last executing test programs:

1m55.953779911s ago: executing program 32 (id=608):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd28420000000000000109022400010000000009040100020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x14, &(0x7f0000000280)={0x20, 0x31, 0x2, {0x2, 0x23}}, 0x0, 0x0, 0x0}, 0x0)

1m10.757881075s ago: executing program 33 (id=1117):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

1m1.908102909s ago: executing program 34 (id=1740):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008b040000000000f19d324670b61c"])

40.055951856s ago: executing program 5 (id=2299):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
copy_file_range(r1, 0x0, r1, 0x0, 0xd, 0x0)

39.991355478s ago: executing program 5 (id=2300):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f000000560900a1004daf25cee2d5d1c1"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000240), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0x40184810, &(0x7f0000000040)={0x2, 0x100, 0x0, 0x2, 0x4, 0x1})

38.219580742s ago: executing program 5 (id=2331):
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
timer_delete(0x0)

38.185731073s ago: executing program 5 (id=2332):
mkdirat(0xffffffffffffff9c, &(0x7f0000001a40)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00')

38.115291864s ago: executing program 5 (id=2333):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}})

38.051270215s ago: executing program 7 (id=2335):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0\x00', <r2=>0x0})
writev(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000580)="051a00000e80006558f2878f02", 0xd}], 0x2)
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r2}, 0x10, &(0x7f0000000100)={0x0}, 0x2, 0x0, 0x0, 0x44904}, 0x4040005)

38.030919956s ago: executing program 7 (id=2337):
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x768943b6b926b3ed)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r1, 0x0)
copy_file_range(r1, &(0x7f00000008c0)=0x4, r0, &(0x7f0000000100), 0x8, 0x0)

37.978040307s ago: executing program 5 (id=2340):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0x60, &(0x7f0000000300)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

37.977703457s ago: executing program 7 (id=2341):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0x800, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
syz_emit_ethernet(0x43, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae"}}}}}, 0x0)

37.888121519s ago: executing program 35 (id=2340):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0x60, &(0x7f0000000300)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

37.886182498s ago: executing program 7 (id=2344):
mkdirat(0xffffffffffffff9c, &(0x7f0000001a40)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00')

37.858250889s ago: executing program 7 (id=2347):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000580)=0x100e77, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0xfffd, 0x8000000, @loopback, 0x3}, 0x1c)
recvmmsg(r0, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}, 0x83}], 0x1, 0x10000, 0x0)

37.702485192s ago: executing program 7 (id=2348):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0)

37.656336043s ago: executing program 36 (id=2348):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0)

23.104551508s ago: executing program 2 (id=2596):
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)

22.968277591s ago: executing program 2 (id=2598):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@ll={0x11, 0x10, r2, 0x1, 0x2, 0x6, @random="440a3cba5a84"}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000180)='O', 0x1}, {&(0x7f0000000a40)='S', 0x1}, {&(0x7f0000000240)="f5a1840b5511b122", 0x8}], 0x3}}], 0x1, 0x400c889)

22.900583582s ago: executing program 2 (id=2600):
io_setup(0x4, &(0x7f0000000000))
io_setup(0x1, &(0x7f0000000200))
io_setup(0x7f, &(0x7f0000000a80))
io_setup(0x8, &(0x7f0000000040))
io_setup(0x7, &(0x7f0000000140))

22.798201204s ago: executing program 2 (id=2604):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
syz_mount_image$fuse(0x0, &(0x7f0000000300)='./bus\x00', 0x3000001, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x100)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)

22.339531503s ago: executing program 2 (id=2611):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_clone3(0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x3}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

20.877747071s ago: executing program 2 (id=2621):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', r2, 0x2500, 0x2500, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x7d, 0x2f, 0x0, @empty, @private}}}})

20.796808833s ago: executing program 37 (id=2621):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', r2, 0x2500, 0x2500, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x7d, 0x2f, 0x0, @empty, @private}}}})

18.996702968s ago: executing program 3 (id=2642):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mount$incfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='d'])

18.965801858s ago: executing program 3 (id=2644):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="68000000180001002dbd7000fcdbdf2502201428ff00ff"], 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[], 0x114}], 0x1, 0x0, 0x0, 0x4000000}, 0x8040)

18.937650979s ago: executing program 3 (id=2645):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

18.841676921s ago: executing program 3 (id=2646):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
setxattr$security_capability(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000080), &(0x7f0000000000)=@v3={0x3000000, [{0x9, 0xfffffff5}, {0x1, 0x6}], 0xee00}, 0x18, 0x1)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
truncate(&(0x7f0000000180)='./file0/file1\x00', 0x73d)

18.725622473s ago: executing program 3 (id=2647):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="49b804ca000000000000000023c84f0c62f8c401f56d6c535f0fc7790bb805000000b91ac500000f01c12e3e0f01c8440f20c03509000000440f22c0f0438636c481596bc1660f3839e866ba4200ed66baf80cb87824f588ef66bafc0cb80e000000ef2666400f3828c5", 0x6a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18.422515019s ago: executing program 3 (id=2648):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x207)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

18.40884699s ago: executing program 38 (id=2648):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x207)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

17.633481015s ago: executing program 9 (id=2652):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141042, 0x0)
unshare(0x400)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x8800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x203, 0x1000000, 0x2, r0, 0x5})

17.474418028s ago: executing program 9 (id=2658):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2d, &(0x7f0000000400)=0x1, 0x4)

14.871009609s ago: executing program 9 (id=2683):
capset(0x0, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="080000000000000083000040"])

14.752934071s ago: executing program 9 (id=2681):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000500)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)

14.692871922s ago: executing program 9 (id=2685):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)=@x86={0x54, 0xa, 0x9, 0x0, 0x5, 0x6, 0x2, 0x80, 0x4c, 0xf, 0xed, 0x10, 0x0, 0xc, 0xe, 0xc, 0x45, 0x27, 0xd, '\x00', 0x82})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000040)={0x160000, 0x0, [0x3, 0x800, 0x65, 0x0, 0xfffffffffffffff5, 0xf, 0x6, 0x8]})

13.630519503s ago: executing program 9 (id=2703):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x4d)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x58)

13.592415864s ago: executing program 39 (id=2703):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x4d)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x58)

4.836255175s ago: executing program 4 (id=2986):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x34, r1, 0x1, 0x4000, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x34}}, 0x0)

4.820100425s ago: executing program 4 (id=2987):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x0, 0x3}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x60b, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

2.793782915s ago: executing program 8 (id=3026):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0f00000004000000040000000400010000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="100000000500"], 0x50)

2.780434115s ago: executing program 8 (id=3036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xa, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x94)

2.746472836s ago: executing program 8 (id=3029):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x20000800)

2.678637947s ago: executing program 8 (id=3031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000070000000700000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

2.642544578s ago: executing program 8 (id=3032):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x5, 0x28, 0xe4d, 0x2, 0x7ff, 0x3861, 0x8, 0x3ff, 0x2, 0x1, 0x200, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

1.791344975s ago: executing program 4 (id=3054):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

1.768153895s ago: executing program 4 (id=3057):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fchmod(r2, 0x20)

1.704055596s ago: executing program 4 (id=3060):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r2, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@random="d6c3c7aacd5c", @link_local, @val={@val={0x88a8, 0x5, 0x0, 0x1}, {0x8100, 0x3, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1.622103468s ago: executing program 6 (id=3061):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

1.621643138s ago: executing program 4 (id=3071):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17ef, 0x6047, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x1, 0x5, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x34, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x10, 0x8, 0x6}}}}}]}}]}}, 0x0)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="000405"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.611564818s ago: executing program 6 (id=3063):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40054)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0)
syz_usb_connect$printer(0x4, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000200798b9c73e2000000b8040202400001020301090224000101005001030000000207"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)

511.30022ms ago: executing program 0 (id=3074):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf502, 0x5)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)

510.61334ms ago: executing program 8 (id=3075):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x17, 0x4, "abe763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000cf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

319.139303ms ago: executing program 6 (id=3078):
r0 = socket(0x11, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file1\x00', 0x2000084c, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES64=r1, @ANYRES8=r3, @ANYRES16=r1, @ANYRES64=r1, @ANYBLOB="2c6469736361726459ad809e1eb82c00fb278330ab3b4884d36adf6908d11f5783dc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14fc, &(0x7f0000002a80)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')

257.523075ms ago: executing program 0 (id=3080):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

257.215325ms ago: executing program 6 (id=3081):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f00000007c0)="$eJzslj+v0lAYxp9zSgoYjYmji4Mk6mBpixoXElmcHEz8QxxMJFIJUiUBBiEx6Cdwd3Nw9wuY6OqHMOiiC07euTfnT+m5XApcbrkM9/0lnD5tz3n7nvdtngKCIE4tv3/tTaL/1T8FAGdRQl5f/2slc7gx/2fh39vv9+7WPzz9/CM/cYqLYkbR+s/PAfhWszCYrT24uqSPD8Fn+hE4rmldB4Oj9TNwPNY6AMMTrV8auivmO86Ldhg4z7thUwhXDJ4YfDFU5vObvmdoGvkx435/OOo0wjDobVGsqt+0xlE18jP75UBl6xr188DhaV0BwwOtbyMf10aVxNj/xVwS31q6fxvbrohI5QirLpxLbZUNYLM0AJZV7/FOv7LbfIdShAUp4o5mFNk6oV2IF33FHOSWVT67LWcnNunF1ztqTXwlGqtzOed8SsBovOYjbBy6VVy9KvGn6BPDFcOflJV8lJ8a0cJyfzi63n7VaAWt4LXvV265N1z3pl+WRqTGJf5XlP50Jom/8JsksJmNN43BoOepcXbuq3GR43LpfxxXL6tz4ab2XNyCoZn+cXmU3tv5kpo9QRDE7rgEJj1Z+nIs9NcExn/d+zvMkSAIgiAIgiAIgiCI47EfAAD//xEmRfM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000000200))

104.073208ms ago: executing program 6 (id=3084):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x8, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008510000002000000a6000000ffffff859500007b000000fd84000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x7, 0x92, &(0x7f0000000040)=""/146}, 0x80)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='1-0'], 0x31)

95.977578ms ago: executing program 1 (id=3085):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000001008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)

89.567868ms ago: executing program 0 (id=3086):
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x31, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x3})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

77.637438ms ago: executing program 1 (id=3087):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x18)
readlink(0x0, 0x0, 0x0)

69.833089ms ago: executing program 0 (id=3088):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

65.800778ms ago: executing program 6 (id=3089):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000ff623140fd0704005026010203010902120001000000000904000000ff"], 0x0)

57.764229ms ago: executing program 1 (id=3090):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r0], 0x20}}, 0x0)

44.551029ms ago: executing program 1 (id=3091):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, 0x0, 0xffffff6a)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r0, r3, 0xfffffffffffffc01, 0x0)
vmsplice(r2, &(0x7f0000002600)=[{&(0x7f00000002c0)='*', 0x1}], 0x1, 0xf)

27.561669ms ago: executing program 1 (id=3092):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
clock_adjtime(0x0, &(0x7f0000001100)={0xd77, 0xf423f, 0xfffffffffffffffe, 0x0, 0x0, 0x4b, 0x8, 0x0, 0x0, 0xa12, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xefe, 0x4, 0x0, 0x0, 0x2, 0x3, 0x80000000000000})

27.155329ms ago: executing program 0 (id=3093):
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x38)
setsockopt$inet6_int(r0, 0x29, 0x7, &(0x7f0000000040)=0xeffe, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e27, 0x41200003, @empty, 0xb}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1)

16.333459ms ago: executing program 1 (id=3094):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000440)={{0xffbe, 0x5, 0x2, 0x5}, 'syz0\x00', 0x54})
ioctl$UI_DEV_CREATE(r1, 0x5501)
read$FUSE(r0, &(0x7f0000002300)={0x2020}, 0x2020)

