.864255][T23656] sctp: [Deprecated]: syz.3.7724 (pid 23656) Use of int in maxseg socket option.
[  725.864255][T23656] Use struct sctp_assoc_value instead
[  726.075781][T23665] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  726.320392][T23675] netlink: 196 bytes leftover after parsing attributes in process `syz.0.7734'.
[  726.586023][T23687] loop4: detected capacity change from 0 to 256
[  726.727468][T23687] FAT-fs (loop4): Directory bread(block 64) failed
[  726.734312][T23687] FAT-fs (loop4): Directory bread(block 65) failed
[  726.741120][T23687] FAT-fs (loop4): Directory bread(block 66) failed
[  726.772385][T23687] FAT-fs (loop4): Directory bread(block 67) failed
[  726.783269][T23687] FAT-fs (loop4): Directory bread(block 68) failed
[  726.798414][T23687] FAT-fs (loop4): Directory bread(block 69) failed
[  726.816211][T23687] FAT-fs (loop4): Directory bread(block 70) failed
[  726.849838][T23687] FAT-fs (loop4): Directory bread(block 71) failed
[  726.886959][T23687] FAT-fs (loop4): Directory bread(block 72) failed
[  726.928661][T23687] FAT-fs (loop4): Directory bread(block 73) failed
[  727.069620][T23707] netlink: 'syz.1.7748': attribute type 2 has an invalid length.
[  727.093899][T23707] netlink: 'syz.1.7748': attribute type 2 has an invalid length.
[  727.332647][T23715] loop1: detected capacity change from 0 to 2048
[  727.374059][T23715] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=26504, location=26504
[  727.420164][T23715] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  727.742822][T23736] netlink: 'syz.2.7763': attribute type 10 has an invalid length.
[  727.782874][T23736] macvlan0: entered allmulticast mode
[  727.823188][T23736] veth1_vlan: entered allmulticast mode
[  727.841288][T23736] team0: Port device macvlan0 added
[  728.196098][T23750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7768'.
[  728.442089][T23759] loop3: detected capacity change from 0 to 1024
[  728.534299][T23723] loop4: detected capacity change from 0 to 32768
[  728.574947][T23759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  728.625736][T23723] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  728.725579][T23759] EXT4-fs warning (device loop3): ext4_empty_dir:3099: inode #11: comm syz.3.7771: directory missing '..'
[  728.896328][ T5881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.903768][T23780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7775'.
[  728.941082][T23723] XFS (loop4): Ending clean mount
[  729.018204][T23723] XFS (loop4): Quotacheck needed: Please wait.
[  729.035135][T23783] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7777'.
[  729.112541][T23785] netlink: 'syz.3.7776': attribute type 10 has an invalid length.
[  729.126745][T23723] XFS (loop4): Quotacheck: Done.
[  729.254820][T23785] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  729.375796][ T5873] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  729.701960][T23747] loop0: detected capacity change from 0 to 40427
[  729.738856][T23747] F2FS-fs: heap/no_heap options were deprecated
[  729.808096][T23747] F2FS-fs (loop0): build fault injection rate: 19
[  729.814581][T23747] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  729.907066][T23810] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  729.939247][T23747] F2FS-fs (loop0): invalid crc value
[  730.007858][T23747] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  730.349540][T23747] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  730.351949][T23827] loop3: detected capacity change from 0 to 64
[  730.399245][T23747] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  730.458634][T23747] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  730.742446][ T5874] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_grab_meta_folio+0x6a/0x1d0
[  731.006447][T23853] netlink: 'syz.3.7808': attribute type 21 has an invalid length.
[  731.029815][T23853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7808'.
[  731.227669][T23861] ceph: No source
[  731.423890][T23863] loop2: detected capacity change from 0 to 1024
[  731.616711][T20460] hfsplus: b-tree write err: -5, ino 4
[  731.787541][T23843] loop1: detected capacity change from 0 to 32768
[  731.802153][T23876] ieee802154 phy1 wpan1: encryption failed: -22
[  731.820857][T23843] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.7801 (23843)
[  731.893992][T23843] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  731.930476][T23843] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  732.181949][T23843] BTRFS info (device loop1): rebuilding free space tree
[  732.230624][T23843] BTRFS info (device loop1): checking UUID tree
[  732.273106][T23843] BTRFS info (device loop1): enabling ssd optimizations
[  732.300620][T23908] netlink: 'syz.4.7825': attribute type 5 has an invalid length.
[  732.312774][T23843] BTRFS info (device loop1): turning on async discard
[  732.332803][T23843] BTRFS info (device loop1): enabling free space tree
[  732.364446][T23843] BTRFS info (device loop1): force clearing of disk cache
[  732.382733][T23843] BTRFS info (device loop1): force zstd compression, level 3
[  732.516394][T23843] cgroup: Bad value for 'name'
[  732.659331][ T5882] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  732.805082][T23928] loop0: detected capacity change from 0 to 16
[  732.843109][T23928] erofs (device loop0): mounted with root inode @ nid 36.
[  733.004178][  T938] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  733.102862][T23937] netlink: 'syz.0.7838': attribute type 10 has an invalid length.
[  733.113011][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  733.157655][T23937] macvlan0: entered promiscuous mode
[  733.163874][T23939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7839'.
