last executing test programs:

4.10957541s ago: executing program 3 (id=1261):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000300009000000000000000000010000000c0001"], 0x28}}, 0x0)

4.059989673s ago: executing program 2 (id=1262):
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_mreq(r0, 0x3a, 0x7, 0x0, 0x0)

3.94338021s ago: executing program 2 (id=1265):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000007c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x4, 0x0, 0x2, 0x302, 0x7fff, 0x3}, 0x9c)

3.866071315s ago: executing program 3 (id=1266):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(r0, 0x1, 0xf, 0x0, &(0x7f0000000580))

3.863964645s ago: executing program 2 (id=1268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000f10d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0xff0, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.692981595s ago: executing program 3 (id=1271):
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f00000000c0)={0x0, 0x1, 0x7, 0x8, 0x2, 0x100059a, 0xbfc4bb97dfede4bd})

3.577417502s ago: executing program 3 (id=1273):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={[{}]}, 0x1, 0x232, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiAwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1t9BgaGDSDnulXOjbnrFi/ItUz9fN2bFwwHoz5PZGBkZGBgYmCYGbZzD7K/yhugkcHAzMDAoMIAUsTCkJaZk2rgwcDIwMzAws6ADGCqmRg4wKr0kvNzUtoZGMFJAKxtOQML3AzDxwys/CDlII7RYwZWuIyxRQPMyHYorQKlPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDReJ//iJDNgYGhorEkpIiQ4hYSUmREVzMSABuMxPU1rlMqJ47zsQwCkbBKBgFo2AUjIJRMApGwSgYBSMZAAIAAP//kpC1eQ==")
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905"], 0x0)

3.539786324s ago: executing program 2 (id=1274):
r0 = syz_io_uring_setup(0x335b, &(0x7f0000000340)={0x0, 0xc7ca, 0x42, 0x1, 0x3df}, &(0x7f00000004c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)

3.319175417s ago: executing program 2 (id=1277):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xcc0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c000c204e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0", @ANYRES64], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x2046022, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

3.069494931s ago: executing program 0 (id=1282):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x1c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_OBJ_TYPE={0x1f, 0x3, 0x1, 0x0, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)

2.877835593s ago: executing program 0 (id=1285):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={0x84, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x4}, @CTA_NAT_SRC={0x20, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @empty}, @CTA_NAT_V4_MINIP={0x8, 0x1, @remote}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}]}]}]}, 0x84}, 0x1, 0xbb1414ac}, 0x0)

2.746963141s ago: executing program 0 (id=1287):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)={0x18, 0x7a, 0x601, 0x70bd2a, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)

2.685750514s ago: executing program 1 (id=1288):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001640)={0x2, 0x1, 0x0, 0x9, 0x2}, 0x10}}, 0x0)

2.522400173s ago: executing program 0 (id=1289):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000240)='./bus\x00', 0x1800840, &(0x7f00000024c0)={[{@numtail}, {@shortname_winnt}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@shortname_winnt}, {@utf8no}, {@shortname_win95}, {@fat=@discard}, {@fat=@discard}, {@fat=@dos1xfloppy}, {@utf8no}, {@fat=@usefree}, {@shortname_win95}, {@uni_xlateno}, {@fat=@gid}]}, 0x1, 0x360, &(0x7f0000001280)="$eJzs3U9oHFUYAPBvO/lbaJODUBSE0ZugoX/woKeUkkJxLypL1YO42FQlGwtZXEwP3caLeBQ86smLeNCDh55FUMSbB69WkKp40N4KFp/s7mx2NrtJU2Fbg7/fYfnyvffNe28zyU4m2ZdXlmPtwnRcvHnzRszNVWJq+cxy3KrEYmTRdzVGzYzJAQAHw62U4s/Us8+SyoSnBABMWPf1/7Ujpcw7X+/VP3n1B4ADr/j5f36vPnO7NVyayJQAgAkbuf//6FDzzPCv+qdKfxUAABxUz7/40jOnqxHP5flcxPq7rVqrFk8P2k9fjDeiEatxPBbidkTvQqHzUOk+nj1XXTme53k7flmMWqeiVYtYb7dqvSuF01m3fjZOxEIsFvXF1UZKKTv7RXXlRN4VEVfb3fFjvdKqTcfhYvwfD8dqnIw8HhipjzhXXTmZFweorffr2xFbg/sWnfkvxUJ8/2pcikZcmD8fKfUva6orV07k+ZlUHapv1WbjwvazsOsdEAAAAAAAAAAAAAAAAAAAAAAA+FeW8m2L2/vfpMH+PUtLY9q7++P06ov9gbZ6+wOl2RQp/fH2E7X3shjaH2jn/jyt2lQcur9LBwAAAAAAAAAAAAAAAAAAgP+M5uZM1BuN1Y3m5uW1ctDeaG4eiohO5s1vP/tqPkb73CGYKsYoNeVF6vJaPWX9zikb6lMEWWfwfubTa9szLveZ3V7F2GnM7t7UaBx55OcPB5mHs/6R/x70yWL8ArMd0ygH60d7U7qbJ+ryqSI4eYfO11NKux3nysujVVGJmLr7T9zeQeoE39x4/cFTzWNPdjNfpp7HHl84f/2Dj39bqzc6I3c0PpnZaN5Oa/Xi4/En2+5BVjp/KtELKuUzYWqv8q3hTD374fcXHnr/u/2NnsqZt8b0yXrL+XyjuVkpvlK6TTO9oJPbUTXfOJdF7DjO9JiTfwLBsY+W69eu/PTrfqtK3yRs1AEAAAAAAAAAAAAAAAAAAPdE6b3iheLNvtN7VT317ORnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zuD//5eCrZHMfoK/2jHaNLu60Yw4er+XCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9w/AQAA///ftWu9")
creat(&(0x7f0000000380)='./file0\x00', 0x89)

2.380467592s ago: executing program 1 (id=1290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000480)={r0, 0x0, 0x0, 0x4}, 0x20)

2.096963998s ago: executing program 2 (id=1291):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}]}}}]}, 0x40}}, 0x0)

1.866954532s ago: executing program 1 (id=1292):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

1.120065445s ago: executing program 1 (id=1293):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x1c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_OBJ_TYPE={0x1f, 0x3, 0x1, 0x0, 0xa}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)

1.04152163s ago: executing program 0 (id=1294):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=@newtaction={0x90, 0x30, 0x1, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}, @TCA_IFE_METALST={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)

755.724326ms ago: executing program 3 (id=1295):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b03d25a806c8c6394f90324fc60100000000a000200053582c137153e37000c0a80fc0b1000f835", 0x33fe0}], 0x1}, 0x0)

687.83829ms ago: executing program 1 (id=1296):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESHEX], 0x80, 0x1d8, &(0x7f00000008c0)="$eJzsmD+P0zAYxh87ueTuhJBYGFhA4iQO6S5NUkAsDMcnQGr5t1HRUBXSFrUZ2koMFQsLH4OvwNCJgY2NFQZAQmKgIxODkR03Mek/KlGpgvcn1Xlsv7Zfv42eISAI4r/ly+cfn17evF49AnAKB3D1+Dcrj+FG/MddLT68ets+/Wxc3I+teb4N4M2JhUT1XAghhDl/oJ9V8EzfBsdlre+CwdP6ATjuaB2B4b7Wjw3d2dMijryHnbj+qBlHvmwC2YSyKRfzm4wY6gDk1YX1e/69wfBJLY6jblHsiOk5M1PrihX1sycnHDd0X9ZP/l/3Xjwfyf60Nr5RvwAcgdZlMFSmNYELz/Pykhj3P2fn+1t/cv9tEGeOzRG3EHO0fPnP1UcI/P2cHV3YbanhPyiYMbInhTStbOTsZPxudtXXTSZ2YbNXhvbsman3+xt8V3P/lPZyyfAnG3bmH6Wk9bTUGwyPm61aI2pE7TAsX/Ov+P7VsKSMKG2X+N+u8qd9Y/+dBbEOc9CvJUk36ANJN8j6Ydoajlt53fmu1nDlfxyHF9M95KvipFY5F6Z/XD2lOrQWJk8QBEEQBEEQBEEQBEEQBLEW58HUV1AhBNMfROcR3lLRvwIAAP//EwBcVw==")
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)

520.03434ms ago: executing program 0 (id=1297):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

99.128565ms ago: executing program 1 (id=1298):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000180)=0x1000000, 0x4)

0s ago: executing program 3 (id=1299):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
fstatfs(r0, &(0x7f0000000140)=""/166)

kernel console output (not intermixed with test programs):