0s ago: executing program 0 (id=3095):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x47, 0x4, 0x2}, 0x50)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r0, &(0x7f00000003c0), &(0x7f0000000580)=@tcp=r1}, 0x20)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r0, &(0x7f0000000600), &(0x7f0000000340)=@udp6=r2, 0x1}, 0x20)

kernel console output (not intermixed with test programs):

 usb-dummy_hcd.7-1, CDC MBIM, 76:7a:f2:dc:94:a2
[  123.773707][ T5693] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 2: comm syz.2.2186: lblock 2 mapped to illegal pblock 2 (length 1)
[  123.796839][ T5693] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  123.805888][   T28] audit: type=1400 audit(1758192598.732:1290): avc:  denied  { read } for  pid=142 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  123.814618][ T5693] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 48: comm syz.2.2186: lblock 0 mapped to illegal pblock 48 (length 1)
[  123.845286][ T5693] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  123.852292][   T28] audit: type=1400 audit(1758192598.732:1291): avc:  denied  { search } for  pid=142 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  123.854709][ T5693] EXT4-fs error (device loop2): ext4_acquire_dquot:6801: comm syz.2.2186: Failed to acquire dquot type 0
[  123.875742][   T28] audit: type=1400 audit(1758192598.732:1292): avc:  denied  { read } for  pid=142 comm="dhcpcd" name="n15" dev="tmpfs" ino=14460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  123.908742][   T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  123.909746][ T1172] usb 8-1: USB disconnect, device number 6
[  123.916601][   T28] audit: type=1400 audit(1758192598.732:1293): avc:  denied  { open } for  pid=142 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=14460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  123.937018][ T1172] cdc_mbim 8-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.7-1, CDC MBIM
[  123.945753][   T28] audit: type=1400 audit(1758192598.732:1294): avc:  denied  { getattr } for  pid=142 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=14460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  123.977371][ T5693] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[  123.987182][ T5693] EXT4-fs error (device loop2): ext4_evict_inode:279: inode #11: comm syz.2.2186: mark_inode_dirty error
[  124.003038][ T5693] EXT4-fs warning (device loop2): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  124.013599][ T5693] EXT4-fs (loop2): 1 orphan inode deleted
[  124.019554][ T5693] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  124.028801][ T5233] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:31: lblock 1 mapped to illegal pblock 1 (length 1)
[  124.078747][ T5233] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  124.093250][ T5233] EXT4-fs error (device loop2): ext4_release_dquot:6837: comm kworker/u4:31: Failed to release dquot type 0
[  124.106713][  T285] EXT4-fs (loop2): unmounting filesystem.
[  124.112679][  T285] EXT4-fs error (device loop2): __ext4_get_inode_loc:4509: comm syz-executor: Invalid inode table block 1 in block_group 0
[  124.117875][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.126496][  T285] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[  124.146349][  T285] EXT4-fs error (device loop2): ext4_quota_off:7107: inode #3: comm syz-executor: mark_inode_dirty error
[  124.156534][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.167894][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  124.180900][   T39] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  124.189993][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.198873][   T39] usb 2-1: config 0 descriptor??
[  124.282152][ T5703] loop5: detected capacity change from 0 to 512
[  124.319745][ T5703] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  124.333951][ T5703] EXT4-fs (loop5): orphan cleanup on readonly fs
[  124.341412][ T5703] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated!
[  124.369454][ T5703] EXT4-fs error (device loop5): ext4_acquire_dquot:6801: comm syz.5.2190: Failed to acquire dquot type 1
[  124.412876][ T5703] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.2190: bg 0: block 40: padding at end of block bitmap is not set
[  124.459343][ T5703] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  124.494632][ T5703] EXT4-fs (loop5): 1 truncate cleaned up
[  124.535575][ T5703] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  124.553360][ T5719] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  124.611509][   T39] plantronics 0003:047F:FFFF.0026: No inputs registered, leaving
[  124.625081][   T39] plantronics 0003:047F:FFFF.0026: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  124.638366][ T1816] EXT4-fs (loop5): unmounting filesystem.
[  124.734634][ T5731] incfs: Options parsing error. -22
[  124.742908][ T5731] incfs: mount failed -22
[  124.917725][ T5762] input: syz0 as /devices/virtual/input/input26
[  125.247161][  T334] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  125.441231][  T334] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  125.453042][  T334] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  125.466750][  T334] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.483838][  T334] snd-usb-audio: probe of 3-1:27.0 failed with error -2
[  125.509639][  T658] udevd[658]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  125.682239][    T6] usb 3-1: USB disconnect, device number 16
[  125.882442][ T5972] loop3: detected capacity change from 0 to 256
[  125.922311][ T5972] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  126.031824][ T5974] loop7: detected capacity change from 0 to 40427
[  126.041688][ T5974] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  126.049706][ T5974] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  126.070153][ T5974] F2FS-fs (loop7): invalid crc value
[  126.077276][ T5974] F2FS-fs (loop7): Found nat_bits in checkpoint
[  126.106883][ T5974] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  126.114014][ T5974] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  126.209847][ T5995] loop2: detected capacity change from 0 to 256
[  126.224598][ T5995] exfat: Bad value for 'uid'
[  126.324361][ T6006] loop2: detected capacity change from 0 to 256
[  126.335610][ T6006] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x389acb7e, utbl_chksum : 0xe619d30d)
[  126.444430][ T6018] loop2: detected capacity change from 0 to 512
[  126.452155][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  126.456743][   T19] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  126.657831][   T19] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  126.666623][   T19] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  126.677502][   T19] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  126.686595][   T19] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64
[  126.703297][   T19] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  126.712870][   T19] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  126.721152][   T19] usb 6-1: Product: syz
[  126.725417][   T19] usb 6-1: Manufacturer: syz
[  126.731336][ T5991] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  126.739176][    T6] usb 2-1: USB disconnect, device number 14
[  126.745875][   T19] cdc_wdm 6-1:1.0: skipping garbage
[  126.751655][   T19] cdc_wdm 6-1:1.0: skipping garbage
[  126.765509][   T19] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  126.846736][ T1172] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  126.946006][   T19] usb 6-1: USB disconnect, device number 17
[  126.955601][ T6055] SELinux:  Context system_u:object_r:iptables_conf_t:s0 is not valid (left unmapped).
[  126.978182][ T6057] syz.3.2259[6057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.978236][ T6057] syz.3.2259[6057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.043654][ T1172] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  127.065379][ T1172] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.080675][ T1172] usb 3-1: Product: syz
[  127.084944][ T1172] usb 3-1: Manufacturer: syz
[  127.095251][ T1172] usb 3-1: SerialNumber: syz
[  127.104850][ T1172] usb 3-1: config 0 descriptor??
[  127.183609][ T6076] loop3: detected capacity change from 0 to 256
[  127.192401][ T6076] exfat: Bad value for 'uid'
[  127.540889][ T6105] input: syz1 as /devices/virtual/input/input27
[  127.598668][ T6107] syz.5.2282[6107] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.598929][ T6107] syz.5.2282[6107] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.056875][  T343] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  128.120227][ T1172] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  128.134831][ T1172] asix: probe of 3-1:0.0 failed with error -71
[  128.149631][ T1172] usb 3-1: USB disconnect, device number 17
[  128.267769][  T343] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  128.290711][  T343] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  128.309308][  T343] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  128.332052][  T343] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64
[  128.352421][  T343] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  128.366693][  T343] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  128.376806][   T39] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  128.381155][  T343] usb 2-1: Product: syz
[  128.393748][  T343] usb 2-1: Manufacturer: syz
[  128.402810][ T6124] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  128.412989][  T343] cdc_wdm 2-1:1.0: skipping garbage
[  128.419787][  T343] cdc_wdm 2-1:1.0: skipping garbage
[  128.430873][  T343] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  128.569783][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.586733][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.601910][   T39] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  128.616063][   T39] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  128.626120][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.641973][  T343] usb 2-1: USB disconnect, device number 15
[  128.656984][   T39] usb 6-1: config 0 descriptor??
[  128.741120][ T6165] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  128.969279][ T6167] loop3: detected capacity change from 0 to 40427
[  128.986241][ T6167] F2FS-fs (loop3): fault_injection options not supported
[  129.003281][ T6167] F2FS-fs (loop3): invalid crc value
[  129.025875][ T6167] F2FS-fs (loop3): Found nat_bits in checkpoint
[  129.068204][   T39] plantronics 0003:047F:FFFF.0027: unknown main item tag 0xe
[  129.075672][   T39] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  129.094690][   T39] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[  129.108136][ T6167] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  129.112557][   T39] plantronics 0003:047F:FFFF.0027: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  129.141461][ T6167] syz.3.2311: attempt to access beyond end of device
[  129.141461][ T6167] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  129.216318][  T471] syz-executor: attempt to access beyond end of device
[  129.216318][  T471] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  129.379420][   T19] usb 6-1: USB disconnect, device number 18
[  129.567311][   T28] kauditd_printk_skb: 25 callbacks suppressed
[  129.567329][   T28] audit: type=1400 audit(1758192604.502:1319): avc:  denied  { execute } for  pid=6191 comm="syz.7.2321" path="/118/cpu.stat" dev="tmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  129.575565][ T6190] loop3: detected capacity change from 0 to 8192
[  129.626768][   T39] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  129.821953][   T39] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.837095][   T39] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.847244][   T39] usb 2-1: config 0 interface 0 has no altsetting 0
[  129.857065][   T39] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  129.870203][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.896023][   T39] usb 2-1: config 0 descriptor??
[  129.981331][   T28] audit: type=1400 audit(1758192604.912:1320): avc:  denied  { mount } for  pid=6216 comm="syz.5.2332" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  130.040669][   T28] audit: type=1400 audit(1758192604.912:1321): avc:  denied  { mounton } for  pid=6216 comm="syz.5.2332" path="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  130.432732][ T6244] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.439954][ T6244] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.447670][ T6244] device bridge_slave_0 entered promiscuous mode
[  130.454959][ T6244] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.462365][ T6244] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.470208][ T6244] device bridge_slave_1 entered promiscuous mode
[  130.503362][ T6253] loop2: detected capacity change from 0 to 16
[  130.512160][   T39] usb 2-1: string descriptor 0 read error: -22
[  130.529839][ T6253] erofs: (device loop2): mounted with root inode @ nid 36.
[  130.662170][ T6268] loop3: detected capacity change from 0 to 128
[  130.681333][ T6268] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  130.693291][ T6268] System zones: 1-3, 19-19, 35-36
[  130.699370][ T6268] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  130.709082][ T6268] ext4 filesystem being mounted at /507/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  130.722573][   T39] uclogic 0003:256C:006D.0028: failed retrieving string descriptor #100: -71
[  130.746083][ T6244] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.756997][ T6244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.764311][ T6244] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.771393][ T6244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.781851][ T6268] EXT4-fs warning (device loop3): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  130.797717][ T5913] device bridge_slave_1 left promiscuous mode
[  130.803885][ T5913] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.820137][  T471] EXT4-fs (loop3): unmounting filesystem.
[  130.827490][   T39] uclogic 0003:256C:006D.0028: failed retrieving pen parameters: -71
[  130.835909][   T39] uclogic 0003:256C:006D.0028: failed probing pen v1 parameters: -71
[  130.848409][   T39] uclogic 0003:256C:006D.0028: failed probing parameters: -71
[  130.855947][   T39] uclogic: probe of 0003:256C:006D.0028 failed with error -71
[  130.865259][ T5913] device bridge_slave_0 left promiscuous mode
[  130.871610][ T5913] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.879098][   T39] usb 2-1: USB disconnect, device number 16
[  130.886497][ T5913] device veth1_macvtap left promiscuous mode
[  130.892679][ T5913] device veth0_vlan left promiscuous mode
[  131.064328][ T6262] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.071900][ T6262] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.079698][ T6262] device bridge_slave_0 entered promiscuous mode
[  131.087920][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.095627][ T5961] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.103040][ T5961] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.111124][ T6262] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.118316][ T6262] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.125981][ T6262] device bridge_slave_1 entered promiscuous mode
[  131.126770][ T1172] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  131.146818][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  131.155111][ T5961] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.162170][ T5961] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.174943][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  131.183318][ T5961] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.190519][ T5961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.224489][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  131.239976][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  131.269517][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  131.292342][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  131.300874][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  131.314161][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  131.322169][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  131.332304][ T6244] device veth0_vlan entered promiscuous mode
[  131.340759][ T1172] usb 3-1: unable to get BOS descriptor or descriptor too short
[  131.363324][ T1172] usb 3-1: not running at top speed; connect to a high speed hub
[  131.374631][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  131.383556][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  131.392720][ T1172] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[  131.401585][ T1172] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  131.413076][ T1172] usb 3-1: config 4 has no interface number 0