[  733.183030][T23939] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  733.205551][T23939] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  733.252940][  T938] usb 5-1: Using ep0 maxpacket: 8
[  733.280882][  T938] usb 5-1: unable to get BOS descriptor or descriptor too short
[  733.299569][  T938] usb 5-1: config 4 interface 0 has no altsetting 0
[  733.309468][   T10] usb 4-1: config 0 has an invalid interface number: 75 but max is 0
[  733.321226][  T938] usb 5-1: string descriptor 0 read error: -22
[  733.327711][  T938] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  733.337645][   T10] usb 4-1: config 0 has no interface number 0
[  733.360556][T23943] loop0: detected capacity change from 0 to 128
[  733.369841][   T10] usb 4-1: New USB device found, idVendor=1bcf, idProduct=0b40, bcdDevice=cd.d2
[  733.376764][  T938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.406884][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.431199][   T10] usb 4-1: config 0 descriptor??
[  733.435931][  T938] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  733.509782][  T938] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  733.570961][  T938] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  733.634737][  T938] usb 5-1: media controller created
[  733.683805][   T10] usb 4-1: string descriptor 0 read error: -71
[  733.706763][   T10] uvcvideo 4-1:0.75: Found UVC 0.00 device <unnamed> (1bcf:0b40)
[  733.774465][  T938] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  733.785995][   T10] uvcvideo 4-1:0.75: Forcing UVC version to 1.0a
[  733.792405][   T10] uvcvideo 4-1:0.75: No valid video chain found.
[  733.842820][   T10] usb 4-1: USB disconnect, device number 7
[  734.222680][   T10] usb 5-1: USB disconnect, device number 5
[  734.373540][T23964] loop1: detected capacity change from 0 to 256
[  734.484055][T23964] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  734.816852][T23980] netlink: 'syz.1.7859': attribute type 2 has an invalid length.
[  734.852789][T23980] netlink: 'syz.1.7859': attribute type 1 has an invalid length.
[  735.463316][T24005] ip6tnl2: entered promiscuous mode
[  735.474021][T24005] ip6tnl2: entered allmulticast mode
[  735.713471][T24016] loop2: detected capacity change from 0 to 136
[  735.815164][T24016] Attempt to read inode for relocated directory
[  735.941254][T24016] syz.2.7876: attempt to access beyond end of device
[  735.941254][T24016] loop2: rw=524288, sector=335544428, nr_sectors = 4 limit=136
[  736.016324][T24016] syz.2.7876: attempt to access beyond end of device
[  736.016324][T24016] loop2: rw=0, sector=335544428, nr_sectors = 4 limit=136
[  736.084379][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  736.084399][   T30] audit: type=1800 audit(1758826088.024:160): pid=24016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7876" name="file1" dev="loop2" ino=1487 res=0 errno=0
[  736.276387][T24037] Option '    ' to dns_resolver key: bad/missing value
[  736.558448][T24046] netlink: 100 bytes leftover after parsing attributes in process `syz.3.7892'.
[  736.603298][T24046] netlink: 100 bytes leftover after parsing attributes in process `syz.3.7892'.
[  737.018084][T24060] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7899'.
[  737.072150][T24060] netlink: 164 bytes leftover after parsing attributes in process `syz.3.7899'.
[  737.286926][T24071] tmpfs: Bad value for 'mpol'
[  737.501224][T24080] loop3: detected capacity change from 0 to 64
[  737.509080][T24034] loop4: detected capacity change from 0 to 40427
[  737.556416][T24034] F2FS-fs: heap/no_heap options were deprecated
[  737.564005][T24034] F2FS-fs (loop4): build fault injection rate: 19
[  737.591851][T24034] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  737.649761][T24034] F2FS-fs (loop4): invalid crc value
[  737.714774][T24034] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  738.004303][T24034] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  738.038912][T24096] netlink: 'syz.3.7916': attribute type 10 has an invalid length.
[  738.069572][T24096] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7916'.
[  738.087192][T24034] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  738.108158][T24034] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  738.254636][T24034] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  738.441654][ T5873] syz-executor: attempt to access beyond end of device
[  738.441654][ T5873] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  738.475384][ T5873] CPU: 1 UID: 0 PID: 5873 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  738.475414][ T5873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  738.475427][ T5873] Call Trace:
[  738.475436][ T5873]  <TASK>
[  738.475446][ T5873]  dump_stack_lvl+0x189/0x250
[  738.475479][ T5873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  738.475502][ T5873]  ? __pfx_queue_work_on+0x10/0x10
[  738.475520][ T5873]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  738.475552][ T5873]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  738.475605][ T5873]  f2fs_handle_critical_error+0x37c/0x540
[  738.475645][ T5873]  f2fs_write_end_io+0x886/0xb60
[  738.475689][ T5873]  __submit_merged_bio+0x27a/0x6a0
[  738.475735][ T5873]  __submit_merged_write_cond+0x255/0x530
[  738.475774][ T5873]  f2fs_write_data_pages+0x261d/0x3000
[  738.475843][ T5873]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  738.475917][ T5873]  ? __mod_zone_page_state+0xd7/0x140
[  738.475950][ T5873]  ? folios_put_refs+0x58b/0x670
[  738.475993][ T5873]  ? __lock_acquire+0xab9/0xd20
[  738.476032][ T5873]  ? do_raw_spin_lock+0x121/0x290
[  738.476069][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  738.476091][ T5873]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  738.476114][ T5873]  do_writepages+0x32e/0x550
[  738.476159][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  738.476187][ T5873]  filemap_fdatawrite+0x199/0x240
