last executing test programs:

7.56020886s ago: executing program 0 (id=3080):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000600000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
close(r1)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000c3c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f00000002c0)={0x50, 0x0, r3, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
chmod(&(0x7f0000000080)='./file0\x00', 0x0)

7.391830826s ago: executing program 0 (id=3082):
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)
personality(0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000025c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r3, &(0x7f000000a600)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000002300)={0x50, 0xfffffffffffffff5, r4, {0x7, 0x9}}, 0x50)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
wait4(0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, 0x0)
statfs(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000380)=""/166)
unlinkat(0xffffffffffffffff, 0x0, 0x0)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000480), 0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='xprt_retransmit\x00', r5}, 0x10)
socket(0x2c, 0x0, 0x0)

6.25224456s ago: executing program 0 (id=3092):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143fde, 0x7c, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000540)={r2, &(0x7f0000000180), 0x0}, 0x20)

5.760768609s ago: executing program 0 (id=3098):
mlockall(0x0)
syz_read_part_table(0x4048, &(0x7f00000080c0)="$eJzszrFJxWAUBeDznsWLEARrQQyCpaS0yhYpbTKDtYgpXcDaMjiA67iAM4gBNRYxCAoSvq+4xX/v+TnhX9l8jO89dY+HSU6q9HX9JfAyPasvkxTblEmuxpfnvcm6HX6rNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsFrdUfrrJhdlUuyS3N4dvK+q84Xs9u/rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArsT/O3TiLz+f75UzycJq+Od685aqzueOb2W/a4adlAQAAAAAAAACAV3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04kAEAAAAQ5m+dR/sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCkAAP//auUOjg==")

4.462671269s ago: executing program 3 (id=3114):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffddf, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r2, &(0x7f0000000000), 0x100000008)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r2, 0x80084503, 0x0)

3.714146707s ago: executing program 0 (id=3099):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xff, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080))
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000))
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x8001}, 0x880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@const={0x0, 0x0, 0x0, 0x9}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @func_proto, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1}}]}}, 0x0, 0x5a}, 0x20)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000640)=ANY=[@ANYBLOB="000010"], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.072903372s ago: executing program 3 (id=3126):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

2.224407974s ago: executing program 3 (id=3130):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x4, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@remote}, {@multicast2}, {@private=0xa010105}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}, {@multicast2}]}, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @private=0xa010102]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.204841615s ago: executing program 4 (id=3131):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c250000000000206ea37b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)="30a0", 0x2}], 0x1}, 0x4040001)
recvmsg$unix(r1, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1)
recvmsg$unix(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f00000000c0)=""/109, 0x6d}], 0x1}, 0x0)

2.148719128s ago: executing program 4 (id=3132):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)

2.148444528s ago: executing program 4 (id=3133):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

2.145428208s ago: executing program 4 (id=3134):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
inotify_rm_watch(0xffffffffffffffff, 0x0)

2.055646371s ago: executing program 4 (id=3135):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f00000004c0), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0)

1.81289275s ago: executing program 3 (id=3140):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='ext4_request_inode\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_request_inode\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

1.799505231s ago: executing program 4 (id=3141):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001440)={{0x12, 0x1, 0x0, 0xab, 0xd1, 0xa0, 0x40, 0x77b, 0x2226, 0xca8b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3a, 0x92, 0xf8}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55710c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba8f24815f140290fb3f659193ae297fdcd50b6dc8d41d9568a55e58cc6514e272e53a081168e74d7189f0e655f66e08f0e1087c8d80ea3cac636aa60bea16f5e27d5761f66d99ca89adacf4e13a2013988c4222d7cf1ff8682043d3d6f16b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c973463c482db5da9926d158ee55592221796e273ccf22a8ce8dd3674739087015098b80e9842e82aa484b0247773b358f02338ba5950707984fb201d101bfd1f78b0ea4f397cf671af9dacdf409cc1f8d960358d99d506f9b3f52ce15d0cf72083819b4a3a6dfe62b510150dfe25ef1caf21e26954118b0c2dea8b744bed8de035a056fa2d0f7370b9df062c204e99c715c5c544f5c74625ea73c563000000f9c54ee5a5ce61349ac0d7aa1177b1157f5edd51a8c90e700f454b78df252ff01ad346eb3802cb2ed041ee326f74fb463e108394670000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r6, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r4, 0x400448ca, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.745957393s ago: executing program 3 (id=3142):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x16}}, {@remote, 0x4}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8200, &(0x7f0000000080)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2c}}, {@stripe}, {@grpid}, {@errors_remount}, {@noblock_validity}, {@block_validity}, {@minixdf}, {@noauto_da_alloc}]}, 0x83, 0x5fe, &(0x7f0000001040)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78kbWaiTP5wO7eu/NaN/76ulp3uzo7QRQWZPZUxpxOCIuJRETbdvGo7lxsrXfw+/uXM4eSTQa//s2iaRVVuz/qPV1f/aURIxGxKdnI35f21jv6q3bV+fqjaZXI6bXllemV2/dPr60PHdl4crCtdkT/zx5auZfsydntyXOIq5z5//7p7dee+kfi5/VjydxOi4OvzIfHXFsl8mYjEetENvLhyLiVJbo8nPZa4oQkpLbwdbUWr+PwxFxKCailueaJmLpzVIbBwxUoxbRACoqMf6hoop5QHFuP4jz4N3swZnmCdDG+Iea743EaH5utO9h0nZm1DzfPbAN9Wd1/HznyHvZI3q8DzG0DfX0sn43Iv7YLf4kb9uB/F2cLP400rbvy9IzETHS+lmkW6x/siO/079/vyb+9n7I4j3d+pqVn91i/WXHD0A13T/TOpCvZ7knx79sZljMf6LL/Ge8y7FrK8o+/vWe/xXH+9H8PfK0Yx6WzXkudH/J4c6Cr944906v+tvnf9kjq7+YC+6EB3cjjnTE/3o+mUse93/Spf+zXS71Wcd/Pv/mXK9tZcffuBdxtOv5z5MrWllqem15pSjruD45vbhUX5hpPnet46NPXvygV/1lx5/1f/SIf7P+z8pW+qzjwwv3lnttG39q/OnXI8nFPDXSKnl5bm3txmzESHK+tUtb+YnN21LsU7xGFv+xv3Yf/5vEn3f0ep/xr/z/6sNe2/ru/w1/VXKPGn22oZcs/vkt9v/bfdbxwws3/9xRNFYkNot/7BljAwAAAAAAgKpJ82uwSTr1OJ2mU1PNNbx/iH1p/frq2t8Wr9+8Nh9xLP9/yOG0uNI90cwnWX629f+wRf5ER/7vEXEwIt6tjeX5qcvX6/NlBw8AAAAAAAAAAAAAAAAAAAC7xP7W+v/iPtXf15rr//uydmjArQMGbpA3mAN2N+Mfqisf/1u9gyuwpzn+Q3UZ/1Bdxj9Ul/EP1WX8Q3UZ/1Bdxj9Ul/EPAAAAAM+lg3+5/2USEev/HssfmZHWtuFSWwYMmjEO1VUruwFAaR5f+rf8Hyqnr/n/j60PBxx8c4ASJN0K88lBY/PBf7/rdwIAAAAAAAAAAAAAA3D0sPX/UFVpfFx2E4CSPMP6fx8dAHucj/6H6nKODzxtFf9orw3W/wMAAAAAAAAAAADAjhnPH0k61boF6Hik6dRUxG8j4kAMJ4tL9YWZiPhdRHxRG/5Nlp8tu9EAAAAAAAAAAAAAAAAAAADwnFm9dfvqXL2+cKM98dOGkuc7UdwFdbe0pz0Ryc5XOhYRuyH2wSSG2kqSiPWs53dFw26sxq5oRpo3o+Q/TAAAAAAAAAAAAAAAAAAAUEFta4+7O/L+DrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbek/v/bz2RPOV1yo4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANibfgkAAP//4DE4gw==")

1.727148344s ago: executing program 2 (id=3144):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x8140aecc, &(0x7f0000000140))

1.657516667s ago: executing program 2 (id=3147):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x3}]}, @ptr, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x4a}, 0x20)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x5, &(0x7f0000000240)=ANY=[@ANYRESOCT], 0x0, 0x5, 0xbe, &(0x7f000000cf3d)=""/190, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
ptrace$getregs(0xc, r0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000100)={0x18, 0x0, 0x0, 0x0, 0x0, {0x2}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
socket(0x10, 0x5, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000006440)={0x0, 0x0, &(0x7f00000063c0)=[{&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="14001b000000000000"], 0x34}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

701.376313ms ago: executing program 2 (id=3150):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_process_fork\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

688.132014ms ago: executing program 2 (id=3151):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x4, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@remote}, {@multicast2}, {@private=0xa010105}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}, {@multicast2}]}, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @private=0xa010102]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

524.70192ms ago: executing program 1 (id=3154):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r1 = dup2(r0, r0)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000540)=""/143, 0x8f}], 0x1)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000140)='system.posix_acl_access\x00', 0x0, 0x84, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040))

463.827733ms ago: executing program 1 (id=3155):
syz_clone3(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x2000, {0x0}}, 0x58)

432.251304ms ago: executing program 1 (id=3156):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
inotify_rm_watch(0xffffffffffffffff, 0x0)

412.550265ms ago: executing program 3 (id=3157):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
socket$inet6(0xa, 0x0, 0x7)
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(r5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
keyctl$session_to_parent(0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

395.662365ms ago: executing program 1 (id=3158):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

377.089056ms ago: executing program 2 (id=3159):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)

332.393347ms ago: executing program 0 (id=3160):
syz_usb_connect$uac1(0x0, 0xb3, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000000000406b1d01014000010203010902a10003010000000904000000010300000a2401"], 0x0)

315.636058ms ago: executing program 1 (id=3161):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)

