last executing test programs:

3.239205511s ago: executing program 1:
fchownat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000050000000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000188, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x3200012, &(0x7f0000000e40)=ANY=[@ANYRES64=0x0, @ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYRES16=0x0, @ANYRES32=0x0], 0xd, 0x2a0, &(0x7f0000000840)="$eJzs3c9qM1UUAPAzSZpGXSSIG0VwQBeuyle3bhrlE8SulAjqQoNtQZJQaCFgBWNXfQKXvoeP4MaNbyC4Fdy1i8rIZGaahKZ/qDGF+vutDnPnnHsyt6SrnPnq9dFg7zCJ0/Pfo9VKorYTO3GRRCdqUfkhGgEAPB0XWRZ/ZQ/JbNRW3w0AsA7F///CY/cCAKzHJ599/lF3d/f5x2nailfbZ+NeEhGjs3GvWO8exDcxjP14Fu24jMiuFPEHH+4+j0aa68Rbo8m4l2eOvvy1rN/9M2Kavx3t6CzP304Lc/mTcW8jXow0ugcbVavteGV5/jtL8qPXjLffnOt/K9rx29dxGMPYizx3lv/9dpq+n/14/t0X+TZ5flKL3ub0vpmsvs5zAQAAAAAAAAAAAAAAAAAAAADgadtK06QY3zOd35NfKufv1C+n61tppbM4n6fIT6pCxXygLMoRPZMsfqrm6zxL0zQrb5zlN+K1hhcLAAAAAAAAAAAAAAAAAAAAQO7425NBfzjcP1pJUE0DqH7W/9A6O3NX3oiTQb9+c8HN++81P20g7/XWm6PRiBU9lruCF/J+Vl55c3a4n0YRVAez0r1efq8oejLop+VS9ZAH/eSuvVrVwf08v9SMf9tYNv2TuMwWz7R11epiVnNFT6P50tKlv7Msu1+dd/8ozqi8kkxHbNxv940yWPoB86B1/Sx+ubngjV8Z9ZV88QAAAAAAAAAAAAAAAAAAANfMfvS7ZPH01tTaf9YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKzZ7P3/VdCKiMUr14JJmXzbPWXQjKPjR/6IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/A/8EwAA//9s0FAH")
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffd2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendfile(r2, r1, 0x0, 0x100000002)

3.193672657s ago: executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mknod(0x0, 0x0, 0x0)
setresgid(0x0, 0x0, 0x0)