evice number 17
[  124.174922][  T967] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  124.234280][ T6936] gfs2: fsid=: Unknown on-disk format, unable to mount
[  124.354958][  T967] usb 3-1: Using ep0 maxpacket: 8
[  124.366900][  T967] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.398827][  T967] usb 3-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  124.425392][  T967] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.453667][  T967] usb 3-1: config 0 descriptor??
[  124.463271][ T6945] set_capacity_and_notify: 5 callbacks suppressed
[  124.463283][ T6945] loop3: detected capacity change from 0 to 32768
[  124.521844][ T6945] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop3 scanned by syz.3.445 (6945)
[  124.574552][ T6945] BTRFS info (device loop3): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  124.606752][ T6945] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  124.635384][ T6945] BTRFS info (device loop3): using free space tree
[  124.734343][   T27] usb 3-1: USB disconnect, device number 12
[  124.805496][ T6948] loop0: detected capacity change from 0 to 32768
[  124.822838][ T6945] BTRFS info (device loop3): enabling ssd optimizations
[  124.823399][ T6948] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 8 /dev/loop0 scanned by syz.0.446 (6948)
[  124.846489][ T6948] BTRFS info (device loop0): first mount of filesystem 8f67342e-760a-4d9f-bdfe-dfdef307742f
[  124.858016][ T6948] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  124.867334][ T6948] BTRFS info (device loop0): using free space tree
[  124.870799][ T6945] BTRFS info (device loop3): auto enabling async discard
[  125.030897][ T6948] BTRFS info (device loop0): enabling ssd optimizations
[  125.062341][ T6948] BTRFS info (device loop0): auto enabling async discard
[  125.081304][ T5774] BTRFS info (device loop3): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  125.166139][ T6950] loop1: detected capacity change from 0 to 32768
[  125.194291][ T6950] BTRFS: device fsid a4d06b90-61a4-49cd-bf5f-2183c3574322 devid 1 transid 8 /dev/loop1 scanned by syz.1.447 (6950)
[  125.215376][ T5765] BTRFS info (device loop0): last unmount of filesystem 8f67342e-760a-4d9f-bdfe-dfdef307742f
[  125.243006][ T6950] BTRFS info (device loop1): first mount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322
[  125.266229][ T6950] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  125.282632][ T6950] BTRFS info (device loop1): using free space tree
[  125.422259][ T6993] loop3: detected capacity change from 0 to 128
[  125.592989][ T6950] BTRFS info (device loop1): enabling ssd optimizations
[  125.601381][ T6999] loop2: detected capacity change from 0 to 128
[  125.625329][ T6950] BTRFS info (device loop1): auto enabling async discard
[  125.752943][ T6035] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  125.772451][ T7006] loop3: detected capacity change from 0 to 16
[  125.821063][ T7006] erofs: (device loop3): mounted with root inode @ nid 36.
[  125.919342][ T5772] BTRFS info (device loop1): last unmount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322
[  126.786935][ T7003] loop0: detected capacity change from 0 to 32768
[  126.809517][ T7003] XFS: noikeep mount option is deprecated.
[  126.868923][ T7010] loop3: detected capacity change from 0 to 32768
[  126.887908][ T5849] usb 2-1: new low-speed USB device number 18 using dummy_hcd
[  126.920269][ T7010] BTRFS: device fsid 28302361-d975-4c41-bd4c-c547b14b74a1 devid 1 transid 8 /dev/loop3 scanned by syz.3.454 (7010)
[  126.929529][ T7003] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  126.942694][ T7003] XFS (loop0): cannot change alignment: superblock does not support data alignment
[  126.975494][ T7010] BTRFS info (device loop3): first mount of filesystem 28302361-d975-4c41-bd4c-c547b14b74a1
[  127.011574][ T7008] loop2: detected capacity change from 0 to 32768
[  127.028556][ T7010] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  127.052995][ T7008] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop2 scanned by syz.2.452 (7008)
[  127.076307][ T7010] BTRFS info (device loop3): using free space tree
[  127.110013][ T5849] usb 2-1: No LPM exit latency info found, disabling LPM.
[  127.130600][ T5849] usb 2-1: config 1 interface 0 altsetting 248 endpoint 0x82 is Bulk; changing to Interrupt
[  127.135217][ T7008] BTRFS info (device loop2): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  127.141674][ T5849] usb 2-1: config 1 interface 0 altsetting 248 endpoint 0x3 is Bulk; changing to Interrupt
[  127.188242][ T7008] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  127.218084][ T5849] usb 2-1: config 1 interface 0 has no altsetting 0
[  127.241878][ T5849] usb 2-1: string descriptor 0 read error: -22
[  127.253454][ T7008] BTRFS info (device loop2): using free space tree
[  127.255971][ T5849] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  127.272023][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.296357][ T7016] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  127.313577][ T7016] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  127.338707][ T5849] cdc_ether: probe of 2-1:1.0 failed with error -22
[  127.378990][ T7010] BTRFS info (device loop3): enabling ssd optimizations
[  127.419808][ T7010] BTRFS info (device loop3): auto enabling async discard
[  127.421225][ T7008] BTRFS info (device loop2): enabling ssd optimizations
[  127.459116][ T7008] BTRFS info (device loop2): auto enabling async discard
[  127.565247][ T5774] BTRFS info (device loop3): last unmount of filesystem 28302361-d975-4c41-bd4c-c547b14b74a1
[  127.640394][  T967] usb 2-1: USB disconnect, device number 18
[  127.682744][ T5768] BTRFS info (device loop2): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  128.003097][ T7059] loop2: detected capacity change from 0 to 512
[  128.068916][ T7059] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.096948][ T7028] BTRFS: device fsid d4515e72-4b5f-44ec-805d-b3edf811e7f1 devid 1 transid 8 /dev/loop0 scanned by syz.0.457 (7028)
[  128.113966][ T7059] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.206192][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.236989][ T7028] BTRFS info (device loop0): first mount of filesystem d4515e72-4b5f-44ec-805d-b3edf811e7f1
[  128.290432][ T7028] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  128.339769][ T7028] BTRFS info (device loop0): using free space tree
[  128.531467][ T7028] BTRFS info (device loop0): enabling ssd optimizations
[  128.548888][ T7028] BTRFS info (device loop0): auto enabling async discard
[  128.699466][ T7079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.723189][ T5765] BTRFS info (device loop0): last unmount of filesystem d4515e72-4b5f-44ec-805d-b3edf811e7f1
[  128.767521][ T7057] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.458 (7057)
[  128.854298][ T7057] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  128.876616][ T7057] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  128.887396][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.932192][ T7057] BTRFS info (device loop3): using free space tree
[  129.115413][ T7077] Only 4K block size supported!
[  129.127006][ T7077] Mount JFS Failure: -22
[  129.249502][ T7057] BTRFS info (device loop3): enabling ssd optimizations
[  129.273850][ T7057] BTRFS info (device loop3): auto enabling async discard
[  129.303222][ T7102] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.398819][ T7090] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  129.429149][ T7100] __ntfs_error: 17 callbacks suppressed
[  129.429165][ T7100] ntfs: (device loop2): parse_options(): Unrecognized mount option umAsk.
[  129.482312][ T5774] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  129.524047][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.811878][ T7108] set_capacity_and_notify: 7 callbacks suppressed
[  129.811892][ T7108] loop1: detected capacity change from 0 to 1024
[  130.004113][ T7108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.221954][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.234987][  T967] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  130.301430][ T7118] loop3: detected capacity change from 0 to 512
[  130.408175][ T7118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.435199][  T967] usb 1-1: Using ep0 maxpacket: 32
[  130.449042][  T967] usb 1-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=26.2f
[  130.464883][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.473179][  T967] usb 1-1: Product: syz
[  130.475056][ T7118] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.477611][  T967] usb 1-1: Manufacturer: syz
[  130.493567][  T967] usb 1-1: SerialNumber: syz
[  130.501510][  T967] usb 1-1: config 0 descriptor??
[  130.509048][  T967] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[  130.546344][ T7114] loop2: detected capacity change from 0 to 32768
[  130.616808][ T7114] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop2 scanned by syz.2.467 (7114)
[  130.618239][  T967] usb 1-1: Found UVC 0.00 device syz (0d49:7000)
[  130.652604][  T967] usb 1-1: No valid video chain found.
[  130.708968][ T7114] BTRFS info (device loop2): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  130.725493][ T7114] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  130.746098][ T7114] BTRFS info (device loop2): using free space tree
[  130.814402][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.951879][  T967] usb 1-1: USB disconnect, device number 18
[  130.977005][ T7114] BTRFS info (device loop2): enabling ssd optimizations
[  131.019062][ T7114] BTRFS info (device loop2): auto enabling async discard
[  131.023012][ T7141] loop3: detected capacity change from 0 to 1024
[  131.104902][ T7141] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[  131.131142][ T7141] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  131.161169][ T7121] loop1: detected capacity change from 0 to 32768
[  131.171136][ T5768] BTRFS info (device loop2): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  131.173883][ T7141] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.471: Failed to acquire dquot type 0
[  131.240861][ T7141] EXT4-fs error (device loop3): mb_free_blocks:1954: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  131.258866][ T7141] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #13: comm syz.3.471: corrupted inode contents
[  131.281575][ T7141] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #13: comm syz.3.471: mark_inode_dirty error
[  131.365856][ T7141] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #13: comm syz.3.471: corrupted inode contents
[  131.415330][ T7141] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #13: comm syz.3.471: mark_inode_dirty error
[  131.457014][ T7141] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #13: comm syz.3.471: corrupted inode contents
[  131.482797][ T7141] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #13: comm syz.3.471: mark_inode_dirty error
[  131.535090][ T7141] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #13: comm syz.3.471: corrupted inode contents
[  131.623718][ T7141] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  131.671459][ T7141] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #13: comm syz.3.471: corrupted inode contents
[  131.688951][ T7146] loop2: detected capacity change from 0 to 512
[  131.717745][ T7141] EXT4-fs error (device loop3): ext4_truncate:4294: inode #13: comm syz.3.471: mark_inode_dirty error
[  131.732109][ T7146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.747644][ T7141] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  131.764649][ T7148] loop0: detected capacity change from 0 to 1024
[  131.785161][ T7141] EXT4-fs (loop3): 1 truncate cleaned up
[  131.792044][ T7141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.841812][ T7148] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.002400][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.017038][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.095109][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.100355][ T7144] loop1: detected capacity change from 0 to 32768
[  132.168837][ T7144] BTRFS: device fsid e5ec6bdf-b4e4-4163-9622-8db3a33753bd devid 1 transid 8 /dev/loop1 scanned by syz.1.473 (7144)
[  132.218525][ T7152] loop2: detected capacity change from 0 to 1024
[  132.242712][ T7144] BTRFS info (device loop1): first mount of filesystem e5ec6bdf-b4e4-4163-9622-8db3a33753bd
[  132.261091][ T7154] loop0: detected capacity change from 0 to 512
[  132.280352][ T7144] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  132.295560][ T7144] BTRFS info (device loop1): using free space tree
[  132.319467][ T7154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.338089][ T7152] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.470762][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.486700][ T7144] BTRFS info (device loop1): enabling ssd optimizations
[  132.493733][ T7144] BTRFS info (device loop1): auto enabling async discard
[  132.552246][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.775264][ T5772] BTRFS info (device loop1): last unmount of filesystem e5ec6bdf-b4e4-4163-9622-8db3a33753bd
[  132.879598][ T7179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.110153][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.135337][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  133.141688][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  133.342484][ T7184] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[  133.375093][ T7184] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  133.419355][ T7184] ntfs: (device loop1): ntfs_read_locked_attr_inode(): First extent of attribute has non-zero lowest_vcn.
[  133.446775][ T7184] ntfs: (device loop1): ntfs_read_locked_attr_inode(): Failed with error code -5 while reading attribute inode (mft_no 0x0, type 0xb0, name_len 0).  Marking corrupt inode and base inode 0x0 as bad.  Run chkdsk.
[  133.510252][ T7184] ntfs: (device loop1): load_system_files(): Failed to load $MFT/$BITMAP attribute.
[  133.557774][ T7184] ntfs: (device loop1): ntfs_fill_super(): Failed to load system files.
[  135.732714][ T7186] set_capacity_and_notify: 2 callbacks suppressed
[  135.732729][ T7186] loop0: detected capacity change from 0 to 131072
[  135.840853][ T7186] F2FS-fs (loop0): Found nat_bits in checkpoint
[  135.979051][ T7186] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  136.993104][ T7198] loop2: detected capacity change from 0 to 1024
[  137.342538][ T7200] loop2: detected capacity change from 0 to 1024
[  137.519049][ T7196] loop0: detected capacity change from 0 to 32768
[  137.576791][ T7196] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz"
[  137.606277][ T7196] dlm: no local IP address has been set
[  137.646097][ T7196] dlm: cannot start dlm midcomms -107
[  137.651539][ T7196] gfs2: fsid=syz:syz: dlm_new_lockspace error -107
[  137.701939][ T7203] loop2: detected capacity change from 0 to 1024
[  138.042365][ T7207] loop2: detected capacity change from 0 to 1024
[  138.102461][ T7209] loop0: detected capacity change from 0 to 128
[  138.167935][ T7209] hpfs: Bad magic ... probably not HPFS
[  138.264583][ T6550] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  138.366574][ T7211] loop2: detected capacity change from 0 to 1024
[  138.459853][ T7211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.511289][ T7216] loop0: detected capacity change from 0 to 160
[  138.686190][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.737095][ T7205] loop1: detected capacity change from 0 to 32768
[  138.784956][ T7205] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 8 /dev/loop1 scanned by syz.1.488 (7205)
[  138.872295][ T7205] BTRFS info (device loop1): first mount of filesystem a830dcec-d20e-42dc-8160-bf13f3286f97
[  138.908337][ T7205] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  138.981136][ T7205] BTRFS info (device loop1): using free space tree
[  139.268900][ T7205] BTRFS info (device loop1): enabling ssd optimizations
[  139.313641][ T7205] BTRFS info (device loop1): auto enabling async discard
[  139.591409][ T5772] BTRFS info (device loop1): last unmount of filesystem a830dcec-d20e-42dc-8160-bf13f3286f97
[  139.892094][ T5756] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 9 /dev/loop1 scanned by udevd (5756)
[  140.642451][ T7220] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz"
[  140.662615][ T7220] dlm: no local IP address has been set
[  140.674838][ T7220] dlm: cannot start dlm midcomms -107
[  140.693092][ T7220] gfs2: fsid=syz:syz: dlm_new_lockspace error -107
[  141.290534][ T7242] set_capacity_and_notify: 3 callbacks suppressed
[  141.290549][ T7242] loop1: detected capacity change from 0 to 32768
[  141.332026][ T7242] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  141.373837][ T7242] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  141.530301][ T7242] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  141.543491][  T967] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  141.558499][  T967] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  141.699820][  T967] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 141ms
[  141.729172][  T967] gfs2: fsid=syz:syz.0: jid=0: Done
[  141.746009][ T7242] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  141.890706][ T7248] loop0: detected capacity change from 0 to 32768
[  141.938526][ T7248] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  141.967898][ T7248] CPU: 1 PID: 7248 Comm: syz.0.499 Not tainted syzkaller #0