293.510959ms ago: executing program 1 (id=3162):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r3, 0x0, 0x0}, 0x10)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000d00)={"8858bde0d7f6311bf16c671fc9d87024dbe4bbb080be0900000000000016591b7390035985dcaa66a958a8a970391decb4b7d3e52996ff674f707cdf49c7381d2964c301f29e875ce36aa6b1930032da440a2e212da56797dfe5748aaaae9fbc3f7ffd295072e1ea64bad7d354900200000000000000383692bf1b90d3c1bab243eb0d17151ba3e65431ac11adc58b77321481fd65569362b3a8bddbed39d885f990908ce1892580ee43159c1db62d59fe2cb71882dfb0abf9dcb8ee30aadea127f169312855440d9ec40deaf8215a2bdcc65fcbbd5e0b83d2f1e3ea96ef1c9946b76ab53dee477b7ade8550d47e5a3eea926f58efb6fb7f33064fb7b6951eae379648695b27505fa731a2454174592ef7a0227f59ac45d0ed37cccabee68ba44346135659abe531ca418b0841f5a8f285605fc1e0e77f9e97a47277ed3f9cc1a9f8a7efd669ba9819c2db199a88aa87c399b7ada0ff033039d0d3a8b043b53335d15c275ea6ce63f3c34655761c1182bc26b1a590a8cb8667e764c3f74dc55dd44ca9e7c6a61c6376761acb0fd9fb1941caca01396905eeeead3e189fd11bd19137b214eecefa07116dc4b4b7ea423308ac9183ffc62c8dc69021249027b7b0929660135b3161d08e109a46b6fd1b7fc08a3bc0934ee2648df2b04716aff5342d9897218f91371f6c06666e0082b8a66e973930c219a568f1e0938a6a1681c7268147b1e0425c41da41a55877c32797bbfa11736d046b681bf70f376112a9094c5f23bedd87986014e72730b64d9e33412e3d423cf8213370fc4338e6f0d722dde3135706e615085bf76fa752bac824485910a6acc45b6552537fbbf0909a08d9b891ce78d11af59ca07eaf5bba689017f082dce61d3682695c75e6c2d0388412fe7f36823a0e74de0f91d4fc15397a14a831d37dc60d6bd3d455649347f6257d05cbbd9fc145e958955fd219d1ab60dbc058e0ba5565daed86f86e6356a782b305d5e2f6e1b190479e6376b4e6247c0f020e607e9468f48fa9a16e0770b05f6bcda150dc373437963a045e0ca1272848ae96fd7823f3eac82ae253a7d907b237ff231bbae89a93ac077db04197707ff3de99ca9191ed561e972fd60356654e89242b3ac8b112092d28e10759bb3e85cfab2ae11ce90b6b52f7d2be1fd3e6d9eaabe37a3083749c11f54c17b6402fc1b54c3c030d0266480faa910856106800ba90c26ccefc230296f498c1304abe91a8fb37eb7abda2072c686aae830cc5abd72b47dc87cb4e0105000000dc6ac2bee572bf601e02d9a51851877f1498d6e2ba3b5947d83d90072eaf0cefed3dceb9bf35b36cbca3f1feba2c3d0f16ce04e13237e8b78689b9599d33db4fe890f9e655ba57658bc1671878ab615bc37943f9c9b8e9d5069bf7de6aaa74b0470389f22935cedbb9e22523e400"})

0s ago: executing program 2 (id=3163):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r3, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000000640)={0x0, 0x0, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