[  131.414176][ T6244] device veth1_macvtap entered promiscuous mode
[  131.427902][ T1172] usb 3-1: string descriptor 0 read error: -22
[  131.434266][ T1172] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  131.443530][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  131.451363][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  131.459176][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.466895][ T1172] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.470781][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  131.483123][ T1172] usb 3-1: Found UVC 0.00 device <unnamed> (04f2:b746)
[  131.483642][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  131.490384][ T1172] usb 3-1: No valid video chain found.
[  131.499463][ T5307] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.510766][ T5307] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.518368][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  131.526862][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  131.535183][ T5307] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.542243][ T5307] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.572650][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  131.581219][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  131.581339][   T28] audit: type=1326 audit(1758192607.515:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6299 comm="syz.1.2364" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d39d8eba9 code=0x0
[  131.590735][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  131.620895][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  131.629463][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  131.640491][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  131.648759][ T5307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  131.663712][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  131.671937][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  131.705801][  T334] usb 3-1: USB disconnect, device number 18
[  131.722636][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  131.732934][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  131.759839][ T6262] device veth0_vlan entered promiscuous mode
[  131.770524][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  131.778705][ T6310] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2367'.
[  131.784367][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  131.802394][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  131.810405][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  131.830365][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  131.840654][ T6262] device veth1_macvtap entered promiscuous mode
[  131.851673][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  131.860483][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  131.873257][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  131.881842][ T5862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  132.010126][   T28] audit: type=1400 audit(1758192607.945:1323): avc:  denied  { map } for  pid=6329 comm="syz.9.2375" path="socket:[41900]" dev="sockfs" ino=41900 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  132.035105][   T28] audit: type=1400 audit(1758192607.945:1324): avc:  denied  { read } for  pid=6329 comm="syz.9.2375" path="socket:[41900]" dev="sockfs" ino=41900 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  132.038469][    T6] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  132.091704][   T28] audit: type=1400 audit(1758192608.025:1325): avc:  denied  { create } for  pid=6333 comm="syz.9.2377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  132.112017][   T28] audit: type=1400 audit(1758192608.025:1326): avc:  denied  { connect } for  pid=6333 comm="syz.9.2377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  132.131956][   T28] audit: type=1400 audit(1758192608.025:1327): avc:  denied  { write } for  pid=6333 comm="syz.9.2377" path="socket:[42651]" dev="sockfs" ino=42651 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  132.155814][   T28] audit: type=1400 audit(1758192608.045:1328): avc:  denied  { lock } for  pid=6335 comm="syz.9.2378" path="socket:[42660]" dev="sockfs" ino=42660 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  132.218296][ T5913] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.228538][ T5913] device bridge_slave_0 left promiscuous mode
[  132.228571][ T6339] loop2: detected capacity change from 0 to 128
[  132.234898][ T5913] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.243737][ T6339] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  132.257123][ T6339] ext4 filesystem being mounted at /580/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  132.267725][ T5913] device veth1_macvtap left promiscuous mode
[  132.273812][ T5913] device veth0_vlan left promiscuous mode
[  132.297976][    T6] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.308101][  T285] EXT4-fs (loop2): unmounting filesystem.
[  132.309290][    T6] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.325666][    T6] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.344556][    T6] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.350893][ T6343] loop2: detected capacity change from 0 to 1024
[  132.354116][    T6] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.369158][ T6343] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  132.372516][    T6] usb 9-1: config 0 descriptor??
[  132.381843][ T6343] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  132.396480][ T6343] JBD2: no valid journal superblock found
[  132.403254][ T6343] EXT4-fs (loop2): error loading journal
[  132.451303][ T6345] loop1: detected capacity change from 0 to 8192
[  132.461275][ T6343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2380'.
[  132.659638][ T6363] device bridge0 entered promiscuous mode
[  132.665467][ T6363] device macsec2 entered promiscuous mode
[  132.672456][ T6363] bridge0: port 3(macsec2) entered blocking state
[  132.696881][ T6363] bridge0: port 3(macsec2) entered disabled state
[  132.715647][ T6363] device bridge0 left promiscuous mode
[  132.798891][    T6] plantronics 0003:047F:FFFF.0029: unknown main item tag 0xe
[  132.806854][    T6] plantronics 0003:047F:FFFF.0029: unknown main item tag 0x0
[  132.821077][    T6] plantronics 0003:047F:FFFF.0029: No inputs registered, leaving
[  132.841353][    T6] plantronics 0003:047F:FFFF.0029: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  133.038362][ T6383] loop9: detected capacity change from 0 to 8192
[  133.108627][ T6382] loop1: detected capacity change from 0 to 8192
[  133.127702][    T6] usb 9-1: USB disconnect, device number 2
[  133.245092][ T6397] loop9: detected capacity change from 0 to 128
[  133.260915][ T6397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  133.285846][ T6397] System zones: 1-3, 19-19, 35-36
[  133.296088][ T6397] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  133.316045][ T6397] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.373392][ T6397] EXT4-fs warning (device loop9): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  133.406325][ T6262] EXT4-fs (loop9): unmounting filesystem.
[  133.659965][ T6418] netlink: 96 bytes leftover after parsing attributes in process `syz.8.2413'.
[  133.911500][ T6431] loop8: detected capacity change from 0 to 128
[  133.932359][ T6431] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  133.944585][ T6431] System zones: 1-3, 19-19, 35-36
[  133.954013][ T6431] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  133.972287][ T6431] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  134.004407][  T343] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  134.047809][ T6431] EXT4-fs warning (device loop8): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  134.085364][ T6244] EXT4-fs (loop8): unmounting filesystem.
[  134.201159][  T343] usb 10-1: config 240 has too many interfaces: 108, using maximum allowed: 32
[  134.212395][  T343] usb 10-1: config 240 has 1 interface, different from the descriptor's value: 108
[  134.222599][  T343] usb 10-1: config 240 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.241341][  T343] usb 10-1: config 240 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.282140][  T343] usb 10-1: config 240 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  134.305441][  T343] usb 10-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  134.337912][  T343] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.706733][  T334] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  134.756763][   T59] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  134.812109][  T343] dragonrise 0003:0079:0011.002A: unknown main item tag 0x0
[  134.820087][  T343] dragonrise 0003:0079:0011.002A: unknown main item tag 0x0
[  134.827752][  T343] dragonrise 0003:0079:0011.002A: unknown main item tag 0x0
[  134.835266][  T343] dragonrise 0003:0079:0011.002A: unknown main item tag 0x0
[  134.843007][  T343] dragonrise 0003:0079:0011.002A: unknown main item tag 0x0
[  134.852738][  T343] dragonrise 0003:0079:0011.002A: hidraw0: USB HID v0.00 Device [HID 0079:0011] on usb-dummy_hcd.9-1/input0
[  134.888608][  T334] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.899613][  T334] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  134.928760][  T334] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  134.937980][  T334] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.945995][  T334] usb 4-1: Product: syz
[  134.950234][  T334] usb 4-1: Manufacturer: syz
[  134.954856][  T334] usb 4-1: SerialNumber: syz
[  134.957849][   T59] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.972276][  T334] cdc_mbim 4-1:1.0: skipping garbage
[  134.976730][   T59] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.991290][   T59] usb 3-1: config 0 interface 0 has no altsetting 0
[  134.998237][   T59] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  135.007464][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.023332][  T343] usb 10-1: USB disconnect, device number 2
[  135.029666][   T59] usb 3-1: config 0 descriptor??
[  135.173190][ T6447] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  135.569991][    T6] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0
[  135.587047][    T6] hid-generic 0000:0000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  135.639032][   T59] usb 3-1: string descriptor 0 read error: -22
[  135.782643][ T6447] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  135.802100][  T334] cdc_mbim 4-1:1.0: setting tx_max = 56
[  135.814434][  T334] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[  135.829673][  T334] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, f6:dc:72:a5:00:28
[  135.840007][   T59] uclogic 0003:256C:006D.002B: failed retrieving string descriptor #100: -71
[  135.850899][   T59] uclogic 0003:256C:006D.002B: failed retrieving pen parameters: -71
[  135.866832][   T59] uclogic 0003:256C:006D.002B: failed probing pen v1 parameters: -71
[  135.886719][   T59] uclogic 0003:256C:006D.002B: failed probing parameters: -71
[  135.894249][   T59] uclogic: probe of 0003:256C:006D.002B failed with error -71
[  135.913660][   T59] usb 3-1: USB disconnect, device number 19
[  136.010385][  T569] usb 4-1: USB disconnect, device number 15
[  136.017809][  T569] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[  136.371820][ T6479] 9pnet: p9_errstr2errno: server reported unknown error �@í0x0000000000000003
[  136.456761][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  136.456780][   T28] audit: type=1326 audit(1758192612.385:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6466 comm="syz.8.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff99198eba9 code=0x7fc00000
[  136.585307][ T6493] SELinux: security_context_str_to_sid (r) failed with errno=-22
[  136.789634][ T6504] loop2: detected capacity change from 0 to 8192
[  137.070268][ T6505] loop9: detected capacity change from 0 to 40427
[  137.103289][ T6505] F2FS-fs (loop9): invalid crc value
[  137.136034][ T6505] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  137.192180][   T28] audit: type=1400 audit(1758192613.125:1337): avc:  denied  { mounton } for  pid=6511 comm="syz.2.2450" path="/593/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  137.219555][ T6505] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  137.287454][ T6517] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2452'.
[  137.467680][ T6526] device pim6reg1 entered promiscuous mode
[  137.642472][ T6535] input: syz1 as /devices/virtual/input/input28
[  137.667164][  T343] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  137.747055][ T6539] loop9: detected capacity change from 0 to 512
[  137.811299][ T6539] Quota error (device loop9): v2_read_file_info: Free block number 1 out of range (1, 6).
[  137.828800][ T6539] EXT4-fs warning (device loop9): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  137.847618][ T6539] EXT4-fs (loop9): mount failed
[  137.857977][  T343] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.868532][  T343] usb 9-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  137.878192][  T343] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.889395][  T343] usb 9-1: config 0 descriptor??
[  138.121802][ T6565] input: syz1 as /devices/virtual/input/input29
[  138.300395][  T343] itetech 0003:258A:6A88.002D: item fetching failed at offset 5/7
[  138.316916][  T343] itetech: probe of 0003:258A:6A88.002D failed with error -22
[  138.377523][ T6580] incfs: iterate_incfs_dir / -22
[  138.382847][ T6580] incfs: iterate_incfs_dir / -22
[  138.434292][ T6582] loop3: detected capacity change from 0 to 1024
[  138.451407][ T6584] device bridge0 entered promiscuous mode
[  138.458317][ T6584] device macsec1 entered promiscuous mode
[  138.464818][ T6584] bridge0: port 3(macsec1) entered blocking state
[  138.471435][ T6584] bridge0: port 3(macsec1) entered disabled state
[  138.479639][ T6584] device bridge0 left promiscuous mode
[  138.497538][ T6582] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  138.512265][  T343] usb 9-1: USB disconnect, device number 3
[  138.529211][ T6582] ext4 filesystem being mounted at /541/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.575832][ T6582] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: comm syz.3.2480: lblock 0 mapped to illegal pblock 0 (length 1)
[  138.635544][ T6582] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  138.685762][ T6582] EXT4-fs (loop3): This should not happen!! Data will be lost
[  138.685762][ T6582] 
[  138.708719][ T6590] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #15: comm syz.3.2480: lblock 0 mapped to illegal pblock 0 (length 1)
[  138.778035][  T471] EXT4-fs (loop3): unmounting filesystem.
[  138.912398][ T6605] loop9: detected capacity change from 0 to 1024
[  138.928943][ T6605] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  138.945631][ T6605] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  138.957106][ T6605] JBD2: no valid journal superblock found
[  138.962954][ T6605] EXT4-fs (loop9): error loading journal
[  139.015661][ T6605] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2487'.
[  139.128527][ T6615] syz.9.2492 (6615) used obsolete PPPIOCDETACH ioctl
[  139.158494][ T6619] syz.8.2494[6619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.158586][ T6619] syz.8.2494[6619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  139.499484][ T6632] loop1: detected capacity change from 0 to 1024
[  139.530544][ T6632] EXT4-fs: Ignoring removed nobh option
[  139.536165][ T6632] EXT4-fs: Ignoring removed bh option
[  139.554349][ T6632] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  139.578964][ T6632] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  139.614197][ T6632] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.2501: Allocating blocks 497-513 which overlap fs metadata
[  139.628532][ T5103] Bluetooth: hci0: command 0x1003 tx timeout
[  139.634610][ T2786] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  139.642044][ T6632] EXT4-fs (loop1): pa ffff888106ccf348: logic 256, phys. 385, len 8
[  139.650123][ T6632] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  139.699710][  T283] EXT4-fs (loop1): unmounting filesystem.
[  139.707449][ T6641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6641 comm=syz.2.2504
[  139.720370][ T6641] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6641 comm=syz.2.2504
[  139.774344][  T343] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0
[  139.786553][  T343] hid-generic 0000:0000:0000.002E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  139.839009][ T6648] fido_id[6648]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  139.852650][  T569] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  139.973894][ T6662] loop2: detected capacity change from 0 to 256
