last executing test programs:

7.160707979s ago: executing program 1 (id=2739):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000980))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000002c0))

7.14614111s ago: executing program 1 (id=2740):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xb4, &(0x7f0000000b00)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaa3aa0086dd60003a04007e3a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

7.136925281s ago: executing program 1 (id=2741):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
write$cgroup_subtree(r0, 0x0, 0x240)

7.087752055s ago: executing program 1 (id=2742):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = gettid()
r2 = gettid()
tkill(r1, 0x12)
tkill(r2, 0x14)

7.03101054s ago: executing program 1 (id=2743):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5543, 0x42, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x0, 'Z'}, @main=@item_012={0x0, 0x0, 0x9}, @local, @main=@item_012={0x2, 0x0, 0x8, "d1a8"}]}}, 0x0}, 0x0)

6.163705743s ago: executing program 0 (id=2750):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$netlink(r1, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r1, &(0x7f0000000300)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x201}, 0x14}}, 0x0)

5.801987633s ago: executing program 2 (id=2755):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000700)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==")
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, &(0x7f0000000100)}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000180)=0x221a, 0x4)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
dup3(r6, 0xffffffffffffffff, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000540)="679512f062b8d965651edd4c06c901784e56aa174403ad4134742b71d211c6a85d8bc563c27f754fc2af5351f2f41e867c71c19837f2feba7862e511a47c446cd11c960f018962a53f6cf31a1123ff8092c9ff560701bfc579fa80f9149acafe2a225fed70d9173f0243a55be3c4028da556cf126da9c1b9b8f8e113", 0x7c}, {&(0x7f00000003c0)="5a268f4785bba0774702365bf4469155da654cbe1ea17e28716b296b91c331d001fdb2018e7f32be7178d9e28e4f62931f6fe1209a7ec4edbc9e8791150d3b53", 0x40}], 0x2}}, {{0x0, 0x0, &(0x7f0000001100)=[{0x0}], 0x1}}], 0x2, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.275833957s ago: executing program 0 (id=2756):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000401904000600000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="00220b0000001d3919120b"], 0x0}, 0x0)

5.163408597s ago: executing program 4 (id=2745):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000300000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000e00000018608ffffffff0002"], 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000690109022f00010000000009040000000e010000152403"], 0x0)

4.306982799s ago: executing program 2 (id=2758):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x60, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000040)=0xb0, 0x4)
syz_emit_ethernet(0xfed7, &(0x7f00000002c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "00641a", 0x0, 0x3a, 0x0, @mcast1, @mcast1, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

4.28790211s ago: executing program 1 (id=2759):
pipe(&(0x7f00000000c0))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001300010000000000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="010300000000e2ff130003007665b57468305f746f5f6261746164760008000d000000"], 0x44}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10)
getrlimit(0xf, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000539d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
ptrace(0x10, 0x1)
r3 = gettid()
timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/78, 0x4e}], 0x1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
getsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)

4.05803326s ago: executing program 2 (id=2761):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x4, 0x0, 0x40, 0x1aec}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
ftruncate(r3, 0x2007ffb)
sendfile(r3, r3, 0x0, 0x800000009)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
mlockall(0x1)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040d80402c000000000000109022400010000000009040000ff030000000921000000012207000905810300000000"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_LIST_RULES(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0x10}}, 0x4048810)
open(&(0x7f0000000000)='./file0\x00', 0x80, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_usb_control_io$hid(r4, &(0x7f0000000680)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0x0, "7325ba8c"}, @main=@item_012={0x0, 0x0, 0xa}, @global]}}, 0x0}, 0x0)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.pending_reads\x00', 0x1, 0x91)

2.646958808s ago: executing program 4 (id=2763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2.607000392s ago: executing program 4 (id=2764):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x21, 0x0, [{}, {}, {0x0, 0x0, 0x3}]}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

2.606485461s ago: executing program 4 (id=2765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000fdeabb00000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000000)={&(0x7f00000057c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}, 0x0)

2.606093971s ago: executing program 4 (id=2766):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010300000000000000000a800000000300"], 0x30}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)

2.595893273s ago: executing program 4 (id=2767):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

2.354347843s ago: executing program 0 (id=2768):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x108)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)

2.246214902s ago: executing program 0 (id=2769):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x200000000004e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
write$binfmt_elf64(r0, &(0x7f0000000640)=ANY=[], 0x100000530)
getpeername$inet(r0, 0x0, &(0x7f00000000c0))

2.048232568s ago: executing program 0 (id=2770):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000600)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x0, 0x0, 0x0, "8cda8079", "87cb6669"}}, 0x0}, 0x0)

1.802137099s ago: executing program 2 (id=2771):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0)={0x0, <r0=>0x0})
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x81)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000021c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9046c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4e0664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa7666b5ded16ee7025f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b3a2327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4f4ab9e85bf8c6d71a2214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f4f5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51700eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6cd28cf28fe2ee593e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c191355391771f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18abde34ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310d69e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74df190c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f2708e09ae8268dcc15411483b8506386aa0ece2a94c320b002c77f82cb3cc96c34f7831844cc748e662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae4c697bfc674e03231c42f7eaaf5166bbc4653c71805f9448416e379cc1c40f8f866c9b319a849dd00ff9b84857436ed362c4632bfc3fa7357c24f15bbb07bd91893e61df7eb6dc5e071a9cc2faa7a32a91c4d982f5cfb725dca80b23874877a4980dbd70cda040b1ce527e7188159df77b493efbbd7bfe2680bf44e49eb68e5e33a0a5726072b2699d6244cd5c4a82bf18c668a3d43cec78c5fe1f12283d5dde6d0ea0b1b81ee7c065c938577e4ec93f22f1e6106f337625b7f7798011a60a75c35731fe44fa4fc6add59bac24d045a5780a0737b0f09e9127e9df798a1a58434b00d64ea6121afab030d1100905"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, 0x0, 0x0)
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wake_unlock', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c08a, &(0x7f0000000200)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r8)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1653]}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90)

1.106304957s ago: executing program 3 (id=2777):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d)
syz_emit_ethernet(0xd2, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22", @ANYRES16=0x0, @ANYRESOCT], 0x0)

1.105931527s ago: executing program 3 (id=2778):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1.08401217s ago: executing program 3 (id=2779):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x200000, &(0x7f0000000540)={[{@noblock_validity}, {}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@norecovery}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x2, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000100)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@sb={'sb', 0x3d, 0x7}}, {@grpjquota}, {@nomblk_io_submit}, {@abort}, {@noload}, {@bh}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000140)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x5452, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "bb5dee00"})

950.957431ms ago: executing program 3 (id=2780):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r1}, 0x0, &(0x7f00000013c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c000280080004000000000008001500"], 0x4c}}, 0x0)

919.480323ms ago: executing program 2 (id=2781):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b7040000000000008500000033000000850000000800000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48c8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

856.232979ms ago: executing program 2 (id=2782):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x4, 0x0, 0x40, 0x1aec}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
ftruncate(r3, 0x2007ffb)
sendfile(r3, r3, 0x0, 0x800000009)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
mlockall(0x1)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040d80402c000000000000109022400010000000009040000ff030000000921000000012207000905810300000000"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_LIST_RULES(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0x10}}, 0x4048810)
open(&(0x7f0000000000)='./file0\x00', 0x80, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_usb_control_io$hid(r4, &(0x7f0000000680)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0x0, "7325ba8c"}, @main=@item_012={0x0, 0x0, 0xa}, @global]}}, 0x0}, 0x0)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.pending_reads\x00', 0x1, 0x91)

855.592779ms ago: executing program 3 (id=2783):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000700)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==")
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x0, &(0x7f0000000100)}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000180)=0x221a, 0x4)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
dup3(r6, 0xffffffffffffffff, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000540)="679512f062b8d965651edd4c06c901784e56aa174403ad4134742b71d211c6a85d8bc563c27f754fc2af5351f2f41e867c71c19837f2feba7862e511a47c446cd11c960f018962a53f6cf31a1123ff8092c9ff560701bfc579fa80f9149acafe2a225fed70d9173f0243a55be3c4028da556cf126da9c1b9b8f8e113", 0x7c}, {&(0x7f00000003c0)="5a268f4785bba0774702365bf4469155da654cbe1ea17e28716b296b91c331d001fdb2018e7f32be7178d9e28e4f62931f6fe1209a7ec4edbc9e8791150d3b53dd0568cfa9", 0x45}], 0x2}}, {{0x0, 0x0, &(0x7f0000001100)=[{0x0}], 0x1}}], 0x2, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

117.23049ms ago: executing program 0 (id=2784):
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000230040120c050000000000000109022d00010000000009040081010300000009210000ff0122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020", @ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0022060000000807"], 0x0}, 0x0)

0s ago: executing program 3 (id=2785):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x64000, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
preadv2(r0, &(0x7f00000012c0)=[{&(0x7f00000010c0)=""/149, 0x95}], 0x1, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

