last executing test programs:

3.551324227s ago: executing program 4 (id=12938):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x7c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf, 0xfff1}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x50, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x490, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}, {{0x1c, 0x1, {0x7, 0x4, 0x1, 0x9, 0x1, 0xd, 0x6, 0x3}}, {0xa, 0x2, [0x5, 0x1, 0x7]}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

2.891140641s ago: executing program 4 (id=12949):
r0 = syz_open_dev$cec(&(0x7f0000000580), 0x0, 0x0)
ioctl$CEC_G_MODE(r0, 0x80046108, &(0x7f00000005c0))

2.890955801s ago: executing program 4 (id=12950):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f0000000140)={[{}]})

2.161059709s ago: executing program 2 (id=12980):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}}}]}, 0x40}}, 0x0)

1.910345352s ago: executing program 2 (id=12986):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x8}}, 0x10)

1.842679565s ago: executing program 0 (id=12988):
syz_mount_image$cramfs(&(0x7f00000001c0), &(0x7f0000000040)='./file2\x00', 0x1, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x1, 0x15c, &(0x7f0000000380)="$eJzsz71rGnEcx/H3zzu1D1qFWigd2kKHHhXreWK3IloqFWoPWlw6lIJeaYvWolDc+gBuHfoH3NAH6CQOIWOGxGQxUQjJ33GQIZDxws+7EFwz/17Lce/78oF7+nhhkPY1Qk963c99ZzBw2ndf2o3aq7X1jWuyx4FLwAjoy+t2cL9ZgffyqYP3PcjbSXj3oeM8bPU68t2rgAFUr8oeLScIbq/IlgluC2EzfJjeCJp11u6dt2LYbulQTQXNBPw/cB+ICPDCvWNg6GYn490X81k99+D/G41RPXvnuljtt52fVs3/ChpNZ+ev/E2G7mF+ltvPT8YHi3njud2wF0XLelQ0C6ZZitt783rp2y/0Z4kv8DrYi/CR5V4sBjThhwBXwFjI8SU/Nf19YndT8Qxw9CkNYqh7WyIJTC8DK1/c1tub0X/lTDqCZiBQFEVRFEVRFEVRlAs6DQAA///0NWXd")
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x8, 0x0)

1.842375585s ago: executing program 2 (id=12989):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000010c0)=@newlink={0x40, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1006}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e23}]}}}]}, 0x40}}, 0x40080c0)

1.825336466s ago: executing program 3 (id=12990):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a00)=@updpolicy={0x254, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0xffff, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x5}, {0x0, 0x20, 0x0, 0xffffffffffffffff}, 0x2}, [@tmpl={0x184, 0x5, [{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4d2, 0x33}, 0x0, @in6=@empty, 0x34ff, 0x4, 0x3, 0xfc, 0x200, 0x3, 0x8}, {{@in6=@empty, 0x4d3, 0x3c}, 0xa, @in=@multicast2, 0x0, 0x4, 0x1, 0xf6, 0x7, 0x6, 0x6a}, {{@in=@private=0xa010102, 0x4d2, 0x2b}, 0xa, @in6=@mcast2, 0x34ff, 0x4, 0x0, 0x4, 0x0, 0x2, 0x8cc}, {{@in=@private=0xa010100, 0x4d6, 0x33}, 0x2, @in6=@rand_addr=' \x01\x00', 0x34ff, 0x4, 0x1, 0x2, 0xfffffffa, 0x3, 0xfe}, {{@in=@multicast2, 0x4d2, 0x2b}, 0x2, @in6=@loopback, 0x0, 0x0, 0x0, 0x9, 0x9, 0x9, 0x5}, {{@in=@empty, 0x4d3, 0x3c}, 0x2, @in=@local, 0x3505, 0x1, 0x0, 0x1, 0xfffffffe, 0x101, 0x9}]}, @policy_type={0xa}, @mark={0xc, 0x15, {0x35075b, 0x3}}]}, 0x254}}, 0x24000000)

1.798200348s ago: executing program 3 (id=12992):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x60}}, 0x0)

1.737498241s ago: executing program 1 (id=12993):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, &(0x7f00000001c0))

1.694040523s ago: executing program 3 (id=13003):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@bridge_delneigh={0x1c, 0x1d, 0x1, 0x70bd27, 0x25dfdbfb, {0x14, 0x0, 0x0, 0x0, 0x40, 0xcc, 0xb}}, 0x1c}}, 0x4040000)

1.689712623s ago: executing program 2 (id=12994):
syz_emit_ethernet(0x56, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c200000eaaaa"], 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a3a440000000010109023b000101010000090400001202eb0000052406000005240000000d240f010000000000001e000009058202000200000009050d"], 0x0)

1.675661044s ago: executing program 1 (id=12995):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000140)='\n', 0xfffffd60}], 0x1)

1.626283907s ago: executing program 0 (id=12996):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8949, &(0x7f0000000200)={'vlan1\x00', @random="0106002010ff"})

1.619573427s ago: executing program 1 (id=12997):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f0000000440), &(0x7f0000000540), 0x1000000}, 0x20)

365.553232ms ago: executing program 4 (id=12998):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}}}]}, 0x40}}, 0x0)

364.891612ms ago: executing program 0 (id=13009):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x3, 0x0, 0x400, 0xfffffffffffffffe, 0x9, 0x2}}, 0x200000)

364.421882ms ago: executing program 1 (id=12999):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001340)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404}], [@TCA_POLICE_RATE={0x404}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffff}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)

364.279412ms ago: executing program 3 (id=13000):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8}, @NFTA_OSF_TTL={0x5}, @NFTA_OSF_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xc8}}, 0x0)

314.011534ms ago: executing program 1 (id=13001):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xac3, &(0x7f0000000e00)="$eJzs3U2MW0cBAOCxd73ZTVPilIQuaWgTCm356abZLOEngqRKhETUVIhLpYpLlKYlIgSJIgFVJZKcuNGqChInfsSpl6ogJHpBUU9cKtFIFVJPhQMHoiAqcSiBxCj2jNee2Hn2/j07/j7p7XjejD0z3ufn5/fezARgYlWbf5eW5ishXHzjlaP/eOjvczfXHGrnqDf/TnfEaiGESoxPZ6/33lQrvP7+iyd7hZWw2Pyb4uHJq+3n3hVCOBd2h0uhHnZevPzyW4tPHD9/7MKet189eGV9Wg8AAJPl65cOLu3465/v23bttfsPh03t9en4vB7jW+Jx/+F44J+O/6uhO17pWDrNZPmm41Kd68431SNfZzm1LN90n/JnsvJrffJtCrcvf6pjXa92wzhL23E9VKoLXfFqdWGh9Zs8NH/Xz1QWzp4+8+zzJVUUWHP/fiCEsLtjOXKhOz5qy6ERqMMKl8YI1GEsl8MbV9a1Rkvpbd6gpbG17D0QQEt+vfAW5/IzC6vTfrXpwcq/+ni19/NhDWz09j9U+TMllx+U/5vz9jisnTt1a0rtSp+jLTGeX0fI71/q//nLr3R0r82vR9QGrGe/6wjjcn2hXz2nNrgeK9Wv/vl2caf6cgzT+/CVrtQHuj4/+f90XP7HQG8f5Of/LRbLaC+hK15bzWs1Wq82V+Y+CBhN+X1zjXR9NMrv68vTNxWkzxakzxWkby5Iv6sgHSbZ777/0/BSZfl8V/6bftjz4ek8290x/NCQ9cnPRw5bfn7f77BWW35+PzGMsj+ceOrUF555+nLr/v9Ke/u/Ebf39HOjHj9bl2KGdL4wP6/evve/3l1OtU++e7L63N0jf/Px9u58le3LrxM69jO31GO++3lb++Xb1Z2vnuWbi8tsVt/8+GRz9rx0/JH2q+n9ms7aW8vaMZPVI+1XtsUwrwesRNoe+93/n7bP+VCrPHv6zKnHYjxtp3+aqm26uX7fBtcbWL1B+//Mh+7+P1va62vVzv3C1uX1ldZ+4fX4et3rF9vldKzv+FJL33Pfmppr5l84+d0zz6xx22HSPf+jF7594syZU9/zYMUPvjoa1RjmQfrZMir18WDYB7vXu4iSd0zAutv749ZBwKOnv3PiuVPPnTq7/8CB/YuLB764f2lv87h+b+fRfadzJdQWWEvLX/pl1wQAAAAAAAAAAAAY1A+OHb38zpuff7fV/3+5/1/q/5/u/E39/3+S9f/P+8mnfvCpH+C2HunNPNkAqzNZvlpcPpzVd3tWzo7seR+JYXsev9j/PxWXj+ua6nNvtr7WJ5oNJ3DLeCkz2Rgk+XyBH4/hhRj+OkCJKr2H/su32x7jW1c+6NjW0/gUs8vPahgfeHykrtfNraFjSKPU/7vnuE49+mszXjaix2LZbQR6++dEjf/9r+WGl14XS/9lemPL+/nkbhONvkfpg85gA7A2yp7/M533TOHZP35t9uaSsl19vHt/mY9fCsP4yzvd8VGff3K9y8/n7dvo8stu/0bP/9me/27g/V82Y159ZeX+5xdX3u0oNuwctPy8/Wkc6O3DlX8tlp9a83AYrPzGr7Ly8wtCA/pvVv7mAcu/pf27Vlb+/2L56W175MFBy2/VuFLtrsdc1o50/S8/b5xcz9qfxva8TfnfeKFX+1c4UeONWD5MsnGZZ3ZY2XFE+6B95fP/RufWdv7fdmWz3Vp+H8bnYjztiNN9Dvl8J8PWP91fkb4HdmSvXyn4fjP/73j7UgyLPg9p/t+0PdbjV35HvPlepnitx3t7p+5rYFy9N0rX/5Ky67Hq5crmVbRjtvz6r90yNQJ1WKtltvf/tLGSNm4akW290Wis7wmtAqUWTunvf9m/E8ouv+z3v0g+/29+DJ/P/5un5/P/5un5/L95+lz8D/VLz+f/zd/PfP7fPP3e7HXz+YHnC9I/WpC+s3d6+2f7fQXP31WQ/rGC9D3t9ENdOVL6/bd9/nK+fq9/T0H6gwXpnyhI/2RB+kMF6Y90pHfOAZ3SP1Xw/Dtd6o8yqe2HSZb3z/P5h8mRrv/0+/xvL0gHxtfPXtt35OnffrPe6v8/0z4fkq7jHY7xWvz99MMYz697h474zbQ3Y/xvWfqon++ASZKPn5F/vz9ckA6Mr3Sfl883TKDKbO/VMSwat6rfcT7j5dMx/EwMPxvDR2O4EMO9MdwXw8UNqh/r48jrvz/4UmX59/7WLH3Q+8nz/kBd40SFEPYPWJ/8/MCw97Pn4/gNa7Xlr7A7GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGmqzb9LS/OVEC6+8crRp46f3ntzzaF2jnrz73RHrNZ+XgiPxXAqhr+MD66//+LJzvBGDCthMVRCpb0+PHm1XdJdIYRzYXe4FOph58XLL7+1+MTx88cu7Hn71YNX1u8dAAAAgDvf/wMAAP//Nj4Q1g==")
truncate(&(0x7f0000000080)='./file2\x00', 0x0)

313.582575ms ago: executing program 0 (id=13002):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x8, &(0x7f0000000740)=0x7fffffff, 0x4)

230.264709ms ago: executing program 3 (id=13004):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cifs\x00', 0x0, &(0x7f0000000180)='no\'\x91\x03a\x8f\xa3N\xf0[\x1dG\xb6zob,,er\xe8\xe8\xb5;%j\xb8\xbc\n\x87\xfc\x03z\xe6,,\x80@q\xac\x14\xda\xf7\x1d\b\xf4\x0f\xd0\x13\xe5\xe9J#\xb3\"\x8e\xda\x04h/\x15.\x9dW1\x15\xc8\xb1\xa8n\aNC\xba\x12\"\x86C\xd9\xd7\x88\xa1E)\xd08+\x80\xee\xb6\xe1\xf7\x00\xbf1\xae\xf0\xda<\x93\x99+`#\xa0\xf7\x8e\xa2k\xb2\x96=ed\x1f\xca\xa3\xa3\xa28\xee\xc3\n\xbc\x92,H;\xdd\x1b\xb2y\\\xe5\x12\xa9\x9a$\xef\x89\xdb\r\xc8G;<y\xadS\xbe\x92\x9e]\xa5\x84}f\x02\xc9q\xb7\xc2\x01\xaf\xbb\xa4\x94\x96su\x99n 01\xce\x94\xc1\xef \x9c\xb1\xaa\x9a\xfd\xeaAx\x84E\x8bk\xff\x98+\x97G\n\x11\xf3\x02\x19\xdb#\xa6\njh*pe\x96+F.\xa1\x91\xb6t\x93\vs\xb4\xf4\x99\xea\b|\x01#\xe3\x97\xa3L\xf6\xacK\x15L^\xde-\xee\x16\x10{\xe0\v\xf4\xc1\x0e%\xccr\xa9z\xcb\xb4v\x00\x00\x00\x00\x00\x00\x00\xa1\xf8\x05P\xdd\xf9R\xebS\v\xd9\x99\x00\x19\xa8\xc0\xa6\xe4\x02\xbf;z%\xec\x1fR\xa6\x0ftpJ`\xfe\xe2@_\x00\x00\x00\x00\x00\x00\x00\x00\x00')

198.00384ms ago: executing program 0 (id=13005):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000043c0)={0x6, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a0000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000004380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

164.461662ms ago: executing program 4 (id=13006):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, 0x1412, 0x1, 0x0, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}}, 0x0)

136.395413ms ago: executing program 3 (id=13007):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000b5b30a40450c056055b5010203010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000440)={0x34, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})

111.262325ms ago: executing program 2 (id=13008):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@loopback, 0x4e24, 0x0, 0x0, 0x0, 0xa, 0xc0}, {0x0, 0x800000000000000}, {}, 0xfffffffc, 0x2, 0x0, 0x1}}, 0xb8}}, 0x0)

90.339666ms ago: executing program 0 (id=13010):
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
syz_open_dev$mouse(&(0x7f0000000680), 0x0, 0x0)

2.26534ms ago: executing program 4 (id=13011):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0xa4, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast2}}}]}, @CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x89}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0xff}}, {0x14, 0x4, @private0}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x86}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x2000c891}, 0x4)

2.09829ms ago: executing program 2 (id=13012):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
sendto$ax25(r0, 0x0, 0x0, 0x4000000, 0x0, 0x0)