d forwarding state
[  288.773323][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  288.791067][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  288.809798][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  288.819254][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  288.827239][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  288.835580][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  288.844213][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  288.852331][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  288.859778][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  288.869903][ T7903] device veth0_vlan entered promiscuous mode
[  288.886489][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  288.896124][ T7903] device veth1_macvtap entered promiscuous mode
[  288.909836][ T5885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  288.935686][ T1539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  289.049074][  T309] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  289.059120][  T309] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  289.099592][ T4055] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  289.248428][  T569] device bridge_slave_1 left promiscuous mode
[  289.259727][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.294385][  T569] device bridge_slave_0 left promiscuous mode
[  289.326769][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.367375][  T569] device veth1_macvtap left promiscuous mode
[  289.378803][  T569] device veth0_vlan left promiscuous mode
[  289.409156][  T309] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  289.418612][  T309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  289.429381][  T309] usb 5-1: SerialNumber: syz
[  289.559183][ T4055] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.572232][ T4055] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.581847][ T4055] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  289.590741][ T4055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.599773][ T4055] usb 2-1: config 0 descriptor??
[  289.690086][  T309] usb 5-1: 0:2 : does not exist
[  289.699051][  T291] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  290.079220][  T291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.090061][  T291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.099730][  T291] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  290.108875][  T291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.121158][  T291] usb 1-1: config 0 descriptor??
[  290.201634][ T7953] tipc: Can't bind to reserved service type 0
[  290.452206][ T1542] usb 4-1: USB disconnect, device number 28
[  290.467496][   T26] usb 5-1: USB disconnect, device number 26
[  290.572802][  T309] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  290.872115][  T291] kovaplus 0003:1E7D:2D50.0033: collection stack underflow
[  290.882378][  T291] kovaplus 0003:1E7D:2D50.0033: item 0 1 0 12 parsing failed
[  290.890239][  T291] kovaplus 0003:1E7D:2D50.0033: parse failed
[  290.896082][  T291] kovaplus: probe of 0003:1E7D:2D50.0033 failed with error -22
[  290.919854][ T7960] loop3: detected capacity change from 0 to 1024
[  290.979016][  T309] usb 3-1: Using ep0 maxpacket: 32
[  290.999885][ T7960] EXT4-fs (loop3): Test dummy encryption mode enabled
[  291.006637][ T7960] EXT4-fs (loop3): error: journal path ./file0 is not a block device
[  291.025423][ T7962] loop4: detected capacity change from 0 to 2048
[  291.060791][ T3364] usb 1-1: USB disconnect, device number 33
[  291.119067][  T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  291.938174][  T309] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  292.315195][  T309] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.319135][ T4055] usbhid 2-1:0.0: can't add hid device: -71
[  292.323681][  T309] usb 3-1: Product: syz
[  292.329468][ T4055] usbhid: probe of 2-1:0.0 failed with error -71
[  292.333197][  T309] usb 3-1: Manufacturer: syz
[  292.343544][  T309] usb 3-1: SerialNumber: syz
[  292.353359][ T4055] usb 2-1: USB disconnect, device number 18
[  292.363848][  T309] usb 3-1: config 0 descriptor??
[  292.430674][  T309] snd-usb-audio: probe of 3-1:0.0 failed with error -2
[  292.546430][ T7996] loop3: detected capacity change from 0 to 128
[  292.578127][ T7996] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  292.661685][ T7996] ext4 filesystem being mounted at /220/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  292.717069][  T291] usb 3-1: USB disconnect, device number 26
[  292.894379][ T8005] loop1: detected capacity change from 0 to 256
[  292.897907][ T7996] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.2614: Unrecognised inode hash code 97
[  292.912163][ T7996] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.2614: Corrupt directory, running e2fsck is recommended
[  292.929991][ T5132] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  292.941494][ T5132] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  292.954686][ T5132] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 4: comm syz-executor: path (unknown): bad entry in directory: rec_len % 4 != 0 - offset=0, inode=1633771873, rec_len=24929, size=1024 fake=0
[  292.975888][ T5132] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  292.989577][ T5132] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  293.003066][ T5132] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  293.020226][ T5132] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  293.033626][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  293.047832][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  293.062263][ T5132] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  293.074060][ T5132] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  293.087185][ T5132] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  293.100518][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  293.114598][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  293.128780][ T5132] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  293.142185][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  293.156304][ T5132] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  293.170164][ T3364] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  293.170481][ T5132] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  293.337299][  T320] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  293.402139][ T8021] input: syz0 as /devices/virtual/input/input28
[  293.468275][ T8022] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.476014][ T8022] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.483726][ T8022] device bridge_slave_0 entered promiscuous mode
[  293.490981][ T8022] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.497867][ T8022] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.505737][ T8022] device bridge_slave_1 entered promiscuous mode
[  293.579068][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  293.599179][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  293.612498][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  293.618987][ T3364] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  293.620045][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  293.632550][  T665] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  293.639688][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  293.655489][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  293.663129][ T3364] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  293.663699][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.679108][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.681569][ T3364] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.686388][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  293.702308][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  293.710593][ T3364] usb 1-1: config 0 descriptor??
[  293.714150][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.722249][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.739093][ T8003] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  293.746244][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.757396][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.768158][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  293.768779][  T320] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  293.780719][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  293.785237][  T320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.800939][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  293.801319][  T320] usb 2-1: config 0 descriptor??
[  293.811909][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  293.821571][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  293.843868][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  293.852446][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  293.861864][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  293.870057][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  293.878141][ T8022] device veth0_vlan entered promiscuous mode
[  293.887704][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  293.895371][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  293.910028][ T8022] device veth1_macvtap entered promiscuous mode
[  293.924646][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  293.938172][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  293.947031][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  293.955341][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  293.964028][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  293.975330][  T569] device bridge_slave_0 left promiscuous mode
[  293.982672][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.990886][  T569] device veth1_macvtap left promiscuous mode
[  294.039273][  T665] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.051455][  T665] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.061413][  T665] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  294.070354][  T665] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.079790][  T665] usb 5-1: config 0 descriptor??
[  294.160959][ T8031] loop2: detected capacity change from 0 to 128
[  294.191186][ T8031] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  294.201812][ T8031] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  294.202821][ T3364] plantronics 0003:047F:FFFF.0034: unknown main item tag 0xd
[  294.249677][ T8031] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.2629: Unrecognised inode hash code 97
[  294.261166][ T8031] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.2629: Corrupt directory, running e2fsck is recommended
[  294.275435][ T3364] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving
[  294.287401][ T7903] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  294.299969][ T7903] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  294.312912][ T7903] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 4: comm syz-executor: path (unknown): bad entry in directory: rec_len % 4 != 0 - offset=0, inode=1633771873, rec_len=24929, size=1024 fake=0
[  294.314297][ T3364] plantronics 0003:047F:FFFF.0034: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  294.347542][ T7903] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  294.359528][ T7903] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  294.373027][ T7903] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  294.384680][ T7903] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  294.398361][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  294.413672][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  294.430219][ T7903] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor: Unrecognised inode hash code 97
[  294.441898][ T7903] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[  294.455060][ T7903] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  294.468721][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  294.487128][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  294.501808][ T7903] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  294.515197][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024
[  294.529664][ T7903] EXT4-fs error (device loop2): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192
[  294.544133][ T7903] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  294.569094][ T4055] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  294.809050][ T4055] usb 4-1: Using ep0 maxpacket: 16
[  294.923449][  T665] kovaplus 0003:1E7D:2D50.0035: collection stack underflow
[  294.930575][  T665] kovaplus 0003:1E7D:2D50.0035: item 0 1 0 12 parsing failed
[  294.937889][  T665] kovaplus 0003:1E7D:2D50.0035: parse failed
[  294.942683][ T4055] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.954666][ T4055] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  294.954806][  T665] kovaplus: probe of 0003:1E7D:2D50.0035 failed with error -22
[  294.967593][ T4055] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  294.983938][ T4055] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.993669][ T4055] usb 4-1: config 0 descriptor??
[  295.004376][  T665] usb 5-1: USB disconnect, device number 27
[  295.016820][  T526] usb 1-1: USB disconnect, device number 34
[  295.211384][ T8039] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.218235][ T8039] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.225818][ T8039] device bridge_slave_0 entered promiscuous mode
[  295.235776][ T8039] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.243181][ T8039] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.250639][ T8039] device bridge_slave_1 entered promiscuous mode
[  295.317343][ T8039] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.324418][ T8039] bridge0: port 2(bridge_slave_1) entered forwarding state
[  295.331575][ T8039] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.338497][ T8039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  295.368909][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  295.376381][  T526] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.384385][  T526] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.396952][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  295.405062][  T665] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.411926][  T665] bridge0: port 1(bridge_slave_0) entered forwarding state
[  295.421717][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  295.430540][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.437414][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  295.474532][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  295.489319][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  295.511358][ T8039] device veth0_vlan entered promiscuous mode
[  295.525381][ T8039] device veth1_macvtap entered promiscuous mode
[  295.536191][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  295.546042][ T4055] microsoft 0003:045E:07DA.0036: item fetching failed at offset 29/34
[  295.547605][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  295.561955][ T4055] microsoft 0003:045E:07DA.0036: parse failed
[  295.563483][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  295.567966][ T4055] microsoft: probe of 0003:045E:07DA.0036 failed with error -22
[  295.575731][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  295.590323][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  295.600889][  T569] device bridge_slave_1 left promiscuous mode
[  295.607953][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.620063][  T569] device bridge_slave_0 left promiscuous mode
[  295.627535][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.640080][  T569] device veth1_macvtap left promiscuous mode
[  295.646301][  T569] device veth0_vlan left promiscuous mode
[  295.673558][ T8055] input: syz0 as /devices/virtual/input/input30
[  295.706872][ T8058] loop0: detected capacity change from 0 to 512
[  295.716911][ T8058] SELinux: security_context_str_to_sid(sysadm_u,errors=continue) failed for (dev ?, type ?) errno=-22
[  295.728742][ T8058] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  295.739032][ T8058] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[  295.867005][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  295.875500][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  295.910858][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  295.921253][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  295.940666][  T309] usb 4-1: USB disconnect, device number 29
[  296.119063][  T320] usbhid 2-1:0.0: can't add hid device: -71
[  296.129128][  T320] usbhid: probe of 2-1:0.0 failed with error -71
[  296.152563][  T320] usb 2-1: USB disconnect, device number 19
[  296.172714][ T8061] loop0: detected capacity change from 0 to 40427
[  296.558983][ T8061] F2FS-fs (loop0): Found nat_bits in checkpoint
[  296.659428][ T8061] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  297.088525][ T8106] input: syz0 as /devices/virtual/input/input31