[  405.047270][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  405.061013][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  405.073302][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  405.084371][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  405.092588][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  405.100881][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  405.108917][ T1740] zeroplus 0003:0C12:0005.0072: item fetching failed at offset 1/5
[  405.109427][ T7189] device veth0_vlan entered promiscuous mode
[  405.129032][ T1740] zeroplus 0003:0C12:0005.0072: parse failed
[  405.134956][ T1740] zeroplus: probe of 0003:0C12:0005.0072 failed with error -22
[  405.188880][ T7199] loop0: detected capacity change from 0 to 256
[  405.231166][ T7189] device veth1_macvtap entered promiscuous mode
[  405.240525][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  405.417139][ T1581] magicmouse 0003:05AC:0269.0073: item fetching failed at offset 6/7
[  405.425183][ T1581] magicmouse 0003:05AC:0269.0073: magicmouse hid parse failed
[  405.432482][ T1581] magicmouse: probe of 0003:05AC:0269.0073 failed with error -22
[  405.440728][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  405.443070][ T1581] usb 4-1: USB disconnect, device number 61
[  405.457988][   T30] audit: type=1326 audit(1728636706.623:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.496244][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  405.502614][   T30] audit: type=1326 audit(1728636706.623:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.528434][   T39] usb 3-1: USB disconnect, device number 43
[  405.543411][   T30] audit: type=1326 audit(1728636706.623:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.568283][   T30] audit: type=1326 audit(1728636706.623:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.591904][   T30] audit: type=1326 audit(1728636706.623:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7202 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc61991b0e5 code=0x7ffc0000
[  405.615849][   T30] audit: type=1326 audit(1728636706.773:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7202 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.639252][   T30] audit: type=1326 audit(1728636706.773:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc619884959 code=0x7ffc0000
[  405.662620][   T30] audit: type=1326 audit(1728636706.773:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.685961][   T30] audit: type=1326 audit(1728636706.773:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7200 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  405.710613][   T30] audit: type=1326 audit(1728636706.873:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7203 comm="syz.4.2362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  405.746927][  T332] device bridge_slave_1 left promiscuous mode
[  405.753276][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.765650][  T332] device bridge_slave_0 left promiscuous mode
[  405.776160][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.798866][  T332] device veth1_macvtap left promiscuous mode
[  405.815378][  T332] device veth0_vlan left promiscuous mode
[  405.821450][ T7217] loop4: detected capacity change from 0 to 16
[  405.839017][ T7217] erofs: (device loop4): mounted with root inode @ nid 36.
[  405.859322][ T7217] erofs: (device loop4): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36
[  405.870371][ T7217] erofs: (device loop4): z_erofs_readahead: readahead error at page 0 @ nid 36
[  405.879291][ T7217] attempt to access beyond end of device
[  405.879291][ T7217] loop4: rw=524288, want=312, limit=16
[  405.890695][ T7217] attempt to access beyond end of device
[  405.890695][ T7217] loop4: rw=524288, want=1049280, limit=16
[  405.902360][ T7217] attempt to access beyond end of device
[  405.902360][ T7217] loop4: rw=524288, want=24, limit=16
[  405.913724][ T7217] attempt to access beyond end of device
[  405.913724][ T7217] loop4: rw=524288, want=800, limit=16
[  405.960081][ T7220] syz.0.2371[7220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.960159][ T7220] syz.0.2371[7220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.015746][ T7225] loop0: detected capacity change from 0 to 1024
[  406.076795][ T2396] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  406.104901][ T7225] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  406.113411][ T7225] EXT4-fs (loop0): orphan cleanup on readonly fs
[  406.120344][ T7225] EXT4-fs error (device loop0): ext4_free_blocks:6225: comm syz.0.2374: Freeing blocks not in datazone - block = 0, count = 4096
[  406.130002][ T7236] loop3: detected capacity change from 0 to 512
[  406.145056][ T7225] EXT4-fs (loop0): 1 orphan inode deleted
[  406.194875][ T7225] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  406.257636][ T7236] EXT4-fs (loop3): Test dummy encryption mode enabled
[  406.304754][ T7236] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 1: comm syz.3.2378: invalid block
[  406.325907][ T7236] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2378: couldn't read orphan inode 11 (err -117)
[  406.346900][ T7236] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  406.434899][ T7249] loop0: detected capacity change from 0 to 256
[  406.746869][ T2396] usb 2-1: config 128 has too many interfaces: 254, using maximum allowed: 32
[  406.748040][ T7241] loop4: detected capacity change from 0 to 40427
[  406.755681][ T2396] usb 2-1: config 128 has 0 interfaces, different from the descriptor's value: 254
[  406.774109][ T7241] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  406.784659][ T7241] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  406.799617][ T7241] F2FS-fs (loop4): invalid crc value
[  406.846586][ T7252] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2378: Directory hole found for htree leaf block 0
[  406.887185][ T2396] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  406.900063][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  406.908475][ T2396] usb 2-1: SerialNumber: syz
[  406.938924][ T7241] F2FS-fs (loop4): Found nat_bits in checkpoint
[  406.961341][ T7241] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  406.968349][ T7241] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  407.020106][ T7241] attempt to access beyond end of device
[  407.020106][ T7241] loop4: rw=2051, want=45056, limit=40427
[  407.031346][ T7241] attempt to access beyond end of device
[  407.031346][ T7241] loop4: rw=2051, want=131072, limit=40427
[  407.044815][ T7241] F2FS-fs (loop4): Issue discard(4614, 4614, 1018) failed, ret: -5
[  407.044846][ T7241] F2FS-fs (loop4): Issue discard(5637, 5637, 10747) failed, ret: -5
[  407.065224][ T7258] loop3: detected capacity change from 0 to 16
[  407.247180][ T7260] loop2: detected capacity change from 0 to 256
[  407.340170][ T7258] erofs: (device loop3): mounted with root inode @ nid 36.
[  407.379725][   T20] usb 2-1: USB disconnect, device number 52
[  407.411796][ T7258] erofs: (device loop3): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36
[  407.421851][ T7258] erofs: (device loop3): z_erofs_readahead: readahead error at page 0 @ nid 36
[  407.542149][ T7263] loop4: detected capacity change from 0 to 40427
[  407.637547][ T7263] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  407.645090][ T7263] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  407.653733][ T7263] F2FS-fs (loop4): invalid crc value
[  407.660566][ T7263] F2FS-fs (loop4): Found nat_bits in checkpoint
[  407.683899][ T7263] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  407.690790][ T7263] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  407.716816][   T39] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  407.965562][ T7282] loop2: detected capacity change from 0 to 512
[  407.986859][   T20] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  408.046806][  T536] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  408.049629][ T7282] EXT4-fs (loop2): Test dummy encryption mode enabled
[  408.062230][ T7282] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2391: invalid block
[  408.073236][ T7282] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2391: couldn't read orphan inode 11 (err -117)
[  408.085062][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.085149][ T7282] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  408.095935][   T39] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  408.136555][   T39] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  408.145698][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.184982][   T39] usb 1-1: config 0 descriptor??
[  408.196793][   T60] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  408.304157][ T7286] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2391: Directory hole found for htree leaf block 0
[  408.422543][   T20] usb 4-1: Using ep0 maxpacket: 16
[  408.546847][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.556917][   T60] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.557736][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.567541][   T60] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.577192][   T20] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  408.588209][   T60] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.597084][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.606800][   T60] usb 2-1: config 0 interface 0 has no altsetting 0
[  408.614712][  T536] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  408.621021][   T60] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  408.621049][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.624687][   T60] usb 2-1: config 0 descriptor??
[  408.630025][  T536] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  408.660096][   T39] plantronics 0003:047F:FFFF.0074: No inputs registered, leaving
[  408.662119][   T20] usb 4-1: config 0 descriptor??
[  408.675174][  T536] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  408.681920][   T39] plantronics 0003:047F:FFFF.0074: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  408.683962][  T536] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.707985][  T536] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.846987][  T536] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  408.856067][  T536] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  408.857993][ T7289] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  408.864024][  T536] usb 5-1: Product: syz
[  408.877229][  T536] usb 5-1: Manufacturer: syz
[  408.898758][ T7291] loop2: detected capacity change from 0 to 512
[  408.937504][  T536] cdc_wdm 5-1:1.0: skipping garbage
[  408.942599][  T536] cdc_wdm 5-1:1.0: skipping garbage
[  408.977595][  T536] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  408.988496][ T7291] EXT4-fs (loop2): Test dummy encryption mode enabled
[  408.996952][ T7291] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2394: invalid block
[  409.007928][ T7291] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2394: couldn't read orphan inode 11 (err -117)
[  409.019935][ T7291] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  409.107881][   T60] zeroplus 0003:0C12:0005.0075: item fetching failed at offset 1/5
[  409.115779][   T60] zeroplus 0003:0C12:0005.0075: parse failed
[  409.121616][   T60] zeroplus: probe of 0003:0C12:0005.0075 failed with error -22
[  409.209976][ T7295] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2394: Directory hole found for htree leaf block 0
[  409.467266][   T20] hid-multitouch 0003:1FD2:6007.0076: hidraw1: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[  409.477573][   T60] usb 5-1: USB disconnect, device number 45
[  409.500451][   T20] usb 4-1: USB disconnect, device number 62
[  409.506622][ T1740] usb 2-1: USB disconnect, device number 53
[  409.797275][ T7298] input: syz0 as /devices/virtual/input/input46
[  410.019813][ T7306] loop1: detected capacity change from 0 to 16
[  410.021698][ T7305] device vlan2 entered promiscuous mode
[  410.031322][ T7305] device gretap0 entered promiscuous mode
[  410.033343][ T7306] erofs: (device loop1): mounted with root inode @ nid 36.
[  410.037249][ T7305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  410.055083][ T7305] device gretap0 left promiscuous mode
[  410.064150][ T7306] erofs: (device loop1): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36
[  410.073819][ T7306] erofs: (device loop1): z_erofs_readahead: readahead error at page 0 @ nid 36
[  410.082777][ T7306] handle_bad_sector: 5 callbacks suppressed
[  410.082791][ T7306] attempt to access beyond end of device
[  410.082791][ T7306] loop1: rw=524288, want=312, limit=16
[  410.099336][ T7306] attempt to access beyond end of device
[  410.099336][ T7306] loop1: rw=524288, want=1049280, limit=16
[  410.110508][ T7306] attempt to access beyond end of device
[  410.110508][ T7306] loop1: rw=524288, want=24, limit=16
[  410.121262][ T7306] attempt to access beyond end of device
[  410.121262][ T7306] loop1: rw=524288, want=800, limit=16
[  410.121552][ T7309] loop3: detected capacity change from 0 to 512
[  410.143217][ T7309] EXT4-fs (loop3): Test dummy encryption mode enabled
[  410.151067][ T7309] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 1: comm syz.3.2401: invalid block
[  410.161992][ T7309] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2401: couldn't read orphan inode 11 (err -117)
[  410.174136][ T7309] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  410.252560][ T7318] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.259473][ T7318] bridge0: port 1(bridge_slave_0) entered forwarding state
[  410.279607][ T7321] netlink: 'syz.4.2406': attribute type 1 has an invalid length.
[  410.288471][ T7321] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2406'.
[  410.356872][   T60] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  410.499443][ T7330] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2401: Directory hole found for htree leaf block 0
[  410.586822][ T2396] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  410.596858][   T60] usb 3-1: Using ep0 maxpacket: 16
[  410.676808][ T1740] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  410.716907][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  410.876905][   T60] usb 3-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  410.885800][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.893648][   T60] usb 3-1: Product: syz
[  410.897595][   T60] usb 3-1: Manufacturer: syz
[  410.901999][   T60] usb 3-1: SerialNumber: syz
[  410.907063][   T60] usb 3-1: config 0 descriptor??
[  410.946872][ T2396] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.978314][   T60] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  410.986429][ T2396] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.996327][ T2396] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  411.005323][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.056929][ T1740] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  411.067839][ T1740] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.077399][ T1740] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  411.086239][ T1740] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.094593][ T1740] usb 5-1: config 0 descriptor??
[  411.149983][   T60] usb 3-1: USB disconnect, device number 44
[  411.487953][ T2396] logitech-hidpp-device 0003:046D:C086.0077: item fetching failed at offset 2/5
[  411.497342][ T2396] logitech-hidpp-device 0003:046D:C086.0077: hidpp_probe:parse failed
[  411.505304][ T2396] logitech-hidpp-device: probe of 0003:046D:C086.0077 failed with error -22
[  411.587609][ T1740] cp2112 0003:10C4:EA90.0078: unknown main item tag 0x0
[  411.594956][ T1740] cp2112 0003:10C4:EA90.0078: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[  411.707751][   T20] usb 2-1: USB disconnect, device number 54
[  411.736212][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  411.736228][   T30] audit: type=1400 audit(1728636712.893:932): avc:  denied  { setopt } for  pid=7337 comm="syz.2.2412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  411.796898][ T1740] cp2112 0003:10C4:EA90.0078: Part Number: 0x82 Device Version: 0xFE