0s ago: executing program 1 (id=13022):
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
rmdir(&(0x7f0000004040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

kernel console output (not intermixed with test programs):

usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  912.420288][ T6864] usb 1-1: Using ep0 maxpacket: 8
[  912.439372][T19231] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  912.539379][ T6864] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[  912.613451][T19231] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  912.633394][T19231] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  912.654616][T19231] usb 3-1: Product: syz
[  912.663581][T19231] usb 3-1: Manufacturer: syz
[  912.668492][T19231] usb 3-1: SerialNumber: syz
[  912.674049][   T26] audit: type=1400 audit(926.181:49): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=29285 comm="syz.3.11241"
[  912.739997][ T6864] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  912.749293][T29293] netlink: 40 bytes leftover after parsing attributes in process `syz.3.11243'.
[  912.767518][ T6864] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  912.786324][ T6864] usb 1-1: Product: syz
[  912.806276][ T6864] usb 1-1: Manufacturer: syz
[  912.844093][ T6864] usb 1-1: SerialNumber: syz
[  912.864420][T29298] netlink: 'syz.4.11245': attribute type 10 has an invalid length.
[  912.883864][T29298] netlink: 40 bytes leftover after parsing attributes in process `syz.4.11245'.
[  912.911546][T29298] device virt_wifi0 entered promiscuous mode
[  912.931643][T29298] net_ratelimit: 9516 callbacks suppressed
[  912.931661][T29298] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  913.006135][T19231] usb 3-1: 0:2 : does not exist
[  913.070807][T19231] usb 3-1: USB disconnect, device number 71
[  913.098495][ T6864] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  913.133738][ T6864] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  913.183386][ T6864] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2
[  913.298408][ T6864] usb 1-1: palm_os_3_probe - error -71 getting bytes available request
[  913.312495][ T6864] visor 1-1:1.0: Handspring Visor / Palm OS converter detected
[  913.331763][ T5751] udevd[5751]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  913.364075][ T6864] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  913.406126][ T6864] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  913.466502][ T6864] usb 1-1: USB disconnect, device number 63
[  913.530838][ T6864] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  913.574346][ T6864] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  913.600785][ T6864] visor 1-1:1.0: device disconnected
[  913.739016][T29347] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11271'.
[  913.833435][T29347] netlink: 356 bytes leftover after parsing attributes in process `syz.2.11271'.
[  914.193591][T29380] loop4: detected capacity change from 0 to 256
[  914.259274][T29384] tmpfs: Bad value for 'mpol'
[  914.302362][ T4229] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  914.319394][T29380] FAT-fs (loop4): Directory bread(block 64) failed
[  914.347577][T29380] FAT-fs (loop4): Directory bread(block 65) failed
[  914.358527][T29388] loop1: detected capacity change from 0 to 164
[  914.380792][T29380] FAT-fs (loop4): Directory bread(block 66) failed
[  914.394952][T29380] FAT-fs (loop4): Directory bread(block 67) failed
[  914.402262][T29380] FAT-fs (loop4): Directory bread(block 68) failed
[  914.417745][T29388] ISOFS: unable to read i-node block
[  914.428206][T29388] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  914.492219][T29380] FAT-fs (loop4): Directory bread(block 69) failed
[  914.494631][T29388] ISOFS: unable to read i-node block
[  914.507223][T29380] FAT-fs (loop4): Directory bread(block 70) failed
[  914.513968][T29380] FAT-fs (loop4): Directory bread(block 71) failed
[  914.579670][T29380] FAT-fs (loop4): Directory bread(block 72) failed
[  914.586783][ T4229] usb 4-1: Using ep0 maxpacket: 8
[  914.646453][T29380] FAT-fs (loop4): Directory bread(block 73) failed
[  914.706680][ T4229] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  914.748044][ T4229] usb 4-1: config 0 interface 0 has no altsetting 0
[  914.824143][T29407] loop1: detected capacity change from 0 to 512
[  914.935295][T29407] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  914.972215][ T4229] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  914.994093][ T4229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  915.046248][ T4229] usb 4-1: Product: syz
[  915.074225][ T4229] usb 4-1: Manufacturer: syz
[  915.079045][ T4229] usb 4-1: SerialNumber: syz
[  915.085481][T29415] ALSA: mixer_oss: invalid OSS volume 'u'
[  915.125016][ T4229] usb 4-1: config 0 descriptor??
[  915.207166][ T4229] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[  915.410145][ T4229] snd_usb_toneport 4-1:0.0: cannot get proper max packet size
[  915.412480][T29439] netlink: 'syz.2.11314': attribute type 12 has an invalid length.
[  915.417938][ T4229] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[  915.469018][T29439] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.11314'.
[  915.485652][ T4229] snd_usb_toneport: probe of 4-1:0.0 failed with error -22
[  915.586857][T19231] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  915.731467][ T4229] usb 4-1: USB disconnect, device number 62
[  915.748713][T29453] loop4: detected capacity change from 0 to 64
[  915.897423][T29453] attempt to access beyond end of device
[  915.897423][T29453] loop4: rw=0, want=234881064, limit=64
[  915.935068][T29465] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11328'.
[  915.949470][T29453] Buffer I/O error on dev loop4, logical block 117440531, async page read
[  915.949904][T19231] usb 2-1: config 7 descriptor has 1 excess byte, ignoring
[  915.974026][T29453] attempt to access beyond end of device
[  915.974026][T29453] loop4: rw=0, want=8548515842, limit=64
[  915.992200][T19231] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 2
[  916.003367][T29453] Buffer I/O error on dev loop4, logical block 4274257920, async page read
[  916.109194][T29453] attempt to access beyond end of device
[  916.109194][T29453] loop4: rw=0, want=301989890, limit=64
[  916.137200][T29453] Buffer I/O error on dev loop4, logical block 150994944, async page read
[  916.173865][T19231] usb 2-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[  916.193127][T19231] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  916.217961][T29453] attempt to access beyond end of device
[  916.217961][T29453] loop4: rw=0, want=234881064, limit=64
[  916.232873][T19231] usb 2-1: Product: syz
[  916.237086][T19231] usb 2-1: Manufacturer: syz
[  916.260129][T19231] usb 2-1: SerialNumber: syz
[  916.277189][T29476] ieee802154 phy1 wpan1: encryption failed: -90
[  916.283314][T29453] Buffer I/O error on dev loop4, logical block 117440531, async page read
[  916.336436][   T26] audit: type=1800 audit(930.108:50): pid=29453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.11322" name="file2" dev="loop4" ino=6 res=0 errno=0
[  916.358064][T19231] rndis_wlan 2-1:7.0: skipping garbage
[  916.394736][T19231] usb 2-1: bad CDC descriptors
[  916.439217][T19231] rndis_host 2-1:7.0: skipping garbage
[  916.467597][T19231] usb 2-1: bad CDC descriptors
[  916.487806][T19231] option 2-1:7.0: GSM modem (1-port) converter detected
[  916.539265][T19231] usb 2-1: USB disconnect, device number 57
[  916.546371][T19231] option 2-1:7.0: device disconnected
[  916.606559][T29495] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11341'.
[  916.663176][T29495] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11341'.
[  916.788955][T19221] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  917.012578][T19221] usb 4-1: Using ep0 maxpacket: 32
[  917.124673][T19221] usb 4-1: config 76 has an invalid descriptor of length 0, skipping remainder of the config
[  917.292097][T19221] usb 4-1: New USB device found, idVendor=069a, idProduct=0001, bcdDevice=51.c5
[  917.292128][T19221] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  917.292149][T19221] usb 4-1: Product: syz
[  917.292164][T19221] usb 4-1: Manufacturer: syz
[  917.292178][T19221] usb 4-1: SerialNumber: syz
[  917.339779][T19221] pwc: Askey VC010 type 1 USB webcam detected.
[  917.359309][T29549] overlayfs: bad mount option "redirect_dir=on:/"
[  917.395302][ T6864] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  917.501194][T29560] device xfrm0 entered promiscuous mode
[  917.553607][T29562] openvswitch: netlink: Geneve opt len 3 is not a multiple of 4.
[  917.562880][T19221] pwc: send_video_command error -71
[  917.568551][T19221] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  917.601286][T19221] Philips webcam: probe of 4-1:76.0 failed with error -71
[  917.647539][T19221] usb 4-1: USB disconnect, device number 63
[  917.660237][T29568] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11378'.
[  917.787754][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  917.788028][ T6864] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  917.818923][ T6864] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  917.834825][ T6864] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  917.847469][ T6864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.909798][T29531] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  918.082107][T29588] loop0: detected capacity change from 0 to 4096
[  918.098562][T29594] loop2: detected capacity change from 0 to 512
[  918.263683][T29594] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  918.296527][T29588] ntfs3: loop0: ino=5, "/" directory corrupted
[  918.323323][T29588] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  918.373778][T19221] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  918.586014][T29619] xt_cgroup: path and classid specified
[  918.615989][T19221] usb 2-1: Using ep0 maxpacket: 16
[  918.783671][T19221] usb 2-1: unable to get BOS descriptor or descriptor too short
[  918.872569][T19221] usb 2-1: config 0 has no interfaces?
[  919.027254][T19221] usb 2-1: New USB device found, idVendor=17ef, idProduct=720c, bcdDevice=51.90
[  919.027286][T19221] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  919.027307][T19221] usb 2-1: Product: syz
[  919.027322][T19221] usb 2-1: Manufacturer: syz
[  919.027337][T19221] usb 2-1: SerialNumber: syz
[  919.032020][T19221] r8152-cfgselector 2-1: config 0 descriptor??
[  919.112525][ T6864] usb 5-1: USB disconnect, device number 30
[  919.131362][T29646] loop3: detected capacity change from 0 to 1764
[  919.198778][T29623] loop0: detected capacity change from 0 to 40427
[  919.224939][T29650] ipt_REJECT: ECHOREPLY no longer supported.
[  919.249206][T29623] F2FS-fs (loop0): invalid crc value
[  919.266971][T29623] F2FS-fs (loop0): Found nat_bits in checkpoint
[  919.274661][T19221] usbip-host 2-1: 2-1 is not in match_busid table... skip!
[  919.294914][T29653] netlink: 'syz.2.11418': attribute type 2 has an invalid length.
[  919.313864][T29653] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11418'.
[  919.326690][T29623] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  919.358632][T29623] F2FS-fs (loop0): switch extent_cache option is not allowed
[  919.467092][T19221] usb 2-1: USB disconnect, device number 58
[  919.761985][T18475] usb 4-1: new full-speed USB device number 64 using dummy_hcd
[  920.094766][T29693] loop1: detected capacity change from 0 to 2048
[  920.107210][T18475] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  920.129355][T18475] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  920.149218][T18475] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  920.162162][T18475] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.185653][T29693] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  920.241993][T18475] hub 4-1:4.0: USB hub found
[  920.250133][T29678] bridge0: port 3(batadv0) entered disabled state
[  920.257378][T29678] bridge0: port 2(bridge_slave_1) entered disabled state
[  920.264897][T29678] bridge0: port 1(bridge_slave_0) entered disabled state
[  920.412478][T29701] netlink: 224 bytes leftover after parsing attributes in process `syz.1.11441'.
[  920.433694][T18475] hub 4-1:4.0: 4 ports detected
[  920.439239][T18475] usb 4-1: selecting invalid altsetting 1
[  920.470609][T18475] hub 4-1:4.0: Using single TT (err -22)
[  920.518377][T18475] hub 4-1:4.0: insufficient power available to use all downstream ports
[  920.628942][T18475] hub 4-1:4.0: hub_hub_status failed (err = -71)
[  920.636113][T18475] hub 4-1:4.0: config failed, can't get hub status (err -71)
[  920.688348][T18475] usb 4-1: USB disconnect, device number 64
[  920.759851][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  920.871716][T29678] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  920.904446][T29678] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  921.116447][T29678] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  921.128520][T29678] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  921.146995][T29678] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  921.163003][T29678] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  921.353890][T29697] netlink: 1 bytes leftover after parsing attributes in process `syz.2.11439'.
[  921.479735][T29728] netlink: 48 bytes leftover after parsing attributes in process `syz.0.11453'.
[  921.561357][T29728] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11453'.
[  921.588459][T29728] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11453'.
[  921.628900][T29728] netlink: 'syz.0.11453': attribute type 8 has an invalid length.
[  921.639888][T29742] ipt_REJECT: ECHOREPLY no longer supported.
[  921.742614][T29751] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11465'.
[  922.204983][T18475] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  922.282564][T29783] binder: 29781:29783 ioctl c018620c 200000000100 returned -22
[  922.374836][T29746] bridge0: port 2(bridge_slave_1) entered disabled state
[  922.459471][T18475] usb 4-1: Using ep0 maxpacket: 32
[  922.577609][T18475] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  922.597859][T18475] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  922.735626][T18475] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  922.748915][T18475] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  922.758817][T18475] usb 4-1: Product: syz
[  922.763555][T18475] usb 4-1: Manufacturer: syz
[  922.810742][T18475] hub 4-1:4.0: USB hub found
[  922.896043][T29746] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  922.925636][T29746] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  922.959185][ T4229] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  923.015398][T18475] hub 4-1:4.0: config failed, hub has too many ports! (err -19)
[  923.187190][T29746] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  923.197399][T29746] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  923.207772][T29746] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  923.218231][T29746] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  923.219738][ T4229] usb 5-1: Using ep0 maxpacket: 32
[  923.313300][ T6864] usb 4-1: USB disconnect, device number 65
[  923.365640][ T4229] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  923.374791][ T4229] usb 5-1: config 0 has no interface number 0
[  923.382156][ T4229] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  923.397285][ T4229] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  923.480543][T29819] netlink: 'syz.2.11499': attribute type 1 has an invalid length.
[  923.567012][T29825] loop2: detected capacity change from 0 to 128
[  923.593194][ T4229] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  923.597973][T29827] loop1: detected capacity change from 0 to 128
[  923.630491][ T4229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  923.647759][ T4229] usb 5-1: Product: syz
[  923.652780][ T4229] usb 5-1: Manufacturer: syz
[  923.657531][ T4229] usb 5-1: SerialNumber: syz
[  923.673024][ T4229] usb 5-1: config 0 descriptor??
[  923.685632][T29827] affs: No valid root block on device loop1
[  923.872222][T29844] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11511'.
[  924.151876][ T4229] radio-si470x 5-1:0.35: si470x_get_report: usb_control_msg returned -71
[  924.166147][ T4229] radio-si470x: probe of 5-1:0.35 failed with error -5
[  924.245146][ T4229] radio-raremono 5-1:0.35: this is not Thanko's Raremono.
[  924.254195][T29860] loop3: detected capacity change from 0 to 512
[  924.262262][T29838] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.271294][T29838] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.296818][ T4229] usb 5-1: USB disconnect, device number 31
[  924.844393][T29880] loop3: detected capacity change from 0 to 512
[  924.926660][T29838] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  924.931417][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #3: comm syz.3.11528: corrupted inode contents
[  924.956688][T29880] EXT4-fs error (device loop3): ext4_dirty_inode:6077: inode #3: comm syz.3.11528: mark_inode_dirty error
[  924.974910][T29838] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  924.977123][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #3: comm syz.3.11528: corrupted inode contents
[  924.996365][T29880] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.11528: mark_inode_dirty error
[  925.009788][T29880] Quota error (device loop3): write_blk: dquota write failed