[  141.975245][ T7248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  141.985562][ T7248] Call Trace:
[  141.988858][ T7248]  <TASK>
[  141.991802][ T7248]  dump_stack_lvl+0x18c/0x250
[  141.996519][ T7248]  ? show_regs_print_info+0x20/0x20
[  142.001745][ T7248]  ? load_image+0x400/0x400
[  142.006285][ T7248]  sysfs_create_dir_ns+0x26e/0x2a0
[  142.011422][ T7248]  ? sysfs_warn_dup+0xa0/0xa0
[  142.016117][ T7248]  ? do_raw_spin_unlock+0x121/0x230
[  142.021342][ T7248]  kobject_add_internal+0x61c/0xcc0
[  142.026573][ T7248]  kobject_init_and_add+0x12c/0x1a0
[  142.031795][ T7248]  ? lockdep_softirqs_off+0x430/0x430
[  142.037190][ T7248]  ? kobject_add+0x240/0x240
[  142.041809][ T7248]  ? __init_swait_queue_head+0xa9/0x150
[  142.047477][ T7248]  gfs2_sys_fs_add+0x253/0x4b0
[  142.052264][ T7248]  ? gfs2_recover_set+0x250/0x250
[  142.057322][ T7248]  ? apply_workqueue_attrs+0x180/0x180
[  142.062824][ T7248]  gfs2_fill_super+0x12b6/0x1f30
[  142.067795][ T7248]  ? __might_sleep+0xe0/0xe0
[  142.072420][ T7248]  ? gfs2_reconfigure+0xb10/0xb10
[  142.077483][ T7248]  ? setup_bdev_super+0x56b/0x660
[  142.082535][ T7248]  get_tree_bdev+0x3f3/0x520
[  142.087145][ T7248]  ? end_current_label_crit_section+0x170/0x170
[  142.093411][ T7248]  ? gfs2_reconfigure+0xb10/0xb10
[  142.098465][ T7248]  ? setup_bdev_super+0x660/0x660
[  142.103520][ T7248]  gfs2_get_tree+0x51/0x1e0
[  142.108065][ T7248]  vfs_get_tree+0x8c/0x280
[  142.112682][ T7248]  do_new_mount+0x24b/0xa40
[  142.117212][ T7248]  __se_sys_mount+0x2e7/0x3d0
[  142.121916][ T7248]  ? __x64_sys_mount+0xc0/0xc0
[  142.126700][ T7248]  ? lockdep_hardirqs_on+0x98/0x150
[  142.131913][ T7248]  ? __x64_sys_mount+0x20/0xc0
[  142.136693][ T7248]  do_syscall_64+0x55/0xa0
[  142.141131][ T7248]  ? clear_bhb_loop+0x40/0x90
[  142.145821][ T7248]  ? clear_bhb_loop+0x40/0x90
[  142.150527][ T7248]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  142.156436][ T7248] RIP: 0033:0x7fa6ab19bf4a
[  142.160878][ T7248] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.180521][ T7248] RSP: 002b:00007fa6ac088e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  142.188970][ T7248] RAX: ffffffffffffffda RBX: 00007fa6ac088ee0 RCX: 00007fa6ab19bf4a
[  142.196978][ T7248] RDX: 0000200000037f00 RSI: 0000200000037f40 RDI: 00007fa6ac088ea0
[  142.204981][ T7248] RBP: 0000200000037f00 R08: 00007fa6ac088ee0 R09: 0000000000000000
[  142.212989][ T7248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000037f40
[  142.221175][ T7248] R13: 00007fa6ac088ea0 R14: 0000000000037f00 R15: 0000200000037f80
[  142.229203][ T7248]  </TASK>
[  142.253691][ T7248] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  142.318880][ T7248] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  142.917607][ T7256] loop2: detected capacity change from 0 to 64
[  143.809457][ T7258] loop2: detected capacity change from 0 to 32768
[  143.845430][ T7258] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop2 scanned by syz.2.503 (7258)
[  143.908862][ T7258] BTRFS info (device loop2): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  143.945908][ T7258] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  143.968043][ T7258] BTRFS info (device loop2): using free space tree
[  144.028212][ T7265] loop3: detected capacity change from 0 to 512
[  144.135693][ T7258] BTRFS info (device loop2): enabling ssd optimizations
[  144.172229][ T7258] BTRFS info (device loop2): auto enabling async discard
[  144.391107][ T5768] BTRFS info (device loop2): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  144.426317][ T7280] loop3: detected capacity change from 0 to 128
[  144.721277][ T7282] loop2: detected capacity change from 0 to 2048
[  144.814695][ T7282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.077347][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.176697][ T7254] loop0: detected capacity change from 0 to 131072
[  145.237546][ T7254] F2FS-fs (loop0): Found nat_bits in checkpoint
[  145.289644][ T7291] loop2: detected capacity change from 0 to 2048
[  145.383355][ T7254] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  145.749848][ T7296] loop0: detected capacity change from 0 to 128
[  146.046301][ T7284] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  146.077619][ T7284] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  146.202948][ T7284] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  146.236080][ T5755] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  146.242901][ T5755] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  146.484094][ T5755] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 241ms
[  146.502148][ T5755] gfs2: fsid=syz:syz.0: jid=0: Done
[  146.517632][ T7284] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  149.407233][ T7309] set_capacity_and_notify: 2 callbacks suppressed
[  149.407249][ T7309] loop2: detected capacity change from 0 to 2048
[  149.484914][ T7310] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.410116][ T7314] loop0: detected capacity change from 0 to 4096
[  150.433599][ T7314] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  150.792721][ T7316] loop0: detected capacity change from 0 to 4096
[  150.829487][ T7316] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  152.053119][ T7318] loop0: detected capacity change from 0 to 32768
[  152.073943][ T7318] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz"
[  152.114973][ T7318] dlm: no local IP address has been set
[  152.120696][ T7318] dlm: cannot start dlm midcomms -107
[  152.126656][ T7318] gfs2: fsid=syz:syz: dlm_new_lockspace error -107
[  152.244058][ T7323] loop3: detected capacity change from 0 to 4096
[  152.309558][ T7323] ntfs: volume version 3.1.
[  152.692793][ T7325] loop0: detected capacity change from 0 to 8192
[  152.729778][ T7325] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  153.265903][ T7329] loop0: detected capacity change from 0 to 4096
[  153.424330][ T7329] ntfs: volume version 3.1.
[  154.352959][ T7331] loop0: detected capacity change from 0 to 32768
[  154.384410][ T7333] loop2: detected capacity change from 0 to 32768
[  154.392100][ T7331] (syz.0.525,7331,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  154.406106][ T7333] (syz.2.526,7333,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  154.414859][ T7331] (syz.0.525,7331,0):ocfs2_fill_super:1178 ERROR: status = -22
[  154.450717][ T7333] (syz.2.526,7333,1):ocfs2_fill_super:1178 ERROR: status = -22
[  154.515057][ T6550] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  155.272543][ T7335] loop0: detected capacity change from 0 to 32768
[  155.305327][ T7335] (syz.0.527,7335,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  155.345865][ T7335] (syz.0.527,7335,1):ocfs2_fill_super:1178 ERROR: status = -22
[  156.401393][ T7337] loop2: detected capacity change from 0 to 65536
[  156.418179][ T7337] (syz.2.528,7337,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  156.470539][ T7337] (syz.2.528,7337,0):ocfs2_fill_super:1178 ERROR: status = -22
[  156.983405][ T7343] loop2: detected capacity change from 0 to 8192
[  157.002322][ T7339] loop1: detected capacity change from 0 to 65536
[  157.014910][ T7343] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  157.030145][ T7345] loop3: detected capacity change from 0 to 4096
[  157.038206][ T7339] (syz.1.529,7339,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  157.050981][ T7339] (syz.1.529,7339,1):ocfs2_fill_super:1178 ERROR: status = -22
[  158.453387][ T7341] loop0: detected capacity change from 0 to 131072
[  158.645860][ T7341] NILFS (loop0): error -4 creating segctord thread
[  159.211235][ T7354] loop0: detected capacity change from 0 to 16384
[  159.252356][ T7354] REISERFS warning (device loop0): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop0, block 16, size 4096)
[  159.294915][ T7354] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0
[  160.434160][ T7351] loop3: detected capacity change from 0 to 131072
[  160.494888][ T7351] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  160.535948][ T7351] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  160.581738][ T7351] REISERFS (device loop3): using ordered data mode
[  160.625537][ T7351] reiserfs: using flush barriers
[  160.630811][ T7351] REISERFS warning (device loop3): journal-1256 journal_init: unable to get memory for journal structure
[  160.674932][ T7351] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space
[  163.514395][ T7366] loop0: detected capacity change from 0 to 22
[  163.545649][ T7366] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  163.586042][ T7366] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  163.774432][ T7362] loop2: detected capacity change from 0 to 131072
[  163.802463][ T7362] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  163.825138][ T7362] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  163.846598][ T7362] REISERFS (device loop2): using ordered data mode
[  163.895939][ T7362] reiserfs: using flush barriers
[  163.918096][ T7362] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  164.017258][ T7362] REISERFS (device loop2): checking transaction log (loop2)
[  164.811832][ T7371] loop3: detected capacity change from 0 to 3
[  164.865437][ T7371] syz.3.543: attempt to access beyond end of device
[  164.865437][ T7371] loop3: rw=2048, sector=0, nr_sectors = 8 limit=3
[  164.914499][ T7371] SQUASHFS error: Failed to read block 0x0: -5
[  164.952071][ T7371] unable to read squashfs_super_block
[  165.268013][ T7373] loop3: detected capacity change from 0 to 128
[  165.308766][ T7373] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  165.361349][ T7373] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.621277][ T7377] loop3: detected capacity change from 0 to 128
[  165.623951][ T7378] loop1: detected capacity change from 0 to 128
[  165.656986][ T7377] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  165.667211][ T7378] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  165.729834][ T7377] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.740478][ T7378] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.002133][ T7381] loop3: detected capacity change from 0 to 256
[  166.037679][ T7381] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  166.108844][ T7381] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  166.118659][ T7381] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  166.147088][ T7381] UDF-fs: Scanning with blocksize 512 failed
[  166.205343][ T7381] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  166.237322][ T7381] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.459028][ T7384] loop3: detected capacity change from 0 to 128
[  166.485288][ T7384] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  166.515538][ T7384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.726367][ T7387] loop3: detected capacity change from 0 to 512
[  166.748880][ T7387] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  166.774647][ T7387] UDF-fs: Scanning with blocksize 512 failed
[  166.796878][ T7387] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  166.810516][ T7387] UDF-fs: Scanning with blocksize 1024 failed
[  166.840784][ T7387] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  166.859247][ T7387] UDF-fs: Scanning with blocksize 2048 failed
[  166.885458][ T7387] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  166.911402][ T7387] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.139843][ T7389] loop3: detected capacity change from 0 to 128
[  167.195531][ T7389] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  167.245657][ T7389] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.469596][ T7391] loop3: detected capacity change from 0 to 128
[  167.657343][ T7395] loop3: detected capacity change from 0 to 512
[  167.697206][ T7393] loop0: detected capacity change from 0 to 2048
[  167.759794][ T7393] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.981669][ T7397] loop3: detected capacity change from 0 to 2048
[  168.959175][ T7407] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  168.961644][ T7362] REISERFS (device loop2): Using tea hash to sort names
[  168.975585][ T7407] UDF-fs: Scanning with blocksize 512 failed
[  169.009420][ T7362] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  169.023920][ T7407] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  169.062578][ T7407] UDF-fs: Scanning with blocksize 1024 failed
[  169.091933][ T7407] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  169.114109][ T7407] UDF-fs: Scanning with blocksize 2048 failed
[  169.163061][ T7407] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.587105][ T7409] set_capacity_and_notify: 10 callbacks suppressed
[  171.587121][ T7409] loop0: detected capacity change from 0 to 131072
[  171.646081][ T7409] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  171.682278][ T7409] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  171.728753][ T7409] REISERFS (device loop0): using ordered data mode
[  171.760068][ T7409] reiserfs: using flush barriers
[  171.790429][ T7409] REISERFS warning (device loop0): journal-1256 journal_init: unable to get memory for journal structure
[  171.853318][ T7409] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space
[  171.868234][ T7432] loop2: detected capacity change from 0 to 128
[  172.631205][ T7435] loop0: detected capacity change from 0 to 32768
[  172.900894][ T7436] loop2: detected capacity change from 0 to 32768
[  172.984354][ T7436] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  173.328662][ T7436] XFS (loop2): Ending clean mount
[  173.445321][ T5768] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  173.841225][ T7446] loop0: detected capacity change from 0 to 32768
[  173.914409][ T7446] XFS (loop0): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  174.041829][ T7446] XFS (loop0): Ending clean mount
[  174.165584][ T5765] XFS (loop0): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  174.867956][ T7462] loop1: detected capacity change from 0 to 1
[  174.886808][ T7462] syz.1.577: attempt to access beyond end of device
[  174.886808][ T7462] loop1: rw=2048, sector=0, nr_sectors = 8 limit=1
[  174.938780][ T7462] SQUASHFS error: Failed to read block 0x0: -5
[  174.967039][ T7462] unable to read squashfs_super_block
[  175.163151][ T7460] loop3: detected capacity change from 0 to 32768
[  175.231105][ T7460] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  175.338498][ T7460] XFS (loop3): Ending clean mount
[  175.463862][ T7453] loop2: detected capacity change from 0 to 65536
[  175.500299][ T5774] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  175.529628][ T7453] XFS (loop2): Deprecated V4 format (crc=0) not supported by kernel.
[  175.800889][ T7464] loop1: detected capacity change from 0 to 32768
[  175.882060][ T7464] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.053740][ T7489] loop3: detected capacity change from 0 to 512
[  176.111574][ T7489] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  176.127618][ T7489] UDF-fs: Scanning with blocksize 512 failed
[  176.162043][ T7489] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  176.185403][ T7489] UDF-fs: Scanning with blocksize 1024 failed
[  176.215082][ T7489] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  176.235003][ T7489] UDF-fs: Scanning with blocksize 2048 failed
[  176.271257][ T7489] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  176.307051][ T7489] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  176.359660][ T7464] XFS (loop1): Ending clean mount
[  176.542386][ T5772] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.647410][ T7491] loop3: detected capacity change from 0 to 512
[  176.745416][ T7480] loop2: detected capacity change from 0 to 32768
[  176.878842][ T7480] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  177.109791][ T7480] XFS (loop2): Ending clean mount
[  177.243317][ T5768] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  178.389411][ T7507] loop0: detected capacity change from 0 to 512
[  179.703160][ T7503] loop3: detected capacity change from 0 to 131072
[  179.782572][ T7503] XFS (loop3): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  179.988207][ T7503] XFS (loop3): Ending clean mount
[  180.059447][ T5774] XFS (loop3): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  180.199126][ T7505] loop2: detected capacity change from 0 to 131072
[  180.218083][ T7505] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  180.244913][ T7505] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  180.255558][ T7505] REISERFS (device loop2): using ordered data mode
[  180.262101][ T7505] reiserfs: using flush barriers
[  180.274930][ T7505] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  180.305367][ T7505] REISERFS (device loop2): checking transaction log (loop2)
[  181.265315][ T7509] loop0: detected capacity change from 0 to 131072
[  181.371872][ T7509] XFS (loop0): Mounting V5 Filesystem 38ffc24f-675a-4986-9d8e-4951dc618329
[  181.458797][ T7509] XFS (loop0): Ending clean mount
[  181.589790][ T5765] XFS (loop0): Unmounting Filesystem 38ffc24f-675a-4986-9d8e-4951dc618329
[  185.163460][ T7505] REISERFS (device loop2): Using r5 hash to sort names
[  185.186526][ T7505] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  185.456196][ T7532] loop0: detected capacity change from 0 to 131072
[  185.520380][ T7532] XFS (loop0): Mounting V5 Filesystem f37484a6-847f-4c37-be64-3b143b6edc4c
[  185.624184][ T7532] XFS (loop0): Ending clean mount