[  411.877368][ T7341] loop3: detected capacity change from 0 to 1024
[  411.957241][ T7341] EXT4-fs (loop3): Ignoring removed oldalloc option
[  411.968087][ T7341] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  412.017025][ T1740] cp2112 0003:10C4:EA90.0078: error requesting SMBus config
[  412.025007][ T1740] cp2112: probe of 0003:10C4:EA90.0078 failed with error -5
[  412.218454][ T1740] usb 5-1: USB disconnect, device number 46
[  412.228308][ T7345] loop3: detected capacity change from 0 to 512
[  412.299305][ T7345] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.2415: bad orphan inode 17
[  412.309352][ T7345] ext4_test_bit(bit=16, block=4) = 1
[  412.314520][ T7345] is_bad_inode(inode)=0
[  412.318501][ T7345] NEXT_ORPHAN(inode)=0
[  412.322400][ T7345] max_ino=32
[  412.325446][ T7345] i_nlink=1
[  412.328429][ T7345] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  412.343145][ T7345] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.2415: bg 0: block 7: invalid block bitmap
[  412.423057][ T7352] loop3: detected capacity change from 0 to 512
[  412.468938][ T7352] EXT4-fs (loop3): 1 orphan inode deleted
[  412.474585][ T7352] EXT4-fs (loop3): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  412.490170][ T7352] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038 (0x7fffffff)
[  412.506999][ T2396] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  412.526338][ T7356] xt_hashlimit: size too large, truncated to 1048576
[  412.732178][   T30] audit: type=1326 audit(1728636713.893:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.763747][   T30] audit: type=1326 audit(1728636713.893:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.790125][   T30] audit: type=1326 audit(1728636713.923:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.792406][ T7378] loop4: detected capacity change from 0 to 512
[  412.813785][   T30] audit: type=1326 audit(1728636713.923:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.849679][   T30] audit: type=1326 audit(1728636713.923:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.859159][ T7380] loop2: detected capacity change from 0 to 512
[  412.879000][   T30] audit: type=1326 audit(1728636713.923:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.896940][ T2396] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  412.902180][   T30] audit: type=1326 audit(1728636713.923:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.910952][ T2396] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  412.934216][   T20] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  412.945961][ T7380] EXT4-fs (loop2): Test dummy encryption mode enabled
[  412.951023][ T7378] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  412.957717][ T2396] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  412.975174][   T30] audit: type=1326 audit(1728636713.923:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  412.975977][ T2396] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  412.998932][   T30] audit: type=1326 audit(1728636713.923:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7374 comm="syz.4.2426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  413.009136][ T2396] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.034293][ T7378] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  413.042600][ T7380] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2428: invalid block
[  413.056258][ T7378] EXT4-fs (loop4): 1 truncate cleaned up
[  413.071924][ T7378] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  413.072586][ T7380] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2428: couldn't read orphan inode 11 (err -117)
[  413.110923][ T7380] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  413.216988][ T2396] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  413.225857][ T2396] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  413.233674][ T2396] usb 2-1: Product: syz
[  413.236857][   T20] usb 4-1: Using ep0 maxpacket: 8
[  413.238391][ T2396] usb 2-1: Manufacturer: syz
[  413.333144][ T7388] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2428: Directory hole found for htree leaf block 0
[  413.356822][ T2396] cdc_wdm 2-1:1.0: skipping garbage
[  413.380403][ T2396] cdc_wdm 2-1:1.0: skipping garbage
[  413.468385][ T2396] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  413.504490][ T7391] loop4: detected capacity change from 0 to 512
[  413.560236][ T7391] EXT4-fs (loop4): Test dummy encryption mode enabled
[  413.573837][ T7391] EXT4-fs error (device loop4): __ext4_iget:4903: inode #11: block 1: comm syz.4.2430: invalid block
[  413.581190][ T1740] usb 2-1: USB disconnect, device number 55
[  413.584895][ T7391] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2430: couldn't read orphan inode 11 (err -117)
[  413.590436][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.602265][ T7391] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  413.613224][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.652959][   T20] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  413.661885][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.678153][   T20] usb 4-1: config 0 descriptor??
[  413.865192][ T7398] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.2430: Directory hole found for htree leaf block 0
[  414.158176][   T20] kone 0003:1E7D:2CED.0079: item fetching failed at offset 3/5
[  414.166561][   T20] kone 0003:1E7D:2CED.0079: parse failed
[  414.172232][   T20] kone: probe of 0003:1E7D:2CED.0079 failed with error -22
[  414.391192][ T1740] usb 4-1: USB disconnect, device number 63
[  414.476941][   T20] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  414.568582][ T7424] loop4: detected capacity change from 0 to 256
[  414.856858][   T20] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  414.866834][ T2396] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  414.866852][   T20] usb 3-1: config 0 has no interfaces?
[  414.866879][   T20] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  414.888313][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.896953][   T20] usb 3-1: config 0 descriptor??
[  414.927580][ T7428] syz.3.2444[7428] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.927632][ T7428] syz.3.2444[7428] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.996339][ T7432] xt_hashlimit: max too large, truncated to 1048576
[  415.027489][ T7434] loop3: detected capacity change from 0 to 16
[  415.097255][ T7434] erofs: (device loop3): mounted with root inode @ nid 36.
[  415.106822][ T2396] usb 2-1: Using ep0 maxpacket: 16
[  415.141587][   T20] usb 3-1: USB disconnect, device number 45
[  415.157932][ T7437] loop3: detected capacity change from 0 to 512
[  415.217492][ T7437] EXT4-fs (loop3): Test dummy encryption mode enabled
[  415.225231][ T7437] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 1: comm syz.3.2448: invalid block
[  415.226885][ T2396] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  415.239184][ T7437] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2448: couldn't read orphan inode 11 (err -117)
[  415.246676][ T2396] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  415.258646][ T7437] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  415.267814][ T2396] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  415.308890][ T2396] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  415.317968][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.347183][ T7419] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  415.387562][ T2396] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  415.511509][ T7446] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2448: Directory hole found for htree leaf block 0
[  415.654458][ T2396] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[  415.668681][ T2396] usb 2-1: USB disconnect, device number 56
[  415.698343][ T7452] loop4: detected capacity change from 0 to 512
[  415.768320][ T7452] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,user_xattr,,errors=continue. Quota mode: writeback.
[  415.787853][ T7452] ext4 filesystem being mounted at /27/bus supports timestamps until 2038 (0x7fffffff)
[  415.866141][ T7462] tipc: Started in network mode
[  415.870904][ T7462] tipc: Node identity ac1414aa, cluster identity 4711
[  415.877731][ T7462] tipc: New replicast peer: 100.1.1.1
[  415.883020][ T7462] tipc: Enabled bearer <udp:syz2>, priority 0
[  416.241562][ T7469] loop4: detected capacity change from 0 to 256
[  416.338451][ T7479] syz.1.2463[7479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.338504][ T7479] syz.1.2463[7479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.572948][ T7486] loop3: detected capacity change from 0 to 256
[  416.727829][ T7491] loop2: detected capacity change from 0 to 128
[  416.837390][   T30] kauditd_printk_skb: 69 callbacks suppressed
[  416.837413][   T30] audit: type=1326 audit(1728636718.003:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.866710][   T30] audit: type=1326 audit(1728636718.003:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.890815][   T30] audit: type=1326 audit(1728636718.003:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.914408][   T30] audit: type=1326 audit(1728636718.003:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.938005][   T30] audit: type=1326 audit(1728636718.003:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.961332][   T30] audit: type=1326 audit(1728636718.003:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  416.984873][   T30] audit: type=1326 audit(1728636718.003:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  417.008536][   T39] tipc: Node number set to 2886997162
[  417.013823][   T30] audit: type=1326 audit(1728636718.003:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  417.038057][   T30] audit: type=1326 audit(1728636718.003:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  417.061219][   T60] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  417.062972][   T30] audit: type=1326 audit(1728636718.003:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.4.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  417.326772][   T20] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  417.400198][ T7510] loop3: detected capacity change from 0 to 40427
[  417.426909][   T60] usb 3-1: config 1 has an invalid descriptor of length 187, skipping remainder of the config
[  417.437040][   T60] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[  417.447337][   T60] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 57393, setting to 1024
[  417.458269][   T60] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  417.468065][   T60] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  417.497279][ T7510] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  417.504909][ T7510] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  417.515129][ T7510] F2FS-fs (loop3): Found nat_bits in checkpoint
[  417.535224][ T7510] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  417.546610][ T7510] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  417.553585][ T7510] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  417.574538][ T7516] x_tables: duplicate underflow at hook 4
[  417.598060][ T7519] loop1: detected capacity change from 0 to 512
[  417.607222][ T7510] loop3: detected capacity change from 40427 to 0
[  417.615135][  T332] loop: Write error at byte offset 9223372036871569407, length 4096.
[  417.623548][    C1] blk_update_request: I/O error, dev loop3, sector 32800 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[  417.635039][  T332] loop: Write error at byte offset 9223372036856872959, length 4096.
[  417.643121][   T60] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  417.646919][ T7510] F2FS-fs (loop3): do_checkpoint failed err:-5, stop checkpoint
[  417.652118][    C1] blk_update_request: I/O error, dev loop3, sector 4096 op 0x1:(WRITE) flags 0x3800 phys_seg 5 prio class 0
[  417.670967][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.674383][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.679302][   T60] usb 3-1: Product: syz
[  417.680076][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.687009][   T60] usb 3-1: Manufacturer: syz
[  417.692854][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.702540][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.704051][   T60] usb 3-1: SerialNumber: syz
[  417.710136][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.721713][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.725238][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.729044][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.740441][ T7125] F2FS-fs (loop3): invalid namelen(0), ino:0, run fsck to fix.
[  417.747322][   T20] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  417.761337][ T7520] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.764189][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.775785][ T7520] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.788611][   T20] usb 5-1: config 0 descriptor??
[  417.801437][ T7520] device bridge_slave_0 entered promiscuous mode
[  417.808758][ T7520] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.815776][ T7520] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.836795][ T7520] device bridge_slave_1 entered promiscuous mode
[  417.862674][ T7526] loop1: detected capacity change from 0 to 1024
[  417.891608][ T7520] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.898542][ T7520] bridge0: port 2(bridge_slave_1) entered forwarding state
[  417.905580][ T7520] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.912386][ T7520] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.934804][  T523] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.942568][  T523] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.951259][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  417.958746][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  417.958909][ T7491] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  417.974515][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  417.983081][  T523] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.989958][  T523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.997321][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  418.006194][  T523] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.013081][  T523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  418.031197][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  418.039214][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  418.051111][ T7529] loop1: detected capacity change from 0 to 512
[  418.079424][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  418.090876][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  418.098789][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  418.108083][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  418.116317][ T7520] device veth0_vlan entered promiscuous mode
[  418.146509][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  418.159501][ T7520] device veth1_macvtap entered promiscuous mode
[  418.176681][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  418.200564][ T7530] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.207601][ T7530] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.214654][ T7530] device bridge_slave_0 entered promiscuous mode
[  418.221472][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  418.232296][ T7530] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.239190][ T7530] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.246323][ T7530] device bridge_slave_1 entered promiscuous mode
[  418.320786][ T7540] device veth0_to_batadv entered promiscuous mode
[  418.337880][ T7530] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.344776][ T7530] bridge0: port 2(bridge_slave_1) entered forwarding state
[  418.351870][ T7530] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.358627][ T7530] bridge0: port 1(bridge_slave_0) entered forwarding state