[  925.017859][T29880] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  925.029333][T29880] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.11528: Failed to acquire dquot type 0
[  925.043221][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.11528: corrupted inode contents
[  925.061255][T29880] EXT4-fs error (device loop3): ext4_dirty_inode:6077: inode #16: comm syz.3.11528: mark_inode_dirty error
[  925.079900][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.11528: corrupted inode contents
[  925.098095][T29880] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.11528: mark_inode_dirty error
[  925.111349][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.11528: corrupted inode contents
[  925.131088][T29880] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  925.143935][T29880] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.11528: corrupted inode contents
[  925.158507][T29880] EXT4-fs error (device loop3): ext4_truncate:4286: inode #16: comm syz.3.11528: mark_inode_dirty error
[  925.171095][T29880] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  925.177363][ T7322] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  925.183172][T29880] EXT4-fs (loop3): 1 truncate cleaned up
[  925.203454][T29880] EXT4-fs (loop3): mounted filesystem without journal. Opts: resuid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  925.375135][T29838] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  925.414066][T29838] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  925.428867][T29838] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  925.444320][T29838] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  925.569289][T29895] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (4)
[  925.578909][ T7322] usb 5-1: config 7 descriptor has 1 excess byte, ignoring
[  925.586722][ T7322] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 2
[  925.754700][T29913] loop3: detected capacity change from 0 to 64
[  925.776288][T29912] loop1: detected capacity change from 0 to 512
[  925.793128][ T7322] usb 5-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[  925.802888][ T7322] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  925.816872][ T7322] usb 5-1: Product: syz
[  925.821750][ T7322] usb 5-1: Manufacturer: syz
[  925.826791][ T7322] usb 5-1: SerialNumber: syz
[  925.851875][T29913] attempt to access beyond end of device
[  925.851875][T29913] loop3: rw=0, want=234881064, limit=64
[  925.868305][T29913] Buffer I/O error on dev loop3, logical block 117440531, async page read
[  925.881856][T29913] attempt to access beyond end of device
[  925.881856][T29913] loop3: rw=0, want=8548515842, limit=64
[  925.897368][T29913] Buffer I/O error on dev loop3, logical block 4274257920, async page read
[  925.907820][ T7322] rndis_wlan 5-1:7.0: skipping garbage
[  925.908306][T29913] attempt to access beyond end of device
[  925.908306][T29913] loop3: rw=0, want=301989890, limit=64
[  925.923784][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #3: comm syz.1.11542: corrupted inode contents
[  925.926769][T29913] Buffer I/O error on dev loop3, logical block 150994944, async page read
[  925.940643][ T7322] usb 5-1: bad CDC descriptors
[  925.949142][T29913] attempt to access beyond end of device
[  925.949142][T29913] loop3: rw=0, want=234881064, limit=64
[  925.966416][T29913] Buffer I/O error on dev loop3, logical block 117440531, async page read
[  925.976401][   T26] audit: type=1800 audit(940.451:51): pid=29913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11543" name="file2" dev="loop3" ino=6 res=0 errno=0
[  926.008750][T29912] EXT4-fs error (device loop1): ext4_dirty_inode:6077: inode #3: comm syz.1.11542: mark_inode_dirty error
[  926.022639][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #3: comm syz.1.11542: corrupted inode contents
[  926.036488][ T7322] rndis_host 5-1:7.0: skipping garbage
[  926.036811][T29912] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.11542: mark_inode_dirty error
[  926.042415][ T7322] usb 5-1: bad CDC descriptors
[  926.061830][T29912] Quota error (device loop1): write_blk: dquota write failed
[  926.079915][T29912] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  926.103906][T29920] loop0: detected capacity change from 0 to 64
[  926.110004][ T7322] option 5-1:7.0: GSM modem (1-port) converter detected
[  926.132714][T29912] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.11542: Failed to acquire dquot type 0
[  926.179115][ T7322] usb 5-1: USB disconnect, device number 32
[  926.238877][ T7322] option 5-1:7.0: device disconnected
[  926.242125][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.11542: corrupted inode contents
[  926.302373][T29912] EXT4-fs error (device loop1): ext4_dirty_inode:6077: inode #16: comm syz.1.11542: mark_inode_dirty error
[  926.320606][T29920] attempt to access beyond end of device
[  926.320606][T29920] loop0: rw=0, want=234881064, limit=64
[  926.384125][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.11542: corrupted inode contents
[  926.398827][T29920] Buffer I/O error on dev loop0, logical block 117440531, async page read
[  926.409790][T29912] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #16: comm syz.1.11542: mark_inode_dirty error
[  926.413301][T29920] attempt to access beyond end of device
[  926.413301][T29920] loop0: rw=0, want=8548515842, limit=64
[  926.442397][T29920] Buffer I/O error on dev loop0, logical block 4274257920, async page read
[  926.455767][T29920] attempt to access beyond end of device
[  926.455767][T29920] loop0: rw=0, want=301989890, limit=64
[  926.477801][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.11542: corrupted inode contents
[  926.486641][T29920] Buffer I/O error on dev loop0, logical block 150994944, async page read
[  926.517106][T29920] attempt to access beyond end of device
[  926.517106][T29920] loop0: rw=0, want=234881064, limit=64
[  926.537450][T29912] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  926.542614][T29920] Buffer I/O error on dev loop0, logical block 117440531, async page read
[  926.563836][   T26] audit: type=1800 audit(941.073:52): pid=29920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.11556" name="file2" dev="loop0" ino=6 res=0 errno=0
[  926.592359][T29912] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.11542: corrupted inode contents
[  926.636385][T29912] EXT4-fs error (device loop1): ext4_truncate:4286: inode #16: comm syz.1.11542: mark_inode_dirty error
[  926.665962][T29924] bridge0: port 1(bridge_slave_0) entered disabled state
[  926.666259][T29912] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  926.692228][T29912] EXT4-fs (loop1): 1 truncate cleaned up
[  926.700681][T29912] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  926.903191][T29944] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[  927.195120][T29959] loop1: detected capacity change from 0 to 64
[  927.234226][T29960] loop0: detected capacity change from 0 to 1764
[  927.271687][T29959] attempt to access beyond end of device
[  927.271687][T29959] loop1: rw=0, want=234881064, limit=64
[  927.330345][T29959] Buffer I/O error on dev loop1, logical block 117440531, async page read
[  927.368129][T29959] attempt to access beyond end of device
[  927.368129][T29959] loop1: rw=0, want=8548515842, limit=64
[  927.405328][T29959] Buffer I/O error on dev loop1, logical block 4274257920, async page read
[  927.457173][   T26] audit: type=1800 audit(942.028:53): pid=29959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11564" name="file2" dev="loop1" ino=6 res=0 errno=0
[  927.963458][T29989] loop2: detected capacity change from 0 to 1764
[  928.198694][T30001] loop2: detected capacity change from 0 to 64
[  928.272437][   T26] audit: type=1800 audit(942.918:54): pid=30001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.11583" name="file2" dev="loop2" ino=6 res=0 errno=0
[  928.369504][T30010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11591'.
[  928.394703][T29924] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  929.004338][T29924] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  929.014907][T29924] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  929.024509][ T6867] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  929.033428][T29924] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  929.043716][T29924] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  929.382889][T30061] netlink: 'syz.1.11615': attribute type 10 has an invalid length.
[  929.396020][ T6867] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  929.407994][ T7322] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  929.427733][T30061] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11615'.
[  929.429860][ T6867] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  929.478299][ T6867] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping
[  929.500418][T30061] device virt_wifi0 entered promiscuous mode
[  929.530649][ T6867] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  929.536085][T30061] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  929.642937][ T6867] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  929.652473][ T7322] usb 4-1: Using ep0 maxpacket: 8
[  929.667218][ T6867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  929.702210][ T6867] usb 1-1: SerialNumber: syz
[  929.741859][T30078] loop4: detected capacity change from 0 to 2048
[  929.781582][ T7322] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  929.805073][T30078] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  929.879819][T30085] tmpfs: Bad value for 'mpol'
[  929.985666][ T6867] usb 1-1: 0:2 : does not exist
[  929.996394][ T7322] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  930.015059][ T6867] usb 1-1: unit 5 not found!
[  930.021090][ T7322] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  930.050970][ T6867] usb 1-1: USB disconnect, device number 64
[  930.066238][ T7322] usb 4-1: Product: syz
[  930.070728][ T7322] usb 4-1: Manufacturer: syz
[  930.072606][T30098] loop1: detected capacity change from 0 to 1024
[  930.111408][ T7322] usb 4-1: SerialNumber: syz
[  930.113395][T30100] netlink: 'syz.2.11633': attribute type 1 has an invalid length.
[  930.135141][T30100] netlink: 'syz.2.11633': attribute type 2 has an invalid length.
[  930.151504][T30100] netlink: 'syz.2.11633': attribute type 1 has an invalid length.
[  930.212623][T30098] hfsplus: invalid length 32517 has been corrected to 255
[  930.313952][ T5751] udevd[5751]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  930.360034][ T7322] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  930.371323][ T7322] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  930.405822][ T7322] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  930.423768][T30112] loop2: detected capacity change from 0 to 2048
[  930.471614][T30117] loop0: detected capacity change from 0 to 164
[  930.488336][T30120] syz.4.11645: vmalloc error: size 9007199254740992, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  930.529257][T30112] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  930.547196][T30120] CPU: 1 PID: 30120 Comm: syz.4.11645 Not tainted syzkaller #0
[  930.555058][T30120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  930.565776][T30120] Call Trace:
[  930.569502][T30120]  <TASK>
[  930.572633][T30120]  dump_stack_lvl+0x188/0x250
[  930.577619][T30120]  ? rcu_lock_release+0x5/0x20
[  930.582737][T30120]  ? show_regs_print_info+0x20/0x20
[  930.588707][T30120]  ? load_image+0x400/0x400
[  930.593404][T30120]  warn_alloc+0x243/0x320
[  930.597983][T30120]  ? rcu_lock_release+0x20/0x20
[  930.603040][T30120]  ? zone_watermark_ok_safe+0x240/0x240
[  930.608792][T30120]  ? dvb_demux_do_ioctl+0x313/0x530
[  930.614337][T30120]  ? kfree+0xef/0x2a0
[  930.618556][T30120]  __vmalloc_node_range+0x2b1/0x8b0
[  930.624068][T30120]  ? mutex_lock_io_nested+0x60/0x60
[  930.629701][T30120]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  930.635965][T30120]  vmalloc+0x75/0x80
[  930.640018][T30120]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  930.646269][T30120]  dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  930.652090][T30120]  dvb_demux_do_ioctl+0x450/0x530
[  930.657877][T30120]  dvb_usercopy+0x191/0x2b0
[  930.662676][T30120]  ? dvb_dmxdev_buffer_read+0x4c0/0x4c0
[  930.668245][T30120]  ? dvb_generic_ioctl+0xb0/0xb0
[  930.673295][T30120]  ? dvb_demux_poll+0x210/0x210
[  930.678241][T30120]  dvb_demux_ioctl+0x25/0x30
[  930.683154][T30120]  __se_sys_ioctl+0xfa/0x170
[  930.688328][T30120]  do_syscall_64+0x4c/0xa0
[  930.693009][T30120]  ? clear_bhb_loop+0x30/0x80
[  930.697849][T30120]  ? clear_bhb_loop+0x30/0x80
[  930.702719][T30120]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  930.709285][T30120] RIP: 0033:0x7fa2b7fab819
[  930.714048][T30120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  930.734339][T30120] RSP: 002b:00007fa2b6205028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  930.743389][T30120] RAX: ffffffffffffffda RBX: 00007fa2b8224fa0 RCX: 00007fa2b7fab819
[  930.752110][T30120] RDX: 0020000000000000 RSI: 0000000000006f2d RDI: 0000000000000003
[  930.760276][T30120] RBP: 00007fa2b8041c91 R08: 0000000000000000 R09: 0000000000000000
[  930.768986][T30120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  930.777151][T30120] R13: 00007fa2b8225038 R14: 00007fa2b8224fa0 R15: 00007ffeb8ec58d8
[  930.785618][T30120]  </TASK>
[  930.816774][ T7322] usb 4-1: palm_os_3_probe - error -110 getting bytes available request
[  930.834535][ T7322] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  930.842066][T30117] iso9660: Corrupted directory entry in block 2 of inode 1920
[  930.873215][ T7322] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  930.910518][ T7322] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  930.959119][ T7322] usb 4-1: USB disconnect, device number 66
[  931.001685][ T7322] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  931.049118][ T7322] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  931.060989][ T7322] visor 4-1:1.0: device disconnected
[  931.165968][T30120] Mem-Info:
[  931.169783][T30120] active_anon:324 inactive_anon:8875 isolated_anon:0
[  931.169783][T30120]  active_file:21133 inactive_file:40467 isolated_file:0
[  931.169783][T30120]  unevictable:768 dirty:356 writeback:0
[  931.169783][T30120]  slab_reclaimable:21286 slab_unreclaimable:93426
[  931.169783][T30120]  mapped:31134 shmem:1640 pagetables:801 bounce:0
[  931.169783][T30120]  kernel_misc_reclaimable:0
[  931.169783][T30120]  free:1360066 free_pcp:9950 free_cma:0
[  931.242093][T30120] Node 0 active_anon:1264kB inactive_anon:34792kB active_file:84328kB inactive_file:161868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124536kB dirty:1424kB writeback:0kB shmem:4484kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:11480kB pagetables:3004kB all_unreclaimable? no
[  931.375541][T30120] Node 1 active_anon:32kB inactive_anon:508kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no
[  931.474840][T30120] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  931.531041][T30151] loop0: detected capacity change from 0 to 2048
[  931.572916][T30120] lowmem_reserve[]: 0 2539 2540 2540 2540
[  931.593084][T30120] Node 0 DMA32 free:1504776kB min:34784kB low:43480kB high:52176kB reserved_highatomic:0KB active_anon:1264kB inactive_anon:35692kB active_file:84328kB inactive_file:161868kB unevictable:1536kB writepending:1424kB present:3129332kB managed:2606544kB mlocked:0kB bounce:0kB free_pcp:39432kB local_pcp:18712kB free_cma:0kB
[  931.645634][T30151] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  931.772450][T30120] lowmem_reserve[]: 0 0 0 0 0
[  931.813444][T30120] Node 0 Normal free:8kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:660kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB
[  931.905114][T30120] lowmem_reserve[]: 0 0 0 0 0
[  931.913047][T30120] Node 1 Normal free:3919656kB min:55108kB low:68884kB high:82660kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:64kB local_pcp:64kB free_cma:0kB
[  931.957225][T30185] netlink: 'syz.2.11677': attribute type 2 has an invalid length.
[  931.972033][T30120] lowmem_reserve[]: 0 0 0 0 0
[  931.977488][T30120] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  932.071900][T30191] device bridge4 entered promiscuous mode
[  932.106416][T30120] Node 0 DMA32: 3159*4kB (UME) 3293*8kB (UME) 1705*16kB (UM) 592*32kB (UME) 221*64kB (UME) 188*128kB (UME) 120*256kB (UME) 79*512kB (UM) 41*1024kB (UME) 21*2048kB (UME) 299*4096kB (UM) = 1504276kB
[  932.127711][T30120] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  932.207478][T30201] loop1: detected capacity change from 0 to 256
[  932.214348][T30120] Node 1 Normal: 240*4kB (UE) 49*8kB (UME) 32*16kB (UME) 211*32kB (UE) 91*64kB (UME) 36*128kB (UME) 15*256kB (UME) 7*512kB (UE) 2*1024kB (UE) 2*2048kB (ME) 949*4096kB (M) = 3919720kB
[  932.257738][T30120] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  932.273427][T30120] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  932.312715][T30120] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  932.340433][T30201] FAT-fs (loop1): Directory bread(block 64) failed
[  932.348072][T30120] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  932.377159][T30201] FAT-fs (loop1): Directory bread(block 65) failed
[  932.400584][T30120] 63097 total pagecache pages
[  932.408514][T30201] FAT-fs (loop1): Directory bread(block 66) failed
[  932.418094][T30120] 0 pages in swap cache
[  932.426263][T30201] FAT-fs (loop1): Directory bread(block 67) failed
[  932.460204][T30120] Swap cache stats: add 38, delete 38, find 8/14