[  297.174898][ T4055] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  298.235991][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  298.255828][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  298.269200][  T320] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  298.270302][ T4055] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  298.338545][ T4055] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  298.457250][ T4055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.538700][ T4055] usb 5-1: config 0 descriptor??
[  298.609104][ T8079] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  298.769251][  T320] usb 2-1: Using ep0 maxpacket: 16
[  298.909150][  T320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.933881][  T320] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  298.949190][   T30] audit: type=1326 audit(1719920798.100:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8137 comm="syz.0.2666" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2fd5eeef19 code=0x0
[  298.962587][  T320] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  298.999003][  T320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.020806][  T320] usb 2-1: config 0 descriptor??
[  299.070212][ T4055] plantronics 0003:047F:FFFF.0037: unknown main item tag 0xd
[  299.082146][ T4055] plantronics 0003:047F:FFFF.0037: No inputs registered, leaving
[  299.098571][ T4055] plantronics 0003:047F:FFFF.0037: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  299.389811][ T8163] input: syz0 as /devices/virtual/input/input33
[  299.409302][  T526] usb 5-1: USB disconnect, device number 28
[  299.960695][  T320] microsoft 0003:045E:07DA.0038: item fetching failed at offset 29/34
[  299.969273][  T320] microsoft 0003:045E:07DA.0038: parse failed
[  299.975195][  T320] microsoft: probe of 0003:045E:07DA.0038 failed with error -22
[  300.231617][ T8177] loop0: detected capacity change from 0 to 128
[  300.299609][  T320] usb 2-1: USB disconnect, device number 20
[  300.417617][   T30] audit: type=1400 audit(1719920799.560:627): avc:  denied  { setopt } for  pid=8184 comm="syz.2.2683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  300.996791][ T8198] loop4: detected capacity change from 0 to 512
[  301.131921][ T8198] EXT4-fs (loop4): 1 orphan inode deleted
[  301.137576][ T8198] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,errors=continue,. Quota mode: writeback.
[  301.159837][ T8198] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038 (0x7fffffff)
[  301.228999][ T4055] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  301.256298][ T8198] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz.4.2688: Invalid inode table block 1638725719 in block_group 0
[  301.329756][ T6139] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  301.344281][ T6139] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  301.443190][ T6139] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  301.510195][ T6139] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  301.522044][ T6139] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error
[  301.559370][   T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  301.601918][   T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  301.639984][ T8221] device pim6reg1 entered promiscuous mode
[  301.649188][ T1542] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  301.669181][ T4055] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  301.683527][ T4055] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.694840][ T4055] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.704722][ T4055] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  301.751942][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.758823][ T8223] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.766231][ T8223] device bridge_slave_0 entered promiscuous mode
[  301.773235][ T8223] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.780395][ T8223] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.788174][ T8223] device bridge_slave_1 entered promiscuous mode
[  301.794560][ T4055] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  301.805365][ T4055] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  301.813354][ T4055] usb 4-1: Manufacturer: syz
[  301.818864][ T4055] usb 4-1: config 0 descriptor??
[  301.888712][ T8223] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.895620][ T8223] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.902863][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.910071][ T8223] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.936042][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  301.944256][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.952002][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.964135][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  301.972209][  T526] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.979084][  T526] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.987892][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  301.996061][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.002945][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[  302.010245][ T1542] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  302.021678][ T1542] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  302.032710][ T1542] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  302.045642][ T1542] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  302.054757][ T1542] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.063715][ T1542] usb 2-1: config 0 descriptor??
[  302.079380][ T8217] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  302.087335][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  302.095599][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  302.117357][ T8223] device veth0_vlan entered promiscuous mode
[  302.121720][   T26] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  302.139876][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  302.148323][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  302.156554][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  302.164443][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  302.178786][ T8223] device veth1_macvtap entered promiscuous mode
[  302.187644][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  302.205687][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  302.214298][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  302.247212][ T8238] loop4: detected capacity change from 0 to 128
[  302.280157][  T569] device bridge_slave_1 left promiscuous mode
[  302.286275][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.290341][ T4055] appleir 0003:05AC:8243.0039: unknown main item tag 0x0
[  302.300272][ T4055] appleir 0003:05AC:8243.0039: No inputs registered, leaving
[  302.303861][  T569] device bridge_slave_0 left promiscuous mode
[  302.312248][ T4055] appleir 0003:05AC:8243.0039: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  302.323769][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.344242][  T569] device veth1_macvtap left promiscuous mode
[  302.356943][  T569] device veth0_vlan left promiscuous mode
[  302.439002][   T26] usb 3-1: Using ep0 maxpacket: 16
[  302.584263][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  302.605045][ T1542] plantronics 0003:047F:FFFF.003A: unknown main item tag 0xd
[  302.627291][ T1542] plantronics 0003:047F:FFFF.003A: No inputs registered, leaving
[  302.637375][   T26] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  302.744101][ T1542] plantronics 0003:047F:FFFF.003A: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  302.766986][   T26] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  302.790962][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.815400][   T26] usb 3-1: config 0 descriptor??
[  302.883949][ T8245] loop0: detected capacity change from 0 to 512
[  302.982165][ T8245] EXT4-fs (loop0): 1 orphan inode deleted
[  302.987797][ T8245] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,errors=continue,. Quota mode: writeback.
[  303.009347][ T8245] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff)
[  303.033735][ T3364] usb 2-1: USB disconnect, device number 21
[  303.046169][ T8245] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz.0.2704: Invalid inode table block 1638725719 in block_group 0
[  303.064547][ T7347] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  303.078702][ T7347] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  303.182892][ T7347] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  303.198243][ T7347] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  303.207787][ T7347] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error
[  303.212252][  T291] usb 4-1: USB disconnect, device number 30
[  303.220325][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  303.238611][   T10] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  303.325205][ T8253] device pim6reg1 entered promiscuous mode
[  303.332332][   T26] microsoft 0003:045E:07DA.003B: item fetching failed at offset 29/34
[  303.343726][   T26] microsoft 0003:045E:07DA.003B: parse failed
[  303.350211][   T26] microsoft: probe of 0003:045E:07DA.003B failed with error -22
[  303.400606][ T8254] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.407463][ T8254] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.415205][ T8254] device bridge_slave_0 entered promiscuous mode
[  303.422350][ T8254] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.429228][ T8254] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.436648][ T8254] device bridge_slave_1 entered promiscuous mode
[  303.523058][ T8254] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.529968][ T8254] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.537066][ T8254] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.543931][ T8254] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.572805][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  303.586612][  T526] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.594439][  T526] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.616253][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  303.624387][ T3364] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.631276][ T3364] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.944377][ T8254] device veth0_vlan entered promiscuous mode
[  303.961047][ T4055] usb 3-1: USB disconnect, device number 27
[  303.972364][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  303.980727][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  303.988518][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  303.996436][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  304.003922][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  304.012020][  T526] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.018889][  T526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.026635][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  304.034619][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  304.046804][   T30] audit: type=1326 audit(1719920803.190:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8265 comm="syz.1.2713" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x0
[  304.084151][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  304.092739][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  304.109790][ T8254] device veth1_macvtap entered promiscuous mode
[  304.122215][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  304.130049][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  304.138193][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  304.160700][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  304.169372][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  304.229688][  T569] device bridge_slave_1 left promiscuous mode
[  304.236801][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.252136][  T569] device bridge_slave_0 left promiscuous mode
[  304.264675][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.280473][  T569] device veth1_macvtap left promiscuous mode
[  304.292992][  T569] device veth0_vlan left promiscuous mode
[  304.522317][ T8279] loop4: detected capacity change from 0 to 512
[  304.559796][ T8281] loop2: detected capacity change from 0 to 2048
[  304.591003][ T8281] Alternate GPT is invalid, using primary GPT.
[  304.597055][ T8281]  loop2: p1 p2 p3
[  304.612214][  T100] Alternate GPT is invalid, using primary GPT.
[  304.621251][  T100]  loop2: p1 p2 p3
[  304.627184][ T8279] EXT4-fs (loop4): 1 orphan inode deleted
[  304.639146][ T8279] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,errors=continue,. Quota mode: writeback.
[  304.704274][ T8279] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038 (0x7fffffff)
[  304.761639][ T2922] udevd[2922]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  304.794765][ T8291] device pim6reg1 entered promiscuous mode
[  304.811111][ T2923] udevd[2923]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  304.829749][ T2922] udevd[2922]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  304.864476][ T8279] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz.4.2716: Invalid inode table block 1638725719 in block_group 0
[  304.900255][ T2923] udevd[2923]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  304.904652][ T8223] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  304.911331][ T2925] udevd[2925]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  304.940394][ T2922] udevd[2922]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  304.972176][ T8223] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  305.052647][ T8223] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  305.067195][ T8223] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  305.077271][ T8223] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error
[  305.097521][   T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  305.113588][   T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 1638725719 in block_group 0
[  305.159090][ T1542] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  305.187528][   T30] audit: type=1326 audit(1719920804.330:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8308 comm="syz.0.2729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80220ddf19 code=0x0
[  305.319977][ T8312] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.326925][ T8312] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.334467][ T8312] device bridge_slave_0 entered promiscuous mode
[  305.341842][ T8312] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.348687][ T8312] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.356379][ T8312] device bridge_slave_1 entered promiscuous mode
[  305.399000][  T665] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  305.449076][ T8312] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.456076][ T8312] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.463316][ T8312] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.470179][ T8312] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.503764][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  305.511797][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.519765][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.540766][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  305.549112][ T1542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.549433][  T320] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.565294][ T1542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.566651][  T320] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.567059][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  305.586653][ T1542] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  305.592118][  T320] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.607080][  T320] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.609015][ T1542] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.626998][ T1542] usb 4-1: config 0 descriptor??
[  305.639989][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  305.647893][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  305.669074][  T665] usb 3-1: Using ep0 maxpacket: 16
[  305.673800][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  305.688871][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  305.697769][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  305.705576][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  305.715110][  T517] device bridge_slave_1 left promiscuous mode
[  305.721468][  T517] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.729316][  T517] device bridge_slave_0 left promiscuous mode
[  305.735303][  T517] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.743684][  T517] device veth1_macvtap left promiscuous mode
[  305.749570][  T517] device veth0_vlan left promiscuous mode
[  305.799177][  T665] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  305.816021][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 150, changing to 11
[  305.839090][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 34361, setting to 1024
[  305.857475][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  305.867697][  T665] usb 3-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  305.910047][ T8320] loop1: detected capacity change from 0 to 128
[  305.917617][ T8312] device veth0_vlan entered promiscuous mode
[  305.931519][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  305.941886][ T8312] device veth1_macvtap entered promiscuous mode