[  738.476207][ T5873]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  738.476284][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  738.476312][ T5873]  f2fs_sync_dirty_inodes+0x31f/0x830
[  738.476354][ T5873]  f2fs_write_checkpoint+0x93e/0x2440
[  738.476376][ T5873]  ? __lock_acquire+0xab9/0xd20
[  738.476437][ T5873]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  738.476526][ T5873]  kill_f2fs_super+0x2cc/0x6d0
[  738.476556][ T5873]  ? __pfx_kill_f2fs_super+0x10/0x10
[  738.476607][ T5873]  ? shrinker_free+0x2ce/0x3e0
[  738.476638][ T5873]  deactivate_locked_super+0xbc/0x130
[  738.476670][ T5873]  cleanup_mnt+0x425/0x4c0
[  738.476699][ T5873]  ? lockdep_hardirqs_on+0x9c/0x150
[  738.476724][ T5873]  task_work_run+0x1d4/0x260
[  738.476760][ T5873]  ? __pfx_task_work_run+0x10/0x10
[  738.476781][ T5873]  ? __x64_sys_umount+0x122/0x160
[  738.476807][ T5873]  ? exit_to_user_mode_loop+0x40/0x130
[  738.476838][ T5873]  exit_to_user_mode_loop+0xe9/0x130
[  738.476865][ T5873]  do_syscall_64+0x2bd/0xfa0
[  738.476885][ T5873]  ? lockdep_hardirqs_on+0x9c/0x150
[  738.476905][ T5873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.476925][ T5873]  ? clear_bhb_loop+0x60/0xb0
[  738.476951][ T5873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.476970][ T5873] RIP: 0033:0x7fc8763901f7
[  738.476988][ T5873] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  738.477005][ T5873] RSP: 002b:00007ffccbcf18d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  738.477027][ T5873] RAX: 0000000000000000 RBX: 00007fc876411d7d RCX: 00007fc8763901f7
[  738.477041][ T5873] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffccbcf1990
[  738.477053][ T5873] RBP: 00007ffccbcf1990 R08: 0000000000000000 R09: 0000000000000000
[  738.477065][ T5873] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffccbcf2a20
[  738.477079][ T5873] R13: 00007fc876411d7d R14: 00000000000ac582 R15: 00007ffccbcf2a60
[  738.477116][ T5873]  </TASK>
[  738.477125][ T5873] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  739.267247][   T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  739.462200][   T10] usb 1-1: Using ep0 maxpacket: 32
[  739.493954][   T10] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  739.502192][   T10] usb 1-1: config 0 has no interface number 0
[  739.539938][   T10] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  739.569269][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.577501][   T10] usb 1-1: Product: syz
[  739.609941][   T10] usb 1-1: Manufacturer: syz
[  739.625895][   T10] usb 1-1: SerialNumber: syz
[  739.657531][   T10] usb 1-1: config 0 descriptor??
[  739.806330][T24153] ieee802154 phy1 wpan1: encryption failed: -22
[  739.898312][T24155] netlink: 'syz.1.7946': attribute type 1 has an invalid length.
[  739.960651][T24159] netlink: 52 bytes leftover after parsing attributes in process `syz.4.7947'.
[  740.112743][   T10] radio-si470x 1-1:0.35: si470x_get_report: usb_control_msg returned -71
[  740.121652][   T10] radio-si470x 1-1:0.35: probe with driver radio-si470x failed with error -5
[  740.172569][   T10] radio-raremono 1-1:0.35: this is not Thanko's Raremono.
[  740.230425][   T10] usb 1-1: USB disconnect, device number 13
[  740.697636][T24188] netlink: 'syz.4.7961': attribute type 1 has an invalid length.
[  740.725513][T24188] netlink: 224 bytes leftover after parsing attributes in process `syz.4.7961'.
[  741.216476][T24215] autofs4:pid:24215:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  741.465277][ T5961] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  741.668901][T24232] bridge0: port 1(bond0) entered blocking state
[  741.680534][ T5961] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  741.690103][T24232] bridge0: port 1(bond0) entered disabled state
[  741.697195][ T8454] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  741.705267][ T5961] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  741.705295][ T5961] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  741.705317][ T5961] usb 1-1: config 220 has no interface number 2
[  741.705627][ T5961] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  741.729084][T24232] bond0: entered allmulticast mode
[  741.779643][T24232] bond_slave_0: entered allmulticast mode
[  741.790660][T24232] bond_slave_1: entered allmulticast mode
[  741.801507][ T5961] usb 1-1: config 220 interface 0 has no altsetting 0
[  741.807867][T24232] batadv0: entered allmulticast mode
[  741.808327][ T5961] usb 1-1: config 220 interface 76 has no altsetting 0
[  741.832973][T24232] bond0: entered promiscuous mode
[  741.857143][ T5961] usb 1-1: config 220 interface 1 has no altsetting 0
[  741.882720][T24232] bond_slave_0: entered promiscuous mode
[  741.889026][ T5961] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  741.898390][ T5961] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.904871][T24232] bond_slave_1: entered promiscuous mode
[  741.909548][ T5961] usb 1-1: Product: syz
[  741.913839][ T8454] usb 5-1: Using ep0 maxpacket: 8
[  741.916240][ T5961] usb 1-1: Manufacturer: syz
[  741.916259][ T5961] usb 1-1: SerialNumber: syz
[  741.948464][ T8454] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  741.958399][T24232] batadv0: entered promiscuous mode
[  741.975093][ T8454] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  742.006944][ T8454] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  742.048540][ T8454] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  742.068994][ T8454] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.096986][ T8454] usb 5-1: Product: syz
[  742.101214][ T8454] usb 5-1: Manufacturer: syz
[  742.128037][ T8454] usb 5-1: SerialNumber: syz
[  742.157956][ T5961] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  742.165631][ T5961] uvcvideo 1-1:220.0: No valid video chain found.