[  185.815954][ T5765] XFS (loop0): Unmounting Filesystem f37484a6-847f-4c37-be64-3b143b6edc4c
[  188.206424][ T7546] loop0: detected capacity change from 0 to 65536
[  188.309682][ T7546] XFS (loop0): Mounting V5 Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[  188.496782][ T7546] XFS (loop0): Ending clean mount
[  188.609280][ T5765] XFS (loop0): Unmounting Filesystem e4654a66-62e5-4963-a81e-012d9d4871af
[  190.114358][ T7567] tipc: Can't bind to reserved service type 2
[  191.112434][ T7563] loop3: detected capacity change from 0 to 65536
[  191.174483][ T7563] XFS (loop3): Mounting V5 Filesystem d408de26-55fb-48ab-a8ab-aacedb20f9dd
[  191.305251][ T7563] XFS (loop3): Ending clean mount
[  191.421835][ T5774] XFS (loop3): Unmounting Filesystem d408de26-55fb-48ab-a8ab-aacedb20f9dd
[  191.514979][ T7559] Bluetooth: hci0: command 0x0406 tx timeout
[  191.521975][ T7559] Bluetooth: hci1: command 0x0406 tx timeout
[  191.529919][ T7559] Bluetooth: hci2: command 0x0406 tx timeout
[  191.536509][ T7559] Bluetooth: hci3: command 0x0406 tx timeout
[  192.049233][ T7610] loop2: detected capacity change from 0 to 1024
[  192.152112][ T7610] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  192.179684][ T7610] hfsplus: xattr searching failed
[  192.222506][ T7610] syz.2.613: attempt to access beyond end of device
[  192.222506][ T7610] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  192.245184][ T7610] Buffer I/O error on dev loop2, logical block 458752, async page read
[  192.274034][ T7610] hfsplus: unable to mark blocks free: error -5
[  192.290950][ T7610] hfsplus: can't free extent
[  192.312082][ T7618] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  192.355818][ T7618] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  193.043137][ T7638] loop2: detected capacity change from 0 to 2048
[  193.103880][ T5756] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  193.413212][ T7651] loop2: detected capacity change from 0 to 512
[  193.474168][ T7651] EXT4-fs (loop2): 1 truncate cleaned up
[  193.537585][ T7651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.611754][ T7662] netlink: 'syz.3.632': attribute type 3 has an invalid length.
[  193.642985][ T7662] netlink: 132 bytes leftover after parsing attributes in process `syz.3.632'.
[  193.696629][   T28] audit: type=1800 audit(1769250339.549:6): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.627" name="file0" dev="loop2" ino=13 res=0 errno=0
[  193.735355][ T7668] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615)
[  193.883696][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.436956][ T7695] loop1: detected capacity change from 0 to 136
[  194.499634][ T7695] Symlink component flag not implemented
[  194.570095][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  194.576876][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  194.996613][ T7718] loop1: detected capacity change from 0 to 64
[  195.050513][ T7721] netlink: 44 bytes leftover after parsing attributes in process `syz.2.662'.
[  195.063567][ T7718] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  195.077117][ T7722] loop0: detected capacity change from 0 to 1024
[  195.118944][ T7724] xt_policy: output policy not valid in PREROUTING and INPUT
[  195.215070][ T7722] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  195.253638][ T7722] hfsplus: xattr searching failed
[  195.260226][ T7722] syz.0.663: attempt to access beyond end of device
[  195.260226][ T7722] loop0: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  195.297966][ T7722] Buffer I/O error on dev loop0, logical block 458752, async page read
[  195.330883][ T7722] hfsplus: unable to mark blocks free: error -5
[  195.352328][ T7722] hfsplus: can't free extent
[  195.636477][ T7740] netlink: 'syz.0.670': attribute type 8 has an invalid length.
[  195.695798][ T7742] bridge1: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  195.892589][ T7750] loop3: detected capacity change from 0 to 64
[  195.942380][ T7754] netlink: 100 bytes leftover after parsing attributes in process `syz.0.679'.
[  195.995748][ T7756] netlink: 20 bytes leftover after parsing attributes in process `syz.2.680'.
[  196.020455][ T7750] syz.3.677: attempt to access beyond end of device
[  196.020455][ T7750] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  196.074100][ T7750] Buffer I/O error on dev loop3, logical block 134217734, lost async page write
[  196.285572][ T7767] netlink: 'syz.0.686': attribute type 2 has an invalid length.
[  196.293684][ T7767] netlink: 'syz.0.686': attribute type 1 has an invalid length.
[  196.454983][ T5849] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  196.479767][ T7776] Illegal XDP return value 3171480682 on prog  (id 32) dev N/A, expect packet loss!
[  196.544998][    T9] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  196.658043][ T5849] usb 2-1: config index 0 descriptor too short (expected 39, got 27)
[  196.674991][ T5849] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  196.698228][ T5849] usb 2-1: config 0 interface 0 has no altsetting 0
[  196.717956][ T5849] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  196.725481][ T7785] netlink: 'syz.0.694': attribute type 64 has an invalid length.
[  196.735103][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  196.750093][ T7786] loop2: detected capacity change from 0 to 512
[  196.757311][ T5849] usb 2-1: Product: syz
[  196.762813][    T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  196.774250][ T5849] usb 2-1: Manufacturer: syz
[  196.779824][ T7786] EXT4-fs: Ignoring removed nomblk_io_submit option
[  196.786666][    T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  196.804929][ T5849] usb 2-1: SerialNumber: syz
[  196.817540][ T7786] EXT4-fs: Ignoring removed i_version option
[  196.824683][ T5849] usb 2-1: config 0 descriptor??
[  196.833831][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  196.855940][ T5849] hub 2-1:0.0: bad descriptor, ignoring hub
[  196.863352][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.872218][ T5849] hub: probe of 2-1:0.0 failed with error -5
[  196.883511][ T7786] EXT4-fs (loop2): 1 orphan inode deleted
[  196.894605][ T5849] usb 2-1: selecting invalid altsetting 0
[  196.905107][ T7768] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  196.912420][ T7768] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  196.917991][ T7786] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.973982][ T7791] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  196.991143][ T7791] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  197.021566][    T9] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  197.198641][ T7793] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  197.274883][ T5874] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  197.301517][  T967] usb 4-1: USB disconnect, device number 16
[  197.435299][    T9] usb 2-1: USB disconnect, device number 19
[  197.478889][ T5874] usb 3-1: config 0 has an invalid interface number: 120 but max is 0
[  197.506330][ T7799] loop0: detected capacity change from 0 to 128
[  197.514155][ T5874] usb 3-1: config 0 has no interface number 0
[  197.529204][ T7799] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.529510][ T5874] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 12349, setting to 64
[  197.558100][ T7799] ext4 filesystem being mounted at /173/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  197.563574][ T5874] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  197.578550][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.599614][ T7799] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 9 (only 1 groups)
[  197.622056][ T5874] usb 3-1: config 0 descriptor??
[  197.647544][ T7786] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  197.661524][ T5765] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.679494][ T5874] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.120/input/input9
[  197.937885][ T5874] usb 3-1: USB disconnect, device number 13
[  198.270687][ T7818] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  198.539023][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.851436][ T7845] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  199.239678][ T7862] usb usb1: check_ctrlrecip: process 7862 (syz.3.732) requesting ep 01 but needs 81
[  199.265523][ T7862] usb usb1: usbfs: process 7862 (syz.3.732) did not claim interface 0 before use
[  199.483705][ T7876] loop0: detected capacity change from 0 to 16
[  199.511020][ T7876] erofs: (device loop0): mounted with root inode @ nid 36.
[  199.612153][ T7878] Cannot find del_set index 0 as target
[  199.724064][ T7882] netlink: 232 bytes leftover after parsing attributes in process `syz.3.741'.
[  200.037788][ T7894] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  200.262724][ T7901] loop0: detected capacity change from 0 to 16
[  200.325052][ T7901] erofs: (device loop0): mounted with root inode @ nid 36.
[  200.482955][ T7908] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  200.672054][   T28] audit: type=1326 audit(1769250346.529:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.2.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55e019acb9 code=0x7ffc0000
[  200.712851][   T28] audit: type=1326 audit(1769250346.569:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.2.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55e019acb9 code=0x7ffc0000
[  200.734873][    C1] vkms_vblank_simulate: vblank timer overrun
[  200.755364][ T7919] netlink: 'syz.3.760': attribute type 2 has an invalid length.
[  200.784956][   T28] audit: type=1326 audit(1769250346.579:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.2.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f55e019acb9 code=0x7ffc0000
[  200.871922][   T28] audit: type=1326 audit(1769250346.579:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.2.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55e019acb9 code=0x7ffc0000
[  200.957140][   T28] audit: type=1326 audit(1769250346.579:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.2.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55e019acb9 code=0x7ffc0000
[  201.031833][ T7927] netlink: 'syz.0.763': attribute type 6 has an invalid length.
[  201.150668][ T7935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.765'.
[  201.274939][  T967] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  201.306057][ T7937] (null): rxe_set_mtu: Set mtu to 1024
[  201.372080][ T7940] x_tables: duplicate underflow at hook 2
[  201.486207][  T967] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  201.503438][  T967] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  201.514651][ T7943] netlink: 'syz.3.771': attribute type 21 has an invalid length.
[  201.527784][  T967] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  201.537061][ T7943] IPv6: NLM_F_CREATE should be specified when creating new route
[  201.548935][  T967] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.558822][ T7943] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  201.566543][ T7943] IPv6: NLM_F_CREATE should be set when creating new route
[  201.573916][ T7943] IPv6: NLM_F_CREATE should be set when creating new route
[  201.581215][ T7943] IPv6: NLM_F_CREATE should be set when creating new route
[  201.590342][ T7937] infiniband syz2: set active
[  201.595876][ T7937] infiniband syz2: added veth0_vlan
[  201.599244][ T7929] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  201.615002][ T7929] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  201.636537][  T967] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  201.741588][ T7949] netlink: 32 bytes leftover after parsing attributes in process `syz.3.773'.
[  201.778929][ T7949] netlink: 32 bytes leftover after parsing attributes in process `syz.3.773'.
[  201.882049][ T7937] RDS/IB: syz2: added
[  201.901193][ T7937] smc: adding ib device syz2 with port count 1
[  201.918990][ T7954] netlink: 16 bytes leftover after parsing attributes in process `syz.3.776'.
[  201.926959][ T7937] smc:    ib device syz2 port 1 has pnetid 
[  202.074499][ T5755] usb 2-1: USB disconnect, device number 20
[  202.587248][ T7967] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  202.608113][ T7958] loop3: detected capacity change from 0 to 32768
[  202.658988][ T7958] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  202.682131][ T7958] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.857408][ T7958] XFS (loop3): Ending clean mount
[  203.016055][ T5774] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  203.199030][ T7990] loop1: detected capacity change from 0 to 1764
[  203.304827][ T7990] iso9660: Corrupted directory entry in block 2 of inode 1920
[  203.371674][ T7994] loop0: detected capacity change from 0 to 1024
[  203.556096][   T11] hfsplus: b-tree write err: -5, ino 4
[  203.573602][ T7998] syz.3.789: attempt to access beyond end of device
[  203.573602][ T7998] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0
[  204.422788][ T8036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.809'.
[  204.465092][  T967] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  204.491730][ T8038] loop2: detected capacity change from 0 to 16
[  204.525698][ T8038] erofs: (device loop2): mounted with root inode @ nid 36.
[  204.540865][ T8040] netlink: 20 bytes leftover after parsing attributes in process `syz.0.812'.
[  204.606381][ T8042] netlink: 36 bytes leftover after parsing attributes in process `syz.3.811'.
[  204.633416][ T8042] netlink: 36 bytes leftover after parsing attributes in process `syz.3.811'.
[  204.633823][ T8044] loop0: detected capacity change from 0 to 256
[  204.666536][ T8042] netlink: 20 bytes leftover after parsing attributes in process `syz.3.811'.
[  204.675716][  T967] usb 2-1: Using ep0 maxpacket: 8
[  204.694864][  T967] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[  204.715514][  T967] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  204.731226][  T967] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  204.769262][  T967] usb 2-1: Product: syz
[  204.773488][  T967] usb 2-1: Manufacturer: syz
[  204.791992][  T967] usb 2-1: SerialNumber: syz
[  205.082890][  T967] usb 2-1: Handspring Visor / Palm OS: No valid connect info available
[  205.103815][  T967] usb 2-1: Handspring Visor / Palm OS: port 205, is for unknown use
[  205.105394][ T8058] xt_CT: You must specify a L4 protocol and not use inversions on it
[  205.132903][  T967] usb 2-1: Handspring Visor / Palm OS: port 0, is for unknown use
[  205.159788][  T967] usb 2-1: Handspring Visor / Palm OS: Number of ports: 2
[  205.294706][  T967] usb 2-1: palm_os_3_probe - error -71 getting bytes available request
[  205.319603][  T967] visor 2-1:1.0: Handspring Visor / Palm OS converter detected
[  205.349702][  T967] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  205.378007][  T967] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  205.425254][  T967] usb 2-1: USB disconnect, device number 21
[  205.436230][  T967] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  205.451448][  T967] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  205.463531][  T967] visor 2-1:1.0: device disconnected
[  205.536745][ T8072] netlink: 44 bytes leftover after parsing attributes in process `syz.2.829'.
[  205.547155][ T8072] netlink: 12 bytes leftover after parsing attributes in process `syz.2.829'.
[  205.562976][ T8072] netlink: 'syz.2.829': attribute type 2 has an invalid length.
[  206.064174][ T8092] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  206.093832][ T8092] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  206.104713][ T8092] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  206.113922][ T8092] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  206.126443][ T8092] geneve2: entered promiscuous mode
[  206.131808][ T8092] geneve2: entered allmulticast mode
[  206.140895][ T8092] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  206.167751][ T8092] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  206.188770][ T8092] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  206.197845][ T8092] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  206.307767][ T8098] 8021q: adding VLAN 0 to HW filter on device bond2
[  206.518270][ T8111] netlink: 'syz.1.845': attribute type 6 has an invalid length.
[  206.736135][ T8119] siw: device registration error -23
[  206.974020][ T8133] netlink: 104 bytes leftover after parsing attributes in process `syz.1.856'.
[  207.005900][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz.1.856'.
[  207.052579][ T8133] netlink: 20 bytes leftover after parsing attributes in process `syz.1.856'.
[  207.231836][ T8145] (null): rxe_set_mtu: Set mtu to 1024
[  207.240587][ T8146] netlink: 'syz.3.861': attribute type 6 has an invalid length.
[  207.250164][ T8145] rdma_rxe: rxe_newlink: failed to add veth0_vlan
[  207.565375][ T8159] syz.0.870: attempt to access beyond end of device
[  207.565375][ T8159] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  207.877693][ T8173] loop0: detected capacity change from 0 to 1024
[  207.904567][ T8173] EXT4-fs: Ignoring removed bh option
[  207.921803][ T8173] EXT4-fs: inline encryption not supported
[  207.958751][ T8173] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  208.010433][ T8173] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000]
[  208.062464][ T8173] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.874: lblock 2 mapped to illegal pblock 2 (length 1)
[  208.108707][ T8182] kAFS: No cell specified
[  208.158639][ T8155] loop3: detected capacity change from 0 to 32768