[  305.952576][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  305.968420][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  306.049457][  T665] usb 3-1: New USB device found, idVendor=1b3d, idProduct=013c, bcdDevice=c0.ee
[  306.058822][  T665] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.086087][  T665] usb 3-1: Product: syz
[  306.090945][  T665] usb 3-1: Manufacturer: syz
[  306.095516][  T665] usb 3-1: SerialNumber: syz
[  306.106038][  T665] usb 3-1: config 0 descriptor??
[  306.130417][ T1542] lg-g15 0003:046D:C222.003C: unknown main item tag 0x0
[  306.142119][ T1542] lg-g15 0003:046D:C222.003C: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0
[  306.159780][ T8307] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  306.249398][ T4055] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  306.485960][  T665] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  306.493711][  T665] usb 3-1: Detected FT-X
[  306.497795][  T665] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  306.510772][  T526] usb 4-1: USB disconnect, device number 31
[  306.529051][  T665] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  306.559211][  T665] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  306.580195][  T665] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  306.587354][  T665] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  306.597508][  T665] usb 3-1: USB disconnect, device number 28
[  306.617290][  T665] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  306.626927][  T665] ftdi_sio 3-1:0.0: device disconnected
[  306.669067][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.680344][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.690519][ T4055] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  306.703506][ T4055] usb 5-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00
[  306.712583][ T4055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.721895][ T4055] usb 5-1: config 0 descriptor??
[  307.046144][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.053367][   T30] audit: type=1400 audit(1719920806.190:630): avc:  denied  { write } for  pid=8347 comm="syz.2.2743" name="uhid" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  307.053551][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.076636][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.091640][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.098922][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.106391][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.113684][  T526] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  307.121322][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.128600][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.135976][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.143507][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.151002][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.161138][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.168366][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.189003][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.196508][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.204110][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.211040][ T4055] monterey 0003:0566:3004.003E: unbalanced delimiter at end of report description
[  307.212292][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.227834][ T4055] monterey: probe of 0003:0566:3004.003E failed with error -22
[  307.229754][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.248272][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.256083][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.271394][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.283970][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.292882][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.300832][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.308224][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.315870][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.323421][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.331000][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.338347][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.345954][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.353490][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.366516][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.377134][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.384751][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.392250][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.400030][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.407537][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.423219][  T309] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  307.799087][  T665] usb 5-1: USB disconnect, device number 29
[  307.808208][  T309] hid-generic 0000:0000:0000.003D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  307.829053][  T526] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  307.837955][  T526] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.860679][  T526] usb 2-1: config 0 descriptor??
[  308.269008][ T1542] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  308.438980][ T3364] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  308.459057][  T665] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  308.509009][ T1542] usb 3-1: Using ep0 maxpacket: 16
[  308.629109][ T1542] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  308.639479][ T1542] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 150, changing to 11
[  308.650488][ T1542] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 34361, setting to 1024
[  308.661825][ T1542] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  308.671250][ T1542] usb 3-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  308.819345][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.830239][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.839115][ T1542] usb 3-1: New USB device found, idVendor=1b3d, idProduct=013c, bcdDevice=c0.ee
[  308.839886][  T665] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  308.849425][ T1542] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.859507][ T3364] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  308.867637][ T1542] usb 3-1: Product: syz
[  308.876150][  T665] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.880512][ T1542] usb 3-1: Manufacturer: syz
[  308.890792][ T3364] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.895488][ T1542] usb 3-1: SerialNumber: syz
[  308.903088][  T665] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.908717][ T1542] usb 3-1: config 0 descriptor??
[  308.917891][  T665] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  308.934872][ T3364] usb 1-1: config 0 descriptor??
[  308.939112][ T8374] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  308.959822][ T1542] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  308.967764][ T1542] usb 3-1: Detected FT-X
[  308.977086][ T1542] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  308.988481][  T569] Bluetooth: hci0: Frame reassembly failed (-84)
[  309.039083][  T526] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  309.048888][  T665] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  309.057867][  T665] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  309.066097][  T526] asix: probe of 2-1:0.0 failed with error -71
[  309.072907][  T526] usb 2-1: USB disconnect, device number 22
[  309.079200][  T665] usb 4-1: Manufacturer: syz
[  309.084294][   T30] audit: type=1326 audit(1719920808.230:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.108882][  T665] usb 4-1: config 0 descriptor??
[  309.115601][   T30] audit: type=1326 audit(1719920808.230:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.139771][   T30] audit: type=1326 audit(1719920808.250:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.163275][   T30] audit: type=1326 audit(1719920808.260:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.187215][   T30] audit: type=1326 audit(1719920808.260:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.187566][ T1542] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  309.210949][   T30] audit: type=1326 audit(1719920808.260:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.242156][ T1542] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  309.249167][   T30] audit: type=1326 audit(1719920808.260:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8384 comm="syz.4.2757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04fa4dbf19 code=0x7ffc0000
[  309.272489][ T1542] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  309.279809][ T1542] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  309.298593][ T1542] usb 3-1: USB disconnect, device number 29
[  309.312140][ T1542] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  309.321917][ T1542] ftdi_sio 3-1:0.0: device disconnected
[  309.490184][ T3364] lg-g15 0003:046D:C222.003F: unknown main item tag 0x0
[  309.845145][  T665] appleir 0003:05AC:8243.0040: unknown main item tag 0x0
[  309.852464][  T665] appleir 0003:05AC:8243.0040: No inputs registered, leaving
[  309.868778][ T3364] lg-g15 0003:046D:C222.003F: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  309.880515][  T665] appleir 0003:05AC:8243.0040: hiddev96,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  309.893123][ T3364] usb 1-1: USB disconnect, device number 35
[  309.999462][ T8405] overlayfs: missing 'lowerdir'
[  310.949387][ T8431] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8431 comm=syz.1.2774
[  311.017959][ T8443] loop1: detected capacity change from 0 to 128
[  311.118998][  T526] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  311.377179][   T30] audit: type=1400 audit(1719920810.520:638): avc:  denied  { getopt } for  pid=8449 comm="syz.2.2780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  311.415024][   T30] audit: type=1400 audit(1719920810.550:639): avc:  denied  { ioctl } for  pid=8449 comm="syz.2.2780" path="socket:[52098]" dev="sockfs" ino=52098 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  311.729782][  T526] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.749137][  T526] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.758727][  T526] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  311.778078][  T526] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.795507][  T526] usb 5-1: config 0 descriptor??
[  311.868385][ T8466] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8466 comm=syz.3.2787
[  311.965670][ T3364] usb 4-1: USB disconnect, device number 32
[  312.949001][   T30] audit: type=1400 audit(1719920812.080:640): avc:  denied  { setattr } for  pid=8496 comm="syz.0.2797" name="file0" dev="9p" ino=7016996764471618667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  312.982899][ T8500] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8500 comm=syz.1.2798
[  313.459046][   T39] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  313.585245][ T8527] loop2: detected capacity change from 0 to 512
[  313.698986][   T39] usb 2-1: Using ep0 maxpacket: 16
[  313.761285][ T8527] EXT4-fs (loop2): 1 orphan inode deleted
[  313.767387][ T8527] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,errors=continue,. Quota mode: writeback.
[  313.790002][ T8527] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038 (0x7fffffff)
[  313.849686][   T39] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  313.889872][   T39] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  313.916714][   T39] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  313.921521][ T8527] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz.2.2810: Invalid inode table block 1638725719 in block_group 0
[  313.947947][ T8039] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  313.961821][ T8039] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  314.000991][ T8039] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor: Invalid inode table block 1638725719 in block_group 0
[  314.014510][  T665] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  314.014771][ T8039] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  314.031632][ T8039] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error
[  314.043337][  T372] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm kworker/u4:3: Invalid inode table block 1638725719 in block_group 0
[  314.057364][  T372] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm kworker/u4:3: Invalid inode table block 1638725719 in block_group 0
[  314.089066][   T39] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  314.097954][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.105949][   T39] usb 2-1: Product: syz
[  314.110215][   T39] usb 2-1: Manufacturer: syz
[  314.118779][   T39] usb 2-1: SerialNumber: syz
[  314.187300][ T8537] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.194332][ T8537] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.202258][ T8537] device bridge_slave_0 entered promiscuous mode
[  314.211414][ T8537] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.218498][ T8537] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.225792][ T8537] device bridge_slave_1 entered promiscuous mode
[  314.279017][  T665] usb 1-1: Using ep0 maxpacket: 32
[  314.283407][ T8537] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.290986][ T8537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.298105][ T8537] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.304971][ T8537] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.332285][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  314.341676][ T3364] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.349016][ T3364] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.367058][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  314.375174][ T3364] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.382077][ T3364] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.403970][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  314.413602][ T3364] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.420500][ T3364] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.452551][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  314.460379][  T526] usbhid 5-1:0.0: can't add hid device: -71
[  314.466345][  T526] usbhid: probe of 5-1:0.0 failed with error -71
[  314.473129][  T665] usb 1-1: unable to get BOS descriptor or descriptor too short
[  314.489916][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.499171][   T39] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[  314.501808][  T526] usb 5-1: USB disconnect, device number 30
[  314.507262][   T39] usb 2-1: 2:1 : invalid channels 0
[  314.532370][ T8537] device veth0_vlan entered promiscuous mode
[  314.556484][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  314.569097][  T665] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  314.569867][   T39] usb 2-1: USB disconnect, device number 23
[  314.590214][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  314.592854][  T665] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  314.602947][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  314.616745][ T2922] udevd[2922]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  314.623081][  T665] usb 1-1: config 1 interface 1 has no altsetting 0
[  314.638267][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  314.669906][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  314.681023][ T8537] device veth1_macvtap entered promiscuous mode
[  314.695148][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  314.709219][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  314.738321][  T569] device bridge_slave_1 left promiscuous mode
[  314.745189][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.757147][  T569] device bridge_slave_0 left promiscuous mode
[  314.763433][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.780176][  T569] device veth1_macvtap left promiscuous mode
[  314.789254][  T569] device veth0_vlan left promiscuous mode
[  314.820455][  T665] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  314.857441][  T665] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.866349][  T665] usb 1-1: Product: syz
[  314.870479][  T665] usb 1-1: Manufacturer: syz
[  314.874985][  T665] usb 1-1: SerialNumber: syz
[  315.129128][ T4055] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  315.720066][  T665] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  315.731003][  T665] usb 1-1: 2:1 : format type 0 is not supported yet
[  315.760745][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  315.771871][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.794615][ T4055] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  315.831034][ T4055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.833999][  T665] usb 1-1: USB disconnect, device number 36
[  315.852584][ T2922] udevd[2922]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  315.877728][ T4055] usb 5-1: config 0 descriptor??