[  932.484030][T30201] FAT-fs (loop1): Directory bread(block 68) failed
[  932.501660][T30120] Free swap  = 124728kB
[  932.511514][T30201] FAT-fs (loop1): Directory bread(block 69) failed
[  932.537078][T30120] Total swap = 124996kB
[  932.550267][ T4229] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  932.552141][T30201] FAT-fs (loop1): Directory bread(block 70) failed
[  932.568661][T30120] 2097051 pages RAM
[  932.582320][T30120] 0 pages HighMem/MovableOnly
[  932.595143][T30120] 411492 pages reserved
[  932.615181][T30120] 0 pages cma reserved
[  932.629720][T30201] FAT-fs (loop1): Directory bread(block 71) failed
[  932.659625][T30201] FAT-fs (loop1): Directory bread(block 72) failed
[  932.676406][T30201] FAT-fs (loop1): Directory bread(block 73) failed
[  932.811244][ T4229] usb 4-1: Using ep0 maxpacket: 16
[  932.938689][ T4229] usb 4-1: config index 0 descriptor too short (expected 51443, got 18)
[  933.147357][ T4229] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  933.171919][ T4229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  933.212713][ T4229] usb 4-1: Product: syz
[  933.217500][ T4229] usb 4-1: Manufacturer: syz
[  933.239461][ T4229] usb 4-1: SerialNumber: syz
[  933.258230][ T4229] r8152-cfgselector 4-1: config 0 descriptor??
[  933.394807][T30280] netlink: 'syz.1.11725': attribute type 1 has an invalid length.
[  933.435438][T30280] netlink: 224 bytes leftover after parsing attributes in process `syz.1.11725'.
[  933.469745][T30280] block nbd0: not configured, cannot reconfigure
[  933.498852][T30285] loop0: detected capacity change from 0 to 1024
[  933.652560][T30300] netlink: 'syz.1.11735': attribute type 1 has an invalid length.
[  933.701860][T30300] netlink: 56 bytes leftover after parsing attributes in process `syz.1.11735'.
[  933.738342][ T4229] r8152-cfgselector 4-1: Unknown version 0x0000
[  933.752957][ T4229] r8152-cfgselector 4-1: USB disconnect, device number 67
[  933.758014][T19221] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  933.994943][T19221] usb 3-1: Using ep0 maxpacket: 32
[  934.107031][T19221] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  934.107084][T30327] device lo entered promiscuous mode
[  934.123246][T19221] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  934.153143][T30327] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  934.256064][T19221] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  934.292866][T19221] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  934.311860][T19221] usb 3-1: Product: syz
[  934.316514][T19221] usb 3-1: Manufacturer: syz
[  934.365273][T30342] loop0: detected capacity change from 0 to 2048
[  934.377033][T19221] hub 3-1:4.0: USB hub found
[  934.411490][T30347] loop4: detected capacity change from 0 to 64
[  934.480476][T30342] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  934.549330][T30342] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  934.582340][T19221] hub 3-1:4.0: config failed, hub has too many ports! (err -19)
[  934.640819][T30357] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11763'.
[  934.655809][T30357] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11763'.
[  934.936096][T18477] usb 3-1: USB disconnect, device number 72
[  935.000993][T30385] netlink: 'syz.4.11777': attribute type 30 has an invalid length.
[  935.168733][T19221] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  935.320908][T30403] loop4: detected capacity change from 0 to 512
[  935.411687][T19221] usb 4-1: Using ep0 maxpacket: 32
[  935.523726][T19221] usb 4-1: config 0 has an invalid interface number: 35 but max is 0
[  935.537592][T19221] usb 4-1: config 0 has no interface number 0
[  935.556348][T19221] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  935.612209][T19221] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  935.644178][T18475] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  935.742821][T30421] loop1: detected capacity change from 0 to 4096
[  935.784890][T19221] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  935.803032][T19221] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.811778][T19221] usb 4-1: Product: syz
[  935.836541][T19221] usb 4-1: Manufacturer: syz
[  935.858010][T19221] usb 4-1: SerialNumber: syz
[  935.868003][T18475] usb 3-1: Using ep0 maxpacket: 8
[  935.881561][T19221] usb 4-1: config 0 descriptor??
[  935.998993][T18475] usb 3-1: config 7 has an invalid interface number: 184 but max is 0
[  936.007735][T18475] usb 3-1: config 7 has no interface number 0
[  936.019244][T18475] usb 3-1: config 7 interface 184 has no altsetting 0
[  936.153376][T30445] loop4: detected capacity change from 0 to 64
[  936.155534][T30442] loop1: detected capacity change from 0 to 512
[  936.182950][T18475] usb 3-1: New USB device found, idVendor=12d1, idProduct=2f7b, bcdDevice=de.da
[  936.185968][T30445] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  936.197905][T18475] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  936.248339][T18475] usb 3-1: Product: syz
[  936.261086][T18475] usb 3-1: Manufacturer: syz
[  936.266109][T18475] usb 3-1: SerialNumber: syz
[  936.334658][T19221] radio-si470x 4-1:0.35: si470x_get_report: usb_control_msg returned -71
[  936.362889][T19221] radio-si470x: probe of 4-1:0.35 failed with error -5
[  936.406314][T30457] loop1: detected capacity change from 0 to 16
[  936.449515][T19221] radio-raremono 4-1:0.35: this is not Thanko's Raremono.
[  936.467999][T30457] erofs: (device loop1): mounted with root inode @ nid 36.
[  936.499906][T30457] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89
[  936.524503][T19221] usb 4-1: USB disconnect, device number 68
[  936.536440][T30454] loop4: detected capacity change from 0 to 4096
[  936.555195][T30457] handle_bad_sector: 6 callbacks suppressed
[  936.555229][T30457] attempt to access beyond end of device
[  936.555229][T30457] loop1: rw=524288, want=524304, limit=16
[  936.592943][ T4189] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4100]
[  936.605109][T18475] huawei_cdc_ncm 3-1:7.184: CDC Union missing and no IAD found
[  936.605144][T18475] huawei_cdc_ncm 3-1:7.184: bind() failure
[  936.633218][T30457] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4096]
[  936.653677][   T26] audit: type=1800 audit(951.898:55): pid=30457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11811" name="file2" dev="loop1" ino=89 res=0 errno=0
[  936.772597][T18475] usb 3-1: USB disconnect, device number 73
[  936.815950][T30454] ntfs3: loop4: ino=5, "/" directory corrupted
[  936.878749][T30454] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  937.062962][T30473] smb3: Bad value for 'uid'
[  937.141493][T30477] kAFS: No cell specified
[  937.394010][T30489] loop4: detected capacity change from 0 to 4096
[  937.465346][T30493] loop2: detected capacity change from 0 to 4096
[  937.510358][T30489] ntfs3: loop4: Failed to load $Extend.
[  937.573561][ T4229] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  937.598246][T30489] ntfs3: loop4: ino=5, "/" directory corrupted
[  937.622110][T30493] ntfs3: loop2: ino=5, "/" directory corrupted
[  937.629166][T30493] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  937.639796][T30501] netlink: 'syz.0.11835': attribute type 2 has an invalid length.
[  937.749578][T30504] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.11836'.
[  937.764987][T30505] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  937.787524][T30467] loop3: detected capacity change from 0 to 32768
[  937.844467][ T4229] usb 2-1: Using ep0 maxpacket: 32
[  937.889119][   T26] audit: type=1800 audit(953.229:56): pid=30467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11818" name="file1" dev="loop3" ino=7 res=0 errno=0
[  937.993701][ T4229] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  938.021413][ T4229] usb 2-1: config 0 has no interface number 0
[  938.039327][ T4229] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  938.087321][T30515] lo speed is unknown, defaulting to 1000
[  938.104828][ T4229] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  938.127629][T30520] netlink: 'syz.0.11844': attribute type 21 has an invalid length.
[  938.157688][T30514] hfsplus: invalid length 32517 has been corrected to 255
[  938.164645][T30520] IPv6: NLM_F_CREATE should be specified when creating new route
[  938.241010][T30520] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  938.248972][T30520] IPv6: NLM_F_CREATE should be set when creating new route
[  938.256491][T30520] IPv6: NLM_F_CREATE should be set when creating new route
[  938.264176][T30520] IPv6: NLM_F_CREATE should be set when creating new route
[  938.275535][ T4229] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  938.309909][ T4229] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  938.344088][ T4229] usb 2-1: Product: syz
[  938.348788][ T4229] usb 2-1: Manufacturer: syz
[  938.354211][ T4229] usb 2-1: SerialNumber: syz
[  938.405908][ T4229] usb 2-1: config 0 descriptor??
[  938.538977][T30524] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  938.649424][T30530] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  938.685930][T30530] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  938.878958][ T4229] radio-si470x 2-1:0.35: si470x_get_report: usb_control_msg returned -71
[  938.887917][ T4229] radio-si470x: probe of 2-1:0.35 failed with error -5
[  939.008854][ T4229] radio-raremono 2-1:0.35: this is not Thanko's Raremono.
[  939.054781][T30536] ntfs3: loop3: ino=5, "/" directory corrupted
[  939.073665][ T4229] usb 2-1: USB disconnect, device number 59
[  939.088345][T30536] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  939.196336][T30548] set_capacity_and_notify: 4 callbacks suppressed
[  939.196351][T30548] loop4: detected capacity change from 0 to 4096
[  939.288173][T30557] netlink: 'syz.0.11863': attribute type 29 has an invalid length.
[  939.297743][T30557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11863'.
[  939.316264][T30557] netlink: 'syz.0.11863': attribute type 29 has an invalid length.
[  939.341184][T30557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11863'.
[  939.408470][T30548] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  939.432397][T30548] ntfs3: loop4: Failed to load $Extend.
[  939.531970][T18475] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  939.547460][T30566] netlink: 'syz.0.11876': attribute type 1 has an invalid length.
[  939.606336][T30566] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.11876'.
[  939.676916][T30566] netlink: 9 bytes leftover after parsing attributes in process `syz.0.11876'.
[  939.762388][T30576] device xfrm0 entered promiscuous mode
[  939.812566][T30578] nft_compat: unsupported protocol 5
[  939.905744][T18475] usb 4-1: config 0 has an invalid interface number: 237 but max is 0
[  939.921676][T18475] usb 4-1: config 0 has no interface number 0
[  939.940975][T18475] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  939.997248][T18475] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  940.036168][T18475] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  940.172634][T30603] loop2: detected capacity change from 0 to 1024
[  940.239839][T18475] usb 4-1: New USB device found, idVendor=045e, idProduct=84bd, bcdDevice=89.be
[  940.254825][T18475] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=3
[  940.274947][T18475] usb 4-1: Product: syz
[  940.280768][T30603] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 2: comm syz.2.11885: lblock 2 mapped to illegal pblock 2 (length 1)
[  940.293138][T18475] usb 4-1: Manufacturer: syz
[  940.300243][T18475] usb 4-1: SerialNumber: syz
[  940.307536][T18475] usb 4-1: config 0 descriptor??
[  940.334315][T30603] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  940.345366][T18475] xpad 4-1:0.237: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  940.355810][T30603] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 48: comm syz.2.11885: lblock 0 mapped to illegal pblock 48 (length 1)
[  940.375585][T30603] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  940.387507][T30603] EXT4-fs error (device loop2): ext4_acquire_dquot:6236: comm syz.2.11885: Failed to acquire dquot type 0
[  940.400097][T18475] xpad: probe of 4-1:0.237 failed with error -5
[  940.419614][T30603] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  940.444543][T19221] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  940.469100][T30603] EXT4-fs error (device loop2): ext4_evict_inode:284: inode #11: comm syz.2.11885: mark_inode_dirty error
[  940.497210][T30617] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11892'.
[  940.537656][ T4229] usb 4-1: USB disconnect, device number 69
[  940.547095][T30603] EXT4-fs warning (device loop2): ext4_evict_inode:287: couldn't mark inode dirty (err -117)
[  940.587705][T30603] EXT4-fs (loop2): 1 orphan inode deleted
[  940.606103][T30603] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none.
[  940.609057][  T892] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  940.718638][  T892] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  940.735640][  T892] EXT4-fs error (device loop2): ext4_release_dquot:6272: comm kworker/u4:3: Failed to release dquot type 0
[  940.782133][  T892] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 2: comm kworker/u4:3: lblock 2 mapped to illegal pblock 2 (length 1)
[  940.799354][T19221] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  940.814484][  T892] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  940.816676][T19221] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  940.834624][  T892] EXT4-fs error (device loop2): ext4_write_dquot:6216: comm kworker/u4:3: Failed to commit dquot type 0
[  940.870843][  T892] Quota error (device loop2): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[  940.901311][T18475] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  940.920287][ T4185] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0
[  940.927184][T30624] loop0: detected capacity change from 0 to 256
[  940.956974][ T4185] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  940.977616][T30624] FAT-fs (loop0): Directory bread(block 64) failed
[  940.984343][T30624] FAT-fs (loop0): Directory bread(block 65) failed
[  940.997075][ T4185] EXT4-fs error (device loop2): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error
[  941.012130][T30624] FAT-fs (loop0): Directory bread(block 66) failed
[  941.012937][T19221] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  941.023425][T30624] FAT-fs (loop0): Directory bread(block 67) failed
[  941.050430][T19221] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.058286][    C1] vkms_vblank_simulate: vblank timer overrun
[  941.058932][T19221] usb 5-1: Product: syz
[  941.078569][T30624] FAT-fs (loop0): Directory bread(block 68) failed
[  941.085723][T30624] FAT-fs (loop0): Directory bread(block 69) failed
[  941.119841][T30624] FAT-fs (loop0): Directory bread(block 70) failed
[  941.131460][T19221] usb 5-1: Manufacturer: syz
[  941.138100][T19221] usb 5-1: SerialNumber: syz
[  941.147850][T18475] usb 2-1: Using ep0 maxpacket: 16
[  941.159299][T30624] FAT-fs (loop0): Directory bread(block 71) failed
[  941.179384][T19221] usb 5-1: config 0 descriptor??
[  941.190501][T30624] FAT-fs (loop0): Directory bread(block 72) failed
[  941.223828][T30624] FAT-fs (loop0): Directory bread(block 73) failed
[  941.234164][T19221] usb 5-1: 0:0 : invalid sync pipe. is_playback 1, ep 0a, bSynchAddress 07
[  941.265815][T18475] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  941.286658][T18475] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 254, using maximum allowed: 30
[  941.346598][T18475] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  941.376008][T18475] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  941.412120][T18475] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  941.577718][T18475] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  941.619957][T18475] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  941.636128][T18475] usb 2-1: SerialNumber: syz
[  941.652735][ T4229] usb 5-1: USB disconnect, device number 33
[  941.659731][T30642] device caif0 entered promiscuous mode
[  941.841311][T30659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11912'.
[  941.855109][T30659] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11912'.
[  941.883261][T30659] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11912'.
[  942.058725][T30672] syz.3.11919: vmalloc error: size 9007199254740992, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  942.111699][T30672] CPU: 0 PID: 30672 Comm: syz.3.11919 Not tainted syzkaller #0
[  942.119589][T30672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  942.122528][ T7322] usb 2-1: USB disconnect, device number 60
[  942.130336][T30672] Call Trace:
[  942.130407][T30672]  <TASK>
[  942.130417][T30672]  dump_stack_lvl+0x188/0x250
[  942.149375][T30672]  ? rcu_lock_release+0x5/0x20
[  942.154512][T30672]  ? show_regs_print_info+0x20/0x20
[  942.160180][T30672]  ? load_image+0x400/0x400
[  942.165155][T30672]  warn_alloc+0x243/0x320
[  942.169590][T30672]  ? rcu_lock_release+0x20/0x20
[  942.174647][T30672]  ? zone_watermark_ok_safe+0x240/0x240
[  942.180499][T30672]  ? dvb_demux_do_ioctl+0x313/0x530
[  942.186076][T30672]  ? kfree+0xef/0x2a0
[  942.190152][T30672]  __vmalloc_node_range+0x2b1/0x8b0
[  942.195612][T30672]  ? mutex_lock_io_nested+0x60/0x60
[  942.200895][T30672]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  942.207018][T30672]  vmalloc+0x75/0x80