[  418.382128][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  418.389867][  T523] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.397779][  T523] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.408685][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  418.416706][  T523] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.423579][  T523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  418.432456][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  418.440455][  T523] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.447295][  T523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  418.457588][  T332] device bridge_slave_1 left promiscuous mode
[  418.463546][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.470978][  T332] device bridge_slave_0 left promiscuous mode
[  418.477125][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.484772][  T332] device veth1_macvtap left promiscuous mode
[  418.490748][  T332] device veth0_vlan left promiscuous mode
[  418.531202][   T39] usb 5-1: USB disconnect, device number 47
[  418.602346][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  418.612085][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  418.625918][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  418.634146][ T7491] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  418.638603][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  418.648998][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  418.656191][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  418.665182][ T7530] device veth0_vlan entered promiscuous mode
[  418.675920][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  418.685347][ T7530] device veth1_macvtap entered promiscuous mode
[  418.695792][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  418.705635][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  418.713956][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  418.794996][ T7544] loop3: detected capacity change from 0 to 256
[  418.866885][   T60] cdc_ncm 3-1:1.0: bind() failure
[  418.887019][   T60] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  418.894088][ T7530] FAT-fs (loop3): error, invalid access to FAT (entry 0x000004ff)
[  418.901851][ T7530] FAT-fs (loop3): Filesystem has been set read-only
[  418.908601][   T60] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  418.919044][   T60] usb 3-1: USB disconnect, device number 46
[  419.079787][ T7548] loop1: detected capacity change from 0 to 256
[  419.287958][ T7265] plantronics 0003:047F:FFFF.0074: timeout initializing reports
[  419.307745][ T7556] syz.0.2493[7556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  419.307822][ T7556] syz.0.2493[7556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  419.465116][ T7559] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.502174][ T7559] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.512842][ T7572] loop0: detected capacity change from 0 to 256
[  419.519482][ T7559] device bridge_slave_0 entered promiscuous mode
[  419.548520][ T7559] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.555386][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.562925][ T7559] device bridge_slave_1 entered promiscuous mode
[  419.570974][   T60] usb 1-1: USB disconnect, device number 55
[  419.671507][ T7559] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.678400][ T7559] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.685521][ T7559] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.692416][ T7559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.723378][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  419.730956][ T1740] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  419.739522][  T523] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.749323][  T523] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.768756][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  419.777187][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  419.785287][  T523] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.792161][  T523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.813027][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  419.822599][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  419.832910][  T523] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.839775][  T523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.859142][  T332] device bridge_slave_1 left promiscuous mode
[  419.866853][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.890132][  T332] device bridge_slave_0 left promiscuous mode
[  419.896872][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.905921][  T332] device veth1_macvtap left promiscuous mode
[  419.911882][  T332] device veth0_vlan left promiscuous mode
[  420.029492][ T7582] loop1: detected capacity change from 0 to 256
[  420.036708][ T1740] usb 3-1: Using ep0 maxpacket: 16
[  420.150995][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  420.159341][ T1740] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.178831][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  420.205150][ T1740] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.215317][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  420.223083][ T1740] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  420.236238][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  420.252250][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  420.260337][ T1740] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  420.269583][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  420.277783][ T1740] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.290084][ T7559] device veth0_vlan entered promiscuous mode
[  420.290913][ T1740] usb 3-1: config 0 descriptor??
[  420.307057][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  420.315031][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  420.323536][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  420.331014][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  420.333590][ T7558] loop4: detected capacity change from 0 to 131072
[  420.344481][   T60] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  420.357677][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  420.365775][  T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  420.374752][ T7559] device veth1_macvtap entered promiscuous mode
[  420.385891][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  420.394651][ T7558] F2FS-fs (loop4): Test dummy encryption mode enabled
[  420.397208][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  420.409702][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  420.412984][ T7558] F2FS-fs (loop4): invalid crc value
[  420.424249][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  420.432454][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  420.433510][ T7558] F2FS-fs (loop4): Found nat_bits in checkpoint
[  420.488369][ T7558] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  420.707397][   T60] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  420.720131][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.743831][ T7596] loop4: detected capacity change from 0 to 2048
[  420.749292][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.753330][ T7599] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2506'.
[  420.760106][   T60] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  420.771643][ T7599] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2506'.
[  420.805019][ T7602] loop1: detected capacity change from 0 to 512
[  420.806175][   T60] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  420.817778][ T1740] koneplus 0003:1E7D:2E22.007B: unknown main item tag 0x0
[  420.820129][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.828016][ T1740] koneplus 0003:1E7D:2E22.007B: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0
[  420.836412][   T60] usb 1-1: config 0 descriptor??
[  420.847588][ T7596] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  420.917081][ T7607] overlayfs: filesystem on './file0' not supported as upperdir
[  421.027286][ T1740] koneplus 0003:1E7D:2E22.007B: couldn't init struct koneplus_device
[  421.036128][  T332] device bridge_slave_1 left promiscuous mode
[  421.042235][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.049358][ T1740] koneplus 0003:1E7D:2E22.007B: couldn't install mouse
[  421.056874][  T332] device bridge_slave_0 left promiscuous mode
[  421.064356][ T1740] koneplus: probe of 0003:1E7D:2E22.007B failed with error -5
[  421.068915][ T7609] loop4: detected capacity change from 0 to 40427
[  421.071886][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.087997][ T7609] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  421.095612][ T7609] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  421.095724][  T332] device veth1_macvtap left promiscuous mode
[  421.104594][ T7609] F2FS-fs (loop4): invalid crc value
[  421.110085][  T332] device veth0_vlan left promiscuous mode
[  421.121751][ T7609] F2FS-fs (loop4): Found nat_bits in checkpoint
[  421.148520][ T7609] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  421.155448][ T7609] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  421.186124][ T7189] attempt to access beyond end of device
[  421.186124][ T7189] loop4: rw=2049, want=40968, limit=40427
[  421.255076][ T1581] usb 3-1: USB disconnect, device number 47
[  421.286784][  T536] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  421.318485][   T60] hid-picolcd 0003:04D8:C002.007C: unbalanced collection at end of report description
[  421.323249][ T7619] loop4: detected capacity change from 0 to 512
[  421.329318][   T60] hid-picolcd 0003:04D8:C002.007C: device report parse failed
[  421.341543][   T60] hid-picolcd: probe of 0003:04D8:C002.007C failed with error -22
[  421.368126][ T7619] EXT4-fs (loop4): Test dummy encryption mode enabled
[  421.376223][ T7619] EXT4-fs error (device loop4): __ext4_iget:4903: inode #11: block 1: comm syz.4.2512: invalid block
[  421.387319][ T7619] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2512: couldn't read orphan inode 11 (err -117)
[  421.399567][ T7619] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  421.612175][ T7624] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.2512: Directory hole found for htree leaf block 0
[  421.753447][   T39] usb 1-1: USB disconnect, device number 56
[  421.764851][ T7626] loop3: detected capacity change from 0 to 2048
[  421.837889][ T7626] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c018, mo2=0002]
[  421.846013][ T7626] System zones: 0-7
[  421.850071][ T7626] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,debug,,errors=continue. Quota mode: none.
[  421.864336][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  421.864349][   T30] audit: type=1400 audit(1728636723.033:1029): avc:  denied  { create } for  pid=7625 comm="syz.3.2514" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  421.908070][ T7630] loop2: detected capacity change from 0 to 1024
[  421.916909][  T536] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  421.927733][  T536] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  421.977899][ T7630] EXT4-fs (loop2): Ignoring removed oldalloc option
[  421.998224][ T7630] EXT4-fs (loop2): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,bsddf,noinit_itable,norecovery,discard,noload,usrjquota=,oldalloc,grpquota,,errors=continue. Quota mode: writeback.
[  422.023287][   T30] audit: type=1400 audit(1728636723.183:1030): avc:  denied  { execute } for  pid=7629 comm="syz.2.2516" path="/45/file1/freezer.parent_freezing" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  422.047932][  T536] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  422.057207][  T536] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  422.065131][  T536] usb 2-1: SerialNumber: syz
[  422.216847][   T20] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  422.277891][   T30] audit: type=1326 audit(1728636723.443:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.301782][   T30] audit: type=1326 audit(1728636723.443:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.325209][   T30] audit: type=1326 audit(1728636723.443:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.348811][   T30] audit: type=1326 audit(1728636723.443:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.372439][   T30] audit: type=1326 audit(1728636723.443:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.396151][   T30] audit: type=1326 audit(1728636723.443:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.397731][  T536] usb 2-1: 0:2 : does not exist
[  422.424808][   T30] audit: type=1326 audit(1728636723.443:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.452075][   T30] audit: type=1326 audit(1728636723.443:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7652 comm="syz.4.2524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971c826ff9 code=0x7ffc0000
[  422.481724][  T536] usb 2-1: USB disconnect, device number 57
[  422.516827][   T39] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  422.572478][ T7664] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2528'.
[  422.627023][   T20] usb 4-1: config 1 has an invalid descriptor of length 116, skipping remainder of the config
[  422.637398][   T20] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  422.647120][ T7670] serio: Serial port ptm0
[  422.716972][   T20] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  422.725958][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  422.733704][   T20] usb 4-1: SerialNumber: syz
[  422.766826][   T39] usb 3-1: Using ep0 maxpacket: 16
[  422.886854][   T39] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  422.897527][   T39] usb 3-1: config 0 has no interface number 0
[  422.906783][   T39] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  422.907117][ T7674] loop1: detected capacity change from 0 to 512
[  422.916513][   T39] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  423.027599][   T20] usb 4-1: 0:2 : does not exist
[  423.067581][   T39] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  423.077132][   T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.084985][   T39] usb 3-1: Product: syz
[  423.089125][   T39] usb 3-1: Manufacturer: syz
[  423.093539][   T39] usb 3-1: SerialNumber: syz
[  423.098546][   T39] usb 3-1: config 0 descriptor??
[  423.116896][ T7649] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  423.123792][ T7649] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  423.346623][ T7649] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  423.354031][ T7649] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  423.488881][   T20] usb 4-1: USB disconnect, device number 64
[  423.496875][  T360] udevd[360]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  423.596852][   T39] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  423.607103][   T39] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -61
[  423.616880][   T39] asix: probe of 3-1:0.251 failed with error -5
[  423.726870][  T536] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  423.952672][   T39] usb 3-1: USB disconnect, device number 48
[  424.109823][ T7693] loop1: detected capacity change from 0 to 512
[  424.236912][  T536] usb 1-1: Using ep0 maxpacket: 16
[  424.339498][ T7695] loop1: detected capacity change from 0 to 256
[  424.366898][  T536] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.377765][  T536] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.387338][  T536] usb 1-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  424.396206][  T536] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.404573][  T536] usb 1-1: config 0 descriptor??
[  424.586506][ T7704] loop2: detected capacity change from 0 to 512
[  424.600697][ T7706] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7706 comm=syz.3.2545
[  424.637790][ T7704] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  424.657279][ T7704] EXT4-fs (loop2): 1 truncate cleaned up
[  424.659382][ T7711] loop3: detected capacity change from 0 to 512
[  424.663142][ T7704] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[  424.694565][ T7704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2544'.