[  208.161279][ T8173] EXT4-fs (loop0): Remounting filesystem read-only
[  208.204988][ T8173] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  208.221856][ T8155] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  208.226425][ T8173] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  208.241311][ T8173] EXT4-fs (loop0): 1 orphan inode deleted
[  208.266415][ T8173] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.292479][ T8195] loop1: detected capacity change from 0 to 256
[  208.326303][ T8173] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.401123][ T8195] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  208.503864][ T8155] XFS (loop3): Ending clean mount
[  208.699782][ T8201] loop1: detected capacity change from 0 to 512
[  208.713478][ T5774] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  208.793315][ T8205] ax25_connect(): syz.2.893 uses autobind, please contact jreuter@yaina.de
[  208.909565][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #3: comm syz.1.883: corrupted inode contents
[  208.967077][ T8201] EXT4-fs error (device loop1): ext4_dirty_inode:6124: inode #3: comm syz.1.883: mark_inode_dirty error
[  209.010344][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #3: comm syz.1.883: corrupted inode contents
[  209.066239][ T8201] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.883: mark_inode_dirty error
[  209.102039][ T8201] Quota error (device loop1): write_blk: dquota write failed
[  209.125376][ T8201] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  209.164909][ T8201] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.883: Failed to acquire dquot type 0
[  209.195804][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #16: comm syz.1.883: corrupted inode contents
[  209.218413][ T8201] EXT4-fs error (device loop1): ext4_dirty_inode:6124: inode #16: comm syz.1.883: mark_inode_dirty error
[  209.237185][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #16: comm syz.1.883: corrupted inode contents
[  209.251849][ T8201] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.883: mark_inode_dirty error
[  209.265957][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #16: comm syz.1.883: corrupted inode contents
[  209.304538][ T8201] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  209.345789][ T8201] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #16: comm syz.1.883: corrupted inode contents
[  209.401647][ T8201] EXT4-fs error (device loop1): ext4_truncate:4294: inode #16: comm syz.1.883: mark_inode_dirty error
[  209.437662][ T8201] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  209.468454][   T28] audit: type=1326 audit(1769250355.329:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff8f9acb9 code=0x7ffc0000
[  209.468889][ T8201] EXT4-fs (loop1): 1 truncate cleaned up
[  209.538969][   T28] audit: type=1326 audit(1769250355.329:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff8f9acb9 code=0x7ffc0000
[  209.565071][ T8201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.595060][ T8201] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.607507][   T28] audit: type=1326 audit(1769250355.359:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f2ff8f9acb9 code=0x7ffc0000
[  209.672607][ T8231] netlink: 256 bytes leftover after parsing attributes in process `syz.0.896'.
[  209.685112][   T28] audit: type=1326 audit(1769250355.359:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff8f9acb9 code=0x7ffc0000
[  209.733669][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.755571][   T28] audit: type=1326 audit(1769250355.359:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ff8f9acb9 code=0x7ffc0000
[  210.063842][ T8243] loop0: detected capacity change from 0 to 16
[  210.082224][ T8243] erofs: (device loop0): mounted with root inode @ nid 36.
[  210.110016][ T8243] erofs: (device loop0): z_erofs_read_folio: read error -95 @ 8200 of nid 36
[  210.214528][ T8227] loop2: detected capacity change from 0 to 32768
[  210.263017][  T967] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  210.420567][   T42] read_mapping_page failed!
[  210.429182][   T42] ERROR: (device loop2): txCommit: 
[  210.429182][   T42] 
[  210.465794][   T42] jfs_write_inode: jfs_commit_inode failed!
[  210.475381][  T967] usb 4-1: Using ep0 maxpacket: 16
[  210.489091][  T967] usb 4-1: config 0 has an invalid interface number: 237 but max is 0
[  210.498947][  T967] usb 4-1: config 0 has no interface number 0
[  210.516774][  T967] usb 4-1: config 0 interface 237 has no altsetting 0
[  210.538938][  T967] usb 4-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad
[  210.549387][  T967] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.571987][  T967] usb 4-1: Product: syz
[  210.581961][  T967] usb 4-1: Manufacturer: syz
[  210.592295][  T967] usb 4-1: SerialNumber: syz
[  210.608402][  T967] usb 4-1: config 0 descriptor??
[  210.629892][  T967] snd_usb_podhd 4-1:0.237: Line 6 POD HD300 found
[  210.713157][ T8259] loop0: detected capacity change from 0 to 2048
[  210.717333][ T8257] loop2: detected capacity change from 0 to 2048
[  210.733960][ T8259] EXT4-fs: Ignoring removed mblk_io_submit option
[  210.783209][ T8259] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.797132][ T8262] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  210.855123][  T967] snd_usb_podhd 4-1:0.237: cannot get proper max packet size
[  210.862870][  T967] snd_usb_podhd 4-1:0.237: Line 6 POD HD300 now disconnected
[  210.874648][  T967] snd_usb_podhd: probe of 4-1:0.237 failed with error -22
[  210.914541][ T8257] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  210.941952][ T8259] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.911: bg 0: block 234: padding at end of block bitmap is not set
[  210.986391][ T8257] Remounting filesystem read-only
[  210.998063][ T8257] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  211.007869][ T8259] EXT4-fs (loop0): Remounting filesystem read-only
[  211.093936][  T787] usb 4-1: USB disconnect, device number 17
[  211.102670][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.994136][ T8304] loop2: detected capacity change from 0 to 64
[  212.231739][ T8310] netlink: 'syz.3.935': attribute type 32 has an invalid length.
[  212.534842][   T28] audit: type=1326 audit(1769250358.389:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8322 comm="syz.1.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3729b9acb9 code=0x7ffc0000
[  212.715822][ T8329] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  212.724419][ T8327] loop1: detected capacity change from 0 to 2048
[  212.763096][ T8331] tmpfs: Bad value for 'mpol'
[  212.805282][ T8327]  loop1: p1 < > p3 p4 < >
[  212.829268][ T8327] loop1: p3 start 4284289 is beyond EOD, truncated
[  212.858461][ T8303] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  212.896097][ T8327] MINIX-fs: unable to read superblock
[  212.976699][ T8303] XFS (loop0): Ending clean mount
[  213.001938][ T8303] XFS (loop0): Quotacheck needed: Please wait.
[  213.020233][ T5772] __loop_clr_fd: partition scan of loop1 failed (rc=-16)
[  213.023494][ T5756] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  213.034082][ T5916] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  213.074584][ T5916] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.091461][ T5756] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.131446][ T5916] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  213.147845][ T5756] Buffer I/O error on dev loop1p1, logical block 0, async page read
[  213.176342][ T5916] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.197635][ T8303] XFS (loop0): Quotacheck: Done.
[  213.198413][ T5756] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.228943][ T5916] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  213.254839][ T5756] Buffer I/O error on dev loop1p1, logical block 0, async page read
[  213.273012][ T5916] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.283513][ T5756] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.313279][ T5916] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  213.334819][ T5756] Buffer I/O error on dev loop1p1, logical block 0, async page read
[  213.347082][ T5916] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.366214][ T5756] I/O error, dev loop1, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  213.385099][ T5916] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  213.393816][ T5916] Buffer I/O error on dev loop1p4, logical block 0, async page read
[  213.404848][ T5756] Buffer I/O error on dev loop1p1, logical block 0, async page read
[  213.413591][ T5756] Buffer I/O error on dev loop1p1, logical block 0, async page read
[  213.481257][ T5765] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  213.583890][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  213.610171][ T6035] udevd[6035]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  213.698232][ T5916] udevd[5916]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  213.715720][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  213.821452][ T8367] set_capacity_and_notify: 1 callbacks suppressed
[  213.821467][ T8367] loop3: detected capacity change from 0 to 64
[  214.501121][ T8390] loop1: detected capacity change from 0 to 2048
[  214.550725][ T8390] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  214.597835][ T8390] syz.1.969: attempt to access beyond end of device
[  214.597835][ T8390] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  214.614712][ T8398] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  214.674645][ T8400] loop2: detected capacity change from 0 to 2048
[  214.690657][ T8390] syz.1.969: attempt to access beyond end of device
[  214.690657][ T8390] loop1: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  214.704700][ T8400] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  214.742615][ T8390] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=0)
[  214.755245][  T787] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  214.960583][ T8407] loop2: detected capacity change from 0 to 512
[  214.985047][  T787] usb 1-1: Using ep0 maxpacket: 16
[  215.019016][ T8407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.041109][  T787] usb 1-1: config 0 has an invalid interface number: 214 but max is 0
[  215.044968][ T8407] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.062935][ T8408] loop3: detected capacity change from 0 to 4096
[  215.085386][ T8408] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  215.089171][  T787] usb 1-1: config 0 has no interface number 0
[  215.114738][ T8407] EXT4-fs error (device loop2): ext4_validate_inode_bitmap:106: comm syz.2.977: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20
[  215.143260][ T8407] EXT4-fs error (device loop2) in ext4_free_inode:363: Filesystem failed CRC
[  215.155410][  T787] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  215.207439][  T787] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  215.224659][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.225992][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.260552][  T787] usb 1-1: Product: syz
[  215.270673][  T787] usb 1-1: Manufacturer: syz
[  215.277482][ T8408] ntfs3: loop3: failed to convert "c46c" to macromanian
[  215.286220][  T787] usb 1-1: SerialNumber: syz
[  215.305628][  T787] usb 1-1: config 0 descriptor??
[  215.512958][ T8420] loop1: detected capacity change from 0 to 64
[  215.740606][ T8426] loop2: detected capacity change from 0 to 1764
[  215.767929][  T787] usbtouchscreen: probe of 1-1:0.214 failed with error -71
[  215.776110][    T8] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  215.798180][  T787] usb 1-1: USB disconnect, device number 19
[  215.824859][ T8428] loop1: detected capacity change from 0 to 512
[  215.847067][ T8428] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  215.868381][ T8428] EXT4-fs (loop1): 1 truncate cleaned up
[  215.877316][ T8428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.952864][ T8428] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  215.986568][    T8] usb 4-1: config index 0 descriptor too short (expected 39, got 27)
[  215.998639][    T8] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  216.013434][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  216.022444][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.044627][    T8] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  216.059518][    T8] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  216.069026][    T8] usb 4-1: Product: syz
[  216.073228][    T8] usb 4-1: Manufacturer: syz
[  216.084094][    T8] usb 4-1: SerialNumber: syz
[  216.110330][    T8] usb 4-1: config 0 descriptor??
[  216.128047][    T8] hub 4-1:0.0: bad descriptor, ignoring hub
[  216.134031][    T8] hub: probe of 4-1:0.0 failed with error -5
[  216.145075][   T27] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  216.149853][    T8] usb 4-1: selecting invalid altsetting 0
[  216.349698][   T27] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  216.379461][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.404820][   T27] usb 3-1: Product: syz
[  216.409050][   T27] usb 3-1: Manufacturer: syz
[  216.439876][   T27] usb 3-1: SerialNumber: syz
[  216.456662][   T27] r8152-cfgselector 3-1: config 0 descriptor??
[  216.557302][    T8] usb 4-1: USB disconnect, device number 18
[  216.882757][   T27] r8152-cfgselector 3-1: Unknown version 0x0000
[  216.893705][   T27] r8152-cfgselector 3-1: USB disconnect, device number 14
[  217.059123][ T8463] CIFS mount error: No usable UNC path provided in device string!
[  217.059123][ T8463] 
[  217.085476][ T8463] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  217.108320][ T8465] syz.1.1005 uses obsolete (PF_INET,SOCK_PACKET)
[  217.443413][ T8477] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  217.574174][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1015'.
[  217.675934][ T5826] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  217.874837][ T5826] usb 2-1: Using ep0 maxpacket: 16
[  217.897320][ T5826] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  217.915449][ T5826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.927607][ T5826] usb 2-1: Product: syz
[  217.931812][ T5826] usb 2-1: Manufacturer: syz
[  217.938529][ T5826] usb 2-1: SerialNumber: syz
[  217.955515][    T8] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  217.959395][ T5826] r8152-cfgselector 2-1: config 0 descriptor??
[  218.048043][ T8503] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  218.164894][    T8] usb 1-1: Using ep0 maxpacket: 32
[  218.174327][    T8] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  218.183640][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.191889][    T8] usb 1-1: Product: syz
[  218.195840][ T5826] usbip-host 2-1: 2-1 is not in match_busid table... skip!
[  218.196852][    T8] usb 1-1: Manufacturer: syz
[  218.208523][    T8] usb 1-1: SerialNumber: syz
[  218.212312][   T42] usb 2-1: config 0 descriptor??
[  218.221685][    T8] usb 1-1: config 0 descriptor??
[  218.265004][ T5849] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  218.402703][   T42] usb 2-1: can't set config #0, error -71
[  218.408897][  T967] usb 2-1: USB disconnect, device number 22
[  218.438136][    T8] airspy 1-1:0.0: usb_control_msg() failed -71 request 09
[  218.445582][ T5849] usb 3-1: Using ep0 maxpacket: 8
[  218.451072][    T8] airspy 1-1:0.0: Could not detect board
[  218.459505][    T8] airspy: probe of 1-1:0.0 failed with error -71
[  218.469528][ T5849] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  218.481356][    T8] usb 1-1: USB disconnect, device number 20
[  218.487595][ T5849] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.497633][ T5849] usb 3-1: Product: syz
[  218.503077][ T5849] usb 3-1: Manufacturer: syz
[  218.508245][ T5849] usb 3-1: SerialNumber: syz
[  218.514601][ T5849] usb 3-1: config 0 descriptor??
[  218.523250][ T5849] gspca_main: sq930x-2.14.0 probing 2770:930c
[  218.935672][ T5849] gspca_sq930x: ucbus_write failed -71
[  219.023558][ T8507] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  219.054928][ T8507] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  219.072266][ T8507] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  219.092473][ T8507] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  219.118930][ T8507] geneve2: entered promiscuous mode
[  219.124206][ T8507] geneve2: entered allmulticast mode
[  219.139074][ T8507] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  219.157912][ T8507] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  219.180978][ T8507] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  219.190809][ T5849] gspca_sq930x: Sensor ov9630 not yet treated
[  219.199026][ T8507] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  219.204901][ T5849] sq930x: probe of 3-1:0.0 failed with error -22
[  219.230303][ T5849] usb 3-1: USB disconnect, device number 15
[  219.818354][ T8538] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744071562067969)
[  219.854927][ T8538] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  219.969995][ T8545] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1044'.
[  219.999371][ T8547] loop0: detected capacity change from 0 to 256
[  220.013876][ T8545] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1044'.
[  220.211752][ T8553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1049'.
[  220.239546][ T8553] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1049'.