3.17468872s ago: executing program 1:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@discard}, {@discard}, {@namecase}, {@errors_remount}, {@discard}, {@discard}, {@dmask={'dmask', 0x3d, 0x5}}, {@discard}, {@fmask={'fmask', 0x3d, 0x7}}]}, 0x5, 0x1520, &(0x7f00000037c0)="$eJzs3AuYjtX6MPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSSVQ5IkSZJTYpIm2ZKQGHJKGpKQHIbkMITkMDFpnM/nY5IkTZKE5JSs75ris9u1v/3f/9237WvP/buu53rX/a5nred+3vs9rOdx+LbL0FpNat/ViIjgX4K/PiQDQCwADASAawAgAIAKcRXisvtzS0z+1w7C/lwPp13pDNiVxPXP2bj+ORvXP2fj+udsXP+cjeufs3H9czauP2M52ebpha/lLedufP8/J+Pf//8iWWXHfrm27PVd/4khXP+cjev/Xyv4n+zE9c/ZuP45G9c/Z+P65wS5/m4P1z9n4/ozlpNd6fvPf7PFwJXP4Zct139ADv+O7Uq//xhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qxn/GUKAC61r3RejDHGGGOMMcYY+/P4XFc6A8YYY4wxxhhjjP3/hyBAgoIAYiAXxEJuyAMCAK6GfHANROBaiIPrID9cDwWgIBSCwhAPRaAoaDBggSCEYlAconADlIAboSSUgtJQBhyUhQS4CcrBzVAeboEKcCtUhNugElSGKlAVbodqcAdUhzvhLrgbakBNqAW14R6oA/dCXbgP6sH9UB8egAbwIDSEh6ARPAyN4RFoAo9CU3gMmkFzaAEtodX/avyL0ANegp7QC5KhN/SBl6Ev9IP+MAAGwiswCF6FwfAapMAQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPqTABJsI7MAnehckwBabCNEiD6TAD3oOZMAtmw/swBz6AuTAP5sMCSIcPYSEsggz4CBbDx5AJS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/J8ef/pvxXREQUKBAhQpjMAZjMRbzYB7Mi3kxH+bDCEYwDuMwP+bHAlgAC2EhjMd4LIpF0aBBQsJiWAyjGMUSWAJLYkksjaXRocMETMByeDOWx/JYAStgRayIlbAyVsaqWBWrYTWsjtXxLrwLa2ANrIW18B68B3tjXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yDiZiI7bAdtsf2mIRJ2AE7YEfsiJ2wE3bGztgFu2BX7Ibd8MVcgC/hS9gLa4je2Af7YF9MydUfB+AAfAUH4av4Kr6GKTgEh+Lr+Dq+gcPxFI7AkTgKR2E18TaOwbFIYjymYipOxIk4CSfhZJyCU3AapuF0nIEzcCbOwln4Ps7BD/ADnIfzcAGmYzouxEWYgRm4GE9jJi7BpbgMl+MKXI6rcDWuwrW4DtfiBtyAm3ATbsEtuA234Q7cgbtQAeAn+Cl+iim4D/fhftyPB/AAHsSDmIVZeAgP4WE8jEfwCB7Fo3gMj+MJPI4n8SSewtN4Bs/gOTyH5/H5+K8b7yq1JgVENiWUiBExIlbEijwij8gr8op8Ip+IiIiIE3Eiv8gvCogCopAoJOJFvCgqigojjCARxgCAiIqoKCFKiJKipCgtSgsnnEgQCaKcKCfKi/KigrhVVBS3iUqismjrqoqqoppIdNXFneIucZeoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqIB0VD0Rv748MiuzJNxBBsKoZiM9FcyIvfYK3FcGwj2opE8aQYiSOwvWjtksQzooMYgx3FX8RYfE50FuOxi3hBdBXdRHfxough2rieopeYjL1FHzEN+4p+or8YIGZiTfE+zsldS7wmUsQQMVS8LhbgG2K4eFOMECPFKPGWGC3eFmPEWDFOjBepYoKYKN4Rk8S7YrKYIqaKaSJNTBczxHtippglZov3xRzxgZgr5on5YoFIFx+KhWKRyBAficXiY5EploilYplYLlaIlWKVWC3WiLVinVgvNoiNYpPYLLaIrWKb2C52iJ1il9gtPhF7xKdir/hM7BOfi/3iC3FAfCkOiq9ElvhaHBLfiMPiW3FEfCeOiu/FMXFcnBA/iJPiR3FKnBZnxFlxTvwkzoufxQXhBUiUQkqpZCBjZC4ZK3PLPPIqmVcGF1/da2WcvE7ml9fLArKgLCQLy3hZRBaVWhppJclQFpPFZVTeIEvIG2VJWUqWlmWkk2VlgrxJlpM3y/LyFllB3ioryttkJVlZVpFV5e2ymrxDQuTXY9SQNWUtWVveI+vIe2VdeZ+sJ++X9eUDsoF8UDaUD8lG8mHZWD4im8hHZVP5mGwmm8sWsqVsJR+XreUTso1sKxPlk7KdfEq2l0/LJPmM7CD9xbfIc7KzfF52kS/IrrKb7C5/lheklz1lLwnQW/aRL8u+sp/sLwfIgfIVOUi+KgfL12SKHCKHytflMPmGHC7flCPkSDlKviVHy7flGDlWjpPjZaqcICfKd+Qk+a6cLKfIqXKaTJPTZf+LM82W8h+Of+cPxg/+5eib5Ga5RW6V2+R2uUPulLvkbrlb7pF75F65V+6T++R+uV8ekAfkQXlQZskseUgekoflYXlEHpFH5VF5TB6XZ+UP8qT8UZ6Sp+VpeVaek+fk+YuvAShUQkmlVKBiVC4Vq3KrPOoqlVddrfKpa1REXavi1HUqv7peFVAFVSFVWMWrIqqo0sooq0iFqpgqrqLqBrz4hlGlVRnlVFmVoG76Z8arEupGVVKV+s34S/kl/538WqlWqrVqrdqoNipRJap2qp1qr9qrJJWkOqgOqqPqqDqpTqqz6qy6qC6qq+qquqvuqofqoXqqnipZJas+6mXVV/VT/dUANVC9ogapQWqwGqxSVIoaqoaqYWqYGq6GqxFqhBqlRqnRarQao8aocWqcSlWpaqKaqCapSWqymqymqqkqTaWpGWqGmqlmqtlqtpqj5qi5aq6ar+ardJWuFqqFKkNlqMVqscpUS9QStUwtUyvUCrVKrVJr1Bq1Tq1TG9QGlak2q81qq9qqtqvtaqfaqXar3WqP2qP2qr1qn9qn9qv96oA6oA6qgypLZalD6pA6rA6rI+qIOqqOqmPqmDqhTqiT6qQ6pU6pM+qMOqfOqfPqvLqgLmQv+wIRiEAFKogJYoLYIDbIE+QJ8gZ5g3xBviASRIK4IC7IH1wfFAgKBoWCwkF8UCQoGujABDYQF4seDW4ISgQ3BiWDUkHpoEzggrJBQnBTUC64OSgf3BJUCG4NKga3BZWCykGVoGpwe1AtuCOoHtwZ3BXcHdQIaga1gtrBPUGd4N6gbnBfUC+4P6gfPBA0CB4MGgYPBY2Ch4PGwSNBk+DRoGnwWNAsaB60CFoGrf7U+b0/VfAJ11P30sm6t+6jX9Z9dT/dXw/QA/UrepB+VQ/Wr+kUPUQP1a/rYfoNPVy/qUfokXqUfkuP1m/rMXqsHqfH61Q9QU/U7+hJ+l09WU/RU/U0naan6xn6PT1Tz9Kz9ft6jv5Az9Xz9Hy9QKfrD/VCvUhn6I/0Yv2xztRL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0Tr1L79af6D36U71Xf6b36c/1fv2FPqC/1Af1VzpLf60P6W/0Yf2tPqK/00f19/qYPq5P6B/0Sf2jPqVP6zP6rD6nf9Ln9c/6gvbZi/vsn3ejjDIxJsbEmliTx+QxeU1ek8/kMxETMXEmzuQ3+U0BU8AUMoVMvIk3RU1Rk40MmWKmmImaqClhSpiSpqQpbUobZ5xJMAmmnClnypvypoKpYCqaiqaSqWSqmCrmdnO7ucPcYe40d5q7zd2mpqlpapvapo6pY+qauqaeqWfqm/qmgWlgGpqGppFpZBqbxqaJaWKamqammWlmWpgWppVpZVqb1qaNaWMSTaJpZ9qZ9qa9STJJpoPpYDqajqaT6WQ6m86mi+liupquprvpbnqYHqan6WmSTbLpY/qYvqav6W/6m4FmoBlkBpnBZrBJMSlmqBlqhplhZrgZbkaYkWZU9kLVvG3GmLFmnBlvUk2qmWgmmklmkplsJpupZqpJM2lmhplhZpqZZraZbeaYOWaumWvmm/km3aSbhWahyTAZZrFZbDJNpllqlprlZrlZaVaa1Wa1WWvWmvWw3mw0G81ms9lsNVvNdrPd7DQ7zW6z2+wxe8xes9fsM/vMfrPfHDAHzEFz0GSZLHPIHDKHzWFzxBwxR81Rc8wcMyfMCXPSnDSnzClzxpwx50zBi7+X3sTa3DaPvcrmtVfbfPYa+7dxIVvYxtsitqjVtoAt+JvYWGtL2lK2tC1jnS1rE+xNv4sr2cq2iq1qb7fV7B22+u/iOvZeW9feZ+vZ+21te89v4vr2AdvAPmobIgLY5raxbWmb2EdtU/uYbWab2xa2pW1nn7Lt7dM2yT5jO9hnfxcvtIvsarvGrrXr7B77qT1jz9rD9lt7zv5ke9pedqB9xQ6yr9rB9jWbYof8Lh5l37Kj7dt2jB1rx9nxv4un2mk2zU63M+x7dqad9bs43X5o59gMO9fOs/Ptgl/i7Jwy7Ed2sf3YZtoldqldZpfbFXalXfV/c11mN9iNdpPdbT+xW+02u93usDvtrl/i7PPYaz+z++zn9pD9xh6wX9qD9ojNsl//Emef3xH7nT1qv7fH7HF7wv5gT9of7Sl7+pfzzz73H+zP9oL1FggJSJKigGIoF8VSbspDV1Feupry0TUUoWspjq6j/HQ9FaCCVIgKUzwVoaKkyZAlopCKUXGK0g10aZ1emsqQo7KUQDdRObqZytMtVIFupYp0G1WiylSFqtLtVI3uoOp0J91Fd1MNqkm1qDbdQ3XoXqpL91E9up/q0wPUgB6khvQQNaKHqTE9Qk3oUWpKj1Ezak4tqCW1osepNT1BbagtJdKT1I6eovb0NCXRM9SBnqWO9BfqRM9RZ3qeutAL1JW6UXd6kXrQS9STelEy9aY+9DL1pX7UnwbQQHqFBtGrNJheoxQaQkPpdRpGb9BwepNG0EgaRW/RaHqbxtBYGkfjKZUm0ER6hybRuzSZptBUmkZpNJ1m0Hs0k2bRbHqf5tAHNJfm0XxaQOn0IS2kRZRBH9Fi+pgyaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO2kW76RPaQ5/SXvqM9tHntJ++oAP0JR2kryiLvqZD9A0dpm/pCH3ne9H3dIyO0wn6gU7Sj3SKTtMZOkvn6Cc6Tz/TBfIEIYYilKEKgzAmzBXGhrnDPOFVYd7w6jBfeE0YCa8N48Lrwvzh9WGBsGBYKCwcxodFwqKhDk1oQwrDsFhYPIyGN4QlwhvDkmGpsHRYJnRh2TAhvCksF94clg9vCSuEt4YVw9vCSmHl8NH7q4a3h9XCO8Lq4Z1hYnh3WCOsGdYKa4f3hHXCe8O64X1hvfD+sHz4QNggfDBsGD4UNgofDhuHj4RNwkfDpuFjYbOwedgibBm2Ch8PW4dPhG3CtmFi+GTYLnwqbB8+HSaFz4Qdwmd/6X9g0S/9CH/Qnxz2DvuEL4cvh97fJ+dHF0TTox9GF0YXRTOiH0UXRz+OZkaXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0W9r50LHDrhpFMucDEul4t1uV0ed5XL6652+dw1LuKudXHuOpffXe8KuIKukCvs4l0RV9RpZ5x15EJXzBV3UXeDK+FudCVdKVfalXHOlXUJrqVr5Vq51u4J18a1dYnuSfeke8o95Z52T7tnXAf3rOvo/uI6uedcZ/e8e9694Lq6bq67e9H1cBPy/fqZTHZ9XB/X1/V1/V1/N9ANdIPcIDfYDXYpLsUNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbpUN9FNdJPcJDfZTXZT3VSX5tLcDDfDzXQzXbVZvx5lrpvr5rv5Lt2lu4Uue82Y4Ra7xS7TZbqlbqlb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+62u51up9vtdrs9/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MiEyMvBOZFHk3MjkyJTI1Mi2SFpkemRF5LzIzMisyO/J+ZE7kg8jcyLzI/MiCSHrkw8jCyKJIRuSjyOLIx5HMyJLI0siyyPLIioj3RbaGvpgv7qP+Bl/C3+hL+lK+tC/jnS/rE/xNvpy/2Zf3t/gK/lZf0d/mK/nKvop/zDfzzX0L39K38o/71v4J38a39Yn+Sd/OP+Xb+6d9kn/Gd/DP+o7+L76Tf8539s/7Lv4F39V38939i76Hf8n39L18su/t+/iXfV/fz/f3A/xA/4of5F/1g/1rPsUP8UP9636Yf8MP92/6EX6kHxXzlh996RIZxvtUP8FP9O/4Sf5dP9lP8VP9NJ/mp/sZ/j0/08/ys/37fo7/wM/18/x8v8Cn+w/9Qr/IZ/iP/GL/sc/0Sy7dVPYr/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wO/0uv9t/4vf4T/1e/5nf5z/3+/0X/oD/0h/0X/ks/7U/5L/xh/23/oj/zh/13/tj/rg/4X/wJ/2P/pQ/7c/4s/6c/8mf9z/7C/xv1hhjjDHG/kcmXG6KP+rv/QfPib/auQ8AXL2tcNZf92evKNcX+LXdT8S3iwDAM726PHxpq1EjOTn54r6ZEoLi8wAu/UlQthi4HC+BRHgKkqAtlPvD/PuJbufoH8wfvRUgz1+NiYXL8eX5v/g78z/+5KiFFcMzcf+P+ecBlCx+eUxuuBwvgUSV/dgWyv+d+Qu2/gf55/4yFaDNX43JC5fjy/knwBPwLCT9Zk/GGGOMMcYYY+xX/USVTpeuPy/9jc8/uj6PV5fH5ILL8T+6PmeMMcYYY4wxxtiV91y37k8/npTUttM/36j+vxrFjf/UhvcAl55RAPAvTgjwbz+LLf+WY6Vc/Oj8bdfysz6A/4xS/hmNK/zFxBhjjDHGGPvTXV70//Z5daUSYowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcqB/x38ndqXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/k8AAAD//4NSDCw=")
mkdir(0x0, 0x0)

3.101936112s ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000a00)={[{@inode_readahead_blks}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x400}}, {}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r0, &(0x7f0000000480)=ANY=[], 0xed)

3.015926985s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
lremovexattr(0x0, 0x0)

2.966230353s ago: executing program 1:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000b40)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="000080000000ec"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x7, 0x10001}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x1c, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600"], 0x0}, 0x90)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000580)={0x14, &(0x7f0000000300)={0x0, 0x2, 0x18, {0x18, 0x2, "c5bb29dbc05f4ded39b5daa67c0b57b3adf23d53cd48"}}, &(0x7f0000000380)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000700)={0x1c, &(0x7f0000000600)=ANY=[@ANYBLOB="000e2b000000359610dbbabd6765693ea7c6bcbfb4023f9e914e51369bbf96abc61358db506efcd408c5b18d305daa7e8c"], &(0x7f0000000640)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000680)={0x0, 0x8, 0x1, 0x8}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_ep_write(r0, 0x7, 0x7d, &(0x7f00000004c0)="ed324cfbd5131a5e9c8c56b3e3326b37c7f856ba083d1fdb47658cee171adeb5daa7c2d384aaf80ba83284396aa8d2469a04cb1a42e0de045f7c2934af3e373940458f14eecb60c562a9c9962e35edc3a3f3ee23bbdbc0f423c8d353fdb9cf08d74016101b54f18dcf9622c581804537c8359194f4b661e131ae2a58b3")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.953463284s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000040), 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