[  315.889091][  T309] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  316.167824][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  316.167842][   T30] audit: type=1400 audit(1719920815.310:656): avc:  denied  { map } for  pid=8599 comm="syz.0.2839" path="/dev/ashmem" dev="devtmpfs" ino=173 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  316.309126][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  316.534884][  T309] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  316.547904][  T309] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  316.557057][  T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.565676][  T309] usb 2-1: config 0 descriptor??
[  316.598986][  T665] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  316.702086][ T8613] loop2: detected capacity change from 0 to 512
[  316.715828][ T8613] EXT4-fs error (device loop2): __ext4_iget:4892: inode #11: block 1: comm syz.2.2844: invalid block
[  316.727162][ T8613] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2844: couldn't read orphan inode 11 (err -117)
[  316.742492][ T8613] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue. Quota mode: writeback.
[  316.839120][  T665] usb 4-1: Using ep0 maxpacket: 16
[  317.227201][  T309] plantronics 0003:047F:FFFF.0041: unknown main item tag 0x0
[  317.239749][  T309] plantronics 0003:047F:FFFF.0041: No inputs registered, leaving
[  317.249481][  T309] plantronics 0003:047F:FFFF.0041: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  317.274600][  T309] usb 2-1: USB disconnect, device number 24
[  317.319144][  T665] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  317.330651][  T665] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  317.340170][  T665] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  317.529073][  T665] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  317.538011][  T665] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.551693][  T665] usb 4-1: Product: syz
[  317.556081][  T665] usb 4-1: Manufacturer: syz
[  317.560721][  T665] usb 4-1: SerialNumber: syz
[  317.769458][ T1542] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  317.889060][  T665] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  317.896301][  T665] usb 4-1: 2:1 : invalid channels 0
[  317.901548][  T309] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  317.935603][  T665] usb 4-1: USB disconnect, device number 33
[  317.944296][ T2922] udevd[2922]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  318.018996][ T1542] usb 1-1: Using ep0 maxpacket: 32
[  318.158999][  T309] usb 3-1: Using ep0 maxpacket: 16
[  318.179033][ T1542] usb 1-1: unable to get BOS descriptor or descriptor too short
[  318.259246][ T4055] usbhid 5-1:0.0: can't add hid device: -71
[  318.265222][ T1542] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  318.275668][ T4055] usbhid: probe of 5-1:0.0 failed with error -71
[  318.282298][ T1542] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  318.294575][ T4055] usb 5-1: USB disconnect, device number 31
[  318.307416][ T1542] usb 1-1: config 1 interface 1 has no altsetting 0
[  318.319037][  T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.334473][  T309] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  318.347489][  T309] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  318.356620][  T309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.393308][  T309] usb 3-1: config 0 descriptor??
[  318.768695][ T1542] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  318.777808][ T1542] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.786066][ T1542] usb 1-1: Product: syz
[  318.790269][ T1542] usb 1-1: Manufacturer: syz
[  318.794708][ T1542] usb 1-1: SerialNumber: syz
[  318.909016][  T665] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  318.974791][  T309] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0042/input/input36
[  319.050404][  T309] microsoft 0003:045E:07DA.0042: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  319.159225][  T320] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  319.169193][ T1542] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  319.184610][ T1542] usb 1-1: 2:1 : format type 0 is not supported yet
[  319.211796][ T1542] usb 1-1: USB disconnect, device number 37
[  319.222127][ T2922] udevd[2922]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  319.289103][  T665] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.299951][  T665] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  319.312954][  T665] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  319.322020][  T665] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.330458][  T665] usb 4-1: config 0 descriptor??
[  319.413930][  T526] usb 3-1: USB disconnect, device number 30
[  319.419743][  T320] usb 2-1: Using ep0 maxpacket: 16
[  319.549215][  T320] usb 2-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=20.64
[  319.564075][  T320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.577613][  T320] usb 2-1: config 0 descriptor??
[  319.810011][  T665] plantronics 0003:047F:FFFF.0043: unknown main item tag 0x0
[  319.817532][  T665] plantronics 0003:047F:FFFF.0043: No inputs registered, leaving
[  319.826366][  T665] plantronics 0003:047F:FFFF.0043: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  319.831401][ T1542] usb 2-1: USB disconnect, device number 25
[  319.844328][  T291] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  320.099472][ T1542] usb 4-1: USB disconnect, device number 34
[  320.249217][  T291] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  320.258126][  T291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.266769][  T291] usb 1-1: config 0 descriptor??
[  320.728993][  T665] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  320.858982][  T526] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  320.979194][  T665] usb 5-1: Using ep0 maxpacket: 16
[  321.401356][  T665] usb 5-1: config 1 interface 0 altsetting 254 bulk endpoint 0x1 has invalid maxpacket 1023
[  321.412639][  T665] usb 5-1: config 1 interface 0 altsetting 254 bulk endpoint 0x82 has invalid maxpacket 64
[  321.422959][  T665] usb 5-1: config 1 interface 0 altsetting 254 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  321.436493][  T665] usb 5-1: config 1 interface 0 has no altsetting 0
[  321.489087][  T526] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  321.524082][  T526] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.534869][  T526] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.544823][  T526] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  321.879114][  T665] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  321.888308][  T526] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  321.899505][  T526] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  321.907549][  T665] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.915483][  T526] usb 2-1: Manufacturer: syz
[  321.920011][  T665] usb 5-1: Product: syz
[  321.923994][  T665] usb 5-1: Manufacturer: syz
[  321.929181][  T291] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  321.929596][  T526] usb 2-1: config 0 descriptor??
[  321.944275][  T665] usb 5-1: SerialNumber: syz
[  321.947362][  T291] asix: probe of 1-1:0.0 failed with error -71
[  321.966173][  T291] usb 1-1: USB disconnect, device number 38
[  321.969170][ T8687] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  321.978910][ T8687] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  322.191687][ T8687] UDC core: couldn't find an available UDC or it's busy: -16
[  322.199493][ T8687] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  322.209846][  T665] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 254 proto 2 vid 0x0525 pid 0xA4A8
[  322.225224][  T665] usb 5-1: USB disconnect, device number 32
[  322.237550][  T665] usblp0: removed
[  322.473853][  T526] appleir 0003:05AC:8243.0044: unknown main item tag 0x0
[  322.487453][  T526] appleir 0003:05AC:8243.0044: No inputs registered, leaving
[  322.504628][  T526] appleir 0003:05AC:8243.0044: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  322.538726][   T30] audit: type=1326 audit(1719920821.670:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8750 comm="syz.0.2896" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80220ddf19 code=0x0
[  322.901566][ T8771] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2904'.
[  323.411506][  T291] usb 2-1: USB disconnect, device number 26
[  323.483736][   T30] audit: type=1400 audit(1719920822.630:658): avc:  denied  { mounton } for  pid=8783 comm="syz.3.2908" path=2F35342FE91F7189591E9233614B dev="tmpfs" ino=304 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  323.578984][  T665] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  323.708997][  T526] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  323.819215][ T8792] loop4: detected capacity change from 0 to 512
[  323.891721][ T8792] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.2912: invalid block
[  323.902696][ T8792] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2912: couldn't read orphan inode 11 (err -117)
[  323.914521][ T8792] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue. Quota mode: writeback.
[  323.949132][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.960057][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.969682][  T665] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  323.978594][  T665] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.006013][  T665] usb 3-1: config 0 descriptor??
[  324.019154][  T291] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  324.048368][ T8799] loop1: detected capacity change from 0 to 512
[  324.099113][  T526] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  324.139692][ T8799] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  324.148566][ T8799] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  324.167355][ T8799] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  324.177163][ T8799] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  324.187547][ T8799] System zones: 0-2, 18-18, 34-34
[  324.198227][ T8799] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  324.216745][ T8799] EXT4-fs (loop1): 1 truncate cleaned up
[  324.223915][ T8799] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  324.278995][  T291] usb 4-1: Using ep0 maxpacket: 16
[  324.279047][  T526] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  324.297190][  T526] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.305391][  T526] usb 1-1: Product: syz
[  324.309581][  T526] usb 1-1: Manufacturer: syz
[  324.317508][  T526] usb 1-1: SerialNumber: syz
[  324.363154][ T8803] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2915'.
[  324.372526][  T526] usb 1-1: bad CDC descriptors
[  324.410219][ T8806] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  324.417161][ T8806] overlayfs: failed to set xattr on upper
[  324.422893][  T291] usb 4-1: config 1 interface 0 altsetting 254 bulk endpoint 0x1 has invalid maxpacket 1023
[  324.432923][  T291] usb 4-1: config 1 interface 0 altsetting 254 bulk endpoint 0x82 has invalid maxpacket 64
[  324.443028][  T291] usb 4-1: config 1 interface 0 altsetting 254 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  324.455982][  T291] usb 4-1: config 1 interface 0 has no altsetting 0
[  324.582150][ T1542] usb 1-1: USB disconnect, device number 39
[  325.049537][  T291] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  325.087477][  T291] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.135442][  T291] usb 4-1: Product: syz
[  325.156083][  T291] usb 4-1: Manufacturer: syz
[  325.177892][  T291] usb 4-1: SerialNumber: syz
[  325.229386][ T8788] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  325.249379][ T8788] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  325.385889][   T30] audit: type=1326 audit(1719920824.530:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8815 comm="syz.1.2919" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x0
[  325.471132][ T8788] UDC core: couldn't find an available UDC or it's busy: -16
[  325.508787][  T291] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 35 if 0 alt 254 proto 2 vid 0x0525 pid 0xA4A8
[  325.523533][ T8788] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  325.541501][  T291] usb 4-1: USB disconnect, device number 35
[  325.559542][  T291] usblp0: removed
[  325.663511][ T8833] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2926'.
[  325.869021][ T4055] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  325.908464][ T8851] loop0: detected capacity change from 0 to 128
[  326.049097][  T665] usbhid 3-1:0.0: can't add hid device: -71
[  326.056591][  T665] usbhid: probe of 3-1:0.0 failed with error -71
[  326.070145][  T665] usb 3-1: USB disconnect, device number 31
[  326.130014][ T8858] loop3: detected capacity change from 0 to 512
[  326.166039][ T8858] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.175439][ T8858] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  326.223611][ T8865] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2935'.
[  326.256316][ T8865] Zero length message leads to an empty skb
[  326.369326][ T4055] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  326.405153][ T8858] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  326.429253][ T8858] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  326.438858][ T8858] System zones: 0-2
[  326.439139][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.453670][ T8858] , 18-18, 34-34
[  326.458374][ T8858] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  326.472699][ T4055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  326.482629][ T4055] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  326.509912][ T8858] EXT4-fs (loop3): 1 truncate cleaned up
[  326.524797][ T8858] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  326.579103][ T4055] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  326.591080][ T4055] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  326.600681][ T4055] usb 5-1: Manufacturer: syz
[  326.660902][ T4055] usb 5-1: config 0 descriptor??
[  327.000740][  T291] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  327.069001][ T3364] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  327.129856][ T4055] appleir 0003:05AC:8243.0045: unknown main item tag 0x0
[  327.136879][ T4055] appleir 0003:05AC:8243.0045: No inputs registered, leaving
[  327.145683][ T4055] appleir 0003:05AC:8243.0045: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  327.429062][  T291] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  327.429102][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  327.439407][  T291] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  327.450311][ T3364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  327.462107][  T291] usb 4-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  327.471520][ T3364] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  327.480542][  T291] usb 4-1: config 0 interface 0 has no altsetting 0
[  327.489436][ T3364] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.495976][  T291] usb 4-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  327.506566][ T3364] usb 1-1: config 0 descriptor??
[  327.515623][  T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.526246][  T291] usb 4-1: config 0 descriptor??
[  327.921232][ T1539] usb 5-1: USB disconnect, device number 33
[  328.074760][  T291] zeroplus 0003:0C12:0005.0046: unknown main item tag 0x0
[  328.082304][  T291] zeroplus 0003:0C12:0005.0046: unknown main item tag 0x0
[  328.089573][  T291] zeroplus 0003:0C12:0005.0046: unknown main item tag 0x0
[  328.096817][  T291] zeroplus 0003:0C12:0005.0046: unknown main item tag 0x0
[  328.103904][  T291] zeroplus 0003:0C12:0005.0046: unknown main item tag 0x0
[  328.114749][  T291] zeroplus 0003:0C12:0005.0046: hidraw0: USB HID v0.00 Device [HID 0c12:0005] on usb-dummy_hcd.3-1/input0
[  328.126015][  T291] zeroplus 0003:0C12:0005.0046: no inputs found
[  328.368895][ T1539] usb 4-1: USB disconnect, device number 36
[  329.110065][ T8969] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  329.430108][ T8998] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  329.698582][ T9020] loop2: detected capacity change from 0 to 256
[  329.839663][ T3364] usbhid 1-1:0.0: can't add hid device: -71
[  329.847969][ T3364] usbhid: probe of 1-1:0.0 failed with error -71
[  329.875795][ T9025] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  329.902932][ T3364] usb 1-1: USB disconnect, device number 40
[  331.133489][ T9052] loop2: detected capacity change from 0 to 128
[  331.144220][ T9054] loop1: detected capacity change from 0 to 512
[  331.232002][ T9054] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz.1.3018: invalid block
[  331.263437][ T9054] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.3018: couldn't read orphan inode 11 (err -117)
[  331.369296][   T30] audit: type=1400 audit(1719920830.490:660): avc:  denied  { execute } for  pid=9049 comm="syz.0.3017" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  331.399767][ T9054] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue. Quota mode: writeback.
[  331.435714][ T9060] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  331.805173][ T9070] overlayfs: filesystem on './file1' not supported
[  333.218603][ T9100] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  333.509149][   T26] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  333.679569][ T9111] input: syz1 as /devices/virtual/input/input38