[  220.275697][ T8553] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  220.608580][ T8572] loop0: detected capacity change from 0 to 512
[  220.674046][ T8572] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.687244][ T8572] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.767092][ T8572] EXT4-fs error (device loop0): ext4_validate_inode_bitmap:106: comm syz.0.1058: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20
[  220.816816][ T8572] EXT4-fs error (device loop0) in ext4_free_inode:363: Filesystem failed CRC
[  220.931489][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.208080][ T8570] loop3: detected capacity change from 0 to 32768
[  221.853350][ T8617] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1075'.
[  221.999009][ T8622] AppArmor: change_hat: Invalid input '0'
[  222.070555][ T8624] loop1: detected capacity change from 0 to 128
[  222.110247][ T8624] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  222.123604][ T8624] ext4 filesystem being mounted at /254/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  222.155666][    C0] vkms_vblank_simulate: vblank timer overrun
[  222.176686][ T8624] EXT4-fs error (device loop1): __ext4_new_inode:1075: comm syz.1.1081: reserved inode found cleared - inode=2
[  222.234613][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.255346][    T8] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  222.384417][ T8635] loop3: detected capacity change from 0 to 512
[  222.389537][ T8637] loop1: detected capacity change from 0 to 512
[  222.408411][ T8637] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.417004][ T8637] EXT4-fs: Ignoring removed bh option
[  222.437839][    T8] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  222.453976][ T8635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.468872][ T8637] EXT4-fs error (device loop1): mb_free_blocks:1954: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  222.476278][    T8] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  222.490192][ T8637] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #11: comm syz.1.1084: corrupted inode contents
[  222.507783][ T8635] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.527356][ T8637] EXT4-fs error (device loop1): ext4_dirty_inode:6124: inode #11: comm syz.1.1084: mark_inode_dirty error
[  222.551512][ T8637] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1084: invalid indirect mapped block 1 (level 1)
[  222.554470][ T8635] EXT4-fs error (device loop3): ext4_validate_inode_bitmap:106: comm syz.3.1085: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20
[  222.585147][ T8637] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #11: comm syz.1.1084: corrupted inode contents
[  222.585524][    T8] usb 3-1: config 220 has no interface number 2
[  222.611914][ T8637] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  222.612496][    T8] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  222.621250][ T8635] EXT4-fs error (device loop3) in ext4_free_inode:363: Filesystem failed CRC
[  222.638655][    T8] usb 3-1: config 220 interface 0 has no altsetting 0
[  222.657409][ T8637] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #11: comm syz.1.1084: corrupted inode contents
[  222.657412][    T8] usb 3-1: config 220 interface 76 has no altsetting 0
[  222.669815][    T8] usb 3-1: config 220 interface 1 has no altsetting 0
[  222.696747][    T8] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  222.705998][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.722442][    T8] usb 3-1: Product: syz
[  222.725330][ T8637] EXT4-fs error (device loop1): ext4_truncate:4294: inode #11: comm syz.1.1084: mark_inode_dirty error
[  222.727006][    T8] usb 3-1: Manufacturer: syz
[  222.742431][    T8] usb 3-1: SerialNumber: syz
[  222.757024][ T8637] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  222.772491][ T8637] EXT4-fs (loop1): 1 truncate cleaned up
[  222.779885][ T8637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.811812][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.847821][ T8637] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #2: block 13: comm syz.1.1084: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  222.986780][    T8] usb 3-1: selecting invalid altsetting 0
[  222.993984][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.024066][    T8] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  223.043472][    T8] usb 3-1: No valid video chain found.
[  223.068123][    T8] usb 3-1: selecting invalid altsetting 0
[  223.074087][ T8647] netlink: 'syz.3.1088': attribute type 10 has an invalid length.
[  223.097155][    T8] usbtest: probe of 3-1:220.1 failed with error -22
[  223.111425][ T8647] team0: Device ipvlan1 failed to register rx_handler
[  223.137516][    T8] usb 3-1: USB disconnect, device number 16
[  223.245175][ T8647] syz.3.1088 (8647) used greatest stack depth: 19760 bytes left
[  223.321372][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  223.352158][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1092'.
[  223.722959][ T8671] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  223.748282][ T8671] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  223.771857][ T8671] overlayfs: missing 'lowerdir'
[  224.284971][ T8666] loop1: detected capacity change from 0 to 32768
[  224.330601][ T8666] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  224.388949][ T8666] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  224.853534][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  224.962560][ T8714] pimreg: entered allmulticast mode
[  225.115886][   T27] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  225.340949][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  225.367554][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.399167][   T27] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00
[  225.413365][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.435909][   T27] usb 4-1: config 0 descriptor??
[  225.452427][   T27] xbox_remote_probe: endpoint_in message size==0?
[  225.656593][   T27] usbhid 4-1:0.0: can't add hid device: -71
[  225.662660][   T27] usbhid: probe of 4-1:0.0 failed with error -71
[  225.670832][ T8740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1136'.
[  225.681239][ T8740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1136'.
[  225.693867][   T27] usb 4-1: USB disconnect, device number 19
[  225.701939][ T8740] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1136'.
[  225.724951][  T967] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  225.907859][  T967] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  225.936571][  T967] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  225.954440][  T967] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  225.967856][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.999208][  T967] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  226.011953][  T967] usb 1-1: invalid MIDI out EP 0
[  226.014850][    T8] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  226.118220][  T967] snd-usb-audio: probe of 1-1:27.0 failed with error -22
[  226.214874][    T8] usb 2-1: Using ep0 maxpacket: 32
[  226.232146][    T8] usb 2-1: config 1 interface 0 altsetting 14 endpoint 0x82 has invalid wMaxPacketSize 0
[  226.274596][    T8] usb 2-1: config 1 interface 0 altsetting 14 bulk endpoint 0x82 has invalid maxpacket 0
[  226.285095][    T8] usb 2-1: config 1 interface 0 altsetting 14 endpoint 0x3 has invalid maxpacket 1600, setting to 1024
[  226.300655][    T8] usb 2-1: config 1 interface 0 altsetting 14 bulk endpoint 0x3 has invalid maxpacket 1024
[  226.311353][    T8] usb 2-1: config 1 interface 0 has no altsetting 0
[  226.327759][    T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  226.333384][  T967] usb 1-1: USB disconnect, device number 21
[  226.351584][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.366729][    T8] usb 2-1: Product: syz
[  226.370948][    T8] usb 2-1: Manufacturer: syz
[  226.387481][    T8] usb 2-1: SerialNumber: syz
[  226.425645][ T8743] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  226.688391][    T8] cdc_ether: probe of 2-1:1.0 failed with error -22
[  226.724735][    T8] usb 2-1: USB disconnect, device number 23
[  226.798202][ T8768] netlink: 'syz.3.1149': attribute type 49 has an invalid length.
[  226.938346][ T8772] mmap: syz.2.1150 (8772) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  227.026615][ T8776] loop3: detected capacity change from 0 to 22
[  227.033783][ T8776] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  227.056535][ T8776] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  227.163037][ T8780] loop2: detected capacity change from 0 to 512
[  227.550774][ T8794] netlink: 'syz.2.1161': attribute type 4 has an invalid length.
[  227.575077][ T8794] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1161'.
[  227.622315][ T8794] .`: renamed from bond0 (while UP)
[  227.693571][ T8798] IPv6: NLM_F_CREATE should be specified when creating new route
[  228.402604][ T8796] loop3: detected capacity change from 0 to 32768
[  228.645366][    T8] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  228.710368][ T8812] netlink: 'syz.2.1171': attribute type 1 has an invalid length.
[  228.741783][ T8812] netlink: 'syz.2.1171': attribute type 2 has an invalid length.
[  228.753170][ T8812] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1171'.
[  228.865162][    T8] usb 2-1: Using ep0 maxpacket: 8
[  228.872783][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  228.892998][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  228.912215][ T8788] syz.0.1158 (8788): drop_caches: 2
[  228.914265][    T8] usb 2-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  228.938047][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.974981][    T8] usb 2-1: Product: syz
[  228.979383][    T8] usb 2-1: Manufacturer: syz
[  228.984094][    T8] usb 2-1: SerialNumber: syz
[  228.994569][ T8796] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  229.001048][    T8] usb 2-1: config 0 descriptor??
[  229.060278][ T8826] xt_l2tp: v2 doesn't support IP mode
[  229.122663][ T8796] XFS (loop3): Ending clean mount
[  229.287690][ T5774] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  229.563693][  T967] usb 2-1: USB disconnect, device number 24
[  229.731442][ T8844] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1183'.
[  229.779217][ T8844] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes.
[  229.780126][ T8847] loop2: detected capacity change from 0 to 512
[  229.796892][ T8847] EXT4-fs: Ignoring removed mblk_io_submit option
[  229.803477][ T8847] EXT4-fs: inline encryption not supported
[  229.816302][ T8847] EXT4-fs: Ignoring removed mblk_io_submit option
[  229.843242][ T8847] EXT4-fs (loop2): Test dummy encryption mode enabled
[  229.870908][ T8847] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  229.901913][ T8847] EXT4-fs (loop2): 1 truncate cleaned up
[  229.916386][ T8847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.963743][ T8853] loop0: detected capacity change from 0 to 512
[  230.078033][ T8853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.177733][ T8853] ext4 filesystem being mounted at /307/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.311446][ T8853] EXT4-fs error (device loop0): ext4_empty_dir:3136: inode #12: comm syz.0.1187: invalid size
[  230.423307][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.494225][ T8847] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  230.526539][ T8877] 9pnet_fd: p9_fd_create_tcp (8877): problem connecting socket to 127.0.0.1
[  230.709265][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.733974][ T8885] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1199'.
[  230.895032][ T8891] netlink: 'syz.2.1198': attribute type 10 has an invalid length.
[  230.925937][ T8891] team0: Device ipvlan1 failed to register rx_handler
[  231.249228][ T8906] loop3: detected capacity change from 0 to 512
[  231.264092][ T8906] EXT4-fs: Ignoring removed mblk_io_submit option
[  231.268377][ T8910] netlink: 'syz.1.1210': attribute type 4 has an invalid length.
[  231.278908][ T8910] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1210'.
[  231.309324][ T8906] EXT4-fs: inline encryption not supported
[  231.325170][ T8906] EXT4-fs: Ignoring removed mblk_io_submit option
[  231.345580][ T8906] EXT4-fs (loop3): Test dummy encryption mode enabled
[  231.363622][ T8910] .`: renamed from bond0 (while UP)
[  231.372356][ T8906] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  231.404183][ T8906] EXT4-fs (loop3): 1 truncate cleaned up
[  231.421983][ T8906] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.534887][ T5849] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  231.538829][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.717489][ T5849] usb 3-1: Using ep0 maxpacket: 16
[  231.725035][ T8923] netlink: 'syz.0.1216': attribute type 10 has an invalid length.
[  231.748967][ T5849] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  231.785635][ T5849] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.788937][ T8923] team0: Device ipvlan1 failed to register rx_handler
[  231.793767][ T5849] usb 3-1: Product: syz
[  231.819830][ T5849] usb 3-1: Manufacturer: syz
[  231.824525][ T5849] usb 3-1: SerialNumber: syz
[  231.837720][ T5849] r8152-cfgselector 3-1: config 0 descriptor??
[  232.063313][ T8930] loop1: detected capacity change from 0 to 4096
[  232.081325][ T5849] usbip-host 3-1: 3-1 is not in match_busid table... skip!
[  232.139978][ T8936] netlink: 'syz.3.1222': attribute type 4 has an invalid length.
[  232.161215][ T8936] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1222'.
[  232.191192][ T8936] .`: renamed from bond0 (while UP)
[  232.203668][ T8938] loop0: detected capacity change from 0 to 512
[  232.228033][ T8938] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.248869][ T8938] EXT4-fs: inline encryption not supported
[  232.256970][ T8938] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.267416][ T8938] EXT4-fs (loop0): Test dummy encryption mode enabled
[  232.288942][ T8938] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  232.326544][   T27] usb 3-1: USB disconnect, device number 17
[  232.396519][ T8938] EXT4-fs (loop0): 1 truncate cleaned up
[  232.499374][ T8938] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.654886][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.933244][ T8960] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1233'.
[  232.971833][ T8962] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  233.019097][ T8965] netlink: 'syz.1.1234': attribute type 1 has an invalid length.
[  233.404880][   T27] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  233.420915][ T8982] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1242'.
[  233.600964][   T27] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[  233.611894][   T27] usb 1-1: config 0 has no interface number 0
[  233.618605][   T27] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  233.629055][   T27] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  233.645293][   T27] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  233.665142][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.683557][   T27] usb 1-1: Product: syz
[  233.693700][   T27] usb 1-1: Manufacturer: syz
[  233.698835][   T27] usb 1-1: SerialNumber: syz
[  233.716552][   T27] usb 1-1: config 0 descriptor??
[  233.718093][ T8966] loop2: detected capacity change from 0 to 32768
[  233.727445][ T8991] loop1: detected capacity change from 0 to 512
[  233.735820][ T8970] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  233.756417][   T27] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  233.792899][   T27] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  233.875493][ T8991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.896654][ T8991] ext4 filesystem being mounted at /288/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.927323][ T8991] EXT4-fs error (device loop1): ext4_empty_dir:3136: inode #12: comm syz.1.1247: invalid size
[  234.043558][ T8997] loop3: detected capacity change from 0 to 64
[  234.066370][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.204561][   T27] usb 1-1: USB disconnect, device number 22
[  234.235981][   T27] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  234.257776][   T27] cyberjack 1-1:0.69: device disconnected
[  234.274398][ T9003] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1253'.
[  234.380743][ T9007] netlink: 'syz.3.1254': attribute type 1 has an invalid length.
[  234.388702][ T9007] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1254'.
[  234.817946][ T9022] netlink: 'syz.3.1261': attribute type 1 has an invalid length.
[  234.850838][ T9022] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1261'.
[  235.337448][ T9045] loop3: detected capacity change from 0 to 8
[  235.406027][ T9045] SQUASHFS error: xz decompression failed, data probably corrupt
[  235.413828][ T9045] SQUASHFS error: Failed to read block 0x108: -5
[  235.452500][ T9045] SQUASHFS error: Unable to read metadata cache entry [106]
[  235.477383][ T9045] SQUASHFS error: Unable to read inode 0x11f
[  235.844482][ T9064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1282'.
[  235.861060][ T9066] comedi comedi0: fl512: I/O port conflict (0x3,16)
[  235.973519][ T9068] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1284'.
[  235.982724][ T5849] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  236.181409][ T9054] loop2: detected capacity change from 0 to 32768