2.044766315s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
setpriority(0x0, 0x0, 0x0)

2.028480617s ago: executing program 2:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@discard}, {@discard}, {@namecase}, {@errors_remount}, {@discard}, {@discard}, {@dmask={'dmask', 0x3d, 0x5}}, {@discard}, {@fmask={'fmask', 0x3d, 0x7}}]}, 0x5, 0x1520, &(0x7f00000037c0)="$eJzs3AuYjtX6MPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSSVQ5IkSZJTYpIm2ZKQGHJKGpKQHIbkMITkMDFpnM/nY5IkTZKE5JSs75ris9u1v/3f/9237WvP/buu53rX/a5nred+3vs9rOdx+LbL0FpNat/ViIjgX4K/PiQDQCwADASAawAgAIAKcRXisvtzS0z+1w7C/lwPp13pDNiVxPXP2bj+ORvXP2fj+udsXP+cjeufs3H9czauP2M52ebpha/lLedufP8/J+Pf//8iWWXHfrm27PVd/4khXP+cjev/Xyv4n+zE9c/ZuP45G9c/Z+P65wS5/m4P1z9n4/ozlpNd6fvPf7PFwJXP4Zct139ADv+O7Uq//xhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qxn/GUKAC61r3RejDHGGGOMMcYY+/P4XFc6A8YYY4wxxhhjjP3/hyBAgoIAYiAXxEJuyAMCAK6GfHANROBaiIPrID9cDwWgIBSCwhAPRaAoaDBggSCEYlAconADlIAboSSUgtJQBhyUhQS4CcrBzVAeboEKcCtUhNugElSGKlAVbodqcAdUhzvhLrgbakBNqAW14R6oA/dCXbgP6sH9UB8egAbwIDSEh6ARPAyN4RFoAo9CU3gMmkFzaAEtodX/avyL0ANegp7QC5KhN/SBl6Ev9IP+MAAGwiswCF6FwfAapMAQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPqTABJsI7MAnehckwBabCNEiD6TAD3oOZMAtmw/swBz6AuTAP5sMCSIcPYSEsggz4CBbDx5AJS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/J8ef/pvxXREQUKBAhQpjMAZjMRbzYB7Mi3kxH+bDCEYwDuMwP+bHAlgAC2EhjMd4LIpF0aBBQsJiWAyjGMUSWAJLYkksjaXRocMETMByeDOWx/JYAStgRayIlbAyVsaqWBWrYTWsjtXxLrwLa2ANrIW18B68B3tjXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yDiZiI7bAdtsf2mIRJ2AE7YEfsiJ2wE3bGztgFu2BX7Ibd8MVcgC/hS9gLa4je2Af7YF9MydUfB+AAfAUH4av4Kr6GKTgEh+Lr+Dq+gcPxFI7AkTgKR2E18TaOwbFIYjymYipOxIk4CSfhZJyCU3AapuF0nIEzcCbOwln4Ps7BD/ADnIfzcAGmYzouxEWYgRm4GE9jJi7BpbgMl+MKXI6rcDWuwrW4DtfiBtyAm3ATbsEtuA234Q7cgbtQAeAn+Cl+iim4D/fhftyPB/AAHsSDmIVZeAgP4WE8jEfwCB7Fo3gMj+MJPI4n8SSewtN4Bs/gOTyH5/H5+K8b7yq1JgVENiWUiBExIlbEijwij8gr8op8Ip+IiIiIE3Eiv8gvCogCopAoJOJFvCgqigojjCARxgCAiIqoKCFKiJKipCgtSgsnnEgQCaKcKCfKi/KigrhVVBS3iUqismjrqoqqoppIdNXFneIucZeoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqIB0VD0Rv748MiuzJNxBBsKoZiM9FcyIvfYK3FcGwj2opE8aQYiSOwvWjtksQzooMYgx3FX8RYfE50FuOxi3hBdBXdRHfxough2rieopeYjL1FHzEN+4p+or8YIGZiTfE+zsldS7wmUsQQMVS8LhbgG2K4eFOMECPFKPGWGC3eFmPEWDFOjBepYoKYKN4Rk8S7YrKYIqaKaSJNTBczxHtippglZov3xRzxgZgr5on5YoFIFx+KhWKRyBAficXiY5EploilYplYLlaIlWKVWC3WiLVinVgvNoiNYpPYLLaIrWKb2C52iJ1il9gtPhF7xKdir/hM7BOfi/3iC3FAfCkOiq9ElvhaHBLfiMPiW3FEfCeOiu/FMXFcnBA/iJPiR3FKnBZnxFlxTvwkzoufxQXhBUiUQkqpZCBjZC4ZK3PLPPIqmVcGF1/da2WcvE7ml9fLArKgLCQLy3hZRBaVWhppJclQFpPFZVTeIEvIG2VJWUqWlmWkk2VlgrxJlpM3y/LyFllB3ioryttkJVlZVpFV5e2ymrxDQuTXY9SQNWUtWVveI+vIe2VdeZ+sJ++X9eUDsoF8UDaUD8lG8mHZWD4im8hHZVP5mGwmm8sWsqVsJR+XreUTso1sKxPlk7KdfEq2l0/LJPmM7CD9xbfIc7KzfF52kS/IrrKb7C5/lheklz1lLwnQW/aRL8u+sp/sLwfIgfIVOUi+KgfL12SKHCKHytflMPmGHC7flCPkSDlKviVHy7flGDlWjpPjZaqcICfKd+Qk+a6cLKfIqXKaTJPTZf+LM82W8h+Of+cPxg/+5eib5Ga5RW6V2+R2uUPulLvkbrlb7pF75F65V+6T++R+uV8ekAfkQXlQZskseUgekoflYXlEHpFH5VF5TB6XZ+UP8qT8UZ6Sp+VpeVaek+fk+YuvAShUQkmlVKBiVC4Vq3KrPOoqlVddrfKpa1REXavi1HUqv7peFVAFVSFVWMWrIqqo0sooq0iFqpgqrqLqBrz4hlGlVRnlVFmVoG76Z8arEupGVVKV+s34S/kl/538WqlWqrVqrdqoNipRJap2qp1qr9qrJJWkOqgOqqPqqDqpTqqz6qy6qC6qq+qquqvuqofqoXqqnipZJas+6mXVV/VT/dUANVC9ogapQWqwGqxSVIoaqoaqYWqYGq6GqxFqhBqlRqnRarQao8aocWqcSlWpaqKaqCapSWqymqymqqkqTaWpGWqGmqlmqtlqtpqj5qi5aq6ar+ardJWuFqqFKkNlqMVqscpUS9QStUwtUyvUCrVKrVJr1Bq1Tq1TG9QGlak2q81qq9qqtqvtaqfaqXar3WqP2qP2qr1qn9qn9qv96oA6oA6qgypLZalD6pA6rA6rI+qIOqqOqmPqmDqhTqiT6qQ6pU6pM+qMOqfOqfPqvLqgLmQv+wIRiEAFKogJYoLYIDbIE+QJ8gZ5g3xBviASRIK4IC7IH1wfFAgKBoWCwkF8UCQoGujABDYQF4seDW4ISgQ3BiWDUkHpoEzggrJBQnBTUC64OSgf3BJUCG4NKga3BZWCykGVoGpwe1AtuCOoHtwZ3BXcHdQIaga1gtrBPUGd4N6gbnBfUC+4P6gfPBA0CB4MGgYPBY2Ch4PGwSNBk+DRoGnwWNAsaB60CFoGrf7U+b0/VfAJ11P30sm6t+6jX9Z9dT/dXw/QA/UrepB+VQ/Wr+kUPUQP1a/rYfoNPVy/qUfokXqUfkuP1m/rMXqsHqfH61Q9QU/U7+hJ+l09WU/RU/U0naan6xn6PT1Tz9Kz9ft6jv5Az9Xz9Hy9QKfrD/VCvUhn6I/0Yv2xztRL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0Tr1L79af6D36U71Xf6b36c/1fv2FPqC/1Af1VzpLf60P6W/0Yf2tPqK/00f19/qYPq5P6B/0Sf2jPqVP6zP6rD6nf9Ln9c/6gvbZi/vsn3ejjDIxJsbEmliTx+QxeU1ek8/kMxETMXEmzuQ3+U0BU8AUMoVMvIk3RU1Rk40MmWKmmImaqClhSpiSpqQpbUobZ5xJMAmmnClnypvypoKpYCqaiqaSqWSqmCrmdnO7ucPcYe40d5q7zd2mpqlpapvapo6pY+qauqaeqWfqm/qmgWlgGpqGppFpZBqbxqaJaWKamqammWlmWpgWppVpZVqb1qaNaWMSTaJpZ9qZ9qa9STJJpoPpYDqajqaT6WQ6m86mi+liupquprvpbnqYHqan6WmSTbLpY/qYvqav6W/6m4FmoBlkBpnBZrBJMSlmqBlqhplhZrgZbkaYkWZU9kLVvG3GmLFmnBlvUk2qmWgmmklmkplsJpupZqpJM2lmhplhZpqZZraZbeaYOWaumWvmm/km3aSbhWahyTAZZrFZbDJNpllqlprlZrlZaVaa1Wa1WWvWmvWw3mw0G81ms9lsNVvNdrPd7DQ7zW6z2+wxe8xes9fsM/vMfrPfHDAHzEFz0GSZLHPIHDKHzWFzxBwxR81Rc8wcMyfMCXPSnDSnzClzxpwx50zBi7+X3sTa3DaPvcrmtVfbfPYa+7dxIVvYxtsitqjVtoAt+JvYWGtL2lK2tC1jnS1rE+xNv4sr2cq2iq1qb7fV7B22+u/iOvZeW9feZ+vZ+21te89v4vr2AdvAPmobIgLY5raxbWmb2EdtU/uYbWab2xa2pW1nn7Lt7dM2yT5jO9hnfxcvtIvsarvGrrXr7B77qT1jz9rD9lt7zv5ke9pedqB9xQ6yr9rB9jWbYof8Lh5l37Kj7dt2jB1rx9nxv4un2mk2zU63M+x7dqad9bs43X5o59gMO9fOs/Ptgl/i7Jwy7Ed2sf3YZtoldqldZpfbFXalXfV/c11mN9iNdpPdbT+xW+02u93usDvtrl/i7PPYaz+z++zn9pD9xh6wX9qD9ojNsl//Emef3xH7nT1qv7fH7HF7wv5gT9of7Sl7+pfzzz73H+zP9oL1FggJSJKigGIoF8VSbspDV1Feupry0TUUoWspjq6j/HQ9FaCCVIgKUzwVoaKkyZAlopCKUXGK0g10aZ1emsqQo7KUQDdRObqZytMtVIFupYp0G1WiylSFqtLtVI3uoOp0J91Fd1MNqkm1qDbdQ3XoXqpL91E9up/q0wPUgB6khvQQNaKHqTE9Qk3oUWpKj1Ezak4tqCW1osepNT1BbagtJdKT1I6eovb0NCXRM9SBnqWO9BfqRM9RZ3qeutAL1JW6UXd6kXrQS9STelEy9aY+9DL1pX7UnwbQQHqFBtGrNJheoxQaQkPpdRpGb9BwepNG0EgaRW/RaHqbxtBYGkfjKZUm0ER6hybRuzSZptBUmkZpNJ1m0Hs0k2bRbHqf5tAHNJfm0XxaQOn0IS2kRZRBH9Fi+pgyaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO2kW76RPaQ5/SXvqM9tHntJ++oAP0JR2kryiLvqZD9A0dpm/pCH3ne9H3dIyO0wn6gU7Sj3SKTtMZOkvn6Cc6Tz/TBfIEIYYilKEKgzAmzBXGhrnDPOFVYd7w6jBfeE0YCa8N48Lrwvzh9WGBsGBYKCwcxodFwqKhDk1oQwrDsFhYPIyGN4QlwhvDkmGpsHRYJnRh2TAhvCksF94clg9vCSuEt4YVw9vCSmHl8NH7q4a3h9XCO8Lq4Z1hYnh3WCOsGdYKa4f3hHXCe8O64X1hvfD+sHz4QNggfDBsGD4UNgofDhuHj4RNwkfDpuFjYbOwedgibBm2Ch8PW4dPhG3CtmFi+GTYLnwqbB8+HSaFz4Qdwmd/6X9g0S/9CH/Qnxz2DvuEL4cvh97fJ+dHF0TTox9GF0YXRTOiH0UXRz+OZkaXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0W9r50LHDrhpFMucDEul4t1uV0ed5XL6652+dw1LuKudXHuOpffXe8KuIKukCvs4l0RV9RpZ5x15EJXzBV3UXeDK+FudCVdKVfalXHOlXUJrqVr5Vq51u4J18a1dYnuSfeke8o95Z52T7tnXAf3rOvo/uI6uedcZ/e8e9694Lq6bq67e9H1cBPy/fqZTHZ9XB/X1/V1/V1/N9ANdIPcIDfYDXYpLsUNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbpUN9FNdJPcJDfZTXZT3VSX5tLcDDfDzXQzXbVZvx5lrpvr5rv5Lt2lu4Uue82Y4Ra7xS7TZbqlbqlb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+62u51up9vtdrs9/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MiEyMvBOZFHk3MjkyJTI1Mi2SFpkemRF5LzIzMisyO/J+ZE7kg8jcyLzI/MiCSHrkw8jCyKJIRuSjyOLIx5HMyJLI0siyyPLIioj3RbaGvpgv7qP+Bl/C3+hL+lK+tC/jnS/rE/xNvpy/2Zf3t/gK/lZf0d/mK/nKvop/zDfzzX0L39K38o/71v4J38a39Yn+Sd/OP+Xb+6d9kn/Gd/DP+o7+L76Tf8539s/7Lv4F39V38939i76Hf8n39L18su/t+/iXfV/fz/f3A/xA/4of5F/1g/1rPsUP8UP9636Yf8MP92/6EX6kHxXzlh996RIZxvtUP8FP9O/4Sf5dP9lP8VP9NJ/mp/sZ/j0/08/ys/37fo7/wM/18/x8v8Cn+w/9Qr/IZ/iP/GL/sc/0Sy7dVPYr/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wO/0uv9t/4vf4T/1e/5nf5z/3+/0X/oD/0h/0X/ks/7U/5L/xh/23/oj/zh/13/tj/rg/4X/wJ/2P/pQ/7c/4s/6c/8mf9z/7C/xv1hhjjDHG/kcmXG6KP+rv/QfPib/auQ8AXL2tcNZf92evKNcX+LXdT8S3iwDAM726PHxpq1EjOTn54r6ZEoLi8wAu/UlQthi4HC+BRHgKkqAtlPvD/PuJbufoH8wfvRUgz1+NiYXL8eX5v/g78z/+5KiFFcMzcf+P+ecBlCx+eUxuuBwvgUSV/dgWyv+d+Qu2/gf55/4yFaDNX43JC5fjy/knwBPwLCT9Zk/GGGOMMcYYY+xX/USVTpeuPy/9jc8/uj6PV5fH5ILL8T+6PmeMMcYYY4wxxtiV91y37k8/npTUttM/36j+vxrFjf/UhvcAl55RAPAvTgjwbz+LLf+WY6Vc/Oj8bdfysz6A/4xS/hmNK/zFxBhjjDHGGPvTXV70//Z5daUSYowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcqB/x38ndqXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/k8AAAD//4NSDCw=")
mkdir(0x0, 0x0)