[  139.991764][ T6662] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  140.032434][ T6664] loop2: detected capacity change from 0 to 1024
[  140.048531][  T569] usb 9-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.066714][  T569] usb 9-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.077047][  T569] usb 9-1: config 0 interface 0 has no altsetting 0
[  140.083863][  T569] usb 9-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  140.093428][  T569] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.094318][ T6664] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  140.110867][  T569] usb 9-1: config 0 descriptor??
[  140.162146][  T285] EXT4-fs (loop2): unmounting filesystem.
[  140.183441][ T6677] loop2: detected capacity change from 0 to 256
[  140.186878][  T343] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  140.225942][  T334] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0
[  140.238084][  T334] hid-generic 0000:0000:0000.002F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  140.281802][   T28] audit: type=1400 audit(1758192616.215:1338): avc:  denied  { create } for  pid=6684 comm="syz.9.2524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  140.315680][   T28] audit: type=1400 audit(1758192616.215:1339): avc:  denied  { sys_admin } for  pid=6684 comm="syz.9.2524" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  140.397935][  T343] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.416984][  T343] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  140.428424][  T343] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  140.445235][ T6692] loop9: detected capacity change from 0 to 8192
[  140.461889][  T343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  140.474785][  T343] usb 2-1: SerialNumber: syz
[  140.487721][  T343] usb 2-1: 0:2 : does not exist
[  140.745710][  T569] usb 9-1: string descriptor 0 read error: -22
[  140.892215][  T343] usb 2-1: USB disconnect, device number 17
[  140.946220][  T569] uclogic 0003:256C:006D.0030: failed retrieving string descriptor #100: -71
[  140.963400][  T569] uclogic 0003:256C:006D.0030: failed retrieving pen parameters: -71
[  140.976454][  T569] uclogic 0003:256C:006D.0030: failed probing pen v1 parameters: -71
[  140.985571][  T569] uclogic 0003:256C:006D.0030: failed probing parameters: -71
[  140.997858][  T569] uclogic: probe of 0003:256C:006D.0030 failed with error -71
[  141.007428][  T569] usb 9-1: USB disconnect, device number 4
[  141.482480][ T6775] loop1: detected capacity change from 0 to 512
[  141.573889][ T6785] loop8: detected capacity change from 0 to 1024
[  141.586771][  T343] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  141.615701][ T6785] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  141.629315][ T6785] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.670687][ T6785] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #15: comm syz.8.2537: lblock 0 mapped to illegal pblock 0 (length 1)
[  141.701253][ T6785] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  141.720766][ T6781] loop2: detected capacity change from 0 to 40427
[  141.722732][ T6785] EXT4-fs (loop8): This should not happen!! Data will be lost
[  141.722732][ T6785] 
[  141.734740][ T6781] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  141.747240][ T6781] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  141.755751][   T28] audit: type=1400 audit(1758192617.685:1340): avc:  denied  { read } for  pid=6790 comm="syz.9.2540" name="binder1" dev="binder" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  141.769782][ T6789] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #15: comm syz.8.2537: lblock 0 mapped to illegal pblock 0 (length 1)
[  141.780211][   T28] audit: type=1400 audit(1758192617.715:1341): avc:  denied  { open } for  pid=6790 comm="syz.9.2540" path="/dev/binderfs/binder1" dev="binder" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  141.819904][ T6781] F2FS-fs (loop2): invalid crc value
[  141.831781][  T343] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.840154][ T6781] F2FS-fs (loop2): Found nat_bits in checkpoint
[  141.848217][  T343] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.849860][ T6244] EXT4-fs (loop8): unmounting filesystem.
[  141.879117][  T343] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.889392][  T343] usb 4-1: config 0 interface 0 has no altsetting 0
[  141.896200][  T343] usb 4-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.00
[  141.905712][  T343] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.913820][ T6781] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  141.920993][ T6781] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  141.930069][  T343] usb 4-1: config 0 descriptor??
[  142.154171][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.154199][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.162002][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.169720][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.177386][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.185107][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.193847][ T6781] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  142.340546][  T343] kye 0003:0458:5015.0031: unknown main item tag 0x1
[  142.355471][  T343] kye 0003:0458:5015.0031: hidraw0: USB HID v0.04 Device [HID 0458:5015] on usb-dummy_hcd.3-1/input0
[  142.366446][  T343] kye 0003:0458:5015.0031: tablet-enabling feature report not found
[  142.374496][  T343] kye 0003:0458:5015.0031: tablet enabling failed
[  142.406631][ T6800] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6800 comm=syz.8.2542
[  142.419856][ T6800] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6800 comm=syz.8.2542
[  142.449805][ T6808] syz.2.2544[6808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.449909][ T6808] syz.2.2544[6808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.488182][ T6806] loop8: detected capacity change from 0 to 8192
[  142.565794][  T569] usb 4-1: USB disconnect, device number 16
[  142.827112][  T343] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  143.017907][  T343] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.029253][  T343] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.039357][  T343] usb 10-1: config 0 interface 0 has no altsetting 0
[  143.046088][  T343] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  143.055408][  T343] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.067517][  T343] usb 10-1: config 0 descriptor??
[  143.088705][ T6823] loop8: detected capacity change from 0 to 512
[  143.089102][ T6825] syz.3.2548[6825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.095188][ T6825] syz.3.2548[6825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.120760][ T6823] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  143.141240][ T6823] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.180873][ T6244] EXT4-fs (loop8): unmounting filesystem.
[  143.222395][ T6832] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2562'.
[  143.274601][ T6841] loop3: detected capacity change from 0 to 256
[  143.284344][   T28] audit: type=1400 audit(1758192619.215:1342): avc:  denied  { watch } for  pid=6839 comm="syz.3.2555" path="/556/file1/file0" dev="loop3" ino=1048761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  143.371541][ T6846] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2558'.
[  143.407850][ T6849] loop1: detected capacity change from 0 to 1024
[  143.414669][ T6849] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.438539][ T6849] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  143.460570][  T283] EXT4-fs (loop1): unmounting filesystem.
[  143.477401][   T59] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  143.484738][ T6860] loop2: detected capacity change from 0 to 512
[  143.491631][ T6859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2573'.
[  143.531147][ T6862] loop1: detected capacity change from 0 to 1024
[  143.542340][ T6862] EXT4-fs: Ignoring removed bh option
[  143.550335][ T6862] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  143.562483][ T6862] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.2564: lblock 2 mapped to illegal pblock 2 (length 1)
[  143.569466][ T6872] loop3: detected capacity change from 0 to 256
[  143.577177][ T6862] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  143.591657][ T6862] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.2564: lblock 0 mapped to illegal pblock 48 (length 1)
[  143.606613][ T6862] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  143.615738][ T6862] EXT4-fs error (device loop1): ext4_acquire_dquot:6801: comm syz.1.2564: Failed to acquire dquot type 0
[  143.629985][ T6862] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5917: Corrupt filesystem
[  143.639994][ T6862] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.2564: mark_inode_dirty error
[  143.652465][ T6862] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  143.665513][ T6862] EXT4-fs (loop1): 1 orphan inode deleted
[  143.671417][ T6862] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  143.680913][   T59] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.692062][  T343] usb 10-1: string descriptor 0 read error: -22
[  143.703904][   T59] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  143.713311][   T59] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.722217][   T59] usb 9-1: config 0 descriptor??
[  143.727450][ T5203] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  143.742191][ T5203] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  143.751016][ T5203] EXT4-fs error (device loop1): ext4_release_dquot:6837: comm kworker/u4:7: Failed to release dquot type 0
[  143.763240][ T6862] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  143.792751][  T283] EXT4-fs (loop1): unmounting filesystem.
[  143.893030][  T343] uclogic 0003:256C:006D.0032: failed retrieving string descriptor #100: -71
[  143.902079][  T343] uclogic 0003:256C:006D.0032: failed retrieving pen parameters: -71
[  143.910586][  T343] uclogic 0003:256C:006D.0032: failed probing pen v1 parameters: -71
[  143.920630][  T343] uclogic 0003:256C:006D.0032: failed probing parameters: -71
[  143.928490][  T343] uclogic: probe of 0003:256C:006D.0032 failed with error -71
[  143.937750][  T343] usb 10-1: USB disconnect, device number 3
[  143.938205][ T2327] udevd[2327]: failed to send result of seq 12936 to main daemon: Connection refused
[  143.953386][  T569] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  144.137242][   T59] keytouch 0003:0926:3333.0033: fixing up Keytouch IEC report descriptor
[  144.137807][  T569] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.148010][   T59] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.0033/input/input30
[  144.164013][  T569] usb 4-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  144.176101][  T569] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.184896][  T569] usb 4-1: config 0 descriptor??
[  144.239185][   T59] keytouch 0003:0926:3333.0033: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0
[  144.421541][   T28] audit: type=1400 audit(1758192620.355:1343): avc:  denied  { ioctl } for  pid=6887 comm="syz.9.2574" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  144.447281][   T28] audit: type=1400 audit(1758192620.355:1344): avc:  denied  { set_context_mgr } for  pid=6887 comm="syz.9.2574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  144.578053][ T6904] loop9: detected capacity change from 0 to 256
[  144.588010][ T6904] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  144.600479][ T6904] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  144.610767][  T569] itetech 0003:258A:6A88.0034: item fetching failed at offset 5/7
[  144.618978][  T569] itetech: probe of 0003:258A:6A88.0034 failed with error -22
[  144.685824][  T343] usb 9-1: USB disconnect, device number 5
[  144.791689][ T6918] device bridge0 entered promiscuous mode
[  144.797553][ T6918] device macsec1 entered promiscuous mode
[  144.807427][ T6918] bridge0: port 4(macsec1) entered blocking state
[  144.814027][ T6918] bridge0: port 4(macsec1) entered disabled state
[  144.829684][    T6] usb 4-1: USB disconnect, device number 17
[  144.836072][ T6918] device bridge0 left promiscuous mode
[  145.235961][ T6935] loop9: detected capacity change from 0 to 40427
[  145.261584][ T6935] F2FS-fs (loop9): invalid crc value
[  145.297657][ T6935] F2FS-fs (loop9): Found nat_bits in checkpoint
[  145.318843][ T6949] loop8: detected capacity change from 0 to 256
[  145.348453][ T6949] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  145.388884][ T6953] loop2: detected capacity change from 0 to 1024
[  145.395625][ T6953] EXT4-fs: Ignoring removed bh option
[  145.421804][ T6935] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  145.431986][ T6956] device bridge0 entered promiscuous mode
[  145.447211][ T6956] device macsec1 entered promiscuous mode
[  145.453077][   T28] audit: type=1400 audit(1758192621.385:1345): avc:  denied  { write } for  pid=6933 comm="syz.9.2597" name="file1" dev="loop9" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  145.476081][ T6262] syz-executor: attempt to access beyond end of device
[  145.476081][ T6262] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.496278][ T6956] bridge0: port 3(macsec1) entered blocking state
[  145.503140][ T6956] bridge0: port 3(macsec1) entered disabled state
[  145.509872][ T6262] syz-executor: attempt to access beyond end of device
[  145.509872][ T6262] loop9: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  145.510531][ T6953] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  145.547025][   T28] audit: type=1400 audit(1758192621.385:1346): avc:  denied  { add_name } for  pid=6933 comm="syz.9.2597" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  145.577822][ T6956] device bridge0 left promiscuous mode
[  145.602054][ T6958] loop3: detected capacity change from 0 to 8192
[  145.695013][ T6963] loop8: detected capacity change from 0 to 256
[  145.725394][ T6953] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #12: block 7: comm syz.2.2604: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  145.753571][ T6953] EXT4-fs (loop2): Remounting filesystem read-only
[  145.799055][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  145.831252][ T6965] loop8: detected capacity change from 0 to 8192
[  145.913880][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  145.924180][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  145.983173][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.000576][  T285] EXT4-fs error (device loop2): empty_inline_dir:1877: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  146.061035][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.077047][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.116834][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  146.147215][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.163581][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  146.224451][ T6981] loop8: detected capacity change from 0 to 512
[  146.237770][ T5900] device bridge_slave_1 left promiscuous mode
[  146.244165][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.251052][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.267213][  T285] EXT4-fs error (device loop2): empty_inline_dir:1877: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  146.287438][ T5900] device bridge_slave_0 left promiscuous mode
[  146.293168][ T6922] loop1: detected capacity change from 0 to 262144
[  146.293604][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.301429][ T6922] F2FS-fs (loop1): invalid crc value
[  146.307693][  T343] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  146.321828][ T6981] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  146.326948][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.331231][ T6981] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.337625][    T6] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  146.355321][ T5900] device veth1_macvtap left promiscuous mode
[  146.362421][ T6922] F2FS-fs (loop1): Found nat_bits in checkpoint
[  146.362710][ T6981] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.2617: corrupted inode contents
[  146.368938][ T5900] device veth0_vlan left promiscuous mode
[  146.387228][ T6981] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #2: comm syz.8.2617: mark_inode_dirty error
[  146.396799][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.413367][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  146.436178][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.436423][ T6981] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.2617: corrupted inode contents