[  424.699672][ T7711] EXT4-fs (loop3): Ignoring removed nobh option
[  424.703381][ T7704] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2544'.
[  424.709921][ T7711] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[  424.709921][ T7711] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  424.709921][ T7711] 
[  424.737475][ T7711] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  424.745247][ T7711] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=780e801c, mo2=0002]
[  424.753100][ T7711] System zones: 1-12
[  424.757969][ T7711] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  424.768720][ T7711] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  424.777335][ T7711] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,noinit_itable,usrquota,nobh,data_err=abort,usrquota,discard,barrier=0x000000000000d960,nouser_xattr,,errors=continue. Quota mode: writeback.
[  424.798362][   T39] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  424.808834][ T7711] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  424.816998][ T7711] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  424.867785][  T536] lenovo 0003:17EF:6009.007D: item fetching failed at offset 1/5
[  424.875562][  T536] lenovo 0003:17EF:6009.007D: hid_parse failed
[  424.881703][  T536] lenovo: probe of 0003:17EF:6009.007D failed with error -22
[  424.976241][ T7724] loop3: detected capacity change from 0 to 256
[  425.126777][   T20] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  425.147841][  T536] usb 1-1: USB disconnect, device number 57
[  425.386966][   T39] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  425.396779][   T20] usb 3-1: Using ep0 maxpacket: 8
[  425.397825][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.413304][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.423018][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  425.435834][   T39] usb 2-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  425.444657][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.453327][   T39] usb 2-1: config 0 descriptor??
[  425.546946][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.557730][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.567214][   T20] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  425.576056][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.585843][   T20] usb 3-1: config 0 descriptor??
[  425.653958][ T7726] loop0: detected capacity change from 0 to 512
[  425.749144][ T7726] EXT4-fs (loop0): 1 orphan inode deleted
[  425.754805][ T7726] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  425.765999][ T7726] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038 (0x7fffffff)
[  425.952371][   T39] hid-picolcd 0003:04D8:C002.007E: unbalanced collection at end of report description
[  425.963313][   T39] hid-picolcd 0003:04D8:C002.007E: device report parse failed
[  425.970899][   T39] hid-picolcd: probe of 0003:04D8:C002.007E failed with error -22
[  426.078640][   T20] kone 0003:1E7D:2CED.007F: collection stack underflow
[  426.085335][   T20] kone 0003:1E7D:2CED.007F: item 0 1 0 12 parsing failed
[  426.092322][   T20] kone 0003:1E7D:2CED.007F: parse failed
[  426.097654][   T20] kone: probe of 0003:1E7D:2CED.007F failed with error -22
[  426.165532][ T1290] usb 2-1: USB disconnect, device number 58
[  426.166825][   T39] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  426.281232][ T1581] usb 3-1: USB disconnect, device number 49
[  426.536884][   T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  426.546881][   T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  426.626909][   T39] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  426.635950][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  426.643712][   T39] usb 4-1: SerialNumber: syz
[  426.785766][ T7750] loop0: detected capacity change from 0 to 256
[  427.095988][ T7766] loop2: detected capacity change from 0 to 512
[  427.111776][ T7770] loop1: detected capacity change from 0 to 16
[  427.138736][ T7766] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  427.149671][ T7766] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff)
[  427.162414][ T7766] EXT4-fs (loop2): shut down requested (0)
[  427.169692][ T7766] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  427.177083][ T7770] /dev/loop1: Can't open blockdev
[  427.197343][   T39] usb 4-1: 0:2 : does not exist
[  427.203608][   T39] usb 4-1: USB disconnect, device number 65
[  427.221427][  T360] udevd[360]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  427.320513][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  427.320529][   T30] audit: type=1326 audit(1728636728.483:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.349935][   T30] audit: type=1326 audit(1728636728.483:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.373433][   T30] audit: type=1326 audit(1728636728.493:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.397133][   T30] audit: type=1326 audit(1728636728.493:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.423382][   T30] audit: type=1326 audit(1728636728.493:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.447539][   T30] audit: type=1326 audit(1728636728.493:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.470898][   T30] audit: type=1326 audit(1728636728.513:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.495708][   T30] audit: type=1326 audit(1728636728.523:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.506166][ T7786] loop2: detected capacity change from 0 to 256
[  427.525570][   T30] audit: type=1326 audit(1728636728.523:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.549594][   T30] audit: type=1326 audit(1728636728.533:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7781 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4cfcc1ff9 code=0x7ffc0000
[  427.572991][ T1581] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  427.584263][ T7786] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  427.775703][ T7803] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2581'.
[  427.816850][ T1581] usb 2-1: Using ep0 maxpacket: 16
[  427.866798][  T343] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  427.877952][ T7807] binder: 7806:7807 ioctl c018620b 20000140 returned -14
[  427.937279][ T1581] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  427.945535][ T1581] usb 2-1: config 0 has no interface number 0
[  427.951726][ T1581] usb 2-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 173
[  427.995835][ T7825] loop3: detected capacity change from 0 to 2048
[  428.012919][ T7827] loop2: detected capacity change from 0 to 128
[  428.020334][ T7825]  loop3: p3 < > p4 < >
[  428.024417][ T7825] loop3: partition table partially beyond EOD, truncated
[  428.025856][ T7827] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  428.032699][ T7825] loop3: p3 start 4284289 is beyond EOD, 
[  428.041994][ T7827] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038 (0x7fffffff)
[  428.042028][ T7825] truncated
[  428.076970][ T1581] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  428.086110][ T1581] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  428.094293][ T1581] usb 2-1: Product: syz
[  428.098337][ T1581] usb 2-1: SerialNumber: syz
[  428.106827][  T343] usb 1-1: Using ep0 maxpacket: 32
[  428.112657][ T1581] usb 2-1: config 0 descriptor??
[  428.137206][ T7777] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  428.377754][ T1581] usb 2-1: invalid MIDI in EP 0
[  428.383337][ T1581] snd-usb-audio: probe of 2-1:0.2 failed with error -22
[  428.390352][  T343] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  428.399420][  T343] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.413251][  T343] usb 1-1: Product: syz
[  428.417500][  T343] usb 1-1: Manufacturer: syz
[  428.423648][  T343] usb 1-1: SerialNumber: syz
[  428.428898][  T343] usb 1-1: config 0 descriptor??
[  428.585581][  T536] usb 2-1: USB disconnect, device number 59
[  428.816838][ T1581] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  429.010421][ T7858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2604'.
[  429.020618][ T7858] device syz_tun entered promiscuous mode
[  429.026172][ T7858] device macsec1 entered promiscuous mode
[  429.032509][ T7858] device syz_tun left promiscuous mode
[  429.056860][ T1581] usb 4-1: Using ep0 maxpacket: 32
[  429.146944][  T343] (unnamed net_device) (uninitialized): Assigned a random MAC address: 1e:7e:15:9b:0e:c6
[  429.158752][  T343] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[  429.173287][  T343] usb 1-1: USB disconnect, device number 58
[  429.188966][ T7868] loop1: detected capacity change from 0 to 128
[  429.336959][ T1581] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  429.345934][ T1581] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.353800][ T1581] usb 4-1: Product: syz
[  429.357940][ T1581] usb 4-1: Manufacturer: syz
[  429.362336][ T1581] usb 4-1: SerialNumber: syz
[  429.367516][ T1581] usb 4-1: config 0 descriptor??
[  429.376905][   T20] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  429.596878][ T2396] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  429.766848][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  429.777939][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  429.789196][   T20] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  429.798346][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.811096][   T20] usb 3-1: config 0 descriptor??
[  429.856509][ T7918] syz.0.2619[7918] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  429.856586][ T7918] syz.0.2619[7918] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  429.967042][ T2396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  429.989091][ T2396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  429.998568][ T2396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  430.008214][ T2396] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  430.017036][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.025760][ T2396] usb 2-1: config 0 descriptor??
[  430.068426][ T1581] rtl8150 4-1:0.0: eth1: rtl8150 is detected
[  430.075011][ T2396] usb 2-1: MIDIStreaming interface descriptor not found
[  430.217257][ T1290] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  430.269489][ T1740] usb 4-1: USB disconnect, device number 66
[  430.286925][  T139] net eth1: rx_urb submit failed: -19
[  430.293250][   T20] sony 0003:054C:0268.0080: unknown main item tag 0x0
[  430.299961][   T20] sony 0003:054C:0268.0080: unknown main item tag 0x0
[  430.306551][   T20] sony 0003:054C:0268.0080: unknown main item tag 0x0
[  430.313244][   T20] sony 0003:054C:0268.0080: unknown main item tag 0x0
[  430.321305][   T20] sony 0003:054C:0268.0080: unknown main item tag 0x0
[  430.334795][   T20] sony 0003:054C:0268.0080: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0
[  430.346493][   T20] sony 0003:054C:0268.0080: failed to claim input
[  430.490476][   T20] usb 3-1: USB disconnect, device number 50
[  430.606956][ T1290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.617707][ T1290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.627210][ T1290] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  430.639915][ T1290] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  430.648900][ T1290] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.657604][ T1290] usb 1-1: config 0 descriptor??
[  430.780441][ T7950] syz.3.2621[7950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.780513][ T7950] syz.3.2621[7950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  430.910815][ T7954] loop3: detected capacity change from 0 to 40427
[  431.010526][ T7954] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  431.020141][ T7957] xt_bpf: check failed: parse error
[  431.020505][ T7954] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  431.035812][ T7954] F2FS-fs (loop3): Found nat_bits in checkpoint
[  431.050631][ T7962] loop2: detected capacity change from 0 to 512
[  431.065918][ T7954] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  431.072856][ T7954] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  431.111305][ T7962] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2625: inode #1: comm syz.2.2625: iget: illegal inode #
[  431.124408][ T7962] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2625: error while reading EA inode 1 err=-117
[  431.127747][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.137238][ T7962] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2625: inode #1: comm syz.2.2625: iget: illegal inode #
[  431.146331][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.157471][ T7962] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2625: error while reading EA inode 1 err=-117
[  431.164511][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.176552][ T7962] EXT4-fs (loop2): 1 orphan inode deleted
[  431.183403][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.189008][ T7962] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,nogrpid,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,sysvgroups,usrjquota=,,errors=continue. Quota mode: none.
[  431.215478][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.240842][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.248591][ T7962] EXT4-fs error (device loop2): ext4_lookup:1856: inode #15: comm syz.2.2625: unexpected EA_INODE flag
[  431.261775][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.275840][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.288926][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.296548][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.308594][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.315890][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.323420][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.341939][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.353734][ T1290] plantronics 0003:047F:FFFF.0081: unknown main item tag 0x0
[  431.361218][ T1290] plantronics 0003:047F:FFFF.0081: No inputs registered, leaving
[  431.372594][ T7976] loop2: detected capacity change from 0 to 256
[  431.376535][ T1290] plantronics 0003:047F:FFFF.0081: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  431.394570][ T1290] usb 1-1: USB disconnect, device number 59
[  431.519794][ T7981] loop3: detected capacity change from 0 to 512
[  431.577686][ T7981] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  431.599012][ T7981] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2632: bg 0: block 64: padding at end of block bitmap is not set
[  431.613468][ T7981] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.2632: Failed to acquire dquot type 0
[  431.624945][ T7981] EXT4-fs (loop3): 1 truncate cleaned up
[  431.630427][ T7981] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  431.645938][ T7981] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.2632: Failed to acquire dquot type 0
[  431.658482][ T7981] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  431.836861][   T20] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  431.901511][ T7992] syz.0.2636[7992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  431.901589][ T7992] syz.0.2636[7992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  431.980837][ T8003] input: syz0 as /devices/virtual/input/input48
[  432.021673][ T8005] loop0: detected capacity change from 0 to 256
[  432.102896][ T8005] FAT-fs (loop0): Directory bread(block 64) failed
[  432.109463][ T8005] FAT-fs (loop0): Directory bread(block 65) failed
[  432.115933][ T8005] FAT-fs (loop0): Directory bread(block 66) failed
[  432.122374][ T8005] FAT-fs (loop0): Directory bread(block 67) failed
[  432.128791][ T8005] FAT-fs (loop0): Directory bread(block 68) failed
[  432.135059][ T8005] FAT-fs (loop0): Directory bread(block 69) failed
[  432.141572][ T8005] FAT-fs (loop0): Directory bread(block 70) failed
[  432.147942][ T8005] FAT-fs (loop0): Directory bread(block 71) failed
[  432.154365][ T8005] FAT-fs (loop0): Directory bread(block 72) failed
[  432.160724][ T8005] FAT-fs (loop0): Directory bread(block 73) failed