2.015259609s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0)

1.975481366s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
lremovexattr(0x0, 0x0)

1.897290407s ago: executing program 4:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = dup3(r3, r0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x10, 0x0, &(0x7f0000000000)=[@clear_death], 0x0, 0x0, 0x0})

1.885882979s ago: executing program 4:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010700020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010102020d0000090582020002fd0000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000d00)={0x84, &(0x7f0000000840), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000001040)={0x14, 0x0, &(0x7f0000001000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

1.8816847s ago: executing program 2:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002f60000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x2, 0x80, 0xc2, 0x5}})

1.760360479s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0xd3464, 0x0, 0x20, 0x0, &(0x7f0000000000))

1.090582312s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
setpriority(0x0, 0x0, 0x0)

1.084804533s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000040), 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

1.012830334s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a117b6b9462d3589e67197f90be6e423ceb0ab4912f9f6a3dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, r1, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)

1.004780385s ago: executing program 2:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2a, 0x4, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x7e, 0x0, 0x9, [0x401, 0x1000, 0x5, 0x0, 0x5, 0x8]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

888.310733ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
lremovexattr(0x0, 0x0)

873.986345ms ago: executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = dup3(r3, r0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x10, 0x0, &(0x7f0000000000)=[@clear_death], 0x0, 0x0, 0x0})

864.617847ms ago: executing program 0:
futex(&(0x7f000000cffc), 0x6, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)