[  742.196631][ T5961] usb 1-1: selecting invalid altsetting 0
[  742.243636][ T5961] usb 1-1: selecting invalid altsetting 0
[  742.266222][ T5961] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  742.270009][T24247] loop2: detected capacity change from 0 to 256
[  742.278421][T20452] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  742.291223][T20452] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  742.316705][ T5961] usb 1-1: USB disconnect, device number 14
[  742.468270][T24247] FAT-fs (loop2): Directory bread(block 64) failed
[  742.511130][T24247] FAT-fs (loop2): Directory bread(block 65) failed
[  742.554190][T24247] FAT-fs (loop2): Directory bread(block 66) failed
[  742.579384][T24247] FAT-fs (loop2): Directory bread(block 67) failed
[  742.597900][T24247] FAT-fs (loop2): Directory bread(block 68) failed
[  742.613943][ T8454] usb 5-1: 0:2 : does not exist
[  742.645970][T24247] FAT-fs (loop2): Directory bread(block 69) failed
[  742.668564][ T8454] usb 5-1: USB disconnect, device number 6
[  742.694242][T24247] FAT-fs (loop2): Directory bread(block 70) failed
[  742.697075][T24253] netlink: 'syz.3.7993': attribute type 7 has an invalid length.
[  742.709669][T24247] FAT-fs (loop2): Directory bread(block 71) failed
[  742.744792][T24247] FAT-fs (loop2): Directory bread(block 72) failed
[  742.757901][T24247] FAT-fs (loop2): Directory bread(block 73) failed
[  742.762917][ T6000] udevd[6000]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  742.812118][T24247] syz.2.7989: attempt to access beyond end of device
[  742.812118][T24247] loop2: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  742.900677][T24247] syz.2.7989: attempt to access beyond end of device
[  742.900677][T24247] loop2: rw=0, sector=1160, nr_sectors = 4 limit=256
[  742.950451][   T30] audit: type=1800 audit(1758826094.356:161): pid=24247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7989" name="memory.events" dev="loop2" ino=1048661 res=0 errno=0
[  743.185142][T24245] loop1: detected capacity change from 0 to 32768
[  743.297645][T24245] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  743.328763][T24267] delete_channel: no stack
[  743.647399][ T5936] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  743.647615][ T5882] ocfs2: Unmounting device (7,1) on (node local)
[  743.830503][ T5936] usb 3-1: config 1 has an invalid interface number: 7 but max is 0
[  743.831560][T24284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8009'.
[  743.859650][ T5936] usb 3-1: config 1 has no interface number 0
[  743.882044][ T5936] usb 3-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  743.935954][ T5961] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  743.949881][ T5936] usb 3-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  743.992778][ T5936] usb 3-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  744.033177][ T5936] usb 3-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  744.064183][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.081400][ T5936] usb 3-1: Product: syz
[  744.108396][ T5936] usb 3-1: Manufacturer: syz
[  744.124434][ T5936] usb 3-1: SerialNumber: syz
[  744.163568][ T5961] usb 5-1: config 0 has an invalid interface number: 110 but max is 0
[  744.171806][ T5961] usb 5-1: config 0 has no interface number 0
[  744.200404][T24275] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  744.212522][ T5961] usb 5-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  744.244673][ T5961] usb 5-1: config 0 interface 110 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  744.292930][ T5961] usb 5-1: config 0 interface 110 has no altsetting 0
[  744.309337][ T5961] usb 5-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55
[  744.343817][ T5961] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.368936][ T5961] usb 5-1: Product: syz
[  744.376780][ T5961] usb 5-1: Manufacturer: syz
[  744.385211][   T30] audit: type=1326 audit(1758826095.676:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24298 comm="syz.0.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  744.407831][    C1] vkms_vblank_simulate: vblank timer overrun
[  744.418934][ T5961] usb 5-1: SerialNumber: syz
[  744.434547][ T5961] usb 5-1: config 0 descriptor??
[  744.502443][T24275] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  744.504799][   T30] audit: type=1326 audit(1758826095.685:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24298 comm="syz.0.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  744.532273][    C1] vkms_vblank_simulate: vblank timer overrun
[  744.549044][   T30] audit: type=1326 audit(1758826095.713:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24298 comm="syz.0.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  744.571776][    C1] vkms_vblank_simulate: vblank timer overrun
[  744.579498][   T30] audit: type=1326 audit(1758826095.713:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24298 comm="syz.0.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  744.602535][   T30] audit: type=1326 audit(1758826095.713:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24298 comm="syz.0.8015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe70538eec9 code=0x7ffc0000
[  744.624966][    C1] vkms_vblank_simulate: vblank timer overrun
[  744.679205][ T5961] cdc_subset 5-1:0.110: probe with driver cdc_subset failed with error -22
[  744.742920][ T5936] usb 3-1: Incompatible driver and firmware versions
[  744.812806][ T5936] usb 3-1: USB disconnect, device number 10
[  744.949543][    T9] usb 5-1: USB disconnect, device number 7
[  745.033852][T24317] netlink: 'syz.0.8023': attribute type 1 has an invalid length.