[  942.210913][T30672]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  942.217322][T30672]  dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  942.223131][T30672]  dvb_demux_do_ioctl+0x450/0x530
[  942.228505][T30672]  dvb_usercopy+0x191/0x2b0
[  942.233264][T30672]  ? dvb_dmxdev_buffer_read+0x4c0/0x4c0
[  942.238980][T30672]  ? dvb_generic_ioctl+0xb0/0xb0
[  942.244129][T30672]  ? dvb_demux_poll+0x210/0x210
[  942.249145][T30672]  dvb_demux_ioctl+0x25/0x30
[  942.253989][T30672]  __se_sys_ioctl+0xfa/0x170
[  942.258773][T30672]  do_syscall_64+0x4c/0xa0
[  942.263356][T30672]  ? clear_bhb_loop+0x30/0x80
[  942.268743][T30672]  ? clear_bhb_loop+0x30/0x80
[  942.273865][T30672]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  942.279992][T30672] RIP: 0033:0x7f8eb10f2819
[  942.284511][T30672] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  942.305250][T30672] RSP: 002b:00007f8eaf34c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  942.313750][T30672] RAX: ffffffffffffffda RBX: 00007f8eb136bfa0 RCX: 00007f8eb10f2819
[  942.321890][T30672] RDX: 0020000000000000 RSI: 0000000000006f2d RDI: 0000000000000003
[  942.330059][T30672] RBP: 00007f8eb1188c91 R08: 0000000000000000 R09: 0000000000000000
[  942.338286][T30672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  942.346417][T30672] R13: 00007f8eb136c038 R14: 00007f8eb136bfa0 R15: 00007ffdbcfc3518
[  942.354935][T30672]  </TASK>
[  942.359638][T30672] Mem-Info:
[  942.363632][T30672] active_anon:322 inactive_anon:8800 isolated_anon:0
[  942.363632][T30672]  active_file:21146 inactive_file:40467 isolated_file:0
[  942.363632][T30672]  unevictable:768 dirty:250 writeback:0
[  942.363632][T30672]  slab_reclaimable:21370 slab_unreclaimable:93518
[  942.363632][T30672]  mapped:31157 shmem:1641 pagetables:742 bounce:0
[  942.363632][T30672]  kernel_misc_reclaimable:0
[  942.363632][T30672]  free:1363612 free_pcp:6042 free_cma:0
[  942.408266][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.506338][ T4229] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  942.568923][T30672] Node 0 active_anon:1260kB inactive_anon:34972kB active_file:84380kB inactive_file:161868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124560kB dirty:1020kB writeback:0kB shmem:4480kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:11644kB pagetables:3196kB all_unreclaimable? no
[  942.580615][T30686] loop4: detected capacity change from 0 to 128
[  942.601425][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.606879][T30672] Node 1 active_anon:32kB inactive_anon:508kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no
[  942.643779][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.651865][T30672] Node 0 DMA free:15360kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  942.680036][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.688918][T30672] lowmem_reserve[]: 0 2539 2540 2540 2540
[  942.695668][T30672] Node 0 DMA32 free:1519384kB min:34784kB low:43480kB high:52176kB reserved_highatomic:0KB active_anon:1260kB inactive_anon:35072kB active_file:84376kB inactive_file:161868kB unevictable:1536kB writepending:1020kB present:3129332kB managed:2606544kB mlocked:0kB bounce:0kB free_pcp:23844kB local_pcp:21316kB free_cma:0kB
[  942.726783][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.733708][T30672] lowmem_reserve[]: 0 0 0 0 0
[  942.739039][T30672] Node 0 Normal free:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:660kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  942.783839][T30672] lowmem_reserve[]: 0 0 0 0 0
[  942.804828][T30672] Node 1 Normal free:3919720kB min:55108kB low:68884kB high:82660kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  942.835072][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.895561][T30672] lowmem_reserve[]: 0 0 0 0 0
[  942.901190][T30672] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  942.930239][T30672] Node 0 DMA32: 2622*4kB (UME) 2566*8kB (UME) 1919*16kB (UME) 1038*32kB (UME) 270*64kB (UME) 182*128kB (UME) 112*256kB (UME) 78*512kB (UM) 40*1024kB (UME) 22*2048kB (UME) 300*4096kB (UM) = 1518936kB
[  942.985379][T30672] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  943.011091][ T4229] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  943.031614][T30672] Node 1 Normal: 240*4kB (UE) 49*8kB (UME) 32*16kB (UME) 211*32kB (UE) 91*64kB (UME) 36*128kB (UME) 15*256kB (UME) 7*512kB (UE) 2*1024kB (UE) 2*2048kB (ME) 949*4096kB (M) = 3919720kB
[  943.050264][ T4229] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 3
[  943.088877][ T4229] usb 1-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  943.110529][ T4229] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  943.130490][ T4229] usb 1-1: config 0 descriptor??
[  943.136335][T30672] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  943.183402][T30716] loop2: detected capacity change from 0 to 256
[  943.198793][T30672] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  943.212984][T30672] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  943.226437][T30672] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  943.247508][T30672] 63085 total pagecache pages
[  943.254073][T30672] 0 pages in swap cache
[  943.259369][T30672] Swap cache stats: add 38, delete 38, find 8/14
[  943.266383][T30672] Free swap  = 124728kB
[  943.276349][T30672] Total swap = 124996kB
[  943.281134][T30672] 2097051 pages RAM
[  943.304858][T30716] FAT-fs (loop2): Directory bread(block 64) failed
[  943.323927][T30672] 0 pages HighMem/MovableOnly
[  943.331983][T30716] FAT-fs (loop2): Directory bread(block 65) failed
[  943.339076][T30672] 411492 pages reserved
[  943.343460][T30672] 0 pages cma reserved
[  943.348216][T30716] FAT-fs (loop2): Directory bread(block 66) failed
[  943.367001][T30716] FAT-fs (loop2): Directory bread(block 67) failed
[  943.396194][T30716] FAT-fs (loop2): Directory bread(block 68) failed
[  943.423451][T30716] FAT-fs (loop2): Directory bread(block 69) failed
[  943.441806][T30716] FAT-fs (loop2): Directory bread(block 70) failed
[  943.465157][T30716] FAT-fs (loop2): Directory bread(block 71) failed
[  943.488217][T30716] FAT-fs (loop2): Directory bread(block 72) failed
[  943.497869][T30736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11944'.
[  943.505402][T30716] FAT-fs (loop2): Directory bread(block 73) failed
[  943.570338][T30740] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.11947'.
[  943.580706][ T4229] Bluetooth: Can't get state to change to load configuration err
[  943.592947][T30738] loop4: detected capacity change from 0 to 2048
[  943.600118][ T4229] Bluetooth: Loading sysconfig file failed
[  943.616372][ T4229] ath3k: probe of 1-1:0.0 failed with error -16
[  943.659511][ T4229] usb 1-1: USB disconnect, device number 65
[  943.672444][T30738] NILFS (loop4): invalid segment: Inconsistency found
[  943.698242][T30738] NILFS (loop4): trying rollback from an earlier position
[  943.761578][T30738] NILFS (loop4): recovery complete
[  943.796696][T30747] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  944.125514][T30774] __nla_validate_parse: 1 callbacks suppressed
[  944.125530][T30774] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.11973'.
[  944.382618][T30788] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  944.399506][    C1] vkms_vblank_simulate: vblank timer overrun
[  944.906616][T30813] loop3: detected capacity change from 0 to 8192
[  944.924905][T30824] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  944.942175][    C1] vkms_vblank_simulate: vblank timer overrun
[  945.034770][T30813] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  945.058208][T30813] REISERFS (device loop3): using ordered data mode
[  945.104177][T30813] reiserfs: using flush barriers
[  945.105487][T30791] loop2: detected capacity change from 0 to 32768
[  945.122770][T30813] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  945.142353][T30813] REISERFS (device loop3): checking transaction log (loop3)
[  945.181510][   T26] audit: type=1800 audit(961.050:57): pid=30791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.11971" name="file1" dev="loop2" ino=7 res=0 errno=0
[  945.429521][T30855] loop1: detected capacity change from 0 to 512
[  945.439616][T30813] REISERFS (device loop3): Using tea hash to sort names
[  945.485560][T30859] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12006'.
[  945.601951][T30868] loop0: detected capacity change from 0 to 24
[  945.602287][T30855] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000000,quota,,errors=continue. Quota mode: writeback.
[  945.740562][T30868] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  945.792397][T30868] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  945.857147][T30868] VFS: Lookup of 'file0' in romfs loop0 would have caused loop
[  946.384184][T30909] lo speed is unknown, defaulting to 1000
[  946.569238][T30920] loop1: detected capacity change from 0 to 4096
[  946.592282][T30925] loop4: detected capacity change from 0 to 512
[  946.701740][T30929] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  946.732944][T30925] EXT4-fs (loop4): Ignoring removed nobh option
[  946.744081][T30925] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  946.744832][T30920] NILFS error (device loop1): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[  946.788829][T30925] EXT4-fs (loop4): 1 truncate cleaned up
[  946.799453][T30925] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,nogrpid,debug_want_extra_isize=0x0000000000000068,init_itable,nobh,quota,,errors=continue. Quota mode: writeback.
[  946.959321][T30920] Remounting filesystem read-only
[  947.098524][T30939] netlink: 'syz.0.12042': attribute type 3 has an invalid length.
[  947.115891][T30941] netlink: 'syz.4.12040': attribute type 1 has an invalid length.
[  947.138722][T30939] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12042'.
[  947.187839][T30941] netlink: 'syz.4.12040': attribute type 2 has an invalid length.
[  947.212863][T30941] netlink: 'syz.4.12040': attribute type 1 has an invalid length.
[  947.330280][T30953] netlink: 'syz.3.12048': attribute type 7 has an invalid length.
[  947.379758][T30953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12048'.
[  947.473004][T30959] lo speed is unknown, defaulting to 1000
[  947.546624][T30967] loop1: detected capacity change from 0 to 64
[  947.619214][T30974] dlm: no locking on control device
[  947.630034][T30967] attempt to access beyond end of device
[  947.630034][T30967] loop1: rw=0, want=16777218, limit=64
[  947.670165][T30967] buffer_io_error: 6 callbacks suppressed
[  947.670182][T30967] Buffer I/O error on dev loop1, logical block 8388608, async page read
[  947.739666][T30967] attempt to access beyond end of device
[  947.739666][T30967] loop1: rw=0, want=16777218, limit=64
[  947.774096][T30967] Buffer I/O error on dev loop1, logical block 8388608, async page read
[  947.968353][T30991] netlink: 'syz.0.12066': attribute type 2 has an invalid length.
[  948.357523][T18477] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  948.459439][T31029] loop2: detected capacity change from 0 to 256
[  948.522545][T31025] loop4: detected capacity change from 0 to 4096
[  948.566995][T31034] lo speed is unknown, defaulting to 1000
[  948.583925][T31029] FAT-fs (loop2): Directory bread(block 64) failed
[  948.599449][T31029] FAT-fs (loop2): Directory bread(block 65) failed
[  948.600404][T18477] usb 1-1: Using ep0 maxpacket: 8
[  948.657131][T31029] FAT-fs (loop2): Directory bread(block 66) failed
[  948.663982][T31029] FAT-fs (loop2): Directory bread(block 67) failed
[  948.715269][T31029] FAT-fs (loop2): Directory bread(block 68) failed
[  948.758749][T18477] usb 1-1: config 7 has an invalid interface number: 184 but max is 0
[  948.777610][T31029] FAT-fs (loop2): Directory bread(block 69) failed
[  948.777675][T18477] usb 1-1: config 7 has no interface number 0
[  948.784635][T31029] FAT-fs (loop2): Directory bread(block 70) failed
[  948.861290][T18477] usb 1-1: config 7 interface 184 has no altsetting 0
[  948.917329][T31029] FAT-fs (loop2): Directory bread(block 71) failed
[  948.978526][T31029] FAT-fs (loop2): Directory bread(block 72) failed
[  949.029330][T18477] usb 1-1: New USB device found, idVendor=12d1, idProduct=2f7b, bcdDevice=de.da
[  949.056289][T18477] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  949.075038][T31029] FAT-fs (loop2): Directory bread(block 73) failed
[  949.092246][T18477] usb 1-1: Product: syz
[  949.112250][T18477] usb 1-1: Manufacturer: syz
[  949.116984][T18477] usb 1-1: SerialNumber: syz
[  949.477242][T18477] huawei_cdc_ncm 1-1:7.184: CDC Union missing and no IAD found
[  949.504906][T18477] huawei_cdc_ncm 1-1:7.184: bind() failure
[  949.555878][T18477] usb 1-1: USB disconnect, device number 66
[  949.888145][T31088] loop3: detected capacity change from 0 to 4096
[  950.538339][T31113] lo speed is unknown, defaulting to 1000
[  950.827330][T31147] netlink: 48 bytes leftover after parsing attributes in process `syz.4.12128'.
[  950.855761][T31129] loop2: detected capacity change from 0 to 4096
[  950.862124][T31146] loop0: detected capacity change from 0 to 2048
[  951.039222][T31157] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  951.053603][T31146] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=104, inode=18446744073709551376, rec_len=255, name_len=5
[  951.073120][T31159] netlink: 'syz.4.12132': attribute type 8 has an invalid length.
[  951.121154][T31163] netlink: 'syz.1.12133': attribute type 1 has an invalid length.
[  951.165397][T31146] Remounting filesystem read-only
[  951.482477][T31187] device lo entered promiscuous mode
[  951.487961][T31187] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  951.581715][T31184] lo speed is unknown, defaulting to 1000
[  951.665145][ T3853] device veth0_macvtap left promiscuous mode
[  951.790749][T31208] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12153'.
[  951.841899][T31202] loop3: detected capacity change from 0 to 4096
[  951.876958][T31212] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12155'.
[  951.926338][T31202] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  951.964877][ T6853] usb 3-1: new full-speed USB device number 74 using dummy_hcd
[  952.178596][T31202] ntfs3: loop3: failed to convert "c46c" to iso8859-15
[  952.346843][ T6853] usb 3-1: unable to get BOS descriptor or descriptor too short
[  952.384384][ T6853] usb 3-1: not running at top speed; connect to a high speed hub
[  952.477648][ T6853] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  952.499617][ T6853] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  952.544413][ T6853] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  952.601450][T31236] netlink: 'syz.3.12164': attribute type 29 has an invalid length.
[  952.746224][T31250] netlink: 'syz.1.12170': attribute type 30 has an invalid length.
[  952.785440][ T6853] usb 3-1: New USB device found, idVendor=0582, idProduct=1f14, bcdDevice= 0.40
[  952.804381][ T6853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  952.839178][ T6853] usb 3-1: Product: syz
[  952.865445][ T6853] usb 3-1: Manufacturer: syz
[  952.889184][ T6853] usb 3-1: SerialNumber: syz
[  953.025295][T31258] lo speed is unknown, defaulting to 1000
[  953.250782][ T6853] usb 3-1: MIDIStreaming interface descriptor not found
[  953.312978][ T6853] usb 3-1: USB disconnect, device number 74
[  953.341526][ T1108] usb 4-1: new full-speed USB device number 70 using dummy_hcd
[  953.393557][T31282] netlink: 'syz.0.12182': attribute type 1 has an invalid length.
[  953.425780][T31284] lo speed is unknown, defaulting to 1000
[  953.448322][T18899] udevd[18899]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  953.469479][T31284] lo speed is unknown, defaulting to 1000
[  953.518102][T31284] lo speed is unknown, defaulting to 1000
[  953.736586][ T1108] usb 4-1: config 8 has an invalid interface number: 80 but max is 0
[  953.760450][ T1108] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  953.803263][ T1108] usb 4-1: config 8 has no interface number 0
[  953.824325][ T1108] usb 4-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0xE7, skipping
[  953.865688][ T1108] usb 4-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  953.902886][ T1108] usb 4-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  953.927764][ T1108] usb 4-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14
[  953.962356][ T1108] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f
[  953.981623][ T1108] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  953.997130][T31284] infiniband syz1: set down
[  954.002987][T31284] infiniband syz1: added lo
[  954.030562][ T1108] usb 4-1: NFC: intf ffff88805ffdd000 id ffffffff8cb52720
[  954.068103][ T6853] lo speed is unknown, defaulting to 1000
[  954.068429][T31308] lo speed is unknown, defaulting to 1000
[  954.103853][T31284] RDS/IB: syz1: added
[  954.119235][T31284] smc: adding ib device syz1 with port count 1
[  954.130038][T31284] smc:    ib device syz1 port 1 has pnetid 
[  954.130892][T18477] lo speed is unknown, defaulting to 1000
[  954.169099][T31308] lo speed is unknown, defaulting to 1000
[  954.223464][ T1108] usb 4-1: USB disconnect, device number 70
[  954.390455][T31284] lo speed is unknown, defaulting to 1000
[  954.571726][T31337] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  954.682027][T31284] lo speed is unknown, defaulting to 1000
[  954.730128][T31347] netlink: 'syz.2.12210': attribute type 1 has an invalid length.
[  954.773434][T31347] netlink: 56 bytes leftover after parsing attributes in process `syz.2.12210'.