803.883856ms ago: executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x800002, &(0x7f00000065c0)=ANY=[], 0x1, 0x554d, &(0x7f00000006c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537S1EbiOMA/ks0av9RKX3vVfqmx+gR+ljoS/UAvYRHsFfoBTyD+7ZHWHQxGYQsBgQnG1Y+H8jEych3ZjQvM4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTpodou//359vfWnMPxNnlmAwAAAFyyr7bL+sO8qX9I1z+lS19SvYiIMiIurd1HMWlljlJO1fH96sUY/kfUCac+pul4HxHf0/H0ue9fAQAAAO7Xbr1ZNKv1ppgPPSBeU7NpU378kSmviIhq/pgprTwVXzOF1ff3OH5lSqs3sGaZwpott/HltkmuTtpGrVOayWxV/4l1reynXwAAYEjtlUDHKgQAAIA78HPoATCM4lycnzNOm1N6IPiuVQMAAADeoGLoAQAAAAC9q9f/3v8HAAAA9615/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB92lfb5W69WXS1r67MORyv8DsiOpryzQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Zn/eUSAEwiAM9q7vTOb+h5UGDY1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgze/+8n9iapxJ5l4bS88jydqpsXVq7J0bR38YX78GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnbvnjaMIAwA8t3t7+QCEMegKAwoSBTTEvoRASihAFgU/AclyzsFwIZC4IJEFcgMVch0hISgRQgKZLv8hNZbShC6FCyNRUQTNfjjrD+AUJbsX+3mk2Xl3vZ59Z+9k+fWsDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoLL1dnghKeM0bqaKuDr2+/bqYuw39/TRzfXbM7HFuLNv5HT37tdvPZoJTK4X6zun+rWdL5tPBgAAgKMhrVXkd7KN+dgnU3n9n1XnxJr/+6eKuKrn99b9m9urx8svzVT1/2+/3n1u50JTxXXioEvLo+Hc/lS6j2iKE+/p/z2jm9/5/G8vaf6CJO+tPbuV5fez882tW+/08vBYE9kCAA/idNWXQfX7UOwHbSYGwJHRrRXeVf2fTrWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATttbCE1XcCSHMdO/H0eb26uJB/c312zNVe+PGjfX6mHGILISwtDwaZg3OZdJdvXb944XRaHil+eBUCKG9q5fBB2OcE8J/n1O+PUN7s/j3oDMZabQaJOXrMyn5PMygeu89/JFb+oEEAMChlZUt1vV3so35eKwzHcK9H3bX/69Ucb84PE79f/fDv+8Viu+t1/+Dxmc6uWZXLn06e/Xa9deWLy1cHF4cfvL6mcGbg7Pnz507Pxvv1dzsUkiGc22nCQAAwGOic8CxXtnq9X8yvX/9/+SeMcap/z/7bvBFefq3cZOq/w90f9Gv7UwAAACOot5O9MxLf/15UO3c6fXC5wsrK1cGxXZn/0yxbTTdB3SsbPX6P51uOysAAACgCVtrnV3r/xdqcRhz/f/JH5//uT5mGkI4EcLlEMLw9OLl0YXmpjPRmvhH5fxCvbZnCgAAQFtOlK2+/p/lz/8nO488JCGEV18u4uqzrsap/9N3v/qpfq368/9nm5viREr6xf3I+34I3X7bGQEAAHCYHS9bLPb/yDbmP/rl5Ps9z/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO2fAAAA//8Nujoo")
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f00000001c0)=0x20000008)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
rmdir(&(0x7f0000000100)='./control\x00')

442.498152ms ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0xd3464, 0x0, 0x20, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="0801"], 0x138)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdnk=', @ANYRESHEX=r4, @ANYBLOB=',cache=loose,\x00'])
stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480))

328.723939ms ago: executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000107d1e502d00000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="002207000000ab"], 0x0}, 0x0)

176.065233ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000407b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, 0x0, 0x5000)

154.872106ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)

139.758428ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
setpriority(0x0, 0x0, 0x0)

123.607111ms ago: executing program 3:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002f60000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x2, 0x80, 0xc2, 0x5}})

0s ago: executing program 2:
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000001540)=""/155}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)

kernel console output (not intermixed with test programs):