[  146.442844][  T285] EXT4-fs error (device loop2): ext4_read_inline_dir:1593: inode #12: block 7: comm syz-executor: path /635/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  146.455580][  T285] EXT4-fs (loop2): Remounting filesystem read-only
[  146.477588][ T6981] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.2617: mark_inode_dirty error
[  146.495085][ T6922] F2FS-fs (loop1): Start checkpoint disabled!
[  146.501391][  T285] EXT4-fs error (device loop2): empty_inline_dir:1877: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0
[  146.523879][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.539304][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.540330][ T6922] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  146.561862][  T343] usb 4-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  146.576397][  T343] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.583924][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.585085][  T343] usb 4-1: Product: syz
[  146.600111][ T6244] EXT4-fs (loop8): unmounting filesystem.
[  146.603438][  T343] usb 4-1: Manufacturer: syz
[  146.613522][  T343] usb 4-1: SerialNumber: syz
[  146.618991][  T343] usb 4-1: config 0 descriptor??
[  146.627855][    T6] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.640466][    T6] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  146.650289][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.650298][    T6] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.651173][    T6] usb 10-1: config 0 descriptor??
[  146.681978][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.697438][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.713262][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  146.728402][  T285] EXT4-fs warning (device loop2): empty_inline_dir:1884: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60
[  147.083238][    T6] keytouch 0003:0926:3333.0035: fixing up Keytouch IEC report descriptor
[  147.108106][    T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.0035/input/input31
[  147.168788][ T6488] bridge0: port 3(syz_tun) entered disabled state
[  147.176907][ T6488] device syz_tun left promiscuous mode
[  147.182408][ T6488] bridge0: port 3(syz_tun) entered disabled state
[  147.210028][    T6] keytouch 0003:0926:3333.0035: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[  147.460469][ T6999] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.467743][ T6999] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.475385][ T6999] device bridge_slave_0 entered promiscuous mode
[  147.476936][ T1172] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  147.483873][ T6999] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.496711][ T6999] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.504338][ T6999] device bridge_slave_1 entered promiscuous mode
[  147.580668][ T6999] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.587804][ T6999] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.595638][ T6999] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.602728][ T6999] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.627405][   T19] usb 10-1: USB disconnect, device number 4
[  147.633773][  T343] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  147.644863][  T343] asix: probe of 4-1:0.0 failed with error -71
[  147.653854][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  147.661810][ T5238] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.663246][  T343] usb 4-1: USB disconnect, device number 18
[  147.675010][ T5238] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.684364][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  147.692486][ T1172] usb 2-1: Using ep0 maxpacket: 16
[  147.692758][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.699294][ T1172] usb 2-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  147.704710][ T5238] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.714937][ T1172] usb 2-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  147.731858][ T1172] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  147.745189][ T1172] usb 2-1: config 1 interface 0 has no altsetting 0
[  147.755478][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  147.764055][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.764727][ T1172] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  147.771158][ T5238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.772187][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  147.783951][ T1172] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.797049][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  147.811256][ T1172] usb 2-1: Product: syz
[  147.815486][ T1172] usb 2-1: Manufacturer: syz
[  147.820212][ T1172] usb 2-1: SerialNumber: syz
[  147.829478][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.842668][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  147.851323][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  147.859025][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  147.871226][ T6999] device veth0_vlan entered promiscuous mode
[  147.882542][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  147.890934][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  147.900504][ T6999] device veth1_macvtap entered promiscuous mode
[  147.913819][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  147.921707][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  147.930309][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.940172][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.948715][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  148.028257][ T1172] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  148.109542][ T7012] loop4: detected capacity change from 0 to 40427
[  148.116574][ T7012] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  148.124517][ T7012] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  148.133780][ T7012] F2FS-fs (loop4): invalid crc value
[  148.139643][ T5900] device bridge_slave_1 left promiscuous mode
[  148.145882][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.151741][ T7012] F2FS-fs (loop4): Found nat_bits in checkpoint
[  148.164921][ T5900] device bridge_slave_0 left promiscuous mode
[  148.171530][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.179916][ T5900] device veth1_macvtap left promiscuous mode
[  148.186081][ T5900] device veth0_vlan left promiscuous mode
[  148.196322][ T7012] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  148.203547][ T7012] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  148.237765][ T7012] syz.4.2622: attempt to access beyond end of device
[  148.237765][ T7012] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  148.277532][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  148.277551][   T28] audit: type=1400 audit(1758192624.215:1362): avc:  denied  { setopt } for  pid=7022 comm="syz.9.2634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  148.328403][ T6999] syz-executor: attempt to access beyond end of device
[  148.328403][ T6999] loop4: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  148.334397][   T28] audit: type=1400 audit(1758192624.255:1363): avc:  denied  { mount } for  pid=7026 comm="syz.9.2626" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  148.342934][ T6999] F2FS-fs (loop4): Issue discard(5637, 5637, 1) failed, ret: -5
[  148.366750][   T28] audit: type=1400 audit(1758192624.255:1364): avc:  denied  { unmount } for  pid=7026 comm="syz.9.2626" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  148.394187][ T7025] netlink: 184 bytes leftover after parsing attributes in process `syz.3.2624'.
[  148.503658][ T7035] loop8: detected capacity change from 0 to 256
[  148.509110][ T7033] loop4: detected capacity change from 0 to 8192
[  148.686724][ T1172] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  148.726514][ T7040] loop4: detected capacity change from 0 to 40427
[  148.733475][ T7040] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  148.741259][ T7040] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  148.750583][ T7040] F2FS-fs (loop4): invalid crc value
[  148.757565][ T7040] F2FS-fs (loop4): Found nat_bits in checkpoint
[  148.786810][ T7040] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  148.794079][ T7040] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  148.806761][   T19] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  148.808846][   T28] audit: type=1400 audit(1758192624.745:1365): avc:  denied  { read } for  pid=7039 comm="syz.4.2631" name="file0" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  148.877858][ T1172] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.889879][ T1172] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  148.899483][ T1172] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.908752][ T1172] usb 10-1: config 0 descriptor??
[  148.930339][   T28] audit: type=1400 audit(1758192624.865:1366): avc:  denied  { mounton } for  pid=7047 comm="syz.4.2635" path="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  148.934934][ T7048] overlayfs: failed to clone lowerpath
[  148.988866][   T19] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.999987][   T19] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  149.000120][   T28] audit: type=1400 audit(1758192624.935:1367): avc:  denied  { read } for  pid=7051 comm="syz.4.2637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  149.010958][   T19] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  149.041494][   T19] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  149.050630][   T19] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.058687][   T19] usb 9-1: Product: syz
[  149.062896][   T19] usb 9-1: Manufacturer: syz
[  149.067571][   T19] usb 9-1: SerialNumber: syz
[  149.147645][ T7064] incfs: Options parsing error. -22
[  149.153030][ T7064] incfs: mount failed -22
[  149.177506][ T7068] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2644'.
[  149.201980][ T7070] device bridge0 entered promiscuous mode
[  149.207929][ T7070] device macsec3 entered promiscuous mode
[  149.214149][ T7070] bridge0: port 3(macsec3) entered blocking state
[  149.220661][ T7070] bridge0: port 3(macsec3) entered disabled state
[  149.229102][ T7070] device bridge0 left promiscuous mode
[  149.296200][ T7072] loop3: detected capacity change from 0 to 512
[  149.308833][ T7072] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  149.318132][ T7072] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.319030][ T1172] keytouch 0003:0926:3333.0036: fixing up Keytouch IEC report descriptor
[  149.339694][ T1172] input: HID 0926:3333 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:0926:3333.0036/input/input32
[  149.341743][   T28] audit: type=1400 audit(1758192625.275:1368): avc:  denied  { write } for  pid=7071 comm="syz.3.2646" name="file1" dev="overlay" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.374317][   T28] audit: type=1400 audit(1758192625.285:1369): avc:  denied  { open } for  pid=7071 comm="syz.3.2646" name="file1" dev="overlay" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.376869][ T7072] syz.3.2646 (7072) used greatest stack depth: 20544 bytes left
[  149.397255][   T28] audit: type=1400 audit(1758192625.285:1370): avc:  denied  { setattr } for  pid=7071 comm="syz.3.2646" name="#20" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.427045][ T2137] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  149.435361][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.446468][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.449009][ T1172] keytouch 0003:0926:3333.0036: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.9-1/input0
[  149.457653][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.480201][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.491154][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.501989][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.512929][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.523915][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.535897][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.547796][  T471] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  149.594943][ T6602] EXT4-fs (loop3): unmounting filesystem.
[  149.606715][ T2137] usb 5-1: Using ep0 maxpacket: 16
[  149.613873][ T2137] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  149.623000][ T2137] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  149.633411][ T2137] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  149.645155][ T2137] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  149.654335][ T2137] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.662969][ T2137] usb 5-1: Product: syz
[  149.667497][ T2137] usb 5-1: Manufacturer: syz
[  149.672209][ T2137] usb 5-1: SerialNumber: syz
[  149.855343][ T7077] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.862661][ T7077] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.872053][ T7077] device bridge_slave_0 entered promiscuous mode
[  149.882153][ T7077] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.890183][ T7077] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.892158][  T569] usb 10-1: USB disconnect, device number 5
[  149.898341][ T7077] device bridge_slave_1 entered promiscuous mode
[  150.010384][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  150.018317][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.030848][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  150.039734][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.048343][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.055432][ T5900] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.063089][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  150.075592][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  150.081385][   T19] cdc_ncm 9-1:1.0: bind() failure
[  150.084127][ T2137] usb 5-1: 0:2 : does not exist
[  150.090323][   T19] cdc_ncm: probe of 9-1:1.1 failed with error -71
[  150.094577][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  150.100760][   T19] cdc_mbim: probe of 9-1:1.1 failed with error -71
[  150.109107][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.117832][   T19] usb 9-1: USB disconnect, device number 6
[  150.122019][ T5900] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.142821][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  150.151279][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  150.167440][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  150.177494][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  150.191027][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  150.201186][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  150.209173][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  150.213707][   T59] usb 2-1: USB disconnect, device number 18
[  150.222886][ T5238] device bridge_slave_1 left promiscuous mode
[  150.230091][ T5238] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.235764][   T59] usblp0: removed
[  150.242160][ T5238] device bridge_slave_0 left promiscuous mode
[  150.248684][ T5238] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.256966][ T5238] device dummy0 left promiscuous mode
[  150.262396][ T5238] device veth1_macvtap left promiscuous mode
[  150.268537][ T5238] device veth0_vlan left promiscuous mode
[  150.373243][ T7077] device veth0_vlan entered promiscuous mode
[  150.385265][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  150.395072][ T7077] device veth1_macvtap entered promiscuous mode
[  150.405422][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  150.414345][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  150.424279][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  150.435694][ T5900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  150.454844][   T28] audit: type=1400 audit(1758192626.385:1371): avc:  denied  { execute_no_trans } for  pid=7089 comm="syz.9.2651" path="/68/file0" dev="tmpfs" ino=370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  150.527450][ T7102] incfs: Options parsing error. -22
[  150.532813][ T7102] incfs: mount failed -22
[  150.557772][ T7104] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2656'.
[  150.566847][ T7104] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2656'.
[  150.591950][ T7106] device bridge0 entered promiscuous mode
[  150.597881][ T7106] device macsec1 entered promiscuous mode
[  150.604185][ T7106] bridge0: port 3(macsec1) entered blocking state
[  150.610983][ T7106] bridge0: port 3(macsec1) entered disabled state
[  150.619371][ T7106] device bridge0 left promiscuous mode
[  150.698726][ T2137] usb 5-1: 1:0: failed to get current value for ch 0 (-22)
[  150.718795][ T2137] usb 5-1: USB disconnect, device number 5
[  150.780154][ T7126] loop0: detected capacity change from 0 to 512