[  432.178593][ T1740] usb 2-1: USB disconnect, device number 60
[  432.216847][   T20] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  432.237297][ T8009] input: syz1 as /devices/virtual/input/input49
[  432.242347][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  432.265614][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  432.281002][   T20] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  432.294024][   T20] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  432.303459][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.315205][   T20] usb 3-1: config 0 descriptor??
[  432.320859][ T8011] netem: change failed
[  432.398549][ T8018] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  432.436562][ T8020] input: syz0 as /devices/virtual/input/input50
[  432.622430][ T8026] syz.3.2652[8026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  432.622519][ T8026] syz.3.2652[8026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  432.648094][ T4099] tipc: Disabling bearer <udp:syz2>
[  432.672527][ T4099] tipc: Left network mode
[  432.688920][   T30] kauditd_printk_skb: 39 callbacks suppressed
[  432.688935][   T30] audit: type=1400 audit(1728636733.853:1107): avc:  denied  { relabelfrom } for  pid=8025 comm="syz.3.2652" name="NETLINK" dev="sockfs" ino=49716 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  432.756853][   T30] audit: type=1400 audit(1728636733.883:1108): avc:  denied  { relabelto } for  pid=8025 comm="syz.3.2652" name="NETLINK" dev="sockfs" ino=49716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  432.790639][   T20] hid-picolcd 0003:04D8:C002.0082: unbalanced collection at end of report description
[  432.813485][ T8027] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.820163][   T20] hid-picolcd 0003:04D8:C002.0082: device report parse failed
[  432.833219][ T8027] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.837960][   T20] hid-picolcd: probe of 0003:04D8:C002.0082 failed with error -22
[  432.867272][ T8027] device bridge_slave_0 entered promiscuous mode
[  432.883215][ T8027] bridge0: port 2(bridge_slave_1) entered blocking state
[  432.903667][ T8027] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.925257][ T8027] device bridge_slave_1 entered promiscuous mode
[  432.950981][ T8007] loop1: detected capacity change from 0 to 131072
[  433.003863][ T1740] usb 3-1: USB disconnect, device number 51
[  433.079336][ T8027] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.086228][ T8027] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.093354][ T8027] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.100219][ T8027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.169019][ T8041] loop0: detected capacity change from 0 to 128
[  433.185840][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  433.196903][  T332] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.214439][  T332] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.218803][ T8041] EXT4-fs warning (device loop0): ext4_fill_super:3972: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  433.244437][ T8041] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  433.258724][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  433.277657][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.284524][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.307504][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  433.322333][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.329224][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.373320][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  433.387184][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  433.419394][ T8039] loop3: detected capacity change from 0 to 40427
[  433.420537][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  433.441629][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  433.449570][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  433.457138][  T520] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  433.465121][ T4099] device bridge_slave_1 left promiscuous mode
[  433.471265][ T4099] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.478813][ T4099] device bridge_slave_0 left promiscuous mode
[  433.484809][ T4099] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.493388][ T8039] F2FS-fs (loop3): invalid crc value
[  433.499834][ T8039] F2FS-fs (loop3): Found nat_bits in checkpoint
[  433.520111][ T4099] device veth1_macvtap left promiscuous mode
[  433.535534][ T8039] F2FS-fs (loop3): Start checkpoint disabled!
[  433.536087][ T4099] device veth0_vlan left promiscuous mode
[  433.542075][ T8039] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  433.652423][ T8027] device veth0_vlan entered promiscuous mode
[  433.680642][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  433.697003][   T39] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  433.717184][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  433.727013][ T8027] device veth1_macvtap entered promiscuous mode
[  433.748827][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  433.770334][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  433.779160][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  433.798676][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  433.811805][ T8045] loop1: detected capacity change from 0 to 40427
[  433.815215][  T520] attempt to access beyond end of device
[  433.815215][  T520] loop3: rw=2049, want=40968, limit=40427
[  433.819184][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  433.884244][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2661'.
[  434.076867][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  434.088087][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  434.098833][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  434.108420][   T39] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  434.117590][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.121384][ T8077] loop3: detected capacity change from 0 to 256
[  434.131591][   T39] usb 1-1: config 0 descriptor??
[  434.177542][   T39] usb 1-1: MIDIStreaming interface descriptor not found
[  434.196832][  T536] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  434.416841][ T2396] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  434.537006][   T39] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  434.606894][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.617712][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.627315][  T536] usb 3-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  434.636091][  T536] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.644537][  T536] usb 3-1: config 0 descriptor??
[  434.777069][ T2396] usb 2-1: config 0 has an invalid interface number: 32 but max is 0
[  434.785229][ T2396] usb 2-1: config 0 has no interface number 0
[  434.791183][ T2396] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.801948][ T2396] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.811553][ T2396] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  434.820579][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.829464][ T2396] usb 2-1: config 0 descriptor??
[  434.896907][   T39] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  434.907629][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.918468][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.928036][   T39] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  434.941000][   T39] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  434.949879][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.958616][   T39] usb 4-1: config 0 descriptor??
[  435.107036][  T536] hid (null): report_id 0 is invalid
[  435.113236][  T536] lenovo 0003:04B3:3108.0083: report_id 0 is invalid
[  435.119812][  T536] lenovo 0003:04B3:3108.0083: item 0 0 1 8 parsing failed
[  435.126872][  T536] lenovo 0003:04B3:3108.0083: hid_parse failed
[  435.133009][  T536] lenovo: probe of 0003:04B3:3108.0083 failed with error -22
[  435.308646][  T536] usb 3-1: USB disconnect, device number 52
[  435.308840][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.322551][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.330493][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.338486][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.346400][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.354389][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.362321][ T2396] logitech-djreceiver 0003:046D:C71B.0084: unknown main item tag 0x0
[  435.371420][ T2396] logitech-djreceiver 0003:046D:C71B.0084: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.1-1/input32
[  435.437784][   T39] hid-picolcd 0003:04D8:C002.0085: unbalanced collection at end of report description
[  435.447410][   T39] hid-picolcd 0003:04D8:C002.0085: device report parse failed
[  435.454732][   T39] hid-picolcd: probe of 0003:04D8:C002.0085 failed with error -22
[  435.509325][   T39] usb 2-1: USB disconnect, device number 61
[  435.638836][ T2396] usb 4-1: USB disconnect, device number 67
[  436.096868][  T536] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  436.120612][ T8098] syz.1.2677[8098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  436.120666][ T8098] syz.1.2677[8098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  436.166063][ T8101] loop1: detected capacity change from 0 to 2048
[  436.172095][ T2396] usb 1-1: USB disconnect, device number 60
[  436.213357][   T30] audit: type=1326 audit(1728636737.373:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.242616][   T30] audit: type=1326 audit(1728636737.373:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.266066][   T30] audit: type=1326 audit(1728636737.383:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.296805][   T30] audit: type=1326 audit(1728636737.383:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.332342][   T30] audit: type=1326 audit(1728636737.383:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.355841][   T30] audit: type=1326 audit(1728636737.383:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.379459][   T30] audit: type=1326 audit(1728636737.383:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.416798][   T30] audit: type=1326 audit(1728636737.383:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8104 comm="syz.0.2680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x7ffc0000
[  436.452421][ T8107] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=46 sclass=netlink_audit_socket pid=8107 comm=syz.0.2681
[  436.708291][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  436.719073][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  436.728727][  T536] usb 3-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  436.741132][  T536] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.763598][  T536] usb 3-1: config 0 descriptor??
[  436.938652][ T8135] binder: 8128:8135 ioctl 4018620d 0 returned -22
[  436.974407][ T8135] loop3: detected capacity change from 0 to 1024
[  437.130756][ T8135] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  437.249377][  T536] hid-multitouch 0003:0EEF:72D0.0086: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.2-1/input0
[  437.251880][ T8144] loop0: detected capacity change from 0 to 256
[  437.424300][ T8158] loop1: detected capacity change from 0 to 512
[  437.448518][ T1581] usb 3-1: USB disconnect, device number 53
[  437.575233][ T8161] input: syz0 as /devices/virtual/input/input51
[  437.712522][ T2396] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  437.842392][ T8169] loop1: detected capacity change from 0 to 256
[  437.973053][ T8174] loop2: detected capacity change from 0 to 512
[  437.991436][ T8174] EXT4-fs (loop2): Test dummy encryption mode enabled
[  438.001070][ T8174] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2707: invalid block
[  438.012114][ T8174] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2707: couldn't read orphan inode 11 (err -117)
[  438.023955][ T8174] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  438.091542][ T2396] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  438.102735][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.113665][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.123470][ T2396] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  438.136680][ T2396] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  438.145805][ T2396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.158059][ T2396] usb 1-1: config 0 descriptor??
[  438.247011][ T8178] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2707: Directory hole found for htree leaf block 0
[  438.386529][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  438.386544][   T30] audit: type=1326 audit(1728636739.543:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.416589][   T30] audit: type=1326 audit(1728636739.543:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.440495][   T30] audit: type=1326 audit(1728636739.553:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.464193][   T30] audit: type=1326 audit(1728636739.553:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.505088][   T30] audit: type=1326 audit(1728636739.553:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.532766][   T30] audit: type=1326 audit(1728636739.553:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.556486][ T8190] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2713'.
[  438.556572][   T30] audit: type=1326 audit(1728636739.553:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.591577][   T30] audit: type=1326 audit(1728636739.553:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.615041][   T30] audit: type=1326 audit(1728636739.553:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.639008][   T30] audit: type=1326 audit(1728636739.553:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8185 comm="syz.1.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6198e8ff9 code=0x7ffc0000
[  438.757673][ T2396] hid-picolcd 0003:04D8:C002.0087: unbalanced collection at end of report description
[  438.767330][ T2396] hid-picolcd 0003:04D8:C002.0087: device report parse failed
[  438.774613][ T2396] hid-picolcd: probe of 0003:04D8:C002.0087 failed with error -22
[  438.937002][   T39] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  438.946862][   T20] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  438.958739][  T479] usb 1-1: USB disconnect, device number 61
[  439.176958][   T39] usb 4-1: Using ep0 maxpacket: 32
[  439.176968][  T536] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  439.307008][   T39] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.317847][   T39] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.326899][   T20] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.338431][   T20] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.348371][   T20] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  439.357403][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.446986][   T39] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  439.455887][   T39] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  439.464049][   T39] usb 4-1: Product: syz
[  439.468040][   T39] usb 4-1: Manufacturer: syz
[  439.507517][   T39] hub 4-1:4.0: USB hub found
[  439.536986][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.547792][  T536] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.557422][  T536] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  439.566213][  T536] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.587037][  T536] usb 3-1: config 0 descriptor??
[  439.717063][   T39] hub 4-1:4.0: 2 ports detected
[  439.838146][   T20] logitech-hidpp-device 0003:046D:C086.0088: unknown main item tag 0x0
[  439.846313][   T20] logitech-hidpp-device 0003:046D:C086.0088: unknown main item tag 0x0
[  439.855101][   T20] logitech-hidpp-device 0003:046D:C086.0088: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.1-1/input0
[  439.996896][ T2396] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  440.017077][   T39] hub 4-1:4.0: hub_hub_status failed (err = -71)
[  440.023231][   T39] hub 4-1:4.0: config failed, can't get hub status (err -71)