 2408.104797][ T1292] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2408.115633][ T1292] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2408.125186][ T1292] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2408.134962][ T1292] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 2408.144504][ T1292] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2408.154014][ T1292] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 2408.354710][ T1292] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2408.363602][ T1292] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2408.371435][ T1292] usb 2-1: Product: syz
[ 2408.375463][ T1292] usb 2-1: Manufacturer: syz
[ 2408.379811][ T1292] usb 2-1: SerialNumber: syz
[ 2408.444732][T14254] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2408.464684][T18309] usb 1-1: config 1 has an invalid descriptor of length 117, skipping remainder of the config
[ 2408.474879][T18309] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2408.544863][ T3036] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[ 2408.574765][T18309] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2408.583646][T18309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2408.591460][T18309] usb 1-1: SerialNumber: syz
[ 2408.614710][T14254] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2408.623602][T14254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2408.631407][T14254] usb 3-1: Product: syz
[ 2408.635383][T14254] usb 3-1: Manufacturer: syz
[ 2408.639799][T14254] usb 3-1: SerialNumber: syz
[ 2408.894740][ T1292] cdc_ncm 2-1:1.0: bind() failure
[ 2408.924763][ T1292] cdc_ncm: probe of 2-1:1.1 failed with error -71
[ 2408.931721][T18309] usb 1-1: 0:2 : does not exist
[ 2408.944685][ T3036] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2408.954677][ T1292] cdc_mbim: probe of 2-1:1.1 failed with error -71
[ 2408.962919][ T1292] usb 2-1: USB disconnect, device number 48
[ 2408.970859][ T3036] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2409.064739][ T3036] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2409.073781][ T3036] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2409.081777][ T3036] usb 5-1: SerialNumber: syz
[ 2409.196113][T18309] usb 1-1: USB disconnect, device number 14
[ 2409.355104][ T3036] usb 5-1: 0:2 : does not exist
[ 2409.624665][T14975] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 2409.777941][ T3036] usb 5-1: USB disconnect, device number 48
[ 2409.804758][T14254] cdc_ncm 3-1:1.0: failed to get mac address
[ 2409.822971][T22431] 9pnet_fd: Insufficient options for proto=fd
[ 2409.828958][T14254] cdc_ncm 3-1:1.0: bind() failure
[ 2409.844690][T14254] cdc_ncm: probe of 3-1:1.1 failed with error -71
[ 2409.864702][T14254] cdc_mbim: probe of 3-1:1.1 failed with error -71
[ 2409.872040][T14254] usb 3-1: USB disconnect, device number 38
[ 2409.994688][T14975] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2410.005765][T14975] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2410.015697][T14975] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2410.025759][T14975] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 2410.035671][T14975] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2410.045272][T14975] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 2410.214960][T14975] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2410.223880][T14975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2410.231678][T14975] usb 2-1: Product: syz
[ 2410.235655][T14975] usb 2-1: Manufacturer: syz
[ 2410.240080][T14975] usb 2-1: SerialNumber: syz
[ 2410.744703][T14975] cdc_ncm 2-1:1.0: bind() failure
[ 2410.764667][T14975] cdc_ncm: probe of 2-1:1.1 failed with error -71
[ 2410.784665][T14975] cdc_mbim: probe of 2-1:1.1 failed with error -71
[ 2410.794729][T14975] usb 2-1: USB disconnect, device number 49
[ 2410.824681][ T1292] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 2411.154658][ T1292] usb 1-1: Using ep0 maxpacket: 16
[ 2411.274733][ T1292] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2411.292687][ T1292] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2411.316082][ T1292] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2411.334751][ T1292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2411.344062][ T1292] usb 1-1: config 0 descriptor??
[ 2411.644666][T18309] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[ 2411.825498][ T1292] kovaplus 0003:1E7D:2D50.03E5: bogus close delimiter
[ 2411.832092][ T1292] kovaplus 0003:1E7D:2D50.03E5: item 0 4 2 10 parsing failed
[ 2411.839569][ T1292] kovaplus 0003:1E7D:2D50.03E5: parse failed
[ 2411.845453][ T1292] kovaplus: probe of 0003:1E7D:2D50.03E5 failed with error -22
[ 2411.954670][T15498] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 2412.043460][ T1292] usb 1-1: USB disconnect, device number 15
[ 2412.049293][T18309] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2412.060021][T18309] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2412.154734][T18309] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2412.163680][T18309] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2412.171604][T18309] usb 5-1: SerialNumber: syz
[ 2412.314714][T15498] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2412.474671][ T1291] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 2412.484706][T15498] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2412.493564][   T28] kauditd_printk_skb: 6 callbacks suppressed
[ 2412.493578][   T28] audit: type=1326 audit(1717002185.356:428782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.523441][T15498] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2412.531339][T15498] usb 4-1: Product: syz
[ 2412.535415][T15498] usb 4-1: Manufacturer: syz
[ 2412.535461][   T28] audit: type=1326 audit(1717002185.356:428783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.539853][T15498] usb 4-1: SerialNumber: syz
[ 2412.563870][   T28] audit: type=1326 audit(1717002185.356:428784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.592276][   T28] audit: type=1326 audit(1717002185.356:428785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.616320][   T28] audit: type=1326 audit(1717002185.356:428786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.640239][   T28] audit: type=1326 audit(1717002185.356:428787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.664409][   T28] audit: type=1326 audit(1717002185.356:428788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.665378][T18309] usb 5-1: 0:2 : does not exist
[ 2412.688524][   T28] audit: type=1326 audit(1717002185.356:428789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.717061][   T28] audit: type=1326 audit(1717002185.386:428790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.741001][   T28] audit: type=1326 audit(1717002185.396:428791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22478 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2412.774664][ T1291] usb 2-1: Using ep0 maxpacket: 8
[ 2412.844709][   T19] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 2412.886051][T18309] usb 5-1: USB disconnect, device number 49
[ 2412.904715][ T1291] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2412.913608][ T1291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2412.921873][ T1291] usb 2-1: config 0 descriptor??
[ 2413.104664][   T19] usb 1-1: Using ep0 maxpacket: 8
[ 2413.224714][   T19] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2413.233631][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2413.241853][   T19] usb 1-1: config 0 descriptor??
[ 2413.784763][T15498] cdc_ncm 4-1:1.0: failed to get mac address
[ 2413.804805][T15498] cdc_ncm 4-1:1.0: bind() failure
[ 2413.834809][T15498] cdc_ncm: probe of 4-1:1.1 failed with error -71
[ 2413.864760][T15498] cdc_mbim: probe of 4-1:1.1 failed with error -71
[ 2413.872137][T15498] usb 4-1: USB disconnect, device number 42
[ 2414.384702][T14975] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 2414.670523][T22477] loop1: detected capacity change from 0 to 1024
[ 2414.684712][   T19] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2414.694533][   T19] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2414.704701][   T19] asix: probe of 1-1:0.0 failed with error -71
[ 2414.711421][   T19] usb 1-1: USB disconnect, device number 16
[ 2414.718316][T22477] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2414.734667][ T1291] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2414.744458][ T1291] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2414.744725][T14975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2414.759989][ T1291] asix: probe of 2-1:0.0 failed with error -71
[ 2414.765203][T14975] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2414.780743][T14975] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2414.781201][ T1291] usb 2-1: USB disconnect, device number 50
[ 2414.790280][T14975] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 2414.805546][T14975] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2414.814963][T14975] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 2414.974941][T14975] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2414.983840][T14975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2414.991662][T14975] usb 3-1: Product: syz
[ 2414.995621][T14975] usb 3-1: Manufacturer: syz
[ 2415.000029][T14975] usb 3-1: SerialNumber: syz
[ 2415.250021][T16732] EXT4-fs (loop1): unmounting filesystem.
[ 2415.316659][T22518] 9pnet_fd: Insufficient options for proto=fd
[ 2415.444651][ T1291] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 2415.504714][T14975] cdc_ncm 3-1:1.0: bind() failure
[ 2415.524700][T14975] cdc_ncm: probe of 3-1:1.1 failed with error -71
[ 2415.534650][T14254] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 2415.544669][T14975] cdc_mbim: probe of 3-1:1.1 failed with error -71
[ 2415.554246][T14975] usb 3-1: USB disconnect, device number 39
[ 2415.684635][ T1291] usb 1-1: Using ep0 maxpacket: 16
[ 2415.804684][ T1291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2415.815387][ T1291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2415.824941][ T1291] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2415.833771][ T1291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2415.846046][ T1291] usb 1-1: config 0 descriptor??
[ 2415.894752][T14254] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2415.904767][T14254] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2415.984750][T14254] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2415.999124][T14254] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2416.008833][T14254] usb 5-1: SerialNumber: syz
[ 2416.315285][ T1291] kovaplus 0003:1E7D:2D50.03E6: bogus close delimiter
[ 2416.321867][ T1291] kovaplus 0003:1E7D:2D50.03E6: item 0 4 2 10 parsing failed
[ 2416.329199][ T1291] kovaplus 0003:1E7D:2D50.03E6: parse failed
[ 2416.335000][ T1291] kovaplus: probe of 0003:1E7D:2D50.03E6 failed with error -22
[ 2416.495033][T14254] usb 5-1: 0:2 : does not exist
[ 2416.504669][   T19] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 2416.517864][ T1291] usb 1-1: USB disconnect, device number 17
[ 2416.735521][T14254] usb 5-1: USB disconnect, device number 50
[ 2416.744649][   T19] usb 2-1: Using ep0 maxpacket: 8
[ 2416.864719][   T19] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2416.873678][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2416.882053][   T19] usb 2-1: config 0 descriptor??
[ 2417.234664][T14254] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 2417.474684][T14254] usb 3-1: Using ep0 maxpacket: 8
[ 2417.594686][T14254] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2417.603610][T14254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2417.611935][T14254] usb 3-1: config 0 descriptor??
[ 2418.172513][   T28] kauditd_printk_skb: 6585 callbacks suppressed
[ 2418.172531][   T28] audit: type=1326 audit(1717002191.036:435377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa87387a667 code=0x7ffc0000
[ 2418.184673][T14975] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 2418.202706][   T28] audit: type=1326 audit(1717002191.036:435378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa873840329 code=0x7ffc0000
[ 2418.233823][   T28] audit: type=1326 audit(1717002191.036:435379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2418.257754][   T28] audit: type=1326 audit(1717002191.036:435380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa87387a667 code=0x7ffc0000
[ 2418.281674][   T28] audit: type=1326 audit(1717002191.036:435381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa873840329 code=0x7ffc0000
[ 2418.305586][   T28] audit: type=1326 audit(1717002191.036:435382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2418.329516][   T28] audit: type=1326 audit(1717002191.036:435383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa87387a667 code=0x7ffc0000
[ 2418.353503][   T28] audit: type=1326 audit(1717002191.036:435384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa873840329 code=0x7ffc0000
[ 2418.377432][   T28] audit: type=1326 audit(1717002191.036:435385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2418.401363][   T28] audit: type=1326 audit(1717002191.036:435386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22567 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa87387a667 code=0x7ffc0000
[ 2418.564731][T14975] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2418.578235][T14975] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2418.589981][T14975] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2418.599847][T14975] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 2418.609515][T14975] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2418.619107][T14975] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 2418.634999][T22537] loop1: detected capacity change from 0 to 1024
[ 2418.652154][T22537] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2418.664694][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2418.674498][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2418.684548][   T19] asix: probe of 2-1:0.0 failed with error -71
[ 2418.691137][   T19] usb 2-1: USB disconnect, device number 51
[ 2418.794710][T14975] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2418.803706][T14975] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2418.820041][T14975] usb 1-1: Product: syz
[ 2418.826166][T14975] usb 1-1: Manufacturer: syz
[ 2418.832711][T14975] usb 1-1: SerialNumber: syz
[ 2418.964692][T14254] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2418.976998][T14254] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2418.987551][T14254] asix: probe of 3-1:0.0 failed with error -71
[ 2418.994551][T14254] usb 3-1: USB disconnect, device number 40
[ 2419.180033][T16732] EXT4-fs (loop1): unmounting filesystem.
[ 2419.334705][T14975] cdc_ncm 1-1:1.0: bind() failure
[ 2419.354679][T14975] cdc_ncm: probe of 1-1:1.1 failed with error -71
[ 2419.374675][T14975] cdc_mbim: probe of 1-1:1.1 failed with error -71
[ 2419.382208][T14975] usb 1-1: USB disconnect, device number 18
[ 2419.544670][T14254] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 2419.784688][T14254] usb 2-1: Using ep0 maxpacket: 16
[ 2419.904689][T14254] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2419.927572][T14254] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2419.960228][T14254] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2419.977943][T14254] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2420.001183][T14254] usb 2-1: config 0 descriptor??
[ 2420.495193][T14254] kovaplus 0003:1E7D:2D50.03E7: bogus close delimiter
[ 2420.501780][T14254] kovaplus 0003:1E7D:2D50.03E7: item 0 4 2 10 parsing failed
[ 2420.519830][T14254] kovaplus 0003:1E7D:2D50.03E7: parse failed
[ 2420.532087][T14254] kovaplus: probe of 0003:1E7D:2D50.03E7 failed with error -22
[ 2420.697305][ T1292] usb 2-1: USB disconnect, device number 52
[ 2420.844697][T14254] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 2420.964671][T14975] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 2421.084638][T14254] usb 3-1: Using ep0 maxpacket: 8
[ 2421.204793][T14254] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2421.213689][T14975] usb 1-1: Using ep0 maxpacket: 8
[ 2421.218596][T14254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2421.230095][T14254] usb 3-1: config 0 descriptor??
[ 2421.334739][T14975] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2421.343738][T14975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2421.352335][T14975] usb 1-1: config 0 descriptor??
[ 2421.484645][ T1292] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 2421.744674][ T1292] usb 2-1: Using ep0 maxpacket: 16
[ 2421.864715][ T1292] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2421.880889][ T1292] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2421.898086][ T1292] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2421.912425][ T1292] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2421.925900][ T1292] usb 2-1: config 0 descriptor??
[ 2422.464731][ T1292] usbhid 2-1:0.0: can't add hid device: -71
[ 2422.470529][ T1292] usbhid: probe of 2-1:0.0 failed with error -71
[ 2422.477084][ T1292] usb 2-1: USB disconnect, device number 53
[ 2422.694673][T14975] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2422.704704][T14975] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2422.715041][T14975] asix: probe of 1-1:0.0 failed with error -71
[ 2422.723326][T14975] usb 1-1: USB disconnect, device number 19
[ 2422.990473][T22616] loop2: detected capacity change from 0 to 1024
[ 2423.014745][T22616] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 2423.044728][T14254] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2423.057834][T14254] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2423.072840][T14254] asix: probe of 3-1:0.0 failed with error -71
[ 2423.079500][T14254] usb 3-1: USB disconnect, device number 41
[ 2423.184724][   T19] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[ 2423.394713][T22680] 9pnet_fd: Insufficient options for proto=fd
[ 2423.424642][   T19] usb 4-1: Using ep0 maxpacket: 16
[ 2423.520453][   T28] kauditd_printk_skb: 10862 callbacks suppressed
[ 2423.520474][   T28] audit: type=1326 audit(1717002196.386:446249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.554282][   T28] audit: type=1326 audit(1717002196.386:446250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.578553][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2423.578955][T14216] EXT4-fs (loop2): unmounting filesystem.
[ 2423.589306][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2423.604389][   T19] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2423.613272][   T28] audit: type=1326 audit(1717002196.416:446251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.637352][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2423.645806][   T19] usb 4-1: config 0 descriptor??
[ 2423.650704][   T28] audit: type=1326 audit(1717002196.416:446252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.675137][   T28] audit: type=1326 audit(1717002196.416:446253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.700093][   T28] audit: type=1326 audit(1717002196.416:446254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.724402][   T28] audit: type=1326 audit(1717002196.416:446255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.748566][   T28] audit: type=1326 audit(1717002196.416:446256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.772633][   T28] audit: type=1326 audit(1717002196.416:446257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2423.796699][   T28] audit: type=1326 audit(1717002196.416:446258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22681 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa87387cee9 code=0x7ffc0000
[ 2424.122888][T22705] 9pnet_fd: Insufficient options for proto=fd
[ 2424.129689][   T19] kovaplus 0003:1E7D:2D50.03E8: bogus close delimiter
[ 2424.136690][   T19] kovaplus 0003:1E7D:2D50.03E8: item 0 4 2 10 parsing failed
[ 2424.144132][   T19] kovaplus 0003:1E7D:2D50.03E8: parse failed
[ 2424.155003][   T19] kovaplus: probe of 0003:1E7D:2D50.03E8 failed with error -22
[ 2424.164708][T14254] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 2424.180822][T22711] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2424.201484][T22715] loop1: detected capacity change from 0 to 512
[ 2424.208216][T22715] EXT4-fs: Mount option(s) incompatible with ext2
[ 2424.336833][   T19] usb 4-1: USB disconnect, device number 43
[ 2424.391897][T22730] loop4: detected capacity change from 0 to 2048
[ 2424.398439][T22730] EXT4-fs: Ignoring removed bh option
[ 2424.403651][T22730] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 2424.404704][T14254] usb 3-1: Using ep0 maxpacket: 16
[ 2424.410151][T22730] EXT4-fs: Ignoring removed nobh option
[ 2424.436029][T22730] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 2424.446748][T22730] EXT4-fs error (device loop4): ext4_read_inline_dir:1589: inode #12: block 5: comm syz-executor.4: path /root/syzkaller-testdir523496202/syzkaller.2VEGTV/606/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0
[ 2424.472842][T22730] EXT4-fs error (device loop4): ext4_read_inline_dir:1589: inode #12: block 5: comm syz-executor.4: path /root/syzkaller-testdir523496202/syzkaller.2VEGTV/606/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0
[ 2424.504840][T14335] EXT4-fs (loop4): unmounting filesystem.
[ 2424.539736][T22743] loop1: detected capacity change from 0 to 512
[ 2424.546787][T22743] EXT4-fs: Mount option(s) incompatible with ext2
[ 2424.554686][T14254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2424.565660][T14254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2424.575706][T14254] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2424.587044][T14254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2424.599474][T14254] usb 3-1: config 0 descriptor??
[ 2424.668886][T22755] loop1: detected capacity change from 0 to 8192
[ 2424.716234][T22755]  loop1: p1 p4
[ 2424.719821][T22755] loop1: p1 size 8388608 extends beyond EOD, truncated
[ 2424.728247][T22755] loop1: p4 start 4278190080 is beyond EOD, truncated
[ 2424.742572][T22755] 9pnet: p9_errstr2errno: server reported unknown error œæçÿé’º=÷µíOIY—á½~*¯êö®cKóÓáò�

[ 2424.916090][T22761] loop3: detected capacity change from 0 to 256
[ 2424.933144][T22761] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x19a2be85, utbl_chksum : 0xe619d30d)
[ 2425.125199][T14254] usbhid 3-1:0.0: can't add hid device: -71
[ 2425.131318][T14254] usbhid: probe of 3-1:0.0 failed with error -71
[ 2425.145962][T14254] usb 3-1: USB disconnect, device number 42
[ 2425.245907][T22773] loop0: detected capacity change from 0 to 512
[ 2425.254796][T22773] EXT4-fs: Mount option(s) incompatible with ext2
[ 2425.440067][T22759] loop1: detected capacity change from 0 to 40427
[ 2425.447846][T22759] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 2425.455559][T22759] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2425.471948][T22759] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2425.519531][T22787] loop4: detected capacity change from 0 to 256
[ 2425.526789][T22783] loop0: detected capacity change from 0 to 8192
[ 2425.536908][T22787] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x19a2be85, utbl_chksum : 0xe619d30d)
[ 2425.537383][T22759] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2425.555617][T22759] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2425.575400][T22783]  loop0: p1 p4
[ 2425.578781][T22783] loop0: p1 size 8388608 extends beyond EOD, truncated
[ 2425.589890][T22783] loop0: p4 start 4278190080 is beyond EOD, truncated
[ 2425.598937][T22783] 9pnet: p9_errstr2errno: server reported unknown error œæçÿé’º=÷µíOIY—á½~*¯êö®cKóÓáò�

[ 2425.711276][T22790] loop4: detected capacity change from 0 to 32768
[ 2425.741560][T22804] loop1: detected capacity change from 0 to 16
[ 2425.748542][T22804] erofs: (device loop1): mounted with root inode @ nid 36.
[ 2425.760881][T22804] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 36
[ 2425.770306][T22804] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[ 2425.786052][T22811] loop1: detected capacity change from 0 to 256
[ 2425.797363][T22811] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x19a2be85, utbl_chksum : 0xe619d30d)
[ 2425.862271][T22819] loop4: detected capacity change from 0 to 8192
[ 2425.895733][T22819]  loop4: p1 p4
[ 2425.899312][T22819] loop4: p1 size 8388608 extends beyond EOD, truncated
[ 2425.906310][T22819] loop4: p4 start 4278190080 is beyond EOD, truncated
[ 2425.915465][T22819] 9pnet: p9_errstr2errno: server reported unknown error œæçÿé’º=÷µíOIY—á½~*¯êö®cKóÓáò�

[ 2426.014714][T14254] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 2426.034700][ T5626] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 2426.136916][T22837] loop4: detected capacity change from 0 to 16
[ 2426.143483][T22837] erofs: (device loop4): mounted with root inode @ nid 36.
[ 2426.151082][T22837] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 36
[ 2426.160499][T22837] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117]
[ 2426.168680][   T19] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 2426.254667][T14254] usb 3-1: Using ep0 maxpacket: 8
[ 2426.264653][ T1291] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[ 2426.374756][T14254] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2426.385508][T14254] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2426.444651][ T1292] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 2426.554714][ T5626] usb 1-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=e4.3d
[ 2426.554713][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2426.554743][ T5626] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2426.563750][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2426.574373][T14254] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2426.582270][   T19] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2426.591674][ T5626] usb 1-1: Product: syz
[ 2426.600507][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2426.609368][T14254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2426.614005][   T19] usb 2-1: config 0 descriptor??
[ 2426.621158][T14254] usb 3-1: Product: syz
[ 2426.637741][ T5626] usb 1-1: Manufacturer: syz
[ 2426.642141][ T5626] usb 1-1: SerialNumber: syz
[ 2426.646761][T14254] usb 3-1: Manufacturer: syz
[ 2426.651272][ T5626] usb 1-1: config 0 descriptor??
[ 2426.654707][ T1291] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2426.656023][T14254] usb 3-1: SerialNumber: syz
[ 2426.666034][ T1291] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2426.679464][ T1291] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2426.688327][ T1291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2426.696566][ T1291] usb 4-1: config 0 descriptor??
[ 2426.834689][ T1292] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2426.844658][ T1292] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2426.853394][ T1292] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2426.862269][ T1292] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2426.870444][ T1292] usb 5-1: config 0 descriptor??
[ 2426.898334][T18309] usb 1-1: USB disconnect, device number 20
[ 2427.104892][   T19] hid (null): bogus close delimiter
[ 2427.245235][ T1291] usb 4-1: USB disconnect, device number 44
[ 2427.455232][ T1292] usb 5-1: USB disconnect, device number 51
[ 2427.564698][   T19] usb 2-1: string descriptor 0 read error: -71
[ 2427.584871][   T19] uclogic 0003:256C:006D.03E9: failed retrieving string descriptor #200: -71
[ 2427.593472][   T19] uclogic 0003:256C:006D.03E9: failed retrieving pen parameters: -71
[ 2427.601366][   T19] uclogic 0003:256C:006D.03E9: failed probing pen v2 parameters: -71
[ 2427.609265][   T19] uclogic 0003:256C:006D.03E9: failed probing parameters: -71
[ 2427.616602][   T19] uclogic: probe of 0003:256C:006D.03E9 failed with error -71
[ 2427.624722][   T19] usb 2-1: USB disconnect, device number 54
[ 2427.723235][T22849] loop3: detected capacity change from 0 to 8192
[ 2427.734662][T18309] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 2427.764941][T22849]  loop3: p1 p4
[ 2427.768278][T22849] loop3: p1 size 8388608 extends beyond EOD, truncated
[ 2427.775368][T22849] loop3: p4 start 4278190080 is beyond EOD, truncated
[ 2427.783975][T22849] 9pnet: p9_errstr2errno: server reported unknown error œæçÿé’º=÷µíOIY—á½~*¯êö®cKóÓáò�

[ 2427.804710][T14254] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 2427.810993][T14254] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 2427.818270][T14254] cdc_ncm 3-1:1.0: setting rx_max = 2048
[ 2427.963995][T22862] syz-executor.4[22862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2427.964041][T22862] syz-executor.4[22862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2427.984707][T18309] usb 1-1: Using ep0 maxpacket: 16
[ 2428.014743][T14254] cdc_ncm 3-1:1.0: setting tx_max = 184
[ 2428.021002][T14254] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 2428.038520][T22864] syz-executor.1[22864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2428.038587][T22864] syz-executor.1[22864] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2428.046179][T14254] usb 3-1: USB disconnect, device number 43
[ 2428.080892][T22867] loop3: detected capacity change from 0 to 16
[ 2428.082473][T14254] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[ 2428.088181][T22867] erofs: (device loop3): mounted with root inode @ nid 36.
[ 2428.114473][T22867] erofs: (device loop3): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 36
[ 2428.124097][T18309] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[ 2428.132981][T22867] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117]
[ 2428.152807][T22869] syz-executor.3[22869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2428.152878][T22869] syz-executor.3[22869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2428.294704][T18309] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[ 2428.325183][T18309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2428.338767][T18309] usb 1-1: Product: syz
[ 2428.344980][T18309] usb 1-1: Manufacturer: syz
[ 2428.352696][T18309] usb 1-1: SerialNumber: syz
[ 2428.365238][T18309] usb 1-1: config 0 descriptor??
[ 2428.405236][T18309] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 2428.412782][T18309] usb 1-1: Detected FT232R
[ 2428.535954][T22879] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2428.834528][T22885] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2428.843745][T18309] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 2428.843752][T22885] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2428.844709][T14254] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 2428.874757][T18309] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[ 2428.883529][T18309] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2428.896228][T18309] usb 1-1: USB disconnect, device number 21
[ 2428.903289][T18309] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2428.912770][T18309] ftdi_sio 1-1:0.0: device disconnected
[ 2428.929505][T22893] loop4: detected capacity change from 0 to 512
[ 2428.947182][T22893] __quota_error: 35 callbacks suppressed
[ 2428.947200][T22893] Quota error (device loop4): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 2428.962794][T22893] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 2428.973019][T22893] EXT4-fs (loop4): 1 truncate cleaned up
[ 2428.978643][T22893] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 2428.987440][T22893] ext4 filesystem being mounted at /root/syzkaller-testdir523496202/syzkaller.2VEGTV/624/file0 supports timestamps until 2038 (0x7fffffff)
[ 2429.003300][T22904] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2429.026304][T14335] EXT4-fs (loop4): unmounting filesystem.
[ 2429.067736][T22914] syz-executor.3[22914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2429.067806][T22914] syz-executor.3[22914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2429.225209][T14254] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2429.251722][T14254] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2429.264298][T14254] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2429.274677][T14254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2429.286051][T14254] usb 3-1: config 0 descriptor??
[ 2429.310361][T22935] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2429.520940][T22942] syz-executor.4[22942] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2429.521120][T22942] syz-executor.4[22942] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2429.836677][T14254] usb 3-1: USB disconnect, device number 44
[ 2430.036033][T22940] loop0: detected capacity change from 0 to 40427
[ 2430.047791][T22940] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2430.056057][T22940] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2430.067646][T22940] F2FS-fs (loop0): invalid crc value
[ 2430.071895][T22949] loop1: detected capacity change from 0 to 2048
[ 2430.081516][T22940] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2430.137131][T22949] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2430.152110][T22940] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2430.159010][T22940] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2430.163032][T22949] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 2430.185321][T22949] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[ 2430.197660][T22949] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 2430.197660][T22949] 
[ 2430.207240][T22949] EXT4-fs (loop1): Total free blocks count 0
[ 2430.213172][T22949] EXT4-fs (loop1): Free/Dirty block details
[ 2430.219037][T22949] EXT4-fs (loop1): free_blocks=2415919104
[ 2430.224530][T22949] EXT4-fs (loop1): dirty_blocks=16
[ 2430.229519][T22949] EXT4-fs (loop1): Block reservation details
[ 2430.235310][T22949] EXT4-fs (loop1): i_reserved_data_blocks=1
[ 2430.257008][T16732] EXT4-fs (loop1): unmounting filesystem.
[ 2430.264644][T22940] loop0: detected capacity change from 40427 to 11
[ 2430.280190][T22963] syz-executor.0: attempt to access beyond end of device
[ 2430.280190][T22963] loop0: rw=14337, sector=4096, nr_sectors = 40 limit=11
[ 2430.325709][T22963] F2FS-fs (loop0): do_checkpoint failed err:-5, stop checkpoint
[ 2430.361413][T22956] loop3: detected capacity change from 0 to 40427
[ 2430.375479][T22956] F2FS-fs (loop3): invalid crc value
[ 2430.388766][T22956] F2FS-fs (loop3): invalid journal entries nats 65535 sits 6
[ 2430.396546][T13577] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2430.402361][T22956] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-22)
[ 2430.415048][T13577] F2FS-fs (loop0): f2fs_commit_super fails to record errors:4, err:-5
[ 2430.424562][T13577] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2430.755494][T23001] loop3: detected capacity change from 0 to 1024
[ 2430.765616][T23003] loop1: detected capacity change from 0 to 2048
[ 2430.775001][T23001] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2430.788148][T23001] EXT4-fs (loop3): unmounting filesystem.
[ 2430.801194][T23003] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2430.812837][T23003] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 2430.834378][T23003] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[ 2430.851938][T23003] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 2430.851938][T23003] 
[ 2430.862820][T23010] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 2430.864664][T23003] EXT4-fs (loop1): Total free blocks count 0
[ 2430.877710][T23003] EXT4-fs (loop1): Free/Dirty block details
[ 2430.883480][T23003] EXT4-fs (loop1): free_blocks=2415919104
[ 2430.889238][T23003] EXT4-fs (loop1): dirty_blocks=16
[ 2430.894254][T23003] EXT4-fs (loop1): Block reservation details
[ 2430.900145][T23003] EXT4-fs (loop1): i_reserved_data_blocks=1
[ 2430.903114][T22999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2430.925914][T22999] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2430.934907][T16732] EXT4-fs (loop1): unmounting filesystem.
[ 2430.940989][T22999] device bridge_slave_0 entered promiscuous mode
[ 2430.954653][ T1291] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 2430.965102][T22999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2430.977355][T22999] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2430.986057][T22999] device bridge_slave_1 entered promiscuous mode
[ 2430.999048][T23019] loop3: detected capacity change from 0 to 2048
[ 2431.023209][T23019] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 2431.049120][T23019] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 2431.070209][  T343] device bridge_slave_1 left promiscuous mode
[ 2431.076466][T23019] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[ 2431.089011][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2431.097346][  T343] device bridge_slave_0 left promiscuous mode
[ 2431.103287][T23019] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 2431.103287][T23019] 
[ 2431.112860][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2431.120702][  T343] device veth1_macvtap left promiscuous mode
[ 2431.126587][T23019] EXT4-fs (loop3): Total free blocks count 0
[ 2431.132397][  T343] device veth0_vlan left promiscuous mode
[ 2431.134644][T23019] EXT4-fs (loop3): Free/Dirty block details
[ 2431.159868][T23019] EXT4-fs (loop3): free_blocks=2415919104
[ 2431.172976][T23019] EXT4-fs (loop3): dirty_blocks=16
[ 2431.188723][T23019] EXT4-fs (loop3): Block reservation details
[ 2431.194657][ T1291] usb 5-1: Using ep0 maxpacket: 16
[ 2431.201708][T23019] EXT4-fs (loop3): i_reserved_data_blocks=1
[ 2431.227383][ T7930] EXT4-fs (loop3): unmounting filesystem.
[ 2431.314715][ T1291] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2431.330111][T22999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2431.337012][T22999] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2431.344059][T22999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2431.348924][T23030] loop1: detected capacity change from 0 to 2048
[ 2431.350866][T22999] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2431.369206][ T1291] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2431.378832][ T1291] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[ 2431.394740][T23030] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2431.408120][T23030] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 2431.423203][T14254] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2431.423411][T23030] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[ 2431.442438][T14254] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2431.448479][T23030] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 2431.448479][T23030] 
[ 2431.450683][T23039] loop2: detected capacity change from 0 to 1024
[ 2431.462574][T23030] EXT4-fs (loop1): Total free blocks count 0
[ 2431.469164][T23039] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2431.470867][T23030] EXT4-fs (loop1): Free/Dirty block details
[ 2431.485470][ T1291] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2431.494695][ T1291] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2431.503065][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2431.510170][ T1291] usb 5-1: SerialNumber: syz
[ 2431.515099][T23030] EXT4-fs (loop1): free_blocks=2415919104
[ 2431.516360][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2431.521122][T23030] EXT4-fs (loop1): dirty_blocks=16
[ 2431.531162][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2431.534937][T23030] EXT4-fs (loop1): Block reservation details
[ 2431.546452][T22992] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2431.553539][T23030] EXT4-fs (loop1): i_reserved_data_blocks=1
[ 2431.558928][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2431.567483][T23039] EXT4-fs (loop2): unmounting filesystem.
[ 2431.567997][T23045] loop3: detected capacity change from 0 to 2048
[ 2431.573515][T14254] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2431.579651][ T1291] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[ 2431.586047][T14254] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2431.592449][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2431.594506][ T1291] cdc_acm: probe of 5-1:1.0 failed with error -12
[ 2431.611338][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2431.622887][T14254] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2431.623547][T16732] EXT4-fs (loop1): unmounting filesystem.
[ 2431.629754][T14254] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2431.630377][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2431.643446][T23045] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 2431.650356][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2431.671238][T23045] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 2431.674989][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2431.693627][T23045] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[ 2431.694062][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2431.705912][T23045] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 2431.705912][T23045] 
[ 2431.713941][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2431.723187][T23045] EXT4-fs (loop3): Total free blocks count 0
[ 2431.731757][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2431.736853][T23045] EXT4-fs (loop3): Free/Dirty block details
[ 2431.754287][T22999] device veth0_vlan entered promiscuous mode
[ 2431.758332][T23045] EXT4-fs (loop3): free_blocks=2415919104
[ 2431.761311][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2431.766169][T23045] EXT4-fs (loop3): dirty_blocks=16
[ 2431.778498][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2431.788029][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2431.789649][ T1292] usb 5-1: USB disconnect, device number 