[  150.817714][ T7126] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  150.830037][ T7126] ext4 filesystem being mounted at /7/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.862194][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  150.931686][ T7136] incfs: Options parsing error. -22
[  150.952875][ T7136] incfs: mount failed -22
[  151.486777][   T59] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  151.678008][   T59] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.688953][   T59] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  151.699760][   T59] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  151.711198][   T59] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  151.720321][   T59] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.728337][   T59] usb 5-1: Product: syz
[  151.732491][   T59] usb 5-1: Manufacturer: syz
[  151.737176][   T59] usb 5-1: SerialNumber: syz
[  152.746205][   T59] cdc_ncm 5-1:1.0: bind() failure
[  152.752425][   T59] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  152.759294][   T59] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  152.766962][   T59] usb 5-1: USB disconnect, device number 6
[  153.268174][ T7152] loop1: detected capacity change from 0 to 128
[  153.301648][ T7156] device bridge0 entered promiscuous mode
[  153.308993][ T7156] device macsec1 entered promiscuous mode
[  153.318169][ T7156] bridge0: port 3(macsec1) entered blocking state
[  153.324774][ T7156] bridge0: port 3(macsec1) entered disabled state
[  153.337747][ T7156] device bridge0 left promiscuous mode
[  153.370430][ T7162] loop1: detected capacity change from 0 to 256
[  153.391875][ T7162] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  153.450875][ T7171] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2686'.
[  153.504979][ T7181] loop4: detected capacity change from 0 to 16
[  153.526138][ T7181] erofs: (device loop4): mounted with root inode @ nid 36.
[  153.550043][   T28] audit: type=1400 audit(1758192629.485:1372): avc:  denied  { map } for  pid=7180 comm="syz.4.2690" path="/14/file3/file2" dev="loop4" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  153.576002][ T7181] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89
[  153.597766][   T46] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  153.609799][ T7181] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  153.636937][ T7181] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  154.358926][ T7181] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  154.412736][ T7181] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  154.559046][ T7211] loop0: detected capacity change from 0 to 512
[  154.577365][ T7209] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2705'.
[  154.638754][ T7211] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  154.656881][ T7211] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  154.707707][ T7211] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #2: comm syz.0.2706: corrupted inode contents
[  154.778043][ T7211] EXT4-fs error (device loop0): ext4_dirty_inode:6121: inode #2: comm syz.0.2706: mark_inode_dirty error
[  154.817194][ T7211] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #2: comm syz.0.2706: corrupted inode contents
[  154.858233][ T7226] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.888054][ T7226] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.895711][ T7226] device bridge_slave_0 entered promiscuous mode
[  154.922719][ T7211] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.2706: mark_inode_dirty error
[  154.944854][ T7226] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.964024][ T7226] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.983551][ T7226] device bridge_slave_1 entered promiscuous mode
[  154.991370][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  155.175398][ T7226] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.182525][ T7226] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.189896][ T7226] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.196964][ T7226] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.269098][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  155.277407][ T1172] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  155.285177][ T5238] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.293440][ T5238] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.305214][ T5900] device bridge_slave_1 left promiscuous mode
[  155.314804][ T5900] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.330436][ T5900] device bridge_slave_0 left promiscuous mode
[  155.336637][ T5900] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.344721][ T5900] device veth1_macvtap left promiscuous mode
[  155.351000][ T5900] device veth0_vlan left promiscuous mode
[  155.373628][ T7269] loop0: detected capacity change from 0 to 1024
[  155.380437][ T7269] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.392586][ T7271] loop1: detected capacity change from 0 to 512
[  155.400802][ T7271] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.407595][ T7271] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.414754][ T7271] EXT4-fs (loop1): Test dummy encryption mode enabled
[  155.421927][ T7271] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.427376][ T7269] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  155.447885][ T7271] EXT4-fs (loop1): 1 truncate cleaned up
[  155.453712][ T7271] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  155.466738][ T1172] usb 9-1: Using ep0 maxpacket: 16
[  155.470241][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  155.473035][ T7271] fscrypt: AES-256-XTS using blk-crypto-fallback
[  155.484399][ T1172] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  155.501108][ T7277] loop0: detected capacity change from 0 to 512
[  155.508824][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  155.521020][ T1172] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  155.531940][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.539217][ T5238] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.546880][ T1172] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  155.547223][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  155.565124][ T7277] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  155.574488][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.574677][ T1172] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  155.581589][ T5238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.598183][ T7277] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.614354][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  155.623130][ T5238] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  155.632772][ T5340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  155.639271][ T1172] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.647595][ T5340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  155.652913][ T1172] usb 9-1: Product: syz
[  155.670259][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  155.686035][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  155.694539][ T1172] usb 9-1: Manufacturer: syz
[  155.705291][ T7226] device veth0_vlan entered promiscuous mode
[  155.709142][ T1172] usb 9-1: SerialNumber: syz
[  155.712392][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  155.724409][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  155.735178][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  155.747106][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  155.756149][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  155.772855][ T7226] device veth1_macvtap entered promiscuous mode
[  155.786591][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  155.796536][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  155.821637][ T5954] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  155.833696][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  155.843329][ T7285] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2730'.
[  155.843645][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  155.870645][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  155.879222][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  155.891251][ T7285] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2730'.
[  155.951553][ T7292] tipc: Started in network mode
[  155.972841][ T7292] tipc: Node identity ac1414aa, cluster identity 4711
[  155.977610][ T7298] loop0: detected capacity change from 0 to 128
[  155.988956][ T7292] tipc: Enabled bearer <udp:syz2>, priority 10
[  155.991477][ T7298] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fff0000)
[  156.007021][ T7298] FAT-fs (loop0): Filesystem has been set read-only
[  156.025689][ T7298] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fff0000)
[  156.140746][ T1172] usb 9-1: 0:2 : does not exist
[  156.294632][ T7332] loop4: detected capacity change from 0 to 16
[  156.301633][ T7332] erofs: (device loop4): mounted with root inode @ nid 36.
[  156.302218][  T283] EXT4-fs (loop1): unmounting filesystem.
[  156.328712][ T7336] loop4: detected capacity change from 0 to 512
[  156.328712][ T7335] loop1: detected capacity change from 0 to 512
[  156.331730][ T7335] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.2752: iget: bad i_size value: 38620345925642
[  156.342063][ T7336] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  156.355254][ T7335] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2752: couldn't read orphan inode 15 (err -117)
[  156.363245][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  156.376962][ T7335] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  156.393546][ T7336] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  156.398621][ T7335] fscrypt (loop1, inode 18): Unsupported encryption modes (contents 0, filenames 0)
[  156.401744][ T7336] System zones: 0-2, 18-18, 34-34
[  156.417795][ T7336] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  156.426965][ T7336] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.430384][  T283] EXT4-fs (loop1): unmounting filesystem.
[  156.453925][   T28] audit: type=1400 audit(1758192632.385:1373): avc:  denied  { bind } for  pid=7340 comm="syz.1.2754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  156.482029][ T6999] EXT4-fs (loop4): unmounting filesystem.
[  156.489366][   T28] audit: type=1400 audit(1758192632.415:1374): avc:  denied  { write } for  pid=7340 comm="syz.1.2754" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  156.527489][ T7350] incfs: Backing dir is not set, filesystem can't be mounted.
[  156.535243][ T7350] incfs: mount failed -2
[  156.563259][ T7354] loop1: detected capacity change from 0 to 256
[  156.570827][   T24] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  156.582437][   T24] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  156.599748][ T7353] loop4: detected capacity change from 0 to 8192
[  156.599855][   T24] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  156.617096][   T24] usb 1-1: config 220 has no interface number 2
[  156.623465][   T24] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  156.632624][ T7356] serio: Serial port ttyS3
[  156.637284][   T24] usb 1-1: config 220 interface 0 has no altsetting 0
[  156.648233][   T24] usb 1-1: config 220 interface 76 has no altsetting 0
[  156.655191][   T24] usb 1-1: config 220 interface 1 has no altsetting 0
[  156.672421][   T24] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  156.681632][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.697956][   T24] usb 1-1: Product: syz
[  156.702184][   T24] usb 1-1: Manufacturer: syz
[  156.708651][   T24] usb 1-1: SerialNumber: syz
[  156.710338][ T7363] syz.4.2763[7363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.713463][ T7363] syz.4.2763[7363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.759949][ T1172] usb 9-1: 1:0: failed to get current value for ch 0 (-22)
[  156.785064][ T1172] usb 9-1: USB disconnect, device number 7
[  156.920167][   T24] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  156.926883][   T24] usb 1-1: No valid video chain found.
[  156.932564][   T24] usb 1-1: selecting invalid altsetting 0
[  156.941346][   T24] usb 1-1: USB disconnect, device number 9
[  156.962751][ T7375] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  156.976975][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  156.985420][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  156.994032][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  157.002602][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  157.011191][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  157.019798][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  157.028583][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  157.037227][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  157.106719][ T2137] tipc: Node number set to 2886997162
[  157.526259][ T7405] loop4: detected capacity change from 0 to 256
[  157.583893][ T7411] loop4: detected capacity change from 0 to 128
[  157.755129][ T7428] device vlan2 entered promiscuous mode
[  157.760857][ T7428] device veth0 entered promiscuous mode
[  157.791834][   T28] audit: type=1326 audit(1758192633.785:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7432 comm="syz.0.2793" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0243f8eba9 code=0x0
[  157.844458][ T7401] loop8: detected capacity change from 0 to 131072
[  157.854029][ T7401] F2FS-fs (loop8): Found nat_bits in checkpoint
[  157.888786][ T7401] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  157.911530][ T7401] F2FS-fs (loop8): lookup inode (7) has corrupted xattr
[  157.919843][ T7401] F2FS-fs (loop8): lookup inode (7) has corrupted xattr
[  158.426749][ T2137] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  158.608001][ T2137] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.619260][ T2137] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  158.646125][ T7475] loop0: detected capacity change from 0 to 512
[  158.646920][ T2137] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  158.661668][ T2137] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.667388][ T7475] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  158.672427][ T2137] usb 9-1: Product: syz
[  158.685329][   T28] audit: type=1400 audit(1758192634.675:1376): avc:  denied  { mounton } for  pid=7473 comm="syz.0.2810" path="/32/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  158.705295][ T7481] input: syz0 as /devices/virtual/input/input33
[  158.708509][ T2137] usb 9-1: Manufacturer: syz
[  158.714794][   T28] audit: type=1400 audit(1758192634.675:1377): avc:  denied  { add_name } for  pid=7473 comm="syz.0.2810" name="file1" dev="overlay" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  158.719862][ T2137] usb 9-1: SerialNumber: syz
[  158.741952][   T28] audit: type=1400 audit(1758192634.675:1378): avc:  denied  { link } for  pid=7473 comm="syz.0.2810" name="file1" dev="overlay" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  158.758940][ T2137] cdc_mbim 9-1:1.0: skipping garbage
[  158.769903][   T28] audit: type=1400 audit(1758192634.675:1379): avc:  denied  { link } for  pid=7473 comm="syz.0.2810" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  158.797568][   T28] audit: type=1400 audit(1758192634.675:1380): avc:  denied  { unlink } for  pid=7077 comm="syz-executor" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  158.822051][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  158.889294][ T7493] incfs: iterate_incfs_dir / -22
[  158.959889][ T7455] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  159.026481][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2833'.
[  159.075495][ T7532] loop4: detected capacity change from 0 to 512
[  159.100223][ T7532] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  159.109470][ T7532] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  159.125577][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #2: comm syz.4.2837: corrupted inode contents
[  159.138359][ T7532] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #2: comm syz.4.2837: mark_inode_dirty error
[  159.150460][ T7532] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #2: comm syz.4.2837: corrupted inode contents
[  159.162861][ T7532] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.2837: mark_inode_dirty error
[  159.187123][ T6999] EXT4-fs (loop4): unmounting filesystem.
[  159.232816][   T28] audit: type=1400 audit(1758192635.225:1381): avc:  denied  { ioctl } for  pid=7551 comm="syz.4.2846" path="socket:[48541]" dev="sockfs" ino=48541 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  159.258086][   T28] audit: type=1400 audit(1758192635.225:1382): avc:  denied  { read } for  pid=7551 comm="syz.4.2846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  159.366781][ T1172] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  159.386338][ T7566] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2852'.