[  745.050603][T24317] netlink: 228 bytes leftover after parsing attributes in process `syz.0.8023'.
[  745.082127][T24317] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8023'.
[  745.570702][T24338] loop3: detected capacity change from 0 to 16
[  745.619902][T24338] erofs (device loop3): mounted with root inode @ nid 36.
[  745.666308][T24342] netlink: 'syz.4.8035': attribute type 2 has an invalid length.
[  745.693374][T24342] netlink: 244 bytes leftover after parsing attributes in process `syz.4.8035'.
[  746.163095][T24360] netlink: 2 bytes leftover after parsing attributes in process `syz.0.8043'.
[  746.395065][ T5966] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  746.600776][ T5966] usb 5-1: Using ep0 maxpacket: 16
[  746.637043][ T5966] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.646960][ T5966] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  746.668669][ T5966] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  746.696921][ T5966] usb 5-1: Product: syz
[  746.707350][ T5966] usb 5-1: Manufacturer: syz
[  746.718995][ T5966] usb 5-1: SerialNumber: syz
[  746.749540][ T5966] usb 5-1: config 0 descriptor??
[  746.839219][T24392] loop3: detected capacity change from 0 to 16
[  746.846798][T24392] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  746.900311][T24391] loop2: detected capacity change from 0 to 736
[  747.036833][ T5966] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  747.132970][ T6000] udevd[6000]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  747.245611][    T9] usb 5-1: USB disconnect, device number 8
[  747.479298][  T938] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  747.665828][  T938] usb 2-1: config 0 has an invalid interface number: 239 but max is 0
[  747.674870][  T938] usb 2-1: config 0 has no interface number 0
[  747.681022][  T938] usb 2-1: config 0 interface 239 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  747.693144][  T938] usb 2-1: config 0 interface 239 altsetting 0 endpoint 0x82 has invalid maxpacket 511, setting to 64
[  747.718683][  T938] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  747.728270][  T938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.736799][  T938] usb 2-1: Product: syz
[  747.741962][  T938] usb 2-1: Manufacturer: syz
[  747.746595][  T938] usb 2-1: SerialNumber: syz
[  747.751344][ T5966] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  747.771552][  T938] usb 2-1: config 0 descriptor??
[  747.777604][T24402] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  747.785284][T24402] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  747.933557][ T5966] usb 3-1: Using ep0 maxpacket: 32
[  747.954768][ T5966] usb 3-1: config 0 has an invalid interface number: 225 but max is 0
[  747.974468][ T5966] usb 3-1: config 0 has no interface number 0
[  748.006953][ T5966] usb 3-1: New USB device found, idVendor=0856, idProduct=ac30, bcdDevice=7e.79
[  748.031043][ T5966] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.039142][ T5966] usb 3-1: Product: syz
[  748.040835][T24402] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  748.062131][ T5966] usb 3-1: Manufacturer: syz
[  748.078141][ T5966] usb 3-1: SerialNumber: syz
[  748.083107][T24402] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  748.102225][ T5966] usb 3-1: config 0 descriptor??
[  748.220033][T24421] loop0: detected capacity change from 0 to 32768
[  748.346232][ T5966] mos7840 3-1:0.225: required endpoints missing
[  748.367141][  T938] asix 2-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  748.432093][  T938] asix 2-1:0.239: probe with driver asix failed with error -71
[  748.465632][  T938] usb 2-1: USB disconnect, device number 4
[  748.472639][T24421] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  748.472686][T24421]   allowing incompatible features above 0.0: (unknown version)
[  748.472698][T24421]   features: 
[  748.575237][T24434] usb 3-1: USB disconnect, device number 11
[  748.652966][T24421] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  748.662299][T24421] bcachefs (loop0): initializing new filesystem
[  748.694446][T24421] bcachefs (loop0): going read-write
[  748.747950][T24421] bcachefs (loop0): marking superblocks
[  748.801802][T24421] bcachefs (loop0): initializing freespace
[  748.840927][T24421] bcachefs (loop0): done initializing freespace
[  748.858968][T24421] bcachefs (loop0): reading snapshots table
[  748.866012][T24421] bcachefs (loop0): reading snapshots done
[  748.927529][T24421] bcachefs (loop0): done starting filesystem
[  749.151231][T24468] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8087'.
[  749.341850][ T5874] bcachefs (loop0): shutting down
[  749.347030][ T5874] bcachefs (loop0): going read-only
[  749.352370][ T5874] bcachefs (loop0): finished waiting for writes to stop
[  749.413004][ T5874] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  749.434301][T24476] loop1: detected capacity change from 0 to 2048
[  749.467086][T24476] udf: Bad value for 'mode'
[  749.508556][ T5874] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  749.546603][ T5874] bcachefs (loop0): clean shutdown complete, journal seq 4
[  749.566083][ T5874] bcachefs (loop0): marking filesystem clean
[  749.686777][ T5874] bcachefs (loop0): shutdown complete
[  749.723765][T24487] netlink: 'syz.1.8097': attribute type 5 has an invalid length.
[  749.731563][T24487] netlink: 'syz.1.8097': attribute type 11 has an invalid length.
[  749.900461][T24495] netlink: 'syz.3.8101': attribute type 1 has an invalid length.
[  749.921030][T24495] netlink: 220 bytes leftover after parsing attributes in process `syz.3.8101'.