[  440.040555][   T20] usb 2-1: USB disconnect, device number 62
[  440.057783][  T536] holtek_kbd 0003:04D9:A055.0089: unknown main item tag 0x0
[  440.058548][   T39] usb 4-1: USB disconnect, device number 68
[  440.064928][  T536] holtek_kbd 0003:04D9:A055.0089: item fetching failed at offset 3/5
[  440.065146][  T536] holtek_kbd: probe of 0003:04D9:A055.0089 failed with error -22
[  440.236861][ T2396] usb 1-1: Using ep0 maxpacket: 8
[  440.264359][   T20] usb 3-1: USB disconnect, device number 54
[  440.356928][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  440.367845][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  440.377591][ T2396] usb 1-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[  440.386573][ T2396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.394990][ T2396] usb 1-1: config 0 descriptor??
[  440.821323][ T8226] loop2: detected capacity change from 0 to 512
[  440.897475][ T8226] EXT4-fs (loop2): Test dummy encryption mode enabled
[  440.905018][ T8226] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2728: invalid block
[  440.916059][ T8226] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2728: couldn't read orphan inode 11 (err -117)
[  440.928040][ T8226] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  440.948785][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  440.963923][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  440.971271][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  441.012866][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  441.020328][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  441.027788][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  441.035110][ T2396] playstation 0003:054C:0CE6.008A: unknown main item tag 0x0
[  441.042857][ T2396] playstation 0003:054C:0CE6.008A: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.0-1/input0
[  441.169336][ T8230] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2728: Directory hole found for htree leaf block 0
[  441.257431][ T2396] playstation 0003:054C:0CE6.008A: Invalid byte count transferred, expected 20 got 0
[  441.260213][   T20] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  441.269704][ T2396] playstation 0003:054C:0CE6.008A: Failed to retrieve DualSense pairing info: -22
[  441.283516][ T2396] playstation 0003:054C:0CE6.008A: Failed to get MAC address from DualSense
[  441.292063][ T2396] playstation 0003:054C:0CE6.008A: Failed to create dualsense.
[  441.300100][ T2396] playstation: probe of 0003:054C:0CE6.008A failed with error -22
[  441.468691][ T8234] loop3: detected capacity change from 0 to 40427
[  441.477330][ T2396] usb 1-1: USB disconnect, device number 62
[  441.547273][ T8234] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  441.555486][ T8234] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  441.564384][ T8234] F2FS-fs (loop3): invalid crc value
[  441.571074][ T8234] F2FS-fs (loop3): Found nat_bits in checkpoint
[  441.593996][ T8234] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  441.601082][ T8234] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  441.623807][ T8234] attempt to access beyond end of device
[  441.623807][ T8234] loop3: rw=2049, want=45112, limit=40427
[  441.640730][  T332] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  441.650044][  T332] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  441.666905][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  441.686918][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  441.696511][   T20] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  441.705403][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.717074][   T20] usb 2-1: config 0 descriptor??
[  441.821122][ T8242] loop3: detected capacity change from 0 to 256
[  442.197738][   T20] holtek_kbd 0003:04D9:A055.008B: unknown main item tag 0x0
[  442.205165][   T20] holtek_kbd 0003:04D9:A055.008B: item fetching failed at offset 3/5
[  442.213547][   T20] holtek_kbd: probe of 0003:04D9:A055.008B failed with error -22
[  442.256929][ T1290] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  442.266813][ T2396] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  442.366788][   T20] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  442.417255][ T1740] usb 2-1: USB disconnect, device number 63
[  442.616898][ T1290] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  442.627938][ T1290] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.637026][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.638626][ T1290] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.649878][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.659230][ T1290] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  442.668740][ T2396] usb 1-1: New USB device found, idVendor=056a, idProduct=0300, bcdDevice= 0.00
[  442.681941][ T1290] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  442.690792][ T2396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.699942][ T1290] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.708317][ T2396] usb 1-1: config 0 descriptor??
[  442.719668][ T1290] usb 4-1: config 0 descriptor??
[  442.736989][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.747833][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.757905][   T20] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  442.766899][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.775263][   T20] usb 3-1: config 0 descriptor??
[  442.949150][ T8253] syz.1.2736[8253] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  442.949208][ T8253] syz.1.2736[8253] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  443.079411][ T8258] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  443.100543][ T8258] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22
[  443.177915][ T1290] hid-picolcd 0003:04D8:C002.008C: unbalanced collection at end of report description
[  443.191724][ T1290] hid-picolcd 0003:04D8:C002.008C: device report parse failed
[  443.199163][ T1290] hid-picolcd: probe of 0003:04D8:C002.008C failed with error -22
[  443.200633][ T2396] wacom 0003:056A:0300.008D: Unknown device_type for 'HID 056a:0300'. Assuming pen.
[  443.219877][ T2396] wacom 0003:056A:0300.008D: hidraw0: USB HID v0.00 Device [HID 056a:0300] on usb-dummy_hcd.0-1/input0
[  443.231865][ T2396] input: Wacom Bamboo One S Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0300.008D/input/input52
[  443.385479][ T1290] usb 4-1: USB disconnect, device number 69
[  443.440622][   T39] usb 1-1: USB disconnect, device number 63
[  443.466948][   T20] usb 3-1: string descriptor 0 read error: -22
[  443.526853][ T2396] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  443.728509][   T20] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.008E/input/input55
[  443.741265][   T20] uclogic 0003:256C:006D.008E: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  443.886937][ T2396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  443.897868][ T2396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  443.907463][ T2396] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  443.916284][ T2396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.926816][ T2396] usb 2-1: config 0 descriptor??
[  443.935097][   T20] usb 3-1: USB disconnect, device number 55
[  443.980837][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  443.980854][   T30] audit: type=1400 audit(1728636745.143:1158): avc:  denied  { setopt } for  pid=8273 comm="syz.0.2746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  444.100378][ T8284] syz.0.2750[8284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.100457][ T8284] syz.0.2750[8284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.126239][   T30] audit: type=1326 audit(1728636745.283:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8283 comm="syz.0.2750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba4209bff9 code=0x0
[  444.171303][ T8278] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.178687][ T8278] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.185884][ T8278] device bridge_slave_0 entered promiscuous mode
[  444.193214][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.200316][ T8278] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.209120][ T8278] device bridge_slave_1 entered promiscuous mode
[  444.230977][   T30] audit: type=1400 audit(1728636745.393:1160): avc:  denied  { connect } for  pid=8283 comm="syz.0.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  444.276803][ T8294] tipc: Failed to remove unknown binding: 67,0,0/0:3634951953/3634951954
[  444.302661][ T8296] loop3: detected capacity change from 0 to 512
[  444.318536][ T8296] EXT4-fs (loop3): Test dummy encryption mode enabled
[  444.326629][ T8296] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 1: comm syz.3.2754: invalid block
[  444.337655][ T8296] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2754: couldn't read orphan inode 11 (err -117)
[  444.349739][ T8296] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  444.390218][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.397113][ T8278] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.404237][ T8278] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.411133][ T8278] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.438330][ T2396] uclogic 0003:5543:0042.008F: No inputs registered, leaving
[  444.448758][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  444.448786][ T2396] uclogic 0003:5543:0042.008F: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.1-1/input0
[  444.460633][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  444.478922][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  444.487165][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  444.488244][ T8301] loop2: detected capacity change from 0 to 512
[  444.691289][ T8278] device veth0_vlan entered promiscuous mode
[  444.723696][ T8302] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2754: Directory hole found for htree leaf block 0
[  444.796598][ T8278] device veth1_macvtap entered promiscuous mode
[  444.873412][ T2396] usb 2-1: USB disconnect, device number 64
[  444.966302][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  444.974799][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  444.983272][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  444.991924][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  445.000021][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  445.008041][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  445.008667][ T8301] EXT4-fs (loop2): Test dummy encryption mode enabled
[  445.015573][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  445.030375][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  445.040551][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  445.040945][ T8301] EXT4-fs error (device loop2): __ext4_iget:4903: inode #11: block 1: comm syz.2.2755: invalid block
[  445.060089][ T8301] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2755: couldn't read orphan inode 11 (err -117)
[  445.071974][ T8301] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  445.272756][ T1290] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  445.299200][ T8313] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.2755: Directory hole found for htree leaf block 0
[  445.369169][ T8314] loop3: detected capacity change from 0 to 256
[  446.096796][   T20] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  446.108923][ T8317] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2759'.
[  446.160310][  T523] device bridge_slave_1 left promiscuous mode
[  446.174111][  T523] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.183939][  T523] device bridge_slave_0 left promiscuous mode
[  446.190054][  T523] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.198605][  T523] device veth1_macvtap left promiscuous mode
[  446.204636][  T523] device veth0_vlan left promiscuous mode
[  446.204870][ T8324] loop2: detected capacity change from 0 to 256
[  446.576840][   T20] usb 5-1: Using ep0 maxpacket: 8
[  446.627151][ T1290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.637905][ T1290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.647444][ T1290] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  446.656232][ T1290] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.664766][ T1290] usb 1-1: config 0 descriptor??
[  446.686842][  T343] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  446.726946][   T20] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.817012][   T20] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  446.825995][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  446.834017][   T20] usb 5-1: SerialNumber: syz
[  446.839361][   T20] usb 5-1: config 0 descriptor??
[  446.877568][   T20] usb 5-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  446.884277][   T20] uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized!
[  446.892790][   T20] usb 5-1: Failed to create links for entity 255
[  446.898891][   T20] usb 5-1: Failed to register entities (-22).
[  447.046941][  T343] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  447.057712][  T343] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.068650][  T343] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.078221][  T343] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  447.091794][   T20] usb 5-1: USB disconnect, device number 48
[  447.092271][  T343] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  447.107073][  T343] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.115744][  T343] usb 3-1: config 0 descriptor??
[  447.167792][ T1290] samsung 0003:0419:0600.0090: item fetching failed at offset 4/5
[  447.175666][ T1290] samsung 0003:0419:0600.0090: parse failed
[  447.181678][ T1290] samsung: probe of 0003:0419:0600.0090 failed with error -22
[  447.306852][ T1740] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  447.368162][ T1290] usb 1-1: USB disconnect, device number 64
[  447.566826][ T1740] usb 4-1: Using ep0 maxpacket: 8
[  447.597563][  T343] hid-picolcd 0003:04D8:C002.0091: unbalanced collection at end of report description
[  447.607724][  T343] hid-picolcd 0003:04D8:C002.0091: device report parse failed
[  447.615038][  T343] hid-picolcd: probe of 0003:04D8:C002.0091 failed with error -22
[  447.648615][ T8334] xt_bpf: check failed: parse error
[  447.696884][ T1740] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.707746][ T1740] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.717559][ T1740] usb 4-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  447.726464][ T1740] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.734862][ T1740] usb 4-1: config 0 descriptor??
[  447.800478][  T343] usb 3-1: USB disconnect, device number 56
[  447.885879][ T8342] loop0: detected capacity change from 0 to 2048
[  447.946894][ T1290] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  447.999357][ T8342] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  448.297018][ T1740] usbhid 4-1:0.0: can't add hid device: -71
[  448.302843][ T1740] usbhid: probe of 4-1:0.0 failed with error -71
[  448.310169][ T1740] usb 4-1: USB disconnect, device number 70
[  448.357051][ T1290] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.496845][ T2396] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  448.587049][ T1290] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  448.596634][ T1290] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.604780][ T1290] usb 5-1: Product: syz
[  448.609061][ T1290] usb 5-1: Manufacturer: syz
[  448.613740][ T1290] usb 5-1: SerialNumber: syz
[  448.629796][ T8355] loop2: detected capacity change from 0 to 256
[  448.822657][ T8359] loop3: detected capacity change from 0 to 2048
[  448.896894][ T2396] usb 1-1: Using ep0 maxpacket: 32
[  448.918217][ T8359] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  448.932151][ T8359] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  448.947063][ T8359] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  448.959366][ T8359] EXT4-fs (loop3): This should not happen!! Data will be lost