[  159.425453][ T7570] SELinux:  Context Ü is not valid (left unmapped).
[  159.549022][ T1172] usb 7-1: config 0 has no interfaces?
[  159.555976][ T1172] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.577004][ T1172] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.581439][ T7455] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  159.585348][ T1172] usb 7-1: Product: syz
[  159.599323][ T1172] usb 7-1: Manufacturer: syz
[  159.599570][ T2137] cdc_mbim 9-1:1.0: cdc-wdm0: USB WDM device
[  159.604108][ T1172] usb 7-1: SerialNumber: syz
[  159.622859][ T2137] cdc_mbim 9-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.8-1, CDC MBIM, 66:9b:a6:fd:7c:6a
[  159.634211][ T1172] usb 7-1: config 0 descriptor??
[  159.769561][   T28] audit: type=1400 audit(1758192635.765:1383): avc:  denied  { mounton } for  pid=7601 comm="syz.1.2868" path="/550/file0" dev="cgroup" ino=368 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  159.859996][ T2137] usb 7-1: USB disconnect, device number 4
[  159.876411][   T24] usb 9-1: USB disconnect, device number 8
[  159.883211][   T24] cdc_mbim 9-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.8-1, CDC MBIM
[  159.958688][ T7618] loop0: detected capacity change from 0 to 8192
[  159.966245][ T7618] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  159.979207][   T28] audit: type=1400 audit(1758192635.975:1384): avc:  denied  { watch watch_reads } for  pid=7617 comm="syz.0.2875" path="/59/file0/file0" dev="loop0" ino=1048799 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  160.418050][ T7669] loop0: detected capacity change from 0 to 256
[  160.428867][ T7669] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  160.596450][ T7688] loop0: detected capacity change from 0 to 512
[  160.603519][ T7688] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.610405][ T7688] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.617789][ T7688] EXT4-fs (loop0): Test dummy encryption mode enabled
[  160.624727][ T7688] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  160.636354][ T7688] EXT4-fs (loop0): 1 truncate cleaned up
[  160.646719][ T7688] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  160.666773][ T1172] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  160.704034][ T7700] loop1: detected capacity change from 0 to 512
[  160.718262][ T7700] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  160.738190][ T7700] ext4 filesystem being mounted at /554/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.761335][ T7706] loop4: detected capacity change from 0 to 128
[  160.774912][  T283] EXT4-fs (loop1): unmounting filesystem.
[  160.779066][ T7706] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[  160.789060][ T7706] FAT-fs (loop4): Filesystem has been set read-only
[  160.833126][ T7710] syz.4.2914[7710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.833211][ T7710] syz.4.2914[7710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.856706][ T1172] usb 7-1: Using ep0 maxpacket: 32
[  160.887372][ T1172] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  160.904041][ T1172] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.916098][ T1172] usb 7-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  160.925765][ T7688] EXT4-fs (loop0): shut down requested (0)
[  160.927405][ T1172] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.940789][ T1172] usb 7-1: config 0 descriptor??
[  160.955526][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  160.962351][ T7718] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2917'.
[  160.998855][   T28] audit: type=1400 audit(1758192636.995:1385): avc:  denied  { write } for  pid=7726 comm="syz.1.2922" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  161.016791][ T2137] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  161.033488][ T7731] fuse: Unknown parameter 'fd00000000000000000000'
[  161.067189][ T7735] loop0: detected capacity change from 0 to 256
[  161.076542][ T7735] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  161.207805][ T2137] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.218868][ T2137] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.228746][ T2137] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  161.246836][ T2137] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.256091][ T2137] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.264963][ T2137] usb 9-1: config 0 descriptor??
[  161.306566][ T7751] loop0: detected capacity change from 0 to 1024
[  161.313635][  T343] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  161.313790][ T7751] EXT4-fs: Ignoring removed orlov option
[  161.338662][ T7751] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  161.350368][ T7751] EXT4-fs (loop0): shut down requested (2)
[  161.350918][ T1172] wacom 0003:056A:0315.0037: unbalanced collection at end of report description
[  161.365881][ T1172] wacom 0003:056A:0315.0037: parse failed
[  161.366462][ T7077] EXT4-fs (loop0): unmounting filesystem.
[  161.371960][ T1172] wacom: probe of 0003:056A:0315.0037 failed with error -22
[  161.497883][  T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.508968][  T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.514614][ T7756] loop0: detected capacity change from 0 to 40427
[  161.519105][  T343] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  161.527752][ T7756] F2FS-fs (loop0): invalid crc value
[  161.534584][  T343] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.549292][ T7756] F2FS-fs (loop0): Found nat_bits in checkpoint
[  161.556086][  T334] usb 7-1: USB disconnect, device number 5
[  161.556907][  T343] usb 5-1: config 0 descriptor??
[  161.596151][ T7756] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  161.631756][ T7077] syz-executor: attempt to access beyond end of device
[  161.631756][ T7077] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.673305][ T2137] plantronics 0003:047F:FFFF.0038: unknown main item tag 0xd
[  161.682273][ T2137] plantronics 0003:047F:FFFF.0038: No inputs registered, leaving
[  161.691240][ T2137] plantronics 0003:047F:FFFF.0038: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  161.769227][ T7761] loop0: detected capacity change from 0 to 256
[  161.939601][ T7784] loop0: detected capacity change from 0 to 128
[  161.948713][  T334] usb 9-1: USB disconnect, device number 9
[  161.952052][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  161.963946][ T7784] FAT-fs (loop0): Filesystem has been set read-only
[  161.970893][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  161.971841][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  161.980909][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  161.988266][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  161.995036][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  162.004567][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.010962][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  162.020265][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.027402][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  162.036358][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.042995][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  162.052114][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.058886][  T343] samsung 0003:0419:0600.0039: unknown main item tag 0x0
[  162.074983][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.083951][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.092927][  T343] samsung 0003:0419:0600.0039: hidraw0: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.4-1/input0
[  162.093056][ T7784] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[  162.141888][ T7791] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2948'.
[  162.189625][ T7797] loop1: detected capacity change from 0 to 512
[  162.197136][ T7797] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  162.220861][ T7797] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  162.233687][ T7797] EXT4-fs (loop1): shut down requested (2)
[  162.260158][  T343] usb 5-1: USB disconnect, device number 7
[  162.281001][ T7805] syz.6.2955[7805] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.281087][ T7805] syz.6.2955[7805] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.349936][ T7811] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2958'.
[  162.756771][  T343] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  162.829843][ T7838] input: syz1 as /devices/virtual/input/input35
[  162.927978][ T7842] kvm [7841]: vcpu2, guest rIP: 0x9131 ignored wrmsr: 0x11e data 0x0
[  162.967937][  T343] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.985107][  T343] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  163.007460][  T343] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  163.026792][  T343] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  163.034842][  T343] usb 9-1: SerialNumber: syz
[  163.059601][  T283] EXT4-fs (loop1): unmounting filesystem.
[  163.246717][  T334] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  163.250275][  T343] usb 9-1: 0:2 : does not exist
[  163.261289][  T343] usb 9-1: unit 48 not found!
[  163.277882][  T343] usb 9-1: USB disconnect, device number 10
[  163.381550][ T7873] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.388733][ T7873] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.396353][ T7873] device bridge_slave_0 entered promiscuous mode
[  163.406286][ T7873] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.413479][ T7873] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.421097][ T7873] device bridge_slave_1 entered promiscuous mode
[  163.446797][  T334] usb 7-1: Using ep0 maxpacket: 8
[  163.453046][  T334] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  163.472476][  T334] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.481238][  T334] usb 7-1: config 0 descriptor??
[  163.536049][ T7873] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.543178][ T7873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.550524][ T7873] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.557607][ T7873] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.576710][ T2137] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  163.603029][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  163.611317][ T5203] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.619587][ T5203] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.636625][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  163.645170][ T5203] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.652368][ T5203] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.660149][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  163.668739][ T5203] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.675830][ T5203] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.688215][  T334] asix 7-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  163.708217][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  163.716372][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  163.735535][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  163.748147][ T5954] device bridge_slave_1 left promiscuous mode
[  163.754331][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.762478][ T5954] device bridge_slave_0 left promiscuous mode
[  163.769649][ T2137] usb 5-1: Using ep0 maxpacket: 16
[  163.775002][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.783429][ T2137] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  163.794205][ T5954] device veth1_macvtap left promiscuous mode
[  163.800278][ T2137] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  163.810311][ T5954] device veth0_vlan left promiscuous mode
[  163.820343][ T2137] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  163.856535][ T2137] usb 5-1: config 1 interface 0 has no altsetting 0
[  163.888658][ T2137] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  163.906694][ T2137] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.924976][ T2137] usb 5-1: Product: syz
[  163.929428][ T2137] usb 5-1: Manufacturer: syz
[  163.934071][ T2137] usb 5-1: SerialNumber: syz
[  164.000276][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  164.008570][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  164.018288][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  164.036584][ T7873] device veth0_vlan entered promiscuous mode
[  164.062248][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  164.079414][ T7873] device veth1_macvtap entered promiscuous mode
[  164.098786][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  164.123676][ T5203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  164.160365][ T2137] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  164.167090][ T7904] loop1: detected capacity change from 0 to 40427
[  164.181864][ T7904] F2FS-fs (loop1): invalid crc value
[  164.201769][ T7911] overlayfs: failed to resolve './bus': -2
[  164.221466][ T7904] F2FS-fs (loop1): Found nat_bits in checkpoint
[  164.259700][ T7904] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  164.292350][  T283] syz-executor: attempt to access beyond end of device
[  164.292350][  T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.507692][  T334] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  164.518163][  T334] asix: probe of 7-1:0.0 failed with error -71
[  164.529248][  T334] usb 7-1: USB disconnect, device number 6
[  164.625947][ T7943] loop1: detected capacity change from 0 to 1024
[  164.633371][ T7943] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.649471][ T7943] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  164.674559][  T283] EXT4-fs (loop1): unmounting filesystem.
[  164.690461][ T7948] loop1: detected capacity change from 0 to 256
[  164.697183][ T7948] exfat: Deprecated parameter 'namecase'
[  164.702962][ T7948] exfat: Deprecated parameter 'utf8'
[  164.711210][ T7948] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  164.968134][ T7937] loop0: detected capacity change from 0 to 131072
[  164.975826][ T7937] F2FS-fs (loop0): Invalid log sectorsize (67108873)
[  164.982648][ T7937] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  164.991737][ T7937] F2FS-fs (loop0): invalid crc value
[  164.998567][ T7937] F2FS-fs (loop0): Found nat_bits in checkpoint
[  165.029135][ T7959] loop1: detected capacity change from 0 to 1024
[  165.048630][ T7959] EXT4-fs: Ignoring removed nomblk_io_submit option
[  165.055553][ T7937] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  165.062905][ T7937] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  165.081846][ T7959] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  165.233178][ T7974] netlink: 'syz.8.3024': attribute type 3 has an invalid length.
[  165.251059][ T7970] loop6: detected capacity change from 0 to 40427
[  165.256878][ T7974] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3024'.
[  165.268932][ T7970] F2FS-fs (loop6): invalid crc value
[  165.282517][  T283] EXT4-fs (loop1): unmounting filesystem.
[  165.300450][ T7970] F2FS-fs (loop6): Found nat_bits in checkpoint
[  165.339950][ T7970] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  165.389001][ T7226] syz-executor: attempt to access beyond end of device
[  165.389001][ T7226] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  165.407098][ T7990] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3029'.
[  165.593253][ T8001] loop6: detected capacity change from 0 to 512
[  165.633710][ T8001] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  165.643148][ T8001] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.689627][ T7226] EXT4-fs (loop6): unmounting filesystem.
[  165.734791][ T7999] loop0: detected capacity change from 0 to 40427
[  165.743322][ T7999] F2FS-fs (loop0): invalid crc value
[  165.751094][ T7999] F2FS-fs (loop0): Found nat_bits in checkpoint
[  165.766708][   T24] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  165.782723][ T8013] loop6: detected capacity change from 0 to 512
[  165.790189][ T8013] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  165.795955][ T7999] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  165.838031][  T334] kernel write not supported for file bpf-prog (pid: 334 comm: kworker/1:3)
[  165.840611][ T7999] syz.0.3033: attempt to access beyond end of device
[  165.840611][ T7999] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  165.874376][ T7873] syz-executor: attempt to access beyond end of device
[  165.874376][ T7873] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  165.977833][   T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.988966][   T24] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  166.008340][   T24] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  166.019740][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.033401][   T24] usb 9-1: Product: syz