[  750.317793][T24513] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8110'.
[  750.326968][T24513] netlink: 128 bytes leftover after parsing attributes in process `syz.1.8110'.
[  750.597785][T24523] loop2: detected capacity change from 0 to 1024
[  750.648821][T24526] 
‚: renamed from bond_slave_0 (while UP)
[  751.398127][T24554] loop3: detected capacity change from 0 to 2048
[  751.490452][T24559] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8132'.
[  751.518566][T24554] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  751.555582][T24559] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8132'.
[  752.115528][T24434] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  752.145009][   T30] audit: type=1326 audit(1758826102.838:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24583 comm="syz.1.8143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  752.190056][   T30] audit: type=1326 audit(1758826102.838:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24583 comm="syz.1.8143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  752.212842][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  752.280907][   T30] audit: type=1326 audit(1758826102.866:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24583 comm="syz.1.8143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  752.350352][   T30] audit: type=1326 audit(1758826102.866:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24583 comm="syz.1.8143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  752.358439][T24434] usb 5-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  752.374282][   T30] audit: type=1326 audit(1758826102.866:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24583 comm="syz.1.8143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c6b78eec9 code=0x7ffc0000
[  752.412223][    T9] usb 3-1: Using ep0 maxpacket: 8
[  752.429695][T24434] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.443512][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  752.462591][    T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  752.463193][T24434] usb 5-1: config 0 descriptor??
[  752.485446][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  752.524213][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  752.548399][T24434] gspca_main: sunplus-2.14.0 probing 055f:c420
[  752.572436][T24592] netlink: 'syz.3.8147': attribute type 10 has an invalid length.
[  752.580795][    T9] usb 3-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  752.600806][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.628703][    T9] usb 3-1: config 0 descriptor??
[  752.652220][    T9] hso 3-1:0.0: Can't find BULK IN endpoint
[  752.657100][T24592] team0: left allmulticast mode
[  752.675268][T24592] team_slave_0: left allmulticast mode
[  752.689682][T24592] team_slave_1: left allmulticast mode
[  752.700945][T24592] team0: left promiscuous mode
[  752.719524][T24592] team_slave_0: left promiscuous mode
[  752.741885][T24592] team_slave_1: left promiscuous mode
[  752.754343][T24592] bridge0: port 3(team0) entered disabled state
[  752.781642][T24592] batman_adv: batadv0: Adding interface: team0
[  752.812062][T24592] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  752.855206][T24601] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8151'.
[  752.867724][T24601] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8151'.
[  752.880105][T24592] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  752.915173][ T5936] usb 3-1: USB disconnect, device number 12
[  752.990213][T24434] gspca_sunplus: reg_w_riv err -71
[  753.009892][T24434] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  753.047376][T24434] usb 5-1: USB disconnect, device number 9
[  753.502230][ T5936] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  753.705832][ T5936] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  753.749662][ T5936] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  753.789198][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  753.812179][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  753.831500][ T5936] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  753.867390][T24639] loop0: detected capacity change from 0 to 764
[  753.867469][ T5936] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  753.894105][T24642] loop1: detected capacity change from 0 to 256
[  753.910854][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.926825][T24642] exfat: Deprecated parameter 'namecase'
[  753.942956][ T5936] usb 4-1: Product: syz
[  753.951002][T24642] exfat: Deprecated parameter 'utf8'
[  753.966111][ T5936] usb 4-1: Manufacturer: syz
[  753.989286][T24642] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  753.990245][T24639] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  754.002065][ T5936] usb 4-1: SerialNumber: syz
[  754.031457][ T5936] usb 4-1: config 0 descriptor??
[  754.070718][ T5936] garmin_gps 4-1:0.0: Garmin GPS usb/tty converter detected
[  754.105392][ T5936] garmin_gps ttyUSB0: failed to submit interrupt urb: -90
[  754.143842][ T5936] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -90
[  754.195940][T24639] Symlink component flag not implemented
[  754.232017][T24639] Symlink component flag not implemented (7)
[  754.458529][ T5936] usb 4-1: USB disconnect, device number 8
[  754.478412][ T5936] garmin_gps 4-1:0.0: device disconnected
[  754.662134][T24666] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8182'.
[  754.826853][T24674] loop1: detected capacity change from 0 to 764
[  754.955594][    T9] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  755.141497][    T9] usb 5-1: config 0 has an invalid interface number: 147 but max is 0
[  755.150020][    T9] usb 5-1: config 0 has no interface number 0
[  755.161159][    T9] usb 5-1: config 0 interface 147 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  755.185362][    T9] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.03
[  755.197684][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  755.216428][    T9] usb 5-1: Product: syz
[  755.224746][T24434] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  755.226238][    T9] usb 5-1: Manufacturer: syz
[  755.237506][    T9] usb 5-1: SerialNumber: syz
[  755.248914][    T9] usb 5-1: config 0 descriptor??
[  755.257677][T24670] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  755.303920][    T9] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  755.412559][T24434] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  755.444314][T24695] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8196'.