[  236.182875][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  236.210843][ T5849] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  236.222988][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33119, setting to 1024
[  236.226274][ T9054] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  236.235644][ T5849] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  236.257995][ T5849] usb 4-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[  236.268372][ T5849] usb 4-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[  236.276811][ T5849] usb 4-1: Manufacturer: syz
[  236.283789][ T5849] usb 4-1: config 0 descriptor??
[  236.289744][ T9045] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  236.299708][ T5849] smsusb:smsusb_probe: board id=9, interface number 0
[  236.315321][ T5849] smsusb:siano_media_device_register: media controller created
[  236.325993][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.333388][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.340747][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.348098][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.355454][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.362883][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.373072][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.380431][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.388222][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.395515][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.402796][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.410093][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.417835][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.425138][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.432371][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.440669][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.447982][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.455305][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.470469][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.473679][ T9080] loop0: detected capacity change from 0 to 256
[  236.477826][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.477913][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.499080][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.506531][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.513875][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.521547][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.528892][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.536211][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.543488][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.550749][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.557984][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.565642][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.572951][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.580239][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.587541][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.594837][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.602136][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.611274][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.618837][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.626182][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.633571][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.640875][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.648163][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.655443][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.663995][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.671325][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.679481][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.686851][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.694182][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.701545][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.708958][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.716385][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.723737][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.731657][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.739034][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.746497][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.754192][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.761509][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.762912][ T9080] FAT-fs (loop0): Directory bread(block 64) failed
[  236.768788][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.768850][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.768909][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.768960][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.769018][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.770489][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.820896][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.828216][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.835500][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.842763][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.850029][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.857286][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.864543][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.871802][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.879105][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.887129][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.894544][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.901947][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.909265][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.916567][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.923864][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.931173][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.938566][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.945125][ T9080] FAT-fs (loop0): Directory bread(block 65) failed
[  236.945838][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.952413][ T9080] FAT-fs (loop0): Directory bread(block 66) failed
[  236.959878][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.974733][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.982163][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.989467][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  236.996777][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.004087][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.011392][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.018737][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.033702][ T5849] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[  237.042729][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.042823][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.042899][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.042962][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043043][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043109][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043179][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043251][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043329][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.043401][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.082747][ T9080] FAT-fs (loop0): Directory bread(block 67) failed
[  237.088184][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.131372][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.138706][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.146017][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.148864][ T9080] FAT-fs (loop0): Directory bread(block 68) failed
[  237.153281][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.167424][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.174745][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.182067][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.189406][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.198074][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.200607][ T9080] FAT-fs (loop0): Directory bread(block 69) failed
[  237.205366][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205422][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205478][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205529][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205578][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205633][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205686][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.205739][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.206619][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.269989][ T9080] FAT-fs (loop0): Directory bread(block 70) failed
[  237.277706][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.291681][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.298983][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.306271][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.313575][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.320877][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.322310][ T9080] FAT-fs (loop0): Directory bread(block 71) failed
[  237.328159][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.328212][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.330887][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.335449][ T9080] FAT-fs (loop0): Directory bread(block 72) failed
[  237.342236][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.349465][ T9080] FAT-fs (loop0): Directory bread(block 73) failed
[  237.356923][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.375340][ T5768] ocfs2: Unmounting device (7,2) on (node local)
[  237.377330][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.398357][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.405856][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.413166][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.420492][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.427812][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.436798][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.444129][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.451430][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.458745][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.466060][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.473383][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.480684][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.488003][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.495929][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.503436][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.510973][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.518269][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.525642][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.532950][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.540253][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.547633][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.555226][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.562551][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.569842][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.577404][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.584703][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.592013][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.599303][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.606565][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.613788][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.629062][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.636392][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.643679][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.651000][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.658552][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.665848][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.673131][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.680386][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.687615][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.694853][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.702095][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.710108][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.717410][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.725686][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.733013][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.740389][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.747674][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.754976][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.762269][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.769580][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.777066][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.784613][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.791924][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.799238][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.808999][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.816328][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.823625][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.830928][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.838242][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.845519][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.853095][ T5849] smsmdtv:smscore_set_device_mode: mode detect failed -22
[  237.860617][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.860707][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.860792][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.860881][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.860970][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.861049][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.861131][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.861208][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.861292][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.919613][ T9086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1293'.
[  237.920651][ T5849] smsmdtv:smscore_start_device: set device mode failed , rc -22
[  237.944324][ T5849] smsusb:smsusb_init_device: smscore_start_device(...) failed
[  237.952251][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.959569][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.966880][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.974177][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.981475][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.988767][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  237.996222][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.003484][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.010822][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.018743][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.026060][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.033349][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.040642][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.047931][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.055225][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.062524][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.069816][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.077119][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.085368][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.092681][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.099995][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.107374][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.115485][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.122810][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.130135][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.137440][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.144766][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.152495][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.160119][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.167428][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.174815][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.182158][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.189398][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.196628][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.203853][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.211095][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.219362][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.231414][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.238787][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.246112][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.253447][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.260761][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.268085][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.275403][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.282726][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.290049][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.297838][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.305147][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.312452][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.319762][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.327063][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.334365][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.341670][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.351384][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.359020][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.366341][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.373657][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.378140][ T9092] netlink: 'syz.3.1295': attribute type 10 has an invalid length.