[  166.039847][   T24] usb 9-1: Manufacturer: syz
[  166.047827][   T24] usb 9-1: SerialNumber: syz
[  166.056958][   T24] cdc_mbim 9-1:1.0: skipping garbage
[  166.236745][ T2137] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  166.244467][ T8046] loop0: detected capacity change from 0 to 16
[  166.251396][ T8046] erofs: (device loop0): mounted with root inode @ nid 36.
[  166.259014][ T7995] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  166.327778][   T39] usb 5-1: USB disconnect, device number 8
[  166.343891][   T39] usblp0: removed
[  166.369913][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  166.369931][   T28] audit: type=1400 audit(1758192642.365:1391): avc:  denied  { setattr } for  pid=8058 comm="syz.4.3057" name="NETLINK" dev="sockfs" ino=51189 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  166.401681][ T8059] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3056'.
[  166.427919][ T2137] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.449284][ T2137] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.460935][ T2137] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  166.480337][ T2137] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  166.489454][ T2137] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.498512][ T2137] usb 2-1: config 0 descriptor??
[  166.806733][  T334] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  166.881277][ T7995] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  166.889305][   T24] cdc_mbim 9-1:1.0: cdc-wdm0: USB WDM device
[  166.896925][   T24] cdc_mbim 9-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.8-1, CDC MBIM, 6a:5e:25:7b:aa:3c
[  166.907676][   T39] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  166.916137][ T2137] plantronics 0003:047F:FFFF.003A: unknown main item tag 0xd
[  166.925913][ T2137] plantronics 0003:047F:FFFF.003A: No inputs registered, leaving
[  166.934646][ T2137] plantronics 0003:047F:FFFF.003A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  166.987778][  T334] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  166.996101][  T334] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  167.005015][  T334] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  167.015498][  T334] usb 7-1: config 220 has no interface number 2
[  167.021822][  T334] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  167.034983][  T334] usb 7-1: config 220 interface 0 has no altsetting 0
[  167.041795][  T334] usb 7-1: config 220 interface 76 has no altsetting 0
[  167.048708][  T334] usb 7-1: config 220 interface 1 has no altsetting 0
[  167.056860][  T334] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  167.065907][  T334] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.073973][  T334] usb 7-1: Product: syz
[  167.078234][  T334] usb 7-1: Manufacturer: syz
[  167.082892][  T334] usb 7-1: SerialNumber: syz
[  167.095303][  T343] usb 9-1: USB disconnect, device number 11
[  167.101653][  T343] cdc_mbim 9-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.8-1, CDC MBIM
[  167.121926][   T39] usb 5-1: Using ep0 maxpacket: 16
[  167.128199][   T39] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  167.141188][   T39] usb 5-1: config 0 interface 0 has no altsetting 0
[  167.148211][   T39] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  167.157444][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.166055][   T39] usb 5-1: config 0 descriptor??
[  167.189097][   T59] usb 2-1: USB disconnect, device number 19
[  167.290843][  T334] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  167.297355][  T334] usb 7-1: No valid video chain found.
[  167.302943][  T334] usb 7-1: selecting invalid altsetting 0
[  167.319097][  T334] usb 7-1: USB disconnect, device number 7
[  167.363308][ T8078] loop0: detected capacity change from 0 to 8192
[  167.401418][ T8080] loop0: detected capacity change from 0 to 256
[  167.437552][ T8084] loop0: detected capacity change from 0 to 128
[  167.574180][   T39] lenovo 0003:17EF:6047.003B: unknown main item tag 0x0
[  167.581324][   T39] lenovo 0003:17EF:6047.003B: unknown main item tag 0x0
[  167.588496][   T39] lenovo 0003:17EF:6047.003B: unknown main item tag 0x0
[  167.595537][   T39] lenovo 0003:17EF:6047.003B: unknown main item tag 0x0
[  167.602630][   T39] lenovo 0003:17EF:6047.003B: unknown main item tag 0x0
[  167.612932][   T39] lenovo 0003:17EF:6047.003B: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  167.729815][ T8098] loop0: detected capacity change from 0 to 40427
[  167.737161][ T8098] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  167.745028][ T8098] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  167.746046][ T8104] loop1: detected capacity change from 0 to 2048
[  167.754863][ T8098] F2FS-fs (loop0): invalid crc value
[  167.766562][ T8098] F2FS-fs (loop0): Found nat_bits in checkpoint
[  167.783255][  T343] usb 5-1: USB disconnect, device number 9
[  167.802300][ T8098] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  167.811675][ T8104] Alternate GPT is invalid, using primary GPT.
[  167.818127][ T8104]  loop1: p1 p2 p3
[  167.819141][ T8110] loop6: detected capacity change from 0 to 256
[  167.821934][ T8098] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  167.832371][ T8110] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  167.879109][ T8112] loop6: detected capacity change from 0 to 16
[  167.886022][ T8112] erofs: (device loop6): mounted with root inode @ nid 36.
[  167.896048][ T8112] erofs: (device loop6): z_erofs_readahead: readahead error at page 2 @ nid 89
[  167.896817][   T39] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  167.913204][   T47] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.928360][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.940160][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.951732][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.965751][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.983472][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  167.995036][ T8112] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  168.116710][   T39] usb 9-1: Using ep0 maxpacket: 32
[  168.120172][ T8143] input: syz0 as /devices/virtual/input/input37
[  168.129729][   T39] usb 9-1: config 0 has an invalid interface number: 184 but max is 0
[  168.131979][ T8143] ==================================================================
[  168.142020][   T39] usb 9-1: config 0 has no interface number 0
[  168.146190][ T8143] BUG: KASAN: slab-out-of-bounds in string+0x21f/0x2b0
[  168.152788][   T39] usb 9-1: config 0 interface 184 has no altsetting 0
[  168.159110][ T8143] Read of size 1 at addr ffff8881321600c9 by task syz.1.3094/8143
[  168.159134][ T8143] 
[  168.159153][ T8143] CPU: 0 PID: 8143 Comm: syz.1.3094 Not tainted syzkaller #0
[  168.182097][   T39] usb 9-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  168.183528][ T8143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  168.195669][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.202936][ T8143] Call Trace:
[  168.202953][ T8143]  <TASK>
[  168.202964][ T8143]  __dump_stack+0x21/0x24
[  168.203005][ T8143]  dump_stack_lvl+0xee/0x150
[  168.203037][ T8143]  ? __cfi_dump_stack_lvl+0x8/0x8
[  168.231538][ T8143]  ? kasan_set_track+0x60/0x70
[  168.236358][ T8143]  ? string+0x21f/0x2b0
[  168.240527][ T8143]  print_address_description+0x71/0x1e0
[  168.246088][ T8143]  print_report+0x4a/0x60
[  168.250437][ T8143]  kasan_report+0x122/0x150
[  168.254971][ T8143]  ? string+0x21f/0x2b0
[  168.259137][ T8143]  __asan_report_load1_noabort+0x14/0x20
[  168.264886][ T8143]  string+0x21f/0x2b0
[  168.268892][ T8143]  vsnprintf+0xed9/0x1960
[  168.273238][ T8143]  seq_printf+0x175/0x260
[  168.277605][ T8143]  ? __cfi_seq_printf+0x10/0x10
[  168.282472][ T8143]  ? memcpy+0x56/0x70
[  168.286462][ T8143]  ? kobject_get_path+0x1c9/0x200
[  168.291499][ T8143]  input_devices_seq_show+0x1a6/0x650
[  168.296883][ T8143]  seq_read_iter+0x9c8/0xdd0
[  168.301588][ T8143]  seq_read+0x159/0x1f0
[  168.305754][ T8143]  ? __cfi_seq_read+0x10/0x10
[  168.310435][ T8143]  ? __cfi_futex_wake+0x10/0x10
[  168.315339][ T8143]  ? avc_policy_seqno+0x1b/0x70
[  168.320202][ T8143]  ? __kasan_check_read+0x11/0x20
[  168.325251][ T8143]  ? __cfi_seq_read+0x10/0x10
[  168.329936][ T8143]  proc_reg_read+0x1e4/0x2d0
[  168.334560][ T8143]  ? __cfi_proc_reg_read+0x10/0x10
[  168.339692][ T8143]  vfs_read+0x26e/0x8c0
[  168.343877][ T8143]  ? __cfi_vfs_read+0x10/0x10
[  168.348567][ T8143]  ? __kasan_check_write+0x14/0x20
[  168.353693][ T8143]  ? mutex_lock+0x8d/0x1a0
[  168.358118][ T8143]  ? __cfi_mutex_lock+0x10/0x10
[  168.362977][ T8143]  ? __fdget_pos+0x2cd/0x380
[  168.367575][ T8143]  ? ksys_read+0x71/0x240
[  168.371917][ T8143]  ksys_read+0x140/0x240
[  168.376171][ T8143]  ? __cfi_ksys_read+0x10/0x10
[  168.380985][ T8143]  ? fpregs_restore_userregs+0x128/0x260
[  168.386647][ T8143]  __x64_sys_read+0x7b/0x90
[  168.391185][ T8143]  x64_sys_call+0x2f/0x9a0
[  168.395626][ T8143]  do_syscall_64+0x4c/0xa0
[  168.400076][ T8143]  ? clear_bhb_loop+0x30/0x80
[  168.404787][ T8143]  ? clear_bhb_loop+0x30/0x80
[  168.409491][ T8143]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.415401][ T8143] RIP: 0033:0x7f9d39d8eba9
[  168.419838][ T8143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.439465][ T8143] RSP: 002b:00007f9d3ac7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  168.448075][ T8143] RAX: ffffffffffffffda RBX: 00007f9d39fd5fa0 RCX: 00007f9d39d8eba9
[  168.456052][ T8143] RDX: 0000000000002020 RSI: 0000200000002300 RDI: 0000000000000003
[  168.464036][ T8143] RBP: 00007f9d39e11e19 R08: 0000000000000000 R09: 0000000000000000
[  168.472013][ T8143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.479991][ T8143] R13: 00007f9d39fd6038 R14: 00007f9d39fd5fa0 R15: 00007ffdb68568d8
[  168.487978][ T8143]  </TASK>
[  168.491007][ T8143] 
[  168.493336][ T8143] Allocated by task 0:
[  168.497420][ T8143]  kasan_set_track+0x4b/0x70
[  168.502034][ T8143]  kasan_save_alloc_info+0x25/0x30
[  168.507161][ T8143]  __kasan_kmalloc+0x95/0xb0
[  168.511758][ T8143]  kmalloc_trace+0x40/0xb0
[  168.516185][ T8143]  dummy_urb_enqueue+0x7b/0x7b0
[  168.521047][ T8143]  usb_hcd_submit_urb+0x336/0x1830
[  168.526166][ T8143]  usb_submit_urb+0x122d/0x1900
[  168.531054][ T8143]  hid_irq_in+0x50c/0x6b0
[  168.535401][ T8143]  __usb_hcd_giveback_urb+0x364/0x520
[  168.540779][ T8143]  usb_hcd_giveback_urb+0x11c/0x410
[  168.546000][ T8143]  dummy_timer+0x86f/0x2ea0
[  168.550672][ T8143]  __hrtimer_run_queues+0x3cd/0x9f0
[  168.555900][ T8143]  hrtimer_run_softirq+0x19b/0x260
[  168.561037][ T8143]  handle_softirqs+0x1d7/0x600
[  168.565807][ T8143]  __irq_exit_rcu+0x52/0xf0
[  168.570316][ T8143]  irq_exit_rcu+0x9/0x10
[  168.574657][ T8143]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  168.580301][ T8143]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  168.586296][ T8143] 
[  168.588643][ T8143] Freed by task 0:
[  168.592375][ T8143]  kasan_set_track+0x4b/0x70
[  168.596970][ T8143]  kasan_save_free_info+0x31/0x50
[  168.602006][ T8143]  ____kasan_slab_free+0x132/0x180
[  168.607129][ T8143]  __kasan_slab_free+0x11/0x20
[  168.611931][ T8143]  slab_free_freelist_hook+0xc2/0x190
[  168.617329][ T8143]  __kmem_cache_free+0xb7/0x1b0
[  168.622203][ T8143]  kfree+0x6f/0xf0
[  168.626006][ T8143]  dummy_timer+0x7e5/0x2ea0
[  168.630523][ T8143]  __hrtimer_run_queues+0x3cd/0x9f0
[  168.635821][ T8143]  hrtimer_run_softirq+0x19b/0x260
[  168.641035][ T8143]  handle_softirqs+0x1d7/0x600
[  168.645807][ T8143]  __irq_exit_rcu+0x52/0xf0
[  168.650318][ T8143]  irq_exit_rcu+0x9/0x10
[  168.654583][ T8143]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  168.660231][ T8143]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  168.666226][ T8143] 
[  168.668563][ T8143] The buggy address belongs to the object at ffff888132160000
[  168.668563][ T8143]  which belongs to the cache kmalloc-128 of size 128
[  168.682621][ T8143] The buggy address is located 73 bytes to the right of
[  168.682621][ T8143]  128-byte region [ffff888132160000, ffff888132160080)
[  168.696336][ T8143] 
[  168.698664][ T8143] The buggy address belongs to the physical page:
[  168.705207][ T8143] page:ffffea0004c85800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x132160
[  168.715447][ T8143] flags: 0x4000000000000200(slab|zone=1)
[  168.721451][ T8143] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100042a80
[  168.730048][ T8143] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  168.738715][ T8143] page dumped because: kasan: bad access detected
[  168.745157][ T8143] page_owner tracks the page as allocated
[  168.750877][ T8143] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 0, tgid 0 (swapper/0), ts 149645557332, free_ts 149374063295
[  168.769988][ T8143]  post_alloc_hook+0x1f5/0x210
[  168.774768][ T8143]  prep_new_page+0x1c/0x110
[  168.779280][ T8143]  get_page_from_freelist+0x2c7b/0x2cf0
[  168.784840][ T8143]  __alloc_pages+0x1c3/0x450
[  168.789443][ T8143]  alloc_slab_page+0x6e/0xf0
[  168.794048][ T8143]  new_slab+0x98/0x3d0
[  168.798134][ T8143]  ___slab_alloc+0x6f6/0xb50
[  168.802766][ T8143]  __slab_alloc+0x5e/0xa0
[  168.807112][ T8143]  __kmem_cache_alloc_node+0x203/0x2c0
[  168.812585][ T8143]  kmalloc_trace+0x29/0xb0
[  168.817025][ T8143]  dummy_urb_enqueue+0x7b/0x7b0
[  168.821917][ T8143]  usb_hcd_submit_urb+0x336/0x1830
[  168.827124][ T8143]  usb_submit_urb+0x122d/0x1900
[  168.831995][ T8143]  hid_irq_in+0x50c/0x6b0
[  168.836421][ T8143]  __usb_hcd_giveback_urb+0x364/0x520
[  168.841814][ T8143]  usb_hcd_giveback_urb+0x11c/0x410
[  168.847053][ T8143] page last free stack trace:
[  168.851738][ T8143]  free_unref_page_prepare+0x742/0x750
[  168.857311][ T8143]  free_unref_page_list+0x112/0x8b0
[  168.862521][ T8143]  release_pages+0xad1/0xb20
[  168.867130][ T8143]  free_pages_and_swap_cache+0x86/0xa0
[  168.872603][ T8143]  tlb_finish_mmu+0x1aa/0x370
[  168.877285][ T8143]  exit_mmap+0x3dd/0xb60
[  168.881539][ T8143]  __mmput+0x93/0x320
[  168.885531][ T8143]  mmput+0x4b/0x150
[  168.889358][ T8143]  do_exit+0x981/0x2650
[  168.893564][ T8143]  do_group_exit+0x210/0x2d0
[  168.898172][ T8143]  get_signal+0x13b5/0x1520
[  168.902686][ T8143]  arch_do_signal_or_restart+0xb0/0x1030
[  168.908330][ T8143]  exit_to_user_mode_loop+0x7a/0xb0
[  168.913552][ T8143]  exit_to_user_mode_prepare+0x5a/0xa0
[  168.919019][ T8143]  syscall_exit_to_user_mode+0x1a/0x30
[  168.924486][ T8143]  do_syscall_64+0x58/0xa0
[  168.928918][ T8143] 
[  168.931260][ T8143] Memory state around the buggy address:
[  168.937085][ T8143]  ffff88813215ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  168.945315][ T8143]  ffff888132160000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  168.953403][ T8143] >ffff888132160080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  168.961479][ T8143]                                               ^
[  168.967900][ T8143]  ffff888132160100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  168.975961][ T8143]  ffff888132160180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  168.984024][ T8143] ==================================================================
[  168.992494][   T39] usb 9-1: Product: syz
[  168.998896][ T8143] Disabling lock debugging due to kernel taint
[  169.006436][   T39] usb 9-1: Manufacturer: syz
[  169.011375][   T39] usb 9-1: SerialNumber: syz
[  169.017607][   T39] usb 9-1: config 0 descriptor??
[  169.032394][   T39] smsc75xx v1.0.0
[  169.166736][  T334] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  169.349319][  T334] usb 7-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  169.358525][  T334] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.366538][  T334] usb 7-1: Product: syz
[  169.370844][  T334] usb 7-1: Manufacturer: syz
[  169.375560][  T334] usb 7-1: SerialNumber: syz
[  169.380897][  T334] usb 7-1: config 0 descriptor??
[  169.387049][  T334] usb 7-1: Waiting for MOTU Microbook II to boot up...
[  169.394043][  T334] usb 7-1: failed setting the sample rate for Motu MicroBook II: -22
[  169.402219][  T334] snd-usb-audio: probe of 7-1:0.0 failed with error -22
[  169.591761][  T334] usb 7-1: USB disconnect, device number 8
[  169.628839][   T39] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  169.639793][   T39] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  169.849739][   T39] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  169.860620][   T39] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  169.870242][   T39] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  169.879742][   T39] smsc75xx: probe of 9-1:0.184 failed with error -71
[  169.887936][   T39] usb 9-1: USB disconnect, device number 12