[  448.959366][ T8359] 
[  448.968889][ T8359] EXT4-fs (loop3): Total free blocks count 0
[  448.974652][ T8359] EXT4-fs (loop3): Free/Dirty block details
[  448.980433][ T8359] EXT4-fs (loop3): free_blocks=2415919104
[  448.985949][ T8359] EXT4-fs (loop3): dirty_blocks=16
[  448.990911][ T8359] EXT4-fs (loop3): Block reservation details
[  448.996700][ T8359] EXT4-fs (loop3): i_reserved_data_blocks=1
[  449.016883][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.027721][ T2396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  449.037489][ T2396] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  449.046325][ T2396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.062679][ T2396] usb 1-1: config 0 descriptor??
[  449.064882][ T8363] hub 8-0:1.0: USB hub found
[  449.071984][ T8363] hub 8-0:1.0: 1 port detected
[  449.107371][ T2396] hub 1-1:0.0: USB hub found
[  449.199601][ T8374] loop3: detected capacity change from 0 to 1024
[  449.257918][ T8374] EXT4-fs (loop3): Ignoring removed orlov option
[  449.264170][ T8374] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  449.288318][ T8374] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,max_dir_size_kb=0x0000000000000001,norecovery,journal_dev=0x0000000000000002,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  449.379899][ T8381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2780'.
[  449.388868][ T2396] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  449.402534][ T8383] loop2: detected capacity change from 0 to 256
[  449.412341][ T8385] loop3: detected capacity change from 0 to 512
[  449.490516][ T8385] EXT4-fs (loop3): Test dummy encryption mode enabled
[  449.504281][ T8385] EXT4-fs error (device loop3): __ext4_iget:4903: inode #11: block 1: comm syz.3.2783: invalid block
[  449.515364][ T8385] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2783: couldn't read orphan inode 11 (err -117)
[  449.527743][ T8385] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  449.687014][ T2396] usbhid 1-1:0.0: can't add hid device: -71
[  449.693366][ T2396] usbhid: probe of 1-1:0.0 failed with error -71
[  449.728894][ T2396] usb 1-1: USB disconnect, device number 65
[  449.749938][ T8389] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.2783: Directory hole found for htree leaf block 0
[  449.848659][ T1290] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  449.854928][ T1290] cdc_ncm 5-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  449.862276][ T1290] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  449.906826][ T1740] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  450.256991][ T1290] cdc_ncm 5-1:1.0: setting tx_max = 88
[  450.264538][ T1290] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42
[  450.281089][ T1290] usb 5-1: USB disconnect, device number 49
[  450.286981][ T1740] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  450.298483][ T1290] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM
[  450.306704][ T1740] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.323815][ T8396] loop3: detected capacity change from 0 to 1024
[  450.332418][ T1740] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.342074][ T1740] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  450.359479][ T1740] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  450.369710][ T1740] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.378649][  T536] ==================================================================
[  450.386523][  T536] BUG: KASAN: use-after-free in worker_thread+0xaaa/0x12a0
[  450.393556][  T536] Read of size 8 at addr ffff88810db38c60 by task kworker/0:5/536
[  450.401187][  T536] 
[  450.403355][  T536] CPU: 0 PID: 536 Comm: kworker/0:5 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  450.413085][  T536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  450.422986][  T536] Workqueue:  0x0 (pm)
[  450.426886][  T536] Call Trace:
[  450.430013][  T536]  <TASK>
[  450.432782][  T536]  dump_stack_lvl+0x151/0x1c0
[  450.437294][  T536]  ? io_uring_drop_tctx_refs+0x190/0x190
[  450.442767][  T536]  ? panic+0x760/0x760
[  450.446668][  T536]  ? __schedule+0xcd4/0x1590
[  450.451102][  T536]  print_address_description+0x87/0x3b0
[  450.456489][  T536]  kasan_report+0x179/0x1c0
[  450.460816][  T536]  ? _raw_spin_lock_irqsave+0x210/0x210
[  450.466194][  T536]  ? worker_thread+0xaaa/0x12a0
[  450.470885][  T536]  ? worker_thread+0xaaa/0x12a0
[  450.475571][  T536]  __asan_report_load8_noabort+0x14/0x20
[  450.481038][  T536]  worker_thread+0xaaa/0x12a0
[  450.485551][  T536]  kthread+0x421/0x510
[  450.489455][  T536]  ? worker_clr_flags+0x180/0x180
[  450.494315][  T536]  ? kthread_blkcg+0xd0/0xd0
[  450.498747][  T536]  ret_from_fork+0x1f/0x30
[  450.503002][  T536]  </TASK>
[  450.505858][  T536] 
[  450.508122][  T536] Allocated by task 1290:
[  450.512283][  T536]  ____kasan_kmalloc+0xdb/0x110
[  450.517059][  T536]  __kasan_kmalloc+0x9/0x10
[  450.521394][  T536]  __kmalloc+0x13a/0x270
[  450.525473][  T536]  kvmalloc_node+0x1f0/0x4d0
[  450.529899][  T536]  alloc_netdev_mqs+0x8c/0xc90
[  450.534502][  T536]  alloc_etherdev_mqs+0x33/0x40
[  450.539395][  T536]  usbnet_probe+0x1fc/0x2840
[  450.543755][  T536]  usb_probe_interface+0x5b6/0xa90
[  450.548736][  T536]  really_probe+0x28d/0x970
[  450.553047][  T536]  __driver_probe_device+0x1a0/0x310
[  450.558152][  T536]  driver_probe_device+0x54/0x3d0
[  450.563012][  T536]  __device_attach_driver+0x2c5/0x470
[  450.568220][  T536]  bus_for_each_drv+0x183/0x200
[  450.572915][  T536]  __device_attach+0x312/0x510
[  450.577507][  T536]  device_initial_probe+0x1a/0x20
[  450.582372][  T536]  bus_probe_device+0xbe/0x1e0
[  450.586970][  T536]  device_add+0xb60/0xf10
[  450.591141][  T536]  usb_set_configuration+0x190f/0x1e80
[  450.596428][  T536]  usb_generic_driver_probe+0x8b/0x150
[  450.601809][  T536]  usb_probe_device+0x144/0x260
[  450.606518][  T536]  really_probe+0x28d/0x970
[  450.610837][  T536]  __driver_probe_device+0x1a0/0x310
[  450.615964][  T536]  driver_probe_device+0x54/0x3d0
[  450.620819][  T536]  __device_attach_driver+0x2c5/0x470
[  450.626030][  T536]  bus_for_each_drv+0x183/0x200
[  450.630734][  T536]  __device_attach+0x312/0x510
[  450.635314][  T536]  device_initial_probe+0x1a/0x20
[  450.640171][  T536]  bus_probe_device+0xbe/0x1e0
[  450.644771][  T536]  device_add+0xb60/0xf10
[  450.648946][  T536]  usb_new_device+0x1038/0x1c00
[  450.653627][  T536]  hub_event+0x2def/0x4770
[  450.657885][  T536]  process_one_work+0x6bb/0xc10
[  450.662566][  T536]  worker_thread+0xad5/0x12a0
[  450.667078][  T536]  kthread+0x421/0x510
[  450.670989][  T536]  ret_from_fork+0x1f/0x30
[  450.675242][  T536] 
[  450.677407][  T536] Freed by task 1290:
[  450.681229][  T536]  kasan_set_track+0x4b/0x70
[  450.685654][  T536]  kasan_set_free_info+0x23/0x40
[  450.690425][  T536]  ____kasan_slab_free+0x126/0x160
[  450.695382][  T536]  __kasan_slab_free+0x11/0x20
[  450.699981][  T536]  slab_free_freelist_hook+0xbd/0x190
[  450.705180][  T536]  kfree+0xc8/0x220
[  450.708831][  T536]  kvfree+0x35/0x40
[  450.712475][  T536]  netdev_freemem+0x3f/0x60
[  450.716908][  T536]  netdev_release+0x7f/0xb0
[  450.721237][  T536]  device_release+0x95/0x1c0
[  450.725665][  T536]  kobject_put+0x178/0x260
[  450.729914][  T536]  put_device+0x1f/0x30
[  450.733907][  T536]  free_netdev+0x34f/0x440
[  450.738199][  T536]  usbnet_disconnect+0x245/0x390
[  450.742933][  T536]  usb_unbind_interface+0x1fa/0x8c0
[  450.747986][  T536]  device_release_driver_internal+0x50b/0x7d0
[  450.753876][  T536]  device_release_driver+0x19/0x20
[  450.758824][  T536]  bus_remove_device+0x2f8/0x360
[  450.763595][  T536]  device_del+0x663/0xe90
[  450.767759][  T536]  usb_disable_device+0x380/0x720
[  450.772621][  T536]  usb_disconnect+0x32a/0x890
[  450.777139][  T536]  hub_event+0x1d42/0x4770
[  450.781387][  T536]  process_one_work+0x6bb/0xc10
[  450.786072][  T536]  worker_thread+0xe02/0x12a0
[  450.790583][  T536]  kthread+0x421/0x510
[  450.794488][  T536]  ret_from_fork+0x1f/0x30
[  450.798741][  T536] 
[  450.800925][  T536] Last potentially related work creation:
[  450.806481][  T536]  kasan_save_stack+0x3b/0x60
[  450.810982][  T536]  __kasan_record_aux_stack+0xd3/0xf0
[  450.816186][  T536]  kasan_record_aux_stack_noalloc+0xb/0x10
[  450.821840][  T536]  insert_work+0x56/0x320
[  450.825997][  T536]  __queue_work+0x92a/0xcd0
[  450.830335][  T536]  queue_work_on+0x105/0x170
[  450.834763][  T536]  usbnet_link_change+0xeb/0x100
[  450.839552][  T536]  usbnet_probe+0x1dcb/0x2840
[  450.844049][  T536]  usb_probe_interface+0x5b6/0xa90
[  450.848998][  T536]  really_probe+0x28d/0x970
[  450.853357][  T536]  __driver_probe_device+0x1a0/0x310
[  450.858455][  T536]  driver_probe_device+0x54/0x3d0
[  450.863315][  T536]  __device_attach_driver+0x2c5/0x470
[  450.868536][  T536]  bus_for_each_drv+0x183/0x200
[  450.873219][  T536]  __device_attach+0x312/0x510
[  450.877897][  T536]  device_initial_probe+0x1a/0x20
[  450.882758][  T536]  bus_probe_device+0xbe/0x1e0
[  450.887374][  T536]  device_add+0xb60/0xf10
[  450.891531][  T536]  usb_set_configuration+0x190f/0x1e80
[  450.896831][  T536]  usb_generic_driver_probe+0x8b/0x150
[  450.902145][  T536]  usb_probe_device+0x144/0x260
[  450.906819][  T536]  really_probe+0x28d/0x970
[  450.911148][  T536]  __driver_probe_device+0x1a0/0x310
[  450.916270][  T536]  driver_probe_device+0x54/0x3d0
[  450.921209][  T536]  __device_attach_driver+0x2c5/0x470
[  450.926433][  T536]  bus_for_each_drv+0x183/0x200
[  450.931102][  T536]  __device_attach+0x312/0x510
[  450.935710][  T536]  device_initial_probe+0x1a/0x20
[  450.940563][  T536]  bus_probe_device+0xbe/0x1e0
[  450.945167][  T536]  device_add+0xb60/0xf10
[  450.949334][  T536]  usb_new_device+0x1038/0x1c00
[  450.954030][  T536]  hub_event+0x2def/0x4770
[  450.958271][  T536]  process_one_work+0x6bb/0xc10
[  450.963088][  T536]  worker_thread+0xad5/0x12a0
[  450.967555][  T536]  kthread+0x421/0x510
[  450.971459][  T536]  ret_from_fork+0x1f/0x30
[  450.975738][  T536] 
[  450.977886][  T536] The buggy address belongs to the object at ffff88810db38000
[  450.977886][  T536]  which belongs to the cache kmalloc-4k of size 4096
[  450.991784][  T536] The buggy address is located 3168 bytes inside of
[  450.991784][  T536]  4096-byte region [ffff88810db38000, ffff88810db39000)
[  451.005051][  T536] The buggy address belongs to the page:
[  451.010528][  T536] page:ffffea000436ce00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10db38
[  451.020595][  T536] head:ffffea000436ce00 order:3 compound_mapcount:0 compound_pincount:0
[  451.028754][  T536] flags: 0x4000000000010200(slab|head|zone=1)
[  451.034694][  T536] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[  451.043085][  T536] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  451.051500][  T536] page dumped because: kasan: bad access detected
[  451.057749][  T536] page_owner tracks the page as allocated
[  451.063288][  T536] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6023, ts 353851611631, free_ts 353200653702
[  451.083778][  T536]  post_alloc_hook+0x1a3/0x1b0
[  451.088382][  T536]  prep_new_page+0x1b/0x110
[  451.092922][  T536]  get_page_from_freelist+0x3550/0x35d0
[  451.098685][  T536]  __alloc_pages+0x27e/0x8f0
[  451.103107][  T536]  new_slab+0x9a/0x4e0
[  451.107014][  T536]  ___slab_alloc+0x39e/0x830
[  451.111439][  T536]  __slab_alloc+0x4a/0x90
[  451.115606][  T536]  __kmalloc_track_caller+0x16c/0x260
[  451.120814][  T536]  kmemdup+0x24/0x50
[  451.124545][  T536]  __addrconf_sysctl_register+0xad/0x3e0
[  451.130015][  T536]  addrconf_sysctl_register+0x141/0x1a0
[  451.135406][  T536]  ipv6_add_dev+0xc84/0x1140
[  451.139897][  T536]  addrconf_notify+0x593/0xdd0
[  451.144439][  T536]  raw_notifier_call_chain+0x8c/0xf0
[  451.149678][  T536]  call_netdevice_notifiers+0x145/0x1b0
[  451.155035][  T536]  register_netdevice+0x1035/0x1390
[  451.160072][  T536] page last free stack trace:
[  451.164575][  T536]  free_unref_page_prepare+0x7c8/0x7d0
[  451.169883][  T536]  free_unref_page+0xe8/0x750
[  451.174560][  T536]  __free_pages+0x61/0xf0
[  451.178724][  T536]  __free_slab+0xec/0x1d0
[  451.182898][  T536]  __unfreeze_partials+0x165/0x1a0
[  451.187844][  T536]  put_cpu_partial+0xc4/0x120
[  451.192349][  T536]  __slab_free+0x1c8/0x290
[  451.196611][  T536]  ___cache_free+0x109/0x120
[  451.201027][  T536]  qlink_free+0x4d/0x90
[  451.205020][  T536]  qlist_free_all+0x44/0xb0
[  451.209368][  T536]  kasan_quarantine_reduce+0x15a/0x180
[  451.214657][  T536]  __kasan_slab_alloc+0x2f/0xe0
[  451.219341][  T536]  slab_post_alloc_hook+0x53/0x2c0
[  451.224292][  T536]  __kmalloc_track_caller+0x11d/0x260
[  451.229495][  T536]  __alloc_skb+0x10c/0x550
[  451.233746][  T536]  netlink_sendmsg+0x797/0xd20
[  451.238480][  T536] 
[  451.240686][  T536] Memory state around the buggy address:
[  451.246108][  T536]  ffff88810db38b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  451.254004][  T536]  ffff88810db38b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  451.261913][  T536] >ffff88810db38c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  451.269996][  T536]                                                        ^
[  451.277036][  T536]  ffff88810db38c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  451.285048][  T536]  ffff88810db38d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  451.292920][  T536] ==================================================================
[  451.300819][  T536] Disabling lock debugging due to kernel taint
[  451.312217][ T1740] usb 3-1: config 0 descriptor??
[  451.321283][ T8396] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  451.353269][   T30] audit: type=1400 audit(1728636752.513:1161): avc:  denied  { unlink } for  pid=7559 comm="syz-executor" name="file0" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  451.367531][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.387035][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.398348][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.409134][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.419830][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.430504][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.441121][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.451744][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.462377][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.472811][  T393] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  451.473099][ T7559] EXT4-fs error (device loop3): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size
[  451.808152][ T1740] hid-picolcd 0003:04D8:C002.0092: unbalanced collection at end of report description
[  451.821124][ T1740] hid-picolcd 0003:04D8:C002.0092: device report parse failed
[  451.828730][ T1740] hid-picolcd: probe of 0003:04D8:C002.0092 failed with error -22
[  451.876858][  T393] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  451.887018][  T393] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  451.897954][  T393] usb 1-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  451.907623][  T393] usb 1-1: config 0 interface 0 has no altsetting 0
[  451.914043][  T393] usb 1-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  451.922981][  T393] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.934965][  T393] usb 1-1: config 0 descriptor??
[  452.017813][    T8] device bridge_slave_1 left promiscuous mode
[  452.024015][ T1290] usb 3-1: USB disconnect, device number 57
[  452.024890][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.041351][    T8] device bridge_slave_0 left promiscuous mode
[  452.047593][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.056094][    T8] device veth1_macvtap left promiscuous mode
[  452.062129][    T8] device veth0_vlan left promiscuous mode
[  452.417895][  T393] zeroplus 0003:0C12:0005.0093: item fetching failed at offset 1/5
[  452.425880][  T393] zeroplus 0003:0C12:0005.0093: parse failed
[  452.431770][  T393] zeroplus: probe of 0003:0C12:0005.0093 failed with error -22
[  452.622043][   T39] usb 1-1: USB disconnect, device number 66