[  954.886576][T31358] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  954.910375][ T1108] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  954.983072][T31284] lo speed is unknown, defaulting to 1000
[  954.989795][T31359] loop1: detected capacity change from 0 to 4096
[  955.057075][T31359] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  955.061532][T31365] netlink: 'syz.2.12231': attribute type 1 has an invalid length.
[  955.096204][T31359] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  955.113700][T31359] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  955.127908][T31359] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  955.152078][ T1108] usb 1-1: Using ep0 maxpacket: 16
[  955.155954][T31359] ntfs: volume version 3.1.
[  955.197970][T31359] ntfs: (device loop1): ntfs_attr_find(): Inode is corrupt.  Run chkdsk.
[  955.216433][T31284] lo speed is unknown, defaulting to 1000
[  955.216870][T31359] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x40 as bad.  Run chkdsk.
[  955.283197][ T1108] usb 1-1: config 0 has no interfaces?
[  955.367762][T31373] (unnamed net_device) (uninitialized): ARP monitoring cannot be used with MII monitoring
[  955.397518][T31284] lo speed is unknown, defaulting to 1000
[  955.456094][ T1108] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  955.478236][ T1108] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  955.497380][ T1108] usb 1-1: Product: syz
[  955.501677][ T1108] usb 1-1: Manufacturer: syz
[  955.535675][ T1108] usb 1-1: SerialNumber: syz
[  955.541683][ T1108] r8152-cfgselector 1-1: config 0 descriptor??
[  955.671844][T31284] lo speed is unknown, defaulting to 1000
[  955.805053][ T1108] usbip-host 1-1: 1-1 is not in match_busid table... skip!
[  955.941262][T31284] lo speed is unknown, defaulting to 1000
[  955.981169][T31406] loop2: detected capacity change from 0 to 64
[  955.981820][T31407] netlink: 'syz.1.12238': attribute type 1 has an invalid length.
[  956.008881][ T6867] usb 1-1: USB disconnect, device number 67
[  956.026652][T31407] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.12238'.
[  956.045119][T31406] attempt to access beyond end of device
[  956.045119][T31406] loop2: rw=0, want=16777218, limit=64
[  956.056676][T31407] netlink: 'syz.1.12238': attribute type 1 has an invalid length.
[  956.070385][T31406] Buffer I/O error on dev loop2, logical block 8388608, async page read
[  956.080814][T31406] attempt to access beyond end of device
[  956.080814][T31406] loop2: rw=0, want=16777218, limit=64
[  956.098842][T31406] Buffer I/O error on dev loop2, logical block 8388608, async page read
[  956.161789][T31284] lo speed is unknown, defaulting to 1000
[  956.418779][T31284] lo speed is unknown, defaulting to 1000
[  956.625363][T31439] loop0: detected capacity change from 0 to 64
[  956.634165][T31441] openvswitch: netlink: Actions may not be safe on all matching packets
[  956.658854][T31284] lo speed is unknown, defaulting to 1000
[  956.685737][T31439] attempt to access beyond end of device
[  956.685737][T31439] loop0: rw=0, want=16777218, limit=64
[  956.730501][T31439] Buffer I/O error on dev loop0, logical block 8388608, async page read
[  956.757634][T31439] attempt to access beyond end of device
[  956.757634][T31439] loop0: rw=0, want=16777218, limit=64
[  956.786160][T31439] Buffer I/O error on dev loop0, logical block 8388608, async page read
[  956.800700][T31447] loop1: detected capacity change from 0 to 128
[  956.835724][T31447] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  956.900685][T31447] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  956.973995][T31284] lo speed is unknown, defaulting to 1000
[  957.211128][T31463] device netdevsim0 entered promiscuous mode
[  957.240329][T31367] lo speed is unknown, defaulting to 1000
[  957.542186][T31477] netlink: 'syz.3.12272': attribute type 2 has an invalid length.
[  957.683155][T31487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12277'.
[  957.698665][T31487] device geneve1 entered promiscuous mode
[  957.724798][T31451] loop0: detected capacity change from 0 to 32768
[  957.793515][T31451] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  957.814376][T31451] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  957.844479][T31451] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  957.939011][ T6866] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  957.975555][ T6866] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  958.007277][T31495] 8021q: adding VLAN 0 to HW filter on device bond4
[  958.066325][ T6866] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 97ms
[  958.114709][ T6866] gfs2: fsid=syz:syz.0: jid=0: Done
[  958.140204][T31451] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  958.158339][T31507] netlink: 'syz.4.12286': attribute type 2 has an invalid length.
[  958.281875][T31500] lo speed is unknown, defaulting to 1000
[  958.382052][T31500] lo speed is unknown, defaulting to 1000
[  958.833102][T31529] loop1: detected capacity change from 0 to 4096
[  958.941091][ T6867] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  958.975891][ T6867] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  958.997442][T31552] netlink: 'syz.4.12308': attribute type 1 has an invalid length.
[  959.011094][ T6867] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  959.034752][T31552] netlink: 244 bytes leftover after parsing attributes in process `syz.4.12308'.
[  959.058903][T31529] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  959.083949][T31529] ntfs3: loop1: Failed to load $Extend.
[  959.309651][ T6866] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  959.422555][T31573] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[  959.422555][T31573] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷'
[  959.713652][T31592] loop0: detected capacity change from 0 to 256
[  959.753316][T31588] lo speed is unknown, defaulting to 1000
[  959.781751][T31588] lo speed is unknown, defaulting to 1000
[  959.856887][T31592] FAT-fs (loop0): Directory bread(block 64) failed
[  959.894669][T31592] FAT-fs (loop0): Directory bread(block 65) failed
[  959.950507][T31604] CIFS mount error: No usable UNC path provided in device string!
[  959.950507][T31604] 
[  959.981365][ T6867] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  959.997103][T31592] FAT-fs (loop0): Directory bread(block 66) failed
[  960.009811][T31604] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  960.024961][T31592] FAT-fs (loop0): Directory bread(block 67) failed
[  960.053899][T31592] FAT-fs (loop0): Directory bread(block 68) failed
[  960.110832][T31592] FAT-fs (loop0): Directory bread(block 69) failed
[  960.120241][T31592] FAT-fs (loop0): Directory bread(block 70) failed
[  960.135829][T31592] FAT-fs (loop0): Directory bread(block 71) failed
[  960.135920][T31592] FAT-fs (loop0): Directory bread(block 72) failed
[  960.135949][T31592] FAT-fs (loop0): Directory bread(block 73) failed
[  960.197135][T31616] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12339'.
[  960.197207][T31616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12339'.
[  960.197221][T31616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12339'.
[  960.625463][T31638] netlink: 207496 bytes leftover after parsing attributes in process `syz.0.12348'.
[  960.650965][T31640] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  961.000899][T31664] netlink: 'syz.3.12358': attribute type 2 has an invalid length.
[  961.051465][T31664] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  961.106727][T31673] cgroup: subsys name conflicts with all
[  961.116819][T31667] netlink: 72 bytes leftover after parsing attributes in process `syz.0.12360'.
[  961.331781][T31687] loop4: detected capacity change from 0 to 512
[  961.392981][T31687] FAT-fs (loop4): Directory bread(block 199916) failed
[  961.444297][T31687] FAT-fs (loop4): Directory bread(block 199917) failed
[  961.451686][T31687] FAT-fs (loop4): Directory bread(block 199918) failed
[  961.480832][T19221] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  961.498240][T31687] FAT-fs (loop4): Directory bread(block 199919) failed
[  961.542485][T31687] FAT-fs (loop4): Directory bread(block 199920) failed
[  961.572107][T31687] FAT-fs (loop4): Directory bread(block 199921) failed
[  961.628392][T31687] FAT-fs (loop4): Directory bread(block 199922) failed
[  961.639480][T31687] FAT-fs (loop4): Directory bread(block 199923) failed
[  961.674525][T31687] FAT-fs (loop4): Directory bread(block 199916) failed
[  961.714115][T19221] usb 3-1: Using ep0 maxpacket: 8
[  961.729107][T31687] FAT-fs (loop4): Directory bread(block 199917) failed
[  961.863781][T19221] usb 3-1: unable to get BOS descriptor or descriptor too short
[  961.915156][T31719] netlink: 34 bytes leftover after parsing attributes in process `syz.4.12379'.
[  961.966313][T19221] usb 3-1: config 245 has an invalid interface number: 221 but max is 0
[  961.984401][T19221] usb 3-1: config 245 has no interface number 0
[  962.030386][T19221] usb 3-1: config 245 interface 221 altsetting 1 endpoint 0x6 has invalid wMaxPacketSize 0
[  962.083660][T19221] usb 3-1: config 245 interface 221 altsetting 1 bulk endpoint 0x6 has invalid maxpacket 0
[  962.113920][T19221] usb 3-1: config 245 interface 221 has no altsetting 0
[  962.301218][T19221] usb 3-1: New USB device found, idVendor=05da, idProduct=80a3, bcdDevice=b2.28
[  962.332943][T19221] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  962.360910][T19221] usb 3-1: Product: syz
[  962.413381][T19221] usb 3-1: Manufacturer: syz
[  962.419990][T19221] usb 3-1: SerialNumber: syz
[  962.520701][T31751] loop1: detected capacity change from 0 to 256
[  962.583237][T31710] loop0: detected capacity change from 0 to 32768
[  962.671446][T31751] FAT-fs (loop1): Directory bread(block 64) failed
[  962.740943][T19221] microtek usb (rev 0.4.3): can only deal with one output endpoints. Bailing out.
[  962.741561][T31751] FAT-fs (loop1): Directory bread(block 65) failed
[  962.748825][T19221] usb 3-1: USB disconnect, device number 75
[  962.751262][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  962.822836][T31751] FAT-fs (loop1): Directory bread(block 66) failed
[  962.860377][T31751] FAT-fs (loop1): Directory bread(block 67) failed
[  962.897209][T31751] FAT-fs (loop1): Directory bread(block 68) failed
[  962.929124][T31751] FAT-fs (loop1): Directory bread(block 69) failed
[  962.959161][T31751] FAT-fs (loop1): Directory bread(block 70) failed
[  962.976474][T31751] FAT-fs (loop1): Directory bread(block 71) failed
[  963.010173][T31751] FAT-fs (loop1): Directory bread(block 72) failed
[  963.037220][T31751] FAT-fs (loop1): Directory bread(block 73) failed
[  963.219130][T31782] 8021q: adding VLAN 0 to HW filter on device bond2
[  963.478456][T31800] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12413'.
[  963.528243][T31800] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12413'.
[  963.538835][T31800] netlink: 7 bytes leftover after parsing attributes in process `syz.4.12413'.
[  963.980031][T31821] 8021q: adding VLAN 0 to HW filter on device bond4
[  964.008704][T31827] netlink: 'syz.0.12424': attribute type 5 has an invalid length.
[  964.145963][T31843] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 31843 comm: syz.0.12434)
[  964.249956][   T26] audit: type=1800 audit(981.500:58): pid=31843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.12434" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=114428 res=0 errno=0
[  964.259006][T31852] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  964.283125][    C0] vkms_vblank_simulate: vblank timer overrun
[  964.447697][T31868] loop1: detected capacity change from 0 to 256
[  964.510738][T31856] loop4: detected capacity change from 0 to 8192
[  964.591610][T31868] FAT-fs (loop1): Directory bread(block 64) failed
[  964.622544][T31856] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  964.638226][T31868] FAT-fs (loop1): Directory bread(block 65) failed
[  964.653936][T31856] REISERFS (device loop4): using ordered data mode
[  964.661691][T31868] FAT-fs (loop1): Directory bread(block 66) failed
[  964.668839][T31856] reiserfs: using flush barriers
[  964.670105][T31868] FAT-fs (loop1): Directory bread(block 67) failed
[  964.682521][T31868] FAT-fs (loop1): Directory bread(block 68) failed
[  964.689757][T31868] FAT-fs (loop1): Directory bread(block 69) failed
[  964.697029][T31868] FAT-fs (loop1): Directory bread(block 70) failed
[  964.704131][T31868] FAT-fs (loop1): Directory bread(block 71) failed
[  964.706804][T31856] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  964.724750][T31868] FAT-fs (loop1): Directory bread(block 72) failed
[  964.735379][T31868] FAT-fs (loop1): Directory bread(block 73) failed
[  964.821702][T31856] REISERFS (device loop4): checking transaction log (loop4)
[  965.007795][T31894] loop2: detected capacity change from 0 to 512
[  965.008711][T31897] loop3: detected capacity change from 0 to 24
[  965.117723][T31897] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  965.166811][T31894] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  965.168215][T31897] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  965.190560][T31856] REISERFS (device loop4): Using tea hash to sort names
[  965.206972][T31897] VFS: Lookup of 'file0' in romfs loop3 would have caused loop
[  965.323876][T31894] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  965.341708][T31911] netlink: 'syz.1.12457': attribute type 1 has an invalid length.
[  965.691347][T31927] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12461'.
[  965.807317][T31927] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  965.832217][T31934] cgroup: subsys name conflicts with all
[  965.928223][ T6863] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  965.978435][T31944] fuse: Bad value for 'fd'
[  966.124498][T31960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12480'.
[  966.329874][T31976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12487'.
[  966.384373][T31976] device netdevsim0 entered promiscuous mode
[  966.467745][ T6863] usb 3-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  966.504529][ T6863] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  966.525898][T31983] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12491'.
[  966.532237][ T6863] usb 3-1: Product: syz
[  966.551217][ T6863] usb 3-1: Manufacturer: syz
[  966.553914][T31986] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12493'.
[  966.556276][ T6863] usb 3-1: SerialNumber: syz
[  966.618185][ T6863] usb 3-1: config 0 descriptor??
[  966.656571][ T6863] gspca_main: sonixb-2.14.0 probing 0c45:6005
[  966.783641][T31998] tmpfs: Bad value for 'mpol'
[  966.788648][T32002] 9pnet: p9_fd_create_tcp (32002): problem connecting socket to 127.0.0.1
[  967.051221][T32018] netlink: 'syz.0.12509': attribute type 3 has an invalid length.
[  967.072249][ T6877] usb 3-1: USB disconnect, device number 76
[  967.197333][T32022] netlink: 'syz.4.12511': attribute type 28 has an invalid length.
[  967.278410][T32022] netlink: 'syz.4.12511': attribute type 3 has an invalid length.
[  967.331924][T32022] netlink: 132 bytes leftover after parsing attributes in process `syz.4.12511'.
[  967.606551][T32039] loop1: detected capacity change from 0 to 4096
[  967.669119][T32039] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  967.753339][ T6863] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  967.796003][T32051] loop4: detected capacity change from 0 to 64
[  967.875323][T32039] ntfs3: loop1: failed to convert "c46c" to iso8859-15
[  968.257196][T18475] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  968.332186][ T6863] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  968.345316][ T6863] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  968.356556][T32071] xt_TCPMSS: Only works on TCP SYN packets
[  968.375086][ T6863] usb 1-1: Product: syz
[  968.392550][ T6863] usb 1-1: Manufacturer: syz
[  968.418675][ T6863] usb 1-1: SerialNumber: syz
[  968.499869][ T6863] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  968.601778][T18475] usb 3-1: config 0 has an invalid interface number: 237 but max is 0
[  968.646130][T18475] usb 3-1: config 0 has no interface number 0
[  968.674890][T18475] usb 3-1: config 0 interface 237 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  968.732745][T18475] usb 3-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  968.787176][T18475] usb 3-1: config 0 interface 237 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  968.799435][T32093] device ip6gretap1 entered promiscuous mode
[  968.800928][T32087] loop4: detected capacity change from 0 to 4096
[  968.898200][T32087] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  968.971608][T32087] ntfs3: loop4: failed to convert "c46c" to iso8859-15
[  969.012359][T18475] usb 3-1: New USB device found, idVendor=045e, idProduct=84bd, bcdDevice=89.be
[  969.032542][T18475] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=3
[  969.064495][T18475] usb 3-1: Product: syz
[  969.095973][T18475] usb 3-1: Manufacturer: syz
[  969.100797][T18475] usb 3-1: SerialNumber: syz
[  969.144770][T18475] usb 3-1: config 0 descriptor??
[  969.181716][T18475] xpad 3-1:0.237: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  969.217306][T18475] xpad: probe of 3-1:0.237 failed with error -5
[  969.254124][ T6863] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  969.412338][ T6866] usb 3-1: USB disconnect, device number 77
[  969.439418][T32119] netlink: 11 bytes leftover after parsing attributes in process `syz.4.12560'.
[  969.645419][T18475] usb 1-1: USB disconnect, device number 68