[  755.460859][T24434] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  755.486509][T24434] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  755.500184][T24434] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  755.510670][T24434] usb 3-1: SerialNumber: syz
[  755.580763][    T9] usb 5-1: USB disconnect, device number 10
[  755.581152][T20460] usb 5-1: Failed to submit usb control message: -71
[  755.614862][T20460] usb 5-1: unable to send the bmi data to the device: -71
[  755.637624][T20460] usb 5-1: unable to get target info from device
[  755.644155][T20460] usb 5-1: could not get target info (-71)
[  755.661952][T20460] usb 5-1: could not probe fw (-71)
[  755.729433][T24699] loop1: detected capacity change from 0 to 1024
[  755.826105][T24434] usb 3-1: 0:2 : does not exist
[  755.879253][T24434] usb 3-1: USB disconnect, device number 13
[  755.894530][ T1164] hfsplus: b-tree write err: -5, ino 4
[  756.059747][ T6000] udevd[6000]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  756.216248][T24718] kAFS: unable to lookup cell '\/'
[  756.230430][T24719] netlink: 'syz.0.8207': attribute type 7 has an invalid length.
[  756.318342][T24723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8209'.
[  756.701054][T24741] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8218'.
[  756.763434][T24434] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  756.942239][T24434] usb 2-1: not running at top speed; connect to a high speed hub
[  756.953019][T24434] usb 2-1: config 95 has an invalid interface number: 1 but max is 0
[  756.969776][T24434] usb 2-1: config 95 has no interface number 0
[  756.987047][T24434] usb 2-1: config 95 interface 1 has no altsetting 0
[  757.016100][T24434] usb 2-1: string descriptor 0 read error: -22
[  757.016300][T24434] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  757.016327][T24434] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.335165][T24755] loop2: detected capacity change from 0 to 2048
[  757.375593][T24755] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  757.418199][T24757] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  757.440210][T24727] loop3: detected capacity change from 0 to 32768
[  757.494559][T24727] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  757.518629][ T5936] usb 2-1: USB disconnect, device number 5
[  757.594711][T24727] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  757.696772][T24727] XFS (loop3): Starting recovery (logdev: internal)
[  757.777516][T24727] XFS (loop3): Ending recovery (logdev: internal)
[  757.925612][ T5881] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  758.416742][T24786] overlayfs: missing 'lowerdir'
[  758.426711][T24785] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  758.748069][T24799] loop2: detected capacity change from 0 to 16
[  758.760557][T24800] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8243'.
[  758.779204][T24799] erofs (device loop2): mounted with root inode @ nid 36.
[  758.821004][T24799] erofs (device loop2): read error -117 @ 72 of nid 36
[  759.233385][ T5936] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  759.432302][ T5936] usb 5-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  759.472826][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.492973][ T5936] usb 5-1: config 0 descriptor??
[  759.573333][T24828] loop1: detected capacity change from 0 to 4096
[  759.593166][T24828] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  759.602996][T24838] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8261'.
[  759.727007][T24828] ntfs3(loop1): ino=1d, mi_enum_attr
[  759.754842][T24828] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  759.786132][T24828] ntfs3(loop1): ino=1d, mi_enum_attr
[  759.797063][T24314] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  759.911480][ T5882] ntfs3(loop1): ino=1d, mi_enum_attr
[  759.965886][ T5936] hackrf 5-1:0.0: usb_control_msg() failed -71 request 0f
[  759.977148][T24314] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  759.991925][ T5936] hackrf 5-1:0.0: Could not detect board
[  759.997671][ T5936] hackrf 5-1:0.0: probe with driver hackrf failed with error -71
[  760.017951][T24314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.032682][   T30] audit: type=1326 audit(1758826110.130:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24846 comm="syz.3.8267" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f100538eec9 code=0x0
[  760.068224][ T5936] usb 5-1: USB disconnect, device number 11
[  760.084916][T24314] usb 3-1: config 0 descriptor??
[  760.247787][T24856] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8271'.
[  760.257127][T24856] netlink: 216 bytes leftover after parsing attributes in process `syz.3.8271'.
[  760.543544][T24866] loop0: detected capacity change from 0 to 256
[  760.566585][T24314] ath6kl: Failed to submit usb control message: -71
[  760.577947][T24866] exfat: Deprecated parameter 'namecase'
[  760.583697][T24866] exfat: Deprecated parameter 'namecase'
[  760.589816][T24314] ath6kl: unable to send the bmi data to the device: -71
[  760.596977][T24314] ath6kl: Unable to send get target info: -71
[  760.635752][T24314] ath6kl: Failed to init ath6kl core: -71
[  760.656385][T24314] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[  760.708727][T24314] usb 3-1: USB disconnect, device number 14
[  760.740312][T24866] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  760.857490][T24870] loop4: detected capacity change from 0 to 4096
[  760.944274][T24879] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.271222][T24887] loop4: detected capacity change from 0 to 2048
[  761.351055][T24887] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  761.648334][T24903] loop1: detected capacity change from 0 to 64
[  761.935688][ T1164] ------------[ cut here ]------------
[  761.942016][ T1164] kernel BUG at fs/hfs/inode.c:444!