[  333.701468][ T9113] loop4: detected capacity change from 0 to 128
[  333.718991][ T3364] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  334.032012][ T9123] overlayfs: filesystem on './file1' not supported
[  334.194474][   T26] usb 1-1: Using ep0 maxpacket: 8
[  334.222247][ T3364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.233759][ T3364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.243823][ T3364] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  334.256504][ T3364] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  334.265389][ T3364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.279012][ T3364] usb 4-1: config 0 descriptor??
[  334.296805][ T9130] loop2: detected capacity change from 0 to 128
[  334.369081][   T26] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  334.380090][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  334.390978][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.400461][   T26] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  334.413281][   T26] usb 1-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00
[  334.422077][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.430780][   T26] usb 1-1: config 0 descriptor??
[  334.947314][   T26] wacom 0003:056A:00E6.0047: unknown main item tag 0x0
[  334.954586][   T26] wacom 0003:056A:00E6.0047: unknown main item tag 0x0
[  334.963839][   T26] wacom 0003:056A:00E6.0047: unknown main item tag 0x0
[  334.971928][   T26] wacom 0003:056A:00E6.0047: unknown main item tag 0x0
[  335.058095][   T26] wacom 0003:056A:00E6.0047: unknown main item tag 0x0
[  335.205281][ T8537] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000074f)
[  335.244766][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.252482][ T8537] FAT-fs (loop2): Filesystem has been set read-only
[  335.261610][ T8537] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000074f)
[  335.266862][   T26] wacom 0003:056A:00E6.0047: item fetching failed at offset 6/7
[  335.276883][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.277206][   T26] wacom 0003:056A:00E6.0047: parse failed
[  335.289680][   T26] wacom: probe of 0003:056A:00E6.0047 failed with error -22
[  335.291602][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.302887][   T26] usb 1-1: USB disconnect, device number 41
[  335.319200][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.326244][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.333477][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.340672][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.355735][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.363040][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.370342][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.377392][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.392471][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.406446][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.415297][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.422625][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.431026][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.438382][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.445781][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.452931][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.460133][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.467085][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.474342][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.481649][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.488734][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.496471][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.504595][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.512679][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.520718][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.527923][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.536389][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.544270][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.611961][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.621944][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.629475][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.813597][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.821285][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.828249][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.835487][ T3364] logitech 0003:046D:C623.0048: unknown main item tag 0x0
[  335.844194][ T3364] logitech 0003:046D:C623.0048: hidraw0: USB HID v0.00 Device [HID 046d:c623] on usb-dummy_hcd.3-1/input0
[  335.857340][ T9157] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.861976][ T3364] usb 4-1: USB disconnect, device number 37
[  335.864413][ T9157] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.877506][ T9157] device bridge_slave_0 entered promiscuous mode
[  335.885280][ T9157] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.892389][ T9157] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.899800][ T9157] device bridge_slave_1 entered promiscuous mode
[  335.934082][ T9164] input: syz1 as /devices/virtual/input/input39
[  336.083822][ T1542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  336.091469][ T1542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  336.127354][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  336.138033][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  336.148240][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.155139][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.376563][ T9179] loop4: detected capacity change from 0 to 128
[  336.376926][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  336.390997][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  336.399004][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.405974][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.437220][   T30] audit: type=1326 audit(1719920835.580:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9180 comm="syz.1.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  336.460576][ T1542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  336.461642][   T30] audit: type=1326 audit(1719920835.610:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9180 comm="syz.1.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  336.498291][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  336.506755][   T30] audit: type=1326 audit(1719920835.610:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9180 comm="syz.1.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  336.533947][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  336.553024][   T30] audit: type=1326 audit(1719920835.610:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9180 comm="syz.1.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  336.657680][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  336.672802][ T9157] device veth0_vlan entered promiscuous mode
[  336.679644][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  336.687622][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  336.696021][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  336.714837][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  337.058146][ T9157] device veth1_macvtap entered promiscuous mode
[  337.087687][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  337.101162][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  337.118238][ T9198] input: syz1 as /devices/virtual/input/input40
[  337.141501][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  337.154907][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  337.199068][ T4055] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  337.323964][ T8312] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000074f)
[  337.332943][ T8312] FAT-fs (loop4): Filesystem has been set read-only
[  337.340324][ T8312] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000074f)
[  337.419068][ T1542] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  337.689018][ T1542] usb 4-1: Using ep0 maxpacket: 8
[  337.693970][ T4055] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.705314][ T4055] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.715098][ T4055] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  337.727852][ T4055] usb 2-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  337.736798][ T4055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.738374][ T9204] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  337.762751][ T4055] usb 2-1: config 0 descriptor??
[  337.839671][  T569] device bridge_slave_1 left promiscuous mode
[  337.845822][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.853828][  T569] device bridge_slave_0 left promiscuous mode
[  337.860014][ T1542] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  337.873655][ T1542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.886776][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.895171][  T569] device veth1_macvtap left promiscuous mode
[  337.901112][  T569] device veth0_vlan left promiscuous mode
[  337.903761][ T1542] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.955696][ T1542] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  337.971981][ T1542] usb 4-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00
[  337.981154][ T1542] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.995252][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  338.000886][ T1542] usb 4-1: config 0 descriptor??
[  338.052971][ T9218] ------------[ cut here ]------------
[  338.058316][ T9218] trace type BPF program uses run-time allocation
[  338.065725][ T9218] WARNING: CPU: 1 PID: 9218 at kernel/bpf/verifier.c:11656 check_map_prog_compatibility+0x6f1/0x890
[  338.076727][ T9218] Modules linked in:
[  338.080815][ T9218] CPU: 1 PID: 9218 Comm: syz.2.3078 Not tainted 5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  338.090743][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  338.100834][ T9218] RIP: 0010:check_map_prog_compatibility+0x6f1/0x890
[  338.107726][ T9218] Code: db e9 f9 fc ff ff e8 fe 39 ed ff 31 db e9 ed fc ff ff e8 f2 39 ed ff c6 05 7d 7e 80 05 01 48 c7 c7 e0 c1 67 85 e8 cf 7a be ff <0f> 0b e9 5a fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 84 f9 ff
[  338.130050][ T9218] RSP: 0018:ffffc90000c07348 EFLAGS: 00010246
[  338.135990][ T9218] RAX: f76f8e364ee0e500 RBX: 0000000000000001 RCX: 0000000000040000
[  338.144813][ T9218] RDX: ffffc90001600000 RSI: 00000000000009ac RDI: 00000000000009ad
[  338.152710][ T9218] RBP: ffffc90000c07390 R08: ffffffff81576265 R09: ffffed103ee265e8
[  338.160685][ T9218] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011
[  338.170577][ T9218] R13: ffff88811a7de800 R14: ffffc900000ed000 R15: dffffc0000000000
[  338.178821][ T9218] FS:  00007f5d654056c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  338.188790][ T9218] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  338.198712][ T9218] CR2: 000000110c2fb81f CR3: 0000000121f10000 CR4: 00000000003506a0
[  338.206786][ T9218] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  338.214812][ T9218] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  338.223020][ T9218] Call Trace:
[  338.226189][ T9218]  <TASK>
[  338.228905][ T9218]  ? show_regs+0x58/0x60
[  338.233526][ T9218]  ? __warn+0x160/0x2f0
[  338.237590][ T9218]  ? check_map_prog_compatibility+0x6f1/0x890
[  338.243576][ T9218]  ? report_bug+0x3d9/0x5b0
[  338.247973][ T9218]  ? check_map_prog_compatibility+0x6f1/0x890
[  338.253974][ T9218]  ? handle_bug+0x41/0x70
[  338.258320][ T9218]  ? exc_invalid_op+0x1b/0x50
[  338.262901][ T9218]  ? asm_exc_invalid_op+0x1b/0x20
[  338.268690][ T9218]  ? __wake_up_klogd+0xd5/0x110
[  338.273523][ T9218]  ? check_map_prog_compatibility+0x6f1/0x890
[  338.277466][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.283059][ T9218]  ? check_map_prog_compatibility+0x6f1/0x890
[  338.287798][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.299657][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.306621][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.314195][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.321322][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.321767][ T9218]  resolve_pseudo_ldimm64+0x671/0x1240
[  338.328306][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.333872][ T9218]  ? check_attach_btf_id+0xef0/0xef0
[  338.340790][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.346408][ T9218]  ? __mark_reg_known+0x1b0/0x1b0
[  338.352854][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.357672][ T9218]  ? security_capable+0x87/0xb0
[  338.365476][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.369539][ T9218]  bpf_check+0x3174/0x12bf0
[  338.376125][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.413949][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.566074][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.574770][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.584190][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.591496][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.598685][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.607852][ T9218]  ? 0xffffffffa0014000
[  338.651604][ T9218]  ? is_bpf_text_address+0x172/0x190
[  338.680801][ T9218]  ? stack_trace_save+0x1c0/0x1c0
[  338.685775][ T9218]  ? __kernel_text_address+0x9b/0x110
[  338.691071][ T9218]  ? unwind_get_return_address+0x4d/0x90
[  338.696446][ T9218]  ? bpf_get_btf_vmlinux+0x60/0x60
[  338.705077][ T9218]  ? arch_stack_walk+0xf3/0x140
[  338.707128][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.710016][ T9218]  ? stack_trace_save+0x113/0x1c0
[  338.718268][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.722719][ T9218]  ? stack_trace_snprint+0xf0/0xf0
[  338.729530][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.733805][ T9218]  ? stack_trace_snprint+0xf0/0xf0
[  338.745903][ T9218]  ? __stack_depot_save+0x34/0x470
[  338.747793][ T1542] wacom 0003:056A:00E6.004A: unknown main item tag 0x0
[  338.750988][ T9218]  ? ____kasan_kmalloc+0xed/0x110
[  338.761603][ T1542] wacom 0003:056A:00E6.004A: unknown main item tag 0x0
[  338.762870][ T9218]  ? ____kasan_kmalloc+0xdb/0x110
[  338.769844][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.774397][ T9218]  ? __kasan_kmalloc+0x9/0x10
[  338.781671][ T1542] wacom 0003:056A:00E6.004A: unknown main item tag 0x0
[  338.786258][ T9218]  ? kmem_cache_alloc_trace+0x115/0x210
[  338.792460][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.798814][ T9210] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.805083][ T1542] wacom 0003:056A:00E6.004A: unknown main item tag 0x0
[  338.811937][ T9218]  ? selinux_bpf_prog_alloc+0x51/0x140
[  338.818474][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.824228][ T9210] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.830895][ T1542] wacom 0003:056A:00E6.004A: unknown main item tag 0x0
[  338.838240][ T9218]  ? security_bpf_prog_alloc+0x62/0x90
[  338.844465][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.850375][ T9210] device bridge_slave_0 entered promiscuous mode
[  338.856829][ T1542] wacom 0003:056A:00E6.004A: item fetching failed at offset 6/7
[  338.863123][ T9218]  ? bpf_prog_load+0x9ee/0x1b50
[  338.870255][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.879276][ T9210] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.881959][ T1542] wacom 0003:056A:00E6.004A: parse failed
[  338.894195][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.894499][ T9210] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.901203][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.901229][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.901252][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.917113][ T9210] device bridge_slave_1 entered promiscuous mode
[  338.923306][ T1542] wacom: probe of 0003:056A:00E6.004A failed with error -22
[  338.930459][ T9218]  ? __sys_bpf+0x4bc/0x760
[  338.942415][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.954742][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.961814][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.968801][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.976898][ T9218]  ? __x64_sys_bpf+0x7c/0x90
[  338.985651][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  338.989462][ T9218]  ? do_syscall_64+0x3d/0xb0
[  339.000074][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  339.001800][ T9218]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  339.012472][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  339.014130][ T9218]  ? __kasan_kmalloc+0x9/0x10
[  339.026691][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  339.029951][ T9218]  ? memset+0x35/0x40
[  339.055239][ T9218]  ? bpf_obj_name_cpy+0x196/0x1e0
[  339.069426][ T9218]  bpf_prog_load+0x12ac/0x1b50
[  339.079144][ T9218]  ? map_freeze+0x370/0x370
[  339.083507][ T9218]  ? selinux_bpf+0xcb/0x100
[  339.096062][ T9218]  ? security_bpf+0x82/0xb0
[  339.104239][ T4055] logitech 0003:046D:C623.0049: unknown main item tag 0x0
[  339.110369][ T9218]  __sys_bpf+0x4bc/0x760
[  339.115429][   T26] usb 4-1: USB disconnect, device number 38
[  339.116257][ T9218]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  339.121545][ T4055] logitech 0003:046D:C623.0049: hidraw0: USB HID v0.00 Device [HID 046d:c623] on usb-dummy_hcd.1-1/input0