[  970.090069][T32155] loop2: detected capacity change from 0 to 512
[  970.192033][T32155] EXT4-fs (loop2): Ignoring removed nobh option
[  970.233160][T32155] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  970.279148][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  970.298359][T32155] EXT4-fs (loop2): 1 truncate cleaned up
[  970.334219][T32155] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,nogrpid,debug_want_extra_isize=0x0000000000000068,init_itable,nobh,quota,,errors=continue. Quota mode: writeback.
[  970.355953][    C1] vkms_vblank_simulate: vblank timer overrun
[  970.364347][ T6863] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  970.381065][ T6863] ath9k_htc: Failed to initialize the device
[  970.393927][T18475] usb 1-1: ath9k_htc: USB layer deinitialized
[  970.414709][T32172] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12583'.
[  970.633138][T32135] loop1: detected capacity change from 0 to 32768
[  970.718456][T32135] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  970.758832][T32135] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  970.793987][T32135] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  970.804896][T32192] dlm: no locking on control device
[  970.831577][T32194] netlink: 40 bytes leftover after parsing attributes in process `syz.2.12594'.
[  970.837936][T18475] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  970.860873][T18475] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  970.996471][T32196] loop4: detected capacity change from 0 to 4096
[  971.003414][T18475] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 152ms
[  971.035442][T18475] gfs2: fsid=syz:syz.0: jid=0: Done
[  971.041165][T32135] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  971.064863][T32200] loop0: detected capacity change from 0 to 512
[  971.070539][T32202] 9pnet: p9_fd_create_tcp (32202): problem connecting socket to 127.0.0.1
[  971.156744][T32200] FAT-fs (loop0): Directory bread(block 199916) failed
[  971.193720][T32203] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  971.221363][T32196] NILFS error (device loop4): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[  971.229494][T32200] FAT-fs (loop0): Directory bread(block 199917) failed
[  971.265761][T32200] FAT-fs (loop0): Directory bread(block 199918) failed
[  971.275564][T32207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12599'.
[  971.298240][T32200] FAT-fs (loop0): Directory bread(block 199919) failed
[  971.304252][T32196] Remounting filesystem read-only
[  971.328498][T32207] device netdevsim0 entered promiscuous mode
[  971.334594][T32200] FAT-fs (loop0): Directory bread(block 199920) failed
[  971.430295][T32200] FAT-fs (loop0): Directory bread(block 199921) failed
[  971.481594][T32200] FAT-fs (loop0): Directory bread(block 199922) failed
[  971.488692][T32200] FAT-fs (loop0): Directory bread(block 199923) failed
[  971.533825][T32180] loop3: detected capacity change from 0 to 32768
[  971.597960][T32180] XFS: attr2 mount option is deprecated.
[  971.695036][T32200] FAT-fs (loop0): Directory bread(block 199916) failed
[  971.705418][T32200] FAT-fs (loop0): Directory bread(block 199917) failed
[  971.729511][T32180] XFS (loop3): Mounting V5 Filesystem
[  971.930931][T32180] XFS (loop3): Ending clean mount
[  971.948373][T32180] XFS (loop3): Quotacheck needed: Please wait.
[  972.117152][T32180] XFS (loop3): Quotacheck: Done.
[  972.180161][ T4183] XFS (loop3): Unmounting Filesystem
[  972.231404][T32230] loop2: detected capacity change from 0 to 32768
[  972.345253][T32230] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  972.386305][T32230] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  972.412831][T32230] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  972.431728][T32259] loop0: detected capacity change from 0 to 64
[  972.447117][ T6863] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  972.471245][ T6863] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  972.558314][ T6863] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 93ms
[  972.576131][ T6863] gfs2: fsid=syz:syz.0: jid=0: Done
[  972.591559][T32230] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  972.707957][T32243] 9pnet: p9_fd_create_tcp (32243): problem connecting socket to 127.0.0.1
[  973.201426][T19221] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  973.225312][T19221] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  973.258561][T19221] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  973.322926][T32296] netlink: 'syz.3.12640': attribute type 1 has an invalid length.
[  973.476910][T32301] loop0: detected capacity change from 0 to 1764
[  973.544446][T32287] loop4: detected capacity change from 0 to 32768
[  973.815964][T32313] 9pnet: p9_fd_create_tcp (32313): problem connecting socket to 127.0.0.1
[  973.991661][T32323] rdma_rxe: rxe_register_device failed with error -23
[  974.048144][T32323] rdma_rxe: failed to add lo
[  974.073260][T19221] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  974.152187][T19221] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  974.195011][T32333] netlink: 'syz.0.12658': attribute type 32 has an invalid length.
[  974.202877][T32303] loop3: detected capacity change from 0 to 32768
[  974.351968][T32303] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  974.380113][T32303] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  974.413086][T32303] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  974.451747][ T6863] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  974.458050][T32350] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  974.469260][ T6863] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  974.549494][ T6863] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 86ms
[  974.565970][T32352] netlink: 210620 bytes leftover after parsing attributes in process `syz.1.12668'.
[  974.582673][ T6863] gfs2: fsid=syz:syz.0: jid=0: Done
[  974.598639][T32303] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  974.904612][T32334] loop2: detected capacity change from 0 to 32768
[  975.044725][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  975.064313][T32373] rdma_rxe: rxe_register_device failed with error -23
[  975.078704][T32376] (unnamed net_device) (uninitialized): ARP monitoring cannot be used with MII monitoring
[  975.102095][T32373] rdma_rxe: failed to add lo
[  975.470991][T32395] loop0: detected capacity change from 0 to 4096
[  975.543671][T32405] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  975.597829][T32395] NILFS error (device loop0): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[  975.655643][T32395] Remounting filesystem read-only
[  975.722667][ T6866] usb 3-1: new low-speed USB device number 78 using dummy_hcd
[  975.769112][ T6863] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  975.901065][T32416] netlink: 36 bytes leftover after parsing attributes in process `syz.0.12700'.
[  975.957360][T32419] netlink: 'syz.1.12701': attribute type 21 has an invalid length.
[  975.988477][T32419] IPv6: NLM_F_CREATE should be specified when creating new route
[  975.995593][T32378] loop4: detected capacity change from 0 to 32768
[  976.063914][T32378] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  976.083210][T32378] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  976.105177][T32378] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  976.126964][ T6867] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  976.135514][ T6867] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  976.153665][ T6863] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  976.165003][ T6866] usb 3-1: unable to get BOS descriptor or descriptor too short
[  976.173649][T32429] netlink: 1244 bytes leftover after parsing attributes in process `syz.0.12706'.
[  976.197125][ T6867] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 66ms
[  976.209578][ T6863] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xD has invalid maxpacket 0
[  976.222620][ T6867] gfs2: fsid=syz:syz.0: jid=0: Done
[  976.231411][ T6863] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  976.245691][T32378] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  976.319606][ T6866] usb 3-1: too many endpoints for config 1 interface 0 altsetting 128: 253, using maximum allowed: 30
[  976.332918][ T6863] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  976.343009][ T6863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  976.343212][T32433] xt_ecn: cannot match TCP bits for non-tcp packets
[  976.351827][ T6866] usb 3-1: config 1 interface 0 altsetting 128 endpoint 0x82 is Bulk; changing to Interrupt
[  976.369743][ T6863] usb 4-1: SerialNumber: syz
[  976.383284][T32435] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12709'.
[  976.398224][ T6866] usb 3-1: config 1 interface 0 altsetting 128 endpoint 0x3 is Bulk; changing to Interrupt
[  976.409951][ T6867] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[  976.417130][T32435] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12709'.
[  976.417603][ T6866] usb 3-1: config 1 interface 0 altsetting 128 has 2 endpoint descriptors, different from the interface descriptor's value: 253
[  976.427394][T32435] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12709'.
[  976.441557][ T6866] usb 3-1: config 1 interface 0 has no altsetting 0
[  976.557757][T32441] loop4: detected capacity change from 0 to 16
[  976.580935][T32443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12713'.
[  976.659920][T32441] erofs: (device loop4): mounted with root inode @ nid 36.
[  976.675318][ T6863] usbtest 4-1:1.0: Linux user mode ISO test driver
[  976.705147][ T6863] usbtest 4-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  976.720341][ T6866] usb 3-1: string descriptor 0 read error: -22
[  976.727148][ T6866] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  976.745057][ T6863] usb 4-1: USB disconnect, device number 71
[  976.757743][T32452] netlink: 830 bytes leftover after parsing attributes in process `syz.4.12717'.
[  976.776124][ T6866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  976.837901][T32402] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  976.859615][T32402] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  976.874283][ T6867] usb 2-1: unable to get BOS descriptor or descriptor too short
[  976.888742][ T6866] usb 3-1: bad CDC descriptors
[  976.954142][ T6867] usb 2-1: not running at top speed; connect to a high speed hub
[  977.037270][ T6867] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  977.055406][    C0] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  977.055842][ T6867] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  977.093077][ T6867] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  977.108582][T19221] usb 3-1: USB disconnect, device number 78
[  977.297879][ T6867] usb 2-1: New USB device found, idVendor=0582, idProduct=1f14, bcdDevice= 0.40
[  977.314379][ T6867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  977.314614][T32471] delete_channel: no stack
[  977.325325][ T6867] usb 2-1: Product: syz
[  977.339730][ T6867] usb 2-1: Manufacturer: syz
[  977.344447][ T6867] usb 2-1: SerialNumber: syz
[  977.348400][T32456] loop0: detected capacity change from 0 to 32768
[  977.386851][T32456] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  977.423099][T32456] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  977.444296][T32456] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  977.464820][ T6863] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  977.481345][ T6863] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  977.545449][ T6863] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 68ms
[  977.594795][ T6863] gfs2: fsid=syz:syz.0: jid=0: Done
[  977.611753][T32456] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  977.745635][ T6867] usb 2-1: MIDIStreaming interface descriptor not found
[  977.783013][ T6867] usb 2-1: USB disconnect, device number 61
[  977.932125][T32502] ip6t_REJECT: ECHOREPLY is not supported
[  978.062444][T32511] CIFS mount error: No usable UNC path provided in device string!
[  978.062444][T32511] 
[  978.119858][T32511] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  978.131383][ T5751] udevd[5751]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  978.566449][T32537] netlink: 76 bytes leftover after parsing attributes in process `syz.4.12757'.
[  978.663095][T32537] netlink: 72 bytes leftover after parsing attributes in process `syz.4.12757'.
[  978.719928][T32537] netlink: 'syz.4.12757': attribute type 3 has an invalid length.
[  978.763606][T32537] netlink: 11 bytes leftover after parsing attributes in process `syz.4.12757'.
[  978.840500][T32500] loop3: detected capacity change from 0 to 32768
[  978.958564][T32562] usb usb8: usbfs: process 32562 (syz.0.12767) did not claim interface 0 before use
[  979.027818][T32500] XFS (loop3): Mounting V5 Filesystem
[  979.088481][T32521] loop2: detected capacity change from 0 to 32768
[  979.172258][T32521] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  979.208255][T32500] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  979.229776][T32521] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  979.282606][T32500] XFS (loop3): Starting recovery (logdev: internal)
[  979.299163][T32521] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  979.334866][T19221] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  979.349464][T19221] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  979.366533][T32500] XFS (loop3): Ending recovery (logdev: internal)
[  979.449957][T19221] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 107ms
[  979.478753][T32500] XFS (loop3): Metadata corruption detected at xfs_inobt_verify+0xc1/0x220, xfs_finobt block 0x8 
[  979.501390][T19221] gfs2: fsid=syz:syz.0: jid=0: Done
[  979.523755][T32521] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  979.535651][ T6867] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  979.547274][T32500] XFS (loop3): Unmount and run xfs_repair
[  979.582418][T32500] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  979.590472][T32500] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  979.638110][T32500] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  979.666790][T32500] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  979.678417][T32597] loop1: detected capacity change from 0 to 24
[  979.689333][T32500] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  979.699499][T32500] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  979.709761][T32500] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  979.720365][T32500] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  979.730695][T32500] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  979.742042][T32597] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  979.765335][T32500] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x8 len 8 error 117
[  979.783095][T32597] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  979.795369][ T6867] usb 5-1: Using ep0 maxpacket: 16
[  979.808760][T32597] VFS: Lookup of 'file0' in romfs loop1 would have caused loop
[  979.876889][ T4183] XFS (loop3): Unmounting Filesystem
[  979.954300][ T6867] usb 5-1: config 0 has no interfaces?
[  980.193030][ T6867] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  980.212688][T32621] raw_sendmsg: syz.1.12793 forgot to set AF_INET. Fix it!
[  980.222233][ T6867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  980.237211][ T6867] usb 5-1: Product: syz
[  980.242171][ T6867] usb 5-1: Manufacturer: syz
[  980.271040][ T6867] usb 5-1: SerialNumber: syz
[  980.290634][ T6867] r8152-cfgselector 5-1: config 0 descriptor??
[  980.377086][T32630] loop2: detected capacity change from 0 to 256
[  980.536205][ T6867] usbip-host 5-1: 5-1 is not in match_busid table... skip!
[  980.583562][T32630] FAT-fs (loop2): Directory bread(block 64) failed
[  980.592465][T32630] FAT-fs (loop2): Directory bread(block 65) failed
[  980.603450][T32630] FAT-fs (loop2): Directory bread(block 66) failed
[  980.612095][T32630] FAT-fs (loop2): Directory bread(block 67) failed
[  980.632597][T32630] FAT-fs (loop2): Directory bread(block 68) failed
[  980.646282][T32630] FAT-fs (loop2): Directory bread(block 69) failed
[  980.672572][T32630] FAT-fs (loop2): Directory bread(block 70) failed
[  980.679322][T32630] FAT-fs (loop2): Directory bread(block 71) failed
[  980.692654][T32630] FAT-fs (loop2): Directory bread(block 72) failed
[  980.699583][T32630] FAT-fs (loop2): Directory bread(block 73) failed
[  980.737568][ T6866] usb 5-1: USB disconnect, device number 34
[  980.759975][ T6877] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  981.315237][ T6877] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  981.345809][ T6877] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  981.373456][ T6877] usb 1-1: Product: syz
[  981.388376][ T6877] usb 1-1: Manufacturer: syz
[  981.408699][ T6877] usb 1-1: SerialNumber: syz
[  981.434630][ T6877] r8152-cfgselector 1-1: config 0 descriptor??
[  981.611002][T32707] __nla_validate_parse: 1 callbacks suppressed
[  981.611019][T32707] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.12835'.
[  981.633291][T32707] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes.
[  981.680968][ T6866] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  981.837796][T32717] netlink: 34 bytes leftover after parsing attributes in process `syz.1.12840'.
[  981.889904][T32698] loop4: detected capacity change from 0 to 32768
[  981.901052][T32698] XFS: attr2 mount option is deprecated.