[  238.380937][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.397154][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.404574][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.408652][ T9093] loop1: detected capacity change from 0 to 16
[  238.411842][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.425635][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.433832][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.441150][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.448568][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.454489][ T9092] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1295'.
[  238.455857][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.455919][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.455986][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.487967][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.495296][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.497894][ T9093] erofs: (device loop1): mounted with root inode @ nid 36.
[  238.502666][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.502720][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.502769][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.502827][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.504767][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.546668][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.555033][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.562331][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.569615][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.576896][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.584178][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.591447][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.598709][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.605936][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.613528][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.620823][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.628103][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.635382][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.643442][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.650748][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.658026][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.665290][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.672544][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.680121][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.687450][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.694755][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.709634][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.717022][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.724364][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.731798][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.739138][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.746460][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.753722][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.761324][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.769509][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.776828][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.784191][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.791492][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.798787][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.806092][    C0] smsusb:smsusb_onresponse: error, urb status -2, 0 bytes
[  238.813309][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.820595][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.828240][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[  238.838217][ T5849] ------------[ cut here ]------------
[  238.843726][ T5849] ODEBUG: free active (active state 0) object: ffff88805aec8208 object type: work_struct hint: do_submit_urb+0x0/0x360
[  238.857200][ T5874] ==================================================================
[  238.865289][ T5874] BUG: KASAN: slab-use-after-free in __lock_acquire+0x10d/0x7d40
[  238.873025][ T5874] Read of size 8 at addr ffff8880192fd098 by task kworker/0:6/5874
[  238.880924][ T5874] 
[  238.883245][ T5874] CPU: 0 PID: 5874 Comm: kworker/0:6 Not tainted syzkaller #0
[  238.890785][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  238.900848][ T5874] Workqueue: events do_submit_urb
[  238.905873][ T5874] Call Trace:
[  238.909173][ T5874]  <TASK>
[  238.912090][ T5874]  dump_stack_lvl+0x18c/0x250
[  238.916764][ T5874]  ? __lock_acquire+0x7d40/0x7d40
[  238.921780][ T5874]  ? show_regs_print_info+0x20/0x20
[  238.926977][ T5874]  ? load_image+0x400/0x400
[  238.931477][ T5874]  ? __virt_addr_valid+0x469/0x540
[  238.936584][ T5874]  print_report+0xa8/0x210
[  238.941077][ T5874]  ? __lock_acquire+0x10d/0x7d40
[  238.946004][ T5874]  kasan_report+0x117/0x150
[  238.950497][ T5874]  ? mark_lock+0x94/0x320
[  238.954818][ T5874]  ? __lock_acquire+0x10d/0x7d40
[  238.959744][ T5874]  __lock_acquire+0x10d/0x7d40
[  238.964497][ T5874]  ? mark_lock+0x94/0x320
[  238.968817][ T5874]  ? look_up_lock_class+0x75/0x140
[  238.974006][ T5874]  ? verify_lock_unused+0x140/0x140
[  238.979191][ T5874]  ? register_lock_class+0xc4/0x8a0
[  238.984398][ T5874]  ? is_dynamic_key+0x260/0x260
[  238.989353][ T5874]  ? mark_lock+0x94/0x320
[  238.993770][ T5874]  ? __lock_acquire+0x1347/0x7d40
[  238.998785][ T5874]  lock_acquire+0x19e/0x420
[  239.003279][ T5874]  ? smscore_getbuffer+0xa7/0x440
[  239.008296][ T5874]  ? read_lock_is_recursive+0x20/0x20
[  239.013745][ T5874]  _raw_spin_lock_irqsave+0xb4/0x100
[  239.019018][ T5874]  ? smscore_getbuffer+0xa7/0x440
[  239.024030][ T5874]  ? _raw_spin_lock+0x40/0x40
[  239.028692][ T5874]  smscore_getbuffer+0xa7/0x440
[  239.033536][ T5874]  ? smscore_onresponse+0xf00/0xf00
[  239.038758][ T5874]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  239.044758][ T5874]  ? read_lock_is_recursive+0x20/0x20
[  239.050142][ T5874]  do_submit_urb+0x98/0x360
[  239.054646][ T5874]  ? process_scheduled_works+0x96f/0x15d0
[  239.060456][ T5874]  ? process_scheduled_works+0x96f/0x15d0
[  239.066181][ T5874]  process_scheduled_works+0xa5d/0x15d0
[  239.071738][ T5874]  ? assign_work+0x430/0x430
[  239.076319][ T5874]  ? assign_work+0x3d0/0x430
[  239.080911][ T5874]  worker_thread+0xa55/0xfc0
[  239.085492][ T5874]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  239.091545][ T5874]  ? _raw_spin_unlock+0x40/0x40
[  239.096381][ T5874]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  239.102265][ T5874]  kthread+0x2fa/0x390
[  239.106323][ T5874]  ? pr_cont_work+0x560/0x560
[  239.110997][ T5874]  ? kthread_blkcg+0xd0/0xd0
[  239.115574][ T5874]  ret_from_fork+0x48/0x80
[  239.119981][ T5874]  ? kthread_blkcg+0xd0/0xd0
[  239.124555][ T5874]  ret_from_fork_asm+0x11/0x20
[  239.129322][ T5874]  </TASK>
[  239.132330][ T5874] 
[  239.134705][ T5874] Allocated by task 5849:
[  239.139046][ T5874]  kasan_set_track+0x4e/0x70
[  239.143863][ T5874]  __kasan_kmalloc+0x8f/0xa0
[  239.148458][ T5874]  smscore_register_device+0x63/0x10e0
[  239.153921][ T5874]  smsusb_probe+0x1410/0x1e50
[  239.158605][ T5874]  usb_probe_interface+0x5c9/0xb20
[  239.163716][ T5874]  really_probe+0x25b/0xb20
[  239.168205][ T5874]  __driver_probe_device+0x18c/0x330
[  239.173521][ T5874]  driver_probe_device+0x4f/0x420
[  239.178556][ T5874]  __device_attach_driver+0x2ca/0x510
[  239.183936][ T5874]  bus_for_each_drv+0x252/0x2e0
[  239.188796][ T5874]  __device_attach+0x2c2/0x420
[  239.193544][ T5874]  bus_probe_device+0x180/0x260
[  239.198381][ T5874]  device_add+0x85b/0xc20
[  239.202699][ T5874]  usb_set_configuration+0x1a79/0x20c0
[  239.208148][ T5874]  usb_generic_driver_probe+0x8d/0x150
[  239.213593][ T5874]  usb_probe_device+0x13d/0x270
[  239.218437][ T5874]  really_probe+0x25b/0xb20
[  239.222923][ T5874]  __driver_probe_device+0x18c/0x330
[  239.228188][ T5874]  driver_probe_device+0x4f/0x420
[  239.233195][ T5874]  __device_attach_driver+0x2ca/0x510
[  239.238554][ T5874]  bus_for_each_drv+0x252/0x2e0
[  239.243483][ T5874]  __device_attach+0x2c2/0x420
[  239.248231][ T5874]  bus_probe_device+0x180/0x260
[  239.253070][ T5874]  device_add+0x85b/0xc20
[  239.257388][ T5874]  usb_new_device+0xa3c/0x1660
[  239.262137][ T5874]  hub_event+0x29bf/0x49f0
[  239.266534][ T5874]  process_scheduled_works+0xa5d/0x15d0
[  239.272065][ T5874]  worker_thread+0xa55/0xfc0
[  239.276641][ T5874]  kthread+0x2fa/0x390
[  239.280693][ T5874]  ret_from_fork+0x48/0x80
[  239.285186][ T5874]  ret_from_fork_asm+0x11/0x20
[  239.289935][ T5874] 
[  239.292244][ T5874] Freed by task 5849:
[  239.296292][ T5874]  kasan_set_track+0x4e/0x70
[  239.300868][ T5874]  kasan_save_free_info+0x2e/0x50
[  239.305991][ T5874]  ____kasan_slab_free+0x126/0x1e0
[  239.311086][ T5874]  slab_free_freelist_hook+0x130/0x1a0
[  239.316526][ T5874]  __kmem_cache_free+0xba/0x1e0
[  239.321369][ T5874]  smscore_unregister_device+0x5ff/0x6d0
[  239.326989][ T5874]  smsusb_term_device+0x18f/0x220
[  239.332016][ T5874]  smsusb_probe+0x17a0/0x1e50
[  239.336695][ T5874]  usb_probe_interface+0x5c9/0xb20
[  239.341814][ T5874]  really_probe+0x25b/0xb20
[  239.346425][ T5874]  __driver_probe_device+0x18c/0x330
[  239.351695][ T5874]  driver_probe_device+0x4f/0x420
[  239.356702][ T5874]  __device_attach_driver+0x2ca/0x510
[  239.362060][ T5874]  bus_for_each_drv+0x252/0x2e0
[  239.366899][ T5874]  __device_attach+0x2c2/0x420
[  239.371645][ T5874]  bus_probe_device+0x180/0x260
[  239.376486][ T5874]  device_add+0x85b/0xc20
[  239.380807][ T5874]  usb_set_configuration+0x1a79/0x20c0
[  239.386257][ T5874]  usb_generic_driver_probe+0x8d/0x150
[  239.391702][ T5874]  usb_probe_device+0x13d/0x270
[  239.396536][ T5874]  really_probe+0x25b/0xb20
[  239.401106][ T5874]  __driver_probe_device+0x18c/0x330
[  239.406371][ T5874]  driver_probe_device+0x4f/0x420
[  239.411378][ T5874]  __device_attach_driver+0x2ca/0x510
[  239.416735][ T5874]  bus_for_each_drv+0x252/0x2e0
[  239.421575][ T5874]  __device_attach+0x2c2/0x420
[  239.426339][ T5874]  bus_probe_device+0x180/0x260
[  239.431189][ T5874]  device_add+0x85b/0xc20
[  239.435508][ T5874]  usb_new_device+0xa3c/0x1660
[  239.440265][ T5874]  hub_event+0x29bf/0x49f0
[  239.444663][ T5874]  process_scheduled_works+0xa5d/0x15d0
[  239.450201][ T5874]  worker_thread+0xa55/0xfc0
[  239.454782][ T5874]  kthread+0x2fa/0x390
[  239.458841][ T5874]  ret_from_fork+0x48/0x80
[  239.463243][ T5874]  ret_from_fork_asm+0x11/0x20
[  239.468002][ T5874] 
[  239.470323][ T5874] The buggy address belongs to the object at ffff8880192fd000
[  239.470323][ T5874]  which belongs to the cache kmalloc-2k of size 2048
[  239.484447][ T5874] The buggy address is located 152 bytes inside of
[  239.484447][ T5874]  freed 2048-byte region [ffff8880192fd000, ffff8880192fd800)
[  239.498343][ T5874] 
[  239.500661][ T5874] The buggy address belongs to the physical page:
[  239.507062][ T5874] page:ffffea000064be00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x192f8
[  239.517197][ T5874] head:ffffea000064be00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  239.526118][ T5874] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  239.534085][ T5874] page_type: 0xffffffff()
[  239.538396][ T5874] raw: 00fff00000000840 ffff888017c42000 ffffea0000926800 dead000000000002
[  239.547060][ T5874] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
[  239.555626][ T5874] page dumped because: kasan: bad access detected
[  239.562028][ T5874] page_owner tracks the page as allocated
[  239.567723][ T5874] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5829, tgid 5829 (kworker/0:4), ts 71561228426, free_ts 71546692437
[  239.590454][ T5874]  post_alloc_hook+0x1c1/0x200
[  239.595213][ T5874]  get_page_from_freelist+0x1951/0x19e0
[  239.600740][ T5874]  __alloc_pages+0x1f0/0x460
[  239.605318][ T5874]  alloc_slab_page+0x5d/0x160
[  239.609977][ T5874]  new_slab+0x87/0x2d0
[  239.614037][ T5874]  ___slab_alloc+0xc5d/0x12f0
[  239.618708][ T5874]  __kmem_cache_alloc_node+0x19e/0x250
[  239.624153][ T5874]  __kmalloc_node_track_caller+0xa2/0x230
[  239.629860][ T5874]  kmalloc_reserve+0x116/0x240
[  239.634623][ T5874]  __alloc_skb+0x138/0x2c0
[  239.639066][ T5874]  mld_newpack+0x154/0xbe0
[  239.643736][ T5874]  add_grhead+0x5a/0x2a0
[  239.648008][ T5874]  add_grec+0x13ad/0x1660
[  239.652412][ T5874]  mld_send_initial_cr+0xed/0x240
[  239.657541][ T5874]  mld_dad_work+0x40/0x270
[  239.661951][ T5874]  process_scheduled_works+0xa5d/0x15d0
[  239.667485][ T5874] page last free stack trace:
[  239.672140][ T5874]  free_unref_page_prepare+0x7b2/0x8c0
[  239.677590][ T5874]  free_unref_page+0x32/0x2e0
[  239.682281][ T5874]  __slab_free+0x35a/0x400
[  239.686686][ T5874]  qlist_free_all+0x75/0xd0
[  239.691177][ T5874]  kasan_quarantine_reduce+0x143/0x160
[  239.696621][ T5874]  __kasan_slab_alloc+0x22/0x80
[  239.701459][ T5874]  slab_post_alloc_hook+0x6e/0x4b0
[  239.706566][ T5874]  kmem_cache_alloc_node+0x14c/0x320
[  239.711839][ T5874]  __alloc_skb+0x103/0x2c0
[  239.716335][ T5874]  mld_newpack+0x154/0xbe0
[  239.720743][ T5874]  add_grhead+0x5a/0x2a0
[  239.724981][ T5874]  add_grec+0x13ad/0x1660
[  239.729303][ T5874]  mld_send_initial_cr+0xed/0x240
[  239.734324][ T5874]  ipv6_mc_dad_complete+0x88/0x210
[  239.739422][ T5874]  addrconf_dad_completed+0x776/0xd90
[  239.744793][ T5874]  addrconf_dad_work+0xc90/0x1530
[  239.749819][ T5874] 
[  239.752125][ T5874] Memory state around the buggy address:
[  239.757743][ T5874]  ffff8880192fcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  239.765802][ T5874]  ffff8880192fd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  239.773959][ T5874] >ffff8880192fd080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  239.782012][ T5874]                             ^
[  239.786845][ T5874]  ffff8880192fd100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  239.794889][ T5874]  ffff8880192fd180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  239.802930][ T5874] ==================================================================
[  239.810983][ T5874] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  239.818158][ T5874] CPU: 0 PID: 5874 Comm: kworker/0:6 Not tainted syzkaller #0
[  239.825684][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  239.835814][ T5874] Workqueue: events do_submit_urb
[  239.840834][ T5874] Call Trace:
[  239.844099][ T5874]  <TASK>
[  239.847019][ T5874]  dump_stack_lvl+0x18c/0x250
[  239.851692][ T5874]  ? show_regs_print_info+0x20/0x20
[  239.856883][ T5874]  ? load_image+0x400/0x400
[  239.861377][ T5874]  panic+0x2dc/0x730
[  239.865259][ T5874]  ? bpf_jit_dump+0xd0/0xd0
[  239.869749][ T5874]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  239.875645][ T5874]  ? _raw_spin_unlock+0x40/0x40
[  239.880480][ T5874]  ? print_memory_metadata+0x314/0x400
[  239.885955][ T5874]  ? __lock_acquire+0x10d/0x7d40
[  239.890886][ T5874]  check_panic_on_warn+0x84/0xa0
[  239.895812][ T5874]  ? __lock_acquire+0x10d/0x7d40
[  239.900760][ T5874]  end_report+0x6f/0x130
[  239.904995][ T5874]  kasan_report+0x128/0x150
[  239.909570][ T5874]  ? mark_lock+0x94/0x320
[  239.913886][ T5874]  ? __lock_acquire+0x10d/0x7d40
[  239.918812][ T5874]  __lock_acquire+0x10d/0x7d40
[  239.923584][ T5874]  ? mark_lock+0x94/0x320
[  239.927931][ T5874]  ? look_up_lock_class+0x75/0x140
[  239.933027][ T5874]  ? verify_lock_unused+0x140/0x140
[  239.938208][ T5874]  ? register_lock_class+0xc4/0x8a0
[  239.943423][ T5874]  ? is_dynamic_key+0x260/0x260
[  239.948259][ T5874]  ? mark_lock+0x94/0x320
[  239.952575][ T5874]  ? __lock_acquire+0x1347/0x7d40
[  239.957587][ T5874]  lock_acquire+0x19e/0x420
[  239.962083][ T5874]  ? smscore_getbuffer+0xa7/0x440
[  239.967102][ T5874]  ? read_lock_is_recursive+0x20/0x20
[  239.972551][ T5874]  _raw_spin_lock_irqsave+0xb4/0x100
[  239.977824][ T5874]  ? smscore_getbuffer+0xa7/0x440
[  239.982847][ T5874]  ? _raw_spin_lock+0x40/0x40
[  239.987511][ T5874]  smscore_getbuffer+0xa7/0x440
[  239.992351][ T5874]  ? smscore_onresponse+0xf00/0xf00
[  239.997580][ T5874]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  240.003593][ T5874]  ? read_lock_is_recursive+0x20/0x20
[  240.008968][ T5874]  do_submit_urb+0x98/0x360
[  240.013470][ T5874]  ? process_scheduled_works+0x96f/0x15d0
[  240.019175][ T5874]  ? process_scheduled_works+0x96f/0x15d0
[  240.024878][ T5874]  process_scheduled_works+0xa5d/0x15d0
[  240.030418][ T5874]  ? assign_work+0x430/0x430
[  240.034996][ T5874]  ? assign_work+0x3d0/0x430
[  240.039575][ T5874]  worker_thread+0xa55/0xfc0
[  240.044151][ T5874]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  240.050029][ T5874]  ? _raw_spin_unlock+0x40/0x40
[  240.054872][ T5874]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  240.060769][ T5874]  kthread+0x2fa/0x390
[  240.064831][ T5874]  ? pr_cont_work+0x560/0x560
[  240.069493][ T5874]  ? kthread_blkcg+0xd0/0xd0
[  240.074101][ T5874]  ret_from_fork+0x48/0x80
[  240.078505][ T5874]  ? kthread_blkcg+0xd0/0xd0
[  240.083081][ T5874]  ret_from_fork_asm+0x11/0x20
[  240.087842][ T5874]  </TASK>
[  240.091369][ T5874] Kernel Offset: disabled
[  240.095682][ T5874] Rebooting in 86400 seconds..