[  762.000483][T24909] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  762.039898][ T1164] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  762.046377][ T1164] CPU: 0 UID: 0 PID: 1164 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  762.055960][ T1164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  762.066136][ T1164] Workqueue: writeback wb_workfn (flush-7:1)
[  762.072177][ T1164] RIP: 0010:hfs_write_inode+0x7c8/0x7d0
[  762.077766][ T1164] Code: c1 80 62 d1 99 80 e1 07 80 c1 03 38 c1 0f 8c 7d fe ff ff 48 c7 c7 80 62 d1 99 e8 c3 2d 87 ff e9 6c fe ff ff e8 09 ed 21 ff 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  762.097922][ T1164] RSP: 0018:ffffc90003bbf160 EFLAGS: 00010293
[  762.104006][ T1164] RAX: ffffffff829e6947 RBX: ffff88802bf2c298 RCX: ffff8880276cbc80
[  762.112070][ T1164] RDX: 0000000000000000 RSI: ffffffff8e566900 RDI: 0000000000000000
[  762.120140][ T1164] RBP: ffffc90003bbf2f0 R08: ffff8880276cbc80 R09: 0000000000000003
[  762.128238][ T1164] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  762.136308][ T1164] R13: 1ffff92000777e30 R14: ffff88802bf2c258 R15: 0000000000000000
[  762.144290][ T1164] FS:  0000000000000000(0000) GS:ffff888125a03000(0000) knlGS:0000000000000000
[  762.153397][ T1164] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  762.159986][ T1164] CR2: 0000001b33814ff8 CR3: 000000000e138000 CR4: 00000000003526f0
[  762.167964][ T1164] Call Trace:
[  762.171250][ T1164]  <TASK>
[  762.174186][ T1164]  ? __pfx_hfs_write_inode+0x10/0x10
[  762.179505][ T1164]  __writeback_single_inode+0x6f1/0xff0
[  762.185089][ T1164]  writeback_sb_inodes+0x6c7/0x1010
[  762.190417][ T1164]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  762.196162][ T1164]  ? rcu_is_watching+0x15/0xb0
[  762.201190][ T1164]  wb_writeback+0x43b/0xaf0
[  762.205696][ T1164]  ? queue_io+0x3b1/0x590
[  762.210027][ T1164]  ? __pfx_wb_writeback+0x10/0x10
[  762.215055][ T1164]  ? _raw_spin_unlock_irq+0x23/0x50
[  762.220252][ T1164]  wb_workfn+0x409/0xef0
[  762.224507][ T1164]  ? __pfx_wb_workfn+0x10/0x10
[  762.229274][ T1164]  ? __lock_acquire+0xab9/0xd20
[  762.234229][ T1164]  ? process_scheduled_works+0x9ef/0x17b0
[  762.239954][ T1164]  ? _raw_spin_unlock_irq+0x23/0x50
[  762.245150][ T1164]  ? process_scheduled_works+0x9ef/0x17b0
[  762.250969][ T1164]  ? process_scheduled_works+0x9ef/0x17b0
[  762.256692][ T1164]  process_scheduled_works+0xae1/0x17b0
[  762.262250][ T1164]  ? __pfx_process_scheduled_works+0x10/0x10
[  762.268237][ T1164]  worker_thread+0x8a0/0xda0
[  762.272842][ T1164]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  762.279203][ T1164]  ? __kthread_parkme+0x7b/0x200
[  762.284161][ T1164]  kthread+0x711/0x8a0
[  762.288241][ T1164]  ? __pfx_worker_thread+0x10/0x10
[  762.293378][ T1164]  ? __pfx_kthread+0x10/0x10
[  762.297970][ T1164]  ? _raw_spin_unlock_irq+0x23/0x50
[  762.303171][ T1164]  ? lockdep_hardirqs_on+0x9c/0x150
[  762.308374][ T1164]  ? __pfx_kthread+0x10/0x10
[  762.312961][ T1164]  ret_from_fork+0x4bc/0x870
[  762.317557][ T1164]  ? __pfx_ret_from_fork+0x10/0x10
[  762.322686][ T1164]  ? __switch_to_asm+0x39/0x70
[  762.327475][ T1164]  ? __switch_to_asm+0x33/0x70
[  762.332252][ T1164]  ? __pfx_kthread+0x10/0x10
[  762.336858][ T1164]  ret_from_fork_asm+0x1a/0x30
[  762.341631][ T1164]  </TASK>
[  762.344645][ T1164] Modules linked in:
[  762.349340][ T1164] ---[ end trace 0000000000000000 ]---
[  762.358272][ T1164] RIP: 0010:hfs_write_inode+0x7c8/0x7d0
[  762.363954][ T1164] Code: c1 80 62 d1 99 80 e1 07 80 c1 03 38 c1 0f 8c 7d fe ff ff 48 c7 c7 80 62 d1 99 e8 c3 2d 87 ff e9 6c fe ff ff e8 09 ed 21 ff 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  762.402765][ T1164] RSP: 0018:ffffc90003bbf160 EFLAGS: 00010293
[  762.410918][ T1164] RAX: ffffffff829e6947 RBX: ffff88802bf2c298 RCX: ffff8880276cbc80
[  762.420807][ T1164] RDX: 0000000000000000 RSI: ffffffff8e566900 RDI: 0000000000000000
[  762.430371][ T1164] RBP: ffffc90003bbf2f0 R08: ffff8880276cbc80 R09: 0000000000000003
[  762.438467][ T1164] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  762.446570][ T1164] R13: 1ffff92000777e30 R14: ffff88802bf2c258 R15: 0000000000000000
[  762.454632][ T1164] FS:  0000000000000000(0000) GS:ffff888125a03000(0000) knlGS:0000000000000000
[  762.463807][ T1164] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  762.470409][ T1164] CR2: 0000001b33814ff8 CR3: 000000007dab2000 CR4: 00000000003526f0
[  762.478452][ T1164] Kernel panic - not syncing: Fatal exception
[  762.484736][ T1164] Kernel Offset: disabled
[  762.489146][ T1164] Rebooting in 86400 seconds..