[  339.130650][ T9218]  ? __kasan_check_read+0x11/0x20
[  339.140754][ T4055] usb 2-1: USB disconnect, device number 27
[  339.150902][ T9218]  __x64_sys_bpf+0x7c/0x90
[  339.155189][ T9218]  do_syscall_64+0x3d/0xb0
[  339.162499][ T9218]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  339.169394][ T9218] RIP: 0033:0x7f5d66183f19
[  339.178271][ T9218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.198341][ T9218] RSP: 002b:00007f5d65405048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  339.217894][ T9218] RAX: ffffffffffffffda RBX: 00007f5d66311f60 RCX: 00007f5d66183f19
[  339.230255][ T9218] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  339.238802][ T9218] RBP: 00007f5d661f2bcd R08: 0000000000000000 R09: 0000000000000000
[  339.246795][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  339.255595][ T9218] R13: 000000000000000b R14: 00007f5d66311f60 R15: 00007ffe37278338
[  339.259745][ T9234] loop0: detected capacity change from 0 to 128
[  339.279423][ T9218]  </TASK>
[  339.282282][ T9218] ---[ end trace 011b48fd123f829e ]---
[  339.301144][   T30] audit: type=1326 audit(1719920838.450:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9237 comm="syz.1.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  339.325977][   T30] audit: type=1326 audit(1719920838.470:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9237 comm="syz.1.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  339.364074][   T30] audit: type=1326 audit(1719920838.470:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9237 comm="syz.1.3084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce32f34f19 code=0x7ffc0000
[  339.366529][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  339.395658][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  339.493196][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  339.501492][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  339.509626][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.516480][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.524310][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  339.532729][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  339.542679][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.549553][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.698711][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  339.724482][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  339.846995][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  339.860272][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  339.870735][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  340.156918][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  340.165464][  T291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  340.182431][ T9242] loop1: detected capacity change from 0 to 32768
[  340.183847][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  340.196786][  T665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  340.205193][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  340.212686][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  340.279860][ T9210] device veth0_vlan entered promiscuous mode
[  340.335189][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  340.344308][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  340.358318][ T9210] device veth1_macvtap entered promiscuous mode
[  340.403951][ T8254] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000074f)
[  340.439814][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  340.448064][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  340.460742][ T8254] FAT-fs (loop0): Filesystem has been set read-only
[  340.467294][ T8254] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000074f)
[  340.475459][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  340.485326][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  340.938757][  T569] device bridge_slave_1 left promiscuous mode
[  340.949044][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.969762][  T569] device bridge_slave_0 left promiscuous mode
[  340.977369][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.033879][  T569] device veth1_macvtap left promiscuous mode
[  341.218046][  T569] device veth0_vlan left promiscuous mode
[  341.535111][ T9300] loop4: detected capacity change from 0 to 256
[  341.616039][ T9294] loop3: detected capacity change from 0 to 1024
[  341.622517][  T665] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  341.646483][ T9294] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  341.656639][ T9294] EXT4-fs (loop3): orphan cleanup on readonly fs
[  341.664098][ T9294] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz.3.3103: Invalid inode table block 0 in block_group 0
[  341.680278][ T9294] EXT4-fs (loop3): Remounting filesystem read-only
[  341.705479][ T9294] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  341.715612][ T9294] EXT4-fs error (device loop3): ext4_quota_write:6570: inode #3: comm syz.3.3103: mark_inode_dirty error
[  341.745387][ T9294] Quota error (device loop3): write_blk: dquota write failed
[  341.754029][ T9294] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  341.769233][ T9294] EXT4-fs (loop3): 1 truncate cleaned up
[  341.793400][ T9294] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x000000000000002c,stripe=0x0000000000000000,grpid,errors=remount-ro,noblock_validity,block_validity,minixdf,noauto_da_alloc,. Quota mode: writeback.
[  341.864912][ T9289] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.099718][ T9289] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.107141][ T9289] device bridge_slave_0 entered promiscuous mode
[  342.129169][ T9289] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.139017][  T665] usb 3-1: Using ep0 maxpacket: 32
[  342.139183][ T9289] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.151830][ T9289] device bridge_slave_1 entered promiscuous mode
[  342.259083][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  342.279129][  T665] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  342.304589][ T9289] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.311483][ T9289] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.318593][ T9289] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.325376][ T9289] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.332966][  T665] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  342.342560][  T665] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.351662][  T665] usb 3-1: config 0 descriptor??
[  342.369036][ T9283] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  342.389690][  T665] hub 3-1:0.0: USB hub found
[  342.396887][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  342.405491][ T3364] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.415248][ T3364] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.460624][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  342.468770][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.475660][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.485394][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  342.539976][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.546952][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.555928][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  342.564239][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  342.586876][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  342.599129][  T665] hub 3-1:0.0: 2 ports detected
[  342.618504][ T9289] device veth0_vlan entered promiscuous mode
[  342.629647][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  342.642106][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  342.669477][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  342.681373][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  342.693842][ T9334] kvm: pic: non byte write
[  342.696499][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  342.717262][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  342.736423][ T9289] device veth1_macvtap entered promiscuous mode
[  342.761657][   T30] audit: type=1400 audit(1719920841.910:668): avc:  denied  { remount } for  pid=9336 comm="syz.4.3120" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  342.785193][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  342.793192][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  342.803291][ T9283] loop2: detected capacity change from 0 to 256
[  342.819523][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  342.838088][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  342.848152][  T526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  342.856557][ T9283] exfat: Deprecated parameter 'utf8'
[  342.873063][ T9283] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  343.419064][  T665] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  343.425250][  T665] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  343.440102][  T569] device bridge_slave_1 left promiscuous mode
[  343.448213][  T569] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.448974][  T526] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  343.464518][  T569] device bridge_slave_0 left promiscuous mode
[  343.479318][  T569] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.487549][  T569] device veth1_macvtap left promiscuous mode
[  343.498127][  T569] device veth0_vlan left promiscuous mode
[  343.559117][  T665] usbhid 3-1:0.0: can't add hid device: -71
[  343.564910][  T665] usbhid: probe of 3-1:0.0 failed with error -71
[  343.599229][  T665] usb 3-1: USB disconnect, device number 32
[  343.699909][  T526] usb 1-1: Using ep0 maxpacket: 8
[  343.707142][ T9354] loop4: detected capacity change from 0 to 512
[  343.809852][ T9354] EXT4-fs (loop4): Ignoring removed oldalloc option
[  343.816664][ T9354] EXT4-fs (loop4): Unrecognized mount option "nog" or missing value
[  343.822271][  T526] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  344.112106][  T526] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.122861][  T526] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.147847][  T526] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  344.160718][  T526] usb 1-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00
[  344.169705][  T526] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.184722][  T526] usb 1-1: config 0 descriptor??
[  344.421543][ T9368] kvm: pic: non byte write
[  344.518255][   T30] audit: type=1326 audit(1719920843.660:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.609065][   T30] audit: type=1326 audit(1719920843.660:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.632872][   T30] audit: type=1326 audit(1719920843.730:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.659188][   T30] audit: type=1326 audit(1719920843.730:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.682596][   T30] audit: type=1326 audit(1719920843.730:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.718494][   T30] audit: type=1326 audit(1719920843.730:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.751155][   T30] audit: type=1326 audit(1719920843.730:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9380 comm="syz.4.3134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31c7c5df19 code=0x7ffc0000
[  344.811075][  T526] wacom 0003:056A:00E6.004B: unknown main item tag 0x0
[  344.817917][  T526] wacom 0003:056A:00E6.004B: unknown main item tag 0x0
[  344.834833][  T526] wacom 0003:056A:00E6.004B: unknown main item tag 0x0
[  344.847074][  T526] wacom 0003:056A:00E6.004B: unknown main item tag 0x0
[  344.864124][  T526] wacom 0003:056A:00E6.004B: unknown main item tag 0x0
[  344.877782][  T526] wacom 0003:056A:00E6.004B: item fetching failed at offset 6/7
[  344.885772][  T526] wacom 0003:056A:00E6.004B: parse failed
[  344.891607][  T526] wacom: probe of 0003:056A:00E6.004B failed with error -22
[  344.974532][ T9408] kvm: pic: non byte write
[  345.019235][ T4055] usb 1-1: USB disconnect, device number 42
[  345.605746][  T320] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  345.613206][ T9412] loop3: detected capacity change from 0 to 1024
[  345.925411][ T9412] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  345.933974][ T9412] EXT4-fs (loop3): orphan cleanup on readonly fs
[  345.941628][ T9412] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz.3.3142: Invalid inode table block 0 in block_group 0
[  345.973279][ T9412] EXT4-fs (loop3): Remounting filesystem read-only
[  345.980146][ T9412] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  346.044292][ T9412] EXT4-fs error (device loop3): ext4_quota_write:6570: inode #3: comm syz.3.3142: mark_inode_dirty error
[  346.076467][ T9412] EXT4-fs (loop3): 1 truncate cleaned up
[  346.097508][ T9412] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x000000000000002c,stripe=0x0000000000000000,grpid,errors=remount-ro,noblock_validity,block_validity,minixdf,noauto_da_alloc,. Quota mode: writeback.
[  346.279237][  T320] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  346.306196][  T320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.333776][  T320] usb 5-1: config 0 descriptor??
[  346.362403][ T6675] ------------[ cut here ]------------
[  346.368034][ T6675] WARNING: CPU: 0 PID: 6675 at fs/inode.c:307 drop_nlink+0xc1/0x110
[  346.380286][ T6675] Modules linked in:
[  346.384055][ T6675] CPU: 0 PID: 6675 Comm: syz-executor Tainted: G        W         5.15.150-syzkaller-00330-g9044d25b8ff5 #0
[  346.396812][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  346.407720][ T6675] RIP: 0010:drop_nlink+0xc1/0x110
[  346.413350][ T6675] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 c7 f8 f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 ff bc ae ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  346.488276][ T6675] RSP: 0018:ffffc90000c27c88 EFLAGS: 00010293
[  346.495077][ T6675] RAX: ffffffff81c17aa1 RBX: 0000000000000000 RCX: ffff88811b0d3b40
[  346.504101][ T6675] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  346.512678][ T6675] RBP: ffffc90000c27cb0 R08: ffffffff81c17a24 R09: 0000000000000003
[  346.521697][ T6675] R10: fffff52000184f80 R11: dffffc0000000001 R12: dffffc0000000000
[  346.561166][ T6675] R13: 1ffff110239c7891 R14: ffff88811ce3c440 R15: ffff88811ce3c488
[  346.575760][ T6675] FS:  0000555555c22500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  346.588306][ T6675] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  346.595072][ T6675] CR2: 0000001b3041bff8 CR3: 00000001075a6000 CR4: 00000000003506b0
[  346.602933][ T6675] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  346.610726][ T6675] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  346.618825][ T6675] Call Trace:
[  346.622071][ T6675]  <TASK>
[  346.625161][ T6675]  ? show_regs+0x58/0x60
[  346.629472][ T6675]  ? __warn+0x160/0x2f0
[  346.633542][ T6675]  ? drop_nlink+0xc1/0x110
[  346.637790][ T6675]  ? report_bug+0x3d9/0x5b0
[  346.642191][ T6675]  ? drop_nlink+0xc1/0x110
[  346.646386][ T6675]  ? handle_bug+0x41/0x70
[  346.650718][ T6675]  ? exc_invalid_op+0x1b/0x50
[  346.655435][ T6675]  ? asm_exc_invalid_op+0x1b/0x20
[  346.660752][ T6675]  ? drop_nlink+0x44/0x110
[  346.665010][ T6675]  ? drop_nlink+0xc1/0x110
[  346.669625][ T6675]  ? drop_nlink+0xc1/0x110
[  346.673963][ T6675]  ? drop_nlink+0xc1/0x110
[  346.678541][ T6675]  shmem_rmdir+0x59/0x90
[  346.682675][ T6675]  vfs_rmdir+0x324/0x470
[  346.686707][ T6675]  incfs_kill_sb+0x113/0x230
[  346.691404][ T6675]  deactivate_locked_super+0xad/0x110
[  346.696676][ T6675]  deactivate_super+0xbe/0xf0
[  346.701310][ T6675]  cleanup_mnt+0x45c/0x510
[  346.705584][ T6675]  __cleanup_mnt+0x19/0x20
[  346.709862][ T6675]  task_work_run+0x129/0x190
[  346.714291][ T6675]  exit_to_user_mode_loop+0xc4/0xe0
[  346.719375][ T6675]  exit_to_user_mode_prepare+0x5a/0xa0
[  346.724706][ T6675]  syscall_exit_to_user_mode+0x26/0x160
[  346.730113][ T6675]  do_syscall_64+0x49/0xb0
[  346.734341][ T6675]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  346.740430][ T6675] RIP: 0033:0x7fce32f36247
[  346.744729][ T6675] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  346.748985][ T1539] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  346.764350][ T6675] RSP: 002b:00007ffdf782a1d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a6
[  346.779950][ T6675] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fce32f36247
[  346.787762][ T6675] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf782a290
[  346.795636][ T6675] RBP: 00007ffdf782a290 R08: 0000000000000000 R09: 0000000000000000
[  346.803409][ T6675] R10: 00000000ffffffff R11: 0000000000000206 R12: 00007ffdf782b360
[  346.812097][ T6675] R13: 00007fce32fa265d R14: 00000000000548dc R15: 0000000000000000
[  346.821387][ T6675]  </TASK>
[  346.824263][ T6675] ---[ end trace 011b48fd123f829f ]---
[  346.830079][ T6675] ==================================================================
[  346.837955][ T6675] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  346.844039][ T6675] Write of size 4 at addr 0000000000000170 by task syz-executor/6675
[  346.851925][ T6675] 
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  346.854099][ T6675] CPU: 0 PID: 6675 Comm: syz-executor Tainted: G        W         5.15.150-sy