[  981.939268][T19221] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  981.979564][T32698] XFS (loop4): Mounting V5 Filesystem
[  982.012919][T32698] XFS (loop4): Ending clean mount
[  982.022821][T32698] XFS (loop4): Quotacheck needed: Please wait.
[  982.070715][ T6877] r8152-cfgselector 1-1: Unknown version 0x0000
[  982.086928][ T6877] r8152-cfgselector 1-1: USB disconnect, device number 69
[  982.116707][T32698] XFS (loop4): Quotacheck: Done.
[  982.182027][T19221] usb 3-1: Using ep0 maxpacket: 16
[  982.197458][ T4192] XFS (loop4): Unmounting Filesystem
[  982.322060][ T6866] usb 4-1: unable to get BOS descriptor or descriptor too short
[  982.331006][T19221] usb 3-1: config 0 has no interfaces?
[  982.415276][ T6866] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  982.452178][ T6866] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  982.494145][T19221] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  982.520586][T19221] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.535449][T19221] usb 3-1: Product: syz
[  982.543040][T19221] usb 3-1: Manufacturer: syz
[  982.549333][T19221] usb 3-1: SerialNumber: syz
[  982.568501][T19221] r8152-cfgselector 3-1: config 0 descriptor??
[  982.643895][ T6866] usb 4-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40
[  982.662272][ T6866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.697323][ T6866] usb 4-1: Product: syz
[  982.701706][ T6866] usb 4-1: Manufacturer: syz
[  982.721725][ T6866] usb 4-1: SerialNumber: syz
[  982.764218][T32746] loop4: detected capacity change from 0 to 4096
[  982.803133][T32746] ntfs: (device loop4): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  982.829584][T19221] usbip-host 3-1: 3-1 is not in match_busid table... skip!
[  982.876316][T32746] ntfs: volume version 3.1.
[  982.911952][T32746] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  982.942935][T32746] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[  982.992401][T32746] ntfs: (device loop4): ntfs_cluster_alloc(): Failed to map page.
[  983.021706][T32746] ntfs: (device loop4): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5).
[  983.030955][ T6877] usb 3-1: USB disconnect, device number 79
[  983.040340][ T6866] usb 4-1: failed waiting for Axe-Fx III to boot: -71
[  983.047557][ T6866] snd-usb-audio: probe of 4-1:1.0 failed with error -71
[  983.053946][T32746] ntfs: (device loop4): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5.
[  983.060621][ T6866] usb 4-1: USB disconnect, device number 72
[  983.084686][T32758] x_tables: unsorted underflow at hook 3
[  983.146564][T32760] ubi31: attaching mtd0
[  983.157934][ T4192] ntfs: (device loop4): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  983.164005][T32760] ubi31: scanning is finished
[  983.182537][T32760] ubi31: empty MTD device detected
[  983.215432][T32752] loop1: detected capacity change from 0 to 32768
[  983.260489][T32752] XFS: attr2 mount option is deprecated.
[  983.329222][T32760] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  983.357565][T32752] XFS (loop1): Mounting V5 Filesystem
[  983.394432][T32760] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  983.431098][T32760] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  983.457988][T32760] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  983.473625][T32752] XFS (loop1): Ending clean mount
[  983.482407][T32752] XFS (loop1): Quotacheck needed: Please wait.
[  983.563920][T32760] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  983.575043][T32760] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  983.583941][T32760] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1020239016
[  983.596715][T32760] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  983.630664][  T300] ubi31: background thread "ubi_bgt31d" started, PID 300
[  983.697895][T32752] XFS (loop1): Quotacheck: Done.
[  983.726403][  T317] SET target dimension over the limit!
[  983.800176][ T4184] XFS (loop1): Unmounting Filesystem
[  983.810471][  T325] netlink: 40 bytes leftover after parsing attributes in process `syz.0.12868'.
[  983.854732][  T330] program syz.4.12872 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  983.865154][  T325] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  984.092568][T19221] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  984.226538][  T351] netlink: 96 bytes leftover after parsing attributes in process `syz.0.12882'.
[  984.368605][  T360] x_tables: duplicate underflow at hook 2
[  984.445758][  T365] netlink: 'syz.0.12887': attribute type 28 has an invalid length.
[  984.485219][  T365] netlink: 'syz.0.12887': attribute type 3 has an invalid length.
[  984.521233][  T365] netlink: 132 bytes leftover after parsing attributes in process `syz.0.12887'.
[  984.547093][  T373] netlink: 'syz.4.12890': attribute type 1 has an invalid length.
[  984.586837][  T373] netlink: 228 bytes leftover after parsing attributes in process `syz.4.12890'.
[  984.593784][T19221] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  984.630359][T19221] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  984.676210][T19221] usb 4-1: Product: syz
[  984.682107][  T381] IPv6: NLM_F_CREATE should be specified when creating new route
[  984.690386][T19221] usb 4-1: Manufacturer: syz
[  984.695438][T19221] usb 4-1: SerialNumber: syz
[  984.728477][  T383] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12897'.
[  984.738509][  T385] tc_dump_action: action bad kind
[  984.783307][T19221] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  984.784632][  T383] netlink: 31 bytes leftover after parsing attributes in process `syz.4.12897'.
[  984.858443][  T383] netlink: 'syz.4.12897': attribute type 3 has an invalid length.
[  984.894359][  T383] netlink: 'syz.4.12897': attribute type 2 has an invalid length.
[  984.902869][  T383] netlink: 31 bytes leftover after parsing attributes in process `syz.4.12897'.
[  984.919709][  T387] loop1: detected capacity change from 0 to 4096
[  984.989112][  T387] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  985.097856][  T387] ntfs3: loop1: failed to convert "c46c" to cp861
[  985.183308][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  985.323179][ T6853] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  985.612250][  T437] xt_TCPMSS: Only works on TCP SYN packets
[  985.732221][ T6877] usb 4-1: USB disconnect, device number 73
[  985.803500][  T452] dlm: no locking on control device
[  986.302341][ T6853] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  986.309515][ T6853] ath9k_htc: Failed to initialize the device
[  986.334844][ T6877] usb 4-1: ath9k_htc: USB layer deinitialized
[  986.450649][  T466] netlink: 'syz.4.12938': attribute type 13 has an invalid length.
[  986.475236][  T466] rdma_rxe: ignoring netdev event = 9 for lo
[  986.523507][  T480] loop1: detected capacity change from 0 to 16
[  986.552450][  T482] netlink: 132 bytes leftover after parsing attributes in process `syz.2.12946'.
[  986.574953][ T5751] udevd[5751]: incorrect cramfs checksum on /dev/loop1
[  986.577062][  T485] sctp: [Deprecated]: syz.3.12948 (pid 485) Use of struct sctp_assoc_value in delayed_ack socket option.
[  986.577062][  T485] Use struct sctp_sack_info instead
[  986.582905][  T480] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  986.633212][  T486] netlink: 48 bytes leftover after parsing attributes in process `syz.0.12947'.
[  986.734508][ T5751] udevd[5751]: incorrect cramfs checksum on /dev/loop1
[  986.967972][ T6877] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  987.292936][  T540] loop2: detected capacity change from 0 to 256
[  987.316707][  T543] SET target dimension over the limit!
[  987.466745][    C1] vkms_vblank_simulate: vblank timer overrun
[  987.550463][ T6877] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  987.561193][ T6877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.589641][ T6877] usb 5-1: Product: syz
[  987.594310][ T6877] usb 5-1: Manufacturer: syz
[  987.602842][ T6877] usb 5-1: SerialNumber: syz
[  987.663432][ T6877] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  987.778695][  T574] loop0: detected capacity change from 0 to 8
[  987.830264][  T574] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  988.221370][T18475] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  988.315151][ T6877] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  988.557410][T18475] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  988.567816][T18475] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0xD has invalid maxpacket 0
[  988.578277][T18475] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  988.659771][T18475] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  988.669117][T18475] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  988.678083][T18475] usb 3-1: SerialNumber: syz
[  988.709600][ T6867] usb 5-1: USB disconnect, device number 35
[  988.941203][T18475] usbtest 3-1:1.0: Linux user mode ISO test driver
[  988.948461][T18475] usbtest 3-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  988.960083][T18475] usb 3-1: USB disconnect, device number 80
[  989.293842][ T6877] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  989.303298][ T6877] ath9k_htc: Failed to initialize the device
[  989.315073][ T6867] usb 5-1: ath9k_htc: USB layer deinitialized
[  989.316860][  T599] loop1: detected capacity change from 0 to 2048
[  989.337890][  T602] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[  989.337890][  T602] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷'
[  989.427984][  T605] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  989.469096][  T599] NILFS (loop1): error -2 truncating bmap (ino=16)
[  989.561741][  T605] ------------[ cut here ]------------
[  989.568495][  T605] WARNING: CPU: 1 PID: 605 at fs/nilfs2/dat.c:200 nilfs_dat_commit_end+0x5ac/0x6b0
[  989.578093][  T605] Modules linked in:
[  989.582310][  T605] CPU: 1 PID: 605 Comm: segctord Not tainted syzkaller #0
[  989.589434][  T605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  989.600066][  T605] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0
[  989.606195][  T605] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b8 54 03 00 e8 03 4c 6a fe e8 8e 94 f1 fd e9 b8 fc ff ff e8 f4 4b 6a fe <0f> 0b e9 16 fc ff ff e8 e8 4b 6a fe e8 73 94 f1 fd e9 74 fe ff ff
[  989.626894][    C1] vkms_vblank_simulate: vblank timer overrun
[  989.633165][  T605] RSP: 0000:ffffc900040ff390 EFLAGS: 00010293
[  989.639478][  T605] RAX: ffffffff830ee89c RBX: ffff8880258ee1a0 RCX: ffff88805a543b80
[  989.647741][  T605] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002
[  989.656405][  T605] RBP: 0000000000000003 R08: ffff8880511d1e87 R09: 1ffff1100a23a3d0
[  989.665154][  T605] R10: dffffc0000000000 R11: ffffed100a23a3d1 R12: ffff88805a545308
[  989.673852][  T605] R13: ffff888042a199e0 R14: 00000000003f0002 R15: ffff88807ae3d330
[  989.682565][  T605] FS:  0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  989.692158][  T605] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  989.699896][  T605] CR2: 00007f0f12dd09b8 CR3: 0000000064307000 CR4: 00000000003506e0
[  989.708428][  T605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  989.712622][T18475] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  989.717305][  T605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  989.733891][  T605] Call Trace:
[  989.737508][  T605]  <TASK>
[  989.740572][  T605]  nilfs_dat_commit_update+0x24/0x40
[  989.745998][  T605]  nilfs_btree_commit_update_v+0x93/0x410
[  989.752148][  T605]  nilfs_btree_propagate+0x95a/0xcf0
[  989.758069][  T605]  nilfs_bmap_propagate+0x70/0x120
[  989.763333][  T605]  nilfs_segctor_apply_buffers+0x15d/0x320
[  989.769296][  T605]  ? nilfs_collect_file_data+0xc0/0xc0
[  989.774883][  T605]  nilfs_segctor_scan_file+0x7af/0x9d0
[  989.780780][  T605]  ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0
[  989.788320][  T605]  ? nilfs_segbuf_extend_segsum+0x25d/0x360
[  989.794523][  T605]  ? rcu_is_watching+0x11/0xa0
[  989.799534][  T605]  nilfs_segctor_do_construct+0x1c26/0x6ca0
[  989.805722][  T605]  ? verify_lock_unused+0x140/0x140
[  989.811376][  T605]  ? nilfs_transaction_unlock+0x220/0x220
[  989.817332][  T605]  ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70
[  989.823952][  T605]  ? clear_nonspinnable+0x60/0x60
[  989.829456][  T605]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  989.835681][  T605]  ? __lock_acquire+0x7d10/0x7d10
[  989.841367][  T605]  ? __rwlock_init+0x140/0x140
[  989.846930][  T605]  ? do_raw_spin_unlock+0x11d/0x230
[  989.852242][  T605]  ? _raw_spin_unlock+0x24/0x40
[  989.857504][  T605]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  989.863304][  T605]  nilfs_segctor_construct+0x17b/0x690
[  989.868980][  T605]  nilfs_segctor_thread+0x523/0x1180
[  989.874797][  T605]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  989.881178][  T605]  ? nilfs_iput_work_func+0x70/0x70
[  989.886836][  T605]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  989.893350][  T605]  ? _raw_spin_unlock+0x40/0x40
[  989.898608][  T605]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  989.905009][  T605]  ? init_wait_entry+0xd0/0xd0
[  989.909859][  T605]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  989.916033][  T605]  ? __kthread_parkme+0x157/0x1b0
[  989.921407][  T605]  kthread+0x436/0x520
[  989.925675][  T605]  ? nilfs_iput_work_func+0x70/0x70
[  989.931120][  T605]  ? kthread_blkcg+0xd0/0xd0
[  989.935854][  T605]  ret_from_fork+0x1f/0x30
[  989.940514][  T605]  </TASK>
[  989.943640][  T605] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  989.951313][  T605] CPU: 1 PID: 605 Comm: segctord Not tainted syzkaller #0
[  989.958610][  T605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  989.969017][  T605] Call Trace:
[  989.972688][  T605]  <TASK>
[  989.975830][  T605]  dump_stack_lvl+0x188/0x250
[  989.980606][  T605]  ? show_regs_print_info+0x20/0x20
[  989.985896][  T605]  ? load_image+0x400/0x400
[  989.990493][  T605]  panic+0x2e5/0x810
[  989.994479][  T605]  ? bpf_jit_dump+0xd0/0xd0
[  989.999159][  T605]  ? ret_from_fork+0x1f/0x30
[  990.003850][  T605]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  990.009409][  T605]  __warn+0x248/0x2b0
[  990.013595][  T605]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  990.019403][  T605]  report_bug+0x1b7/0x2e0
[  990.024217][  T605]  handle_bug+0x3a/0x70
[  990.028759][  T605]  exc_invalid_op+0x16/0x40
[  990.033694][  T605]  asm_exc_invalid_op+0x16/0x20
[  990.038835][  T605] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0
[  990.045256][  T605] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b8 54 03 00 e8 03 4c 6a fe e8 8e 94 f1 fd e9 b8 fc ff ff e8 f4 4b 6a fe <0f> 0b e9 16 fc ff ff e8 e8 4b 6a fe e8 73 94 f1 fd e9 74 fe ff ff
[  990.066214][  T605] RSP: 0000:ffffc900040ff390 EFLAGS: 00010293
[  990.072763][  T605] RAX: ffffffff830ee89c RBX: ffff8880258ee1a0 RCX: ffff88805a543b80
[  990.080760][  T605] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002
[  990.088832][  T605] RBP: 0000000000000003 R08: ffff8880511d1e87 R09: 1ffff1100a23a3d0
[  990.097437][  T605] R10: dffffc0000000000 R11: ffffed100a23a3d1 R12: ffff88805a545308
[  990.105774][  T605] R13: ffff888042a199e0 R14: 00000000003f0002 R15: ffff88807ae3d330
[  990.114248][  T605]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  990.119665][  T605]  nilfs_dat_commit_update+0x24/0x40
[  990.125169][  T605]  nilfs_btree_commit_update_v+0x93/0x410
[  990.131160][  T605]  nilfs_btree_propagate+0x95a/0xcf0
[  990.136916][  T605]  nilfs_bmap_propagate+0x70/0x120
[  990.142142][  T605]  nilfs_segctor_apply_buffers+0x15d/0x320
[  990.148360][  T605]  ? nilfs_collect_file_data+0xc0/0xc0
[  990.154290][  T605]  nilfs_segctor_scan_file+0x7af/0x9d0
[  990.160561][  T605]  ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0
[  990.168072][  T605]  ? nilfs_segbuf_extend_segsum+0x25d/0x360
[  990.174080][  T605]  ? rcu_is_watching+0x11/0xa0
[  990.179212][  T605]  nilfs_segctor_do_construct+0x1c26/0x6ca0
[  990.185386][  T605]  ? verify_lock_unused+0x140/0x140
[  990.191399][  T605]  ? nilfs_transaction_unlock+0x220/0x220
[  990.197602][  T605]  ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70
[  990.203874][  T605]  ? clear_nonspinnable+0x60/0x60
[  990.209095][  T605]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  990.214745][  T605]  ? __lock_acquire+0x7d10/0x7d10
[  990.220135][  T605]  ? __rwlock_init+0x140/0x140
[  990.225173][  T605]  ? do_raw_spin_unlock+0x11d/0x230
[  990.230561][  T605]  ? _raw_spin_unlock+0x24/0x40
[  990.235699][  T605]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  990.241263][  T605]  nilfs_segctor_construct+0x17b/0x690
[  990.246839][  T605]  nilfs_segctor_thread+0x523/0x1180
[  990.252255][  T605]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  990.258296][  T605]  ? nilfs_iput_work_func+0x70/0x70
[  990.263623][  T605]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  990.269877][  T605]  ? _raw_spin_unlock+0x40/0x40
[  990.274839][  T605]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  990.281188][  T605]  ? init_wait_entry+0xd0/0xd0
[  990.286327][  T605]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  990.292598][  T605]  ? __kthread_parkme+0x157/0x1b0
[  990.297786][  T605]  kthread+0x436/0x520
[  990.302412][  T605]  ? nilfs_iput_work_func+0x70/0x70
[  990.307814][  T605]  ? kthread_blkcg+0xd0/0xd0
[  990.312607][  T605]  ret_from_fork+0x1f/0x30
[  990.317146][  T605]  </TASK>
[  990.321683][  T605] Kernel Offset: disabled
[  990.326785][  T605] Rebooting in 86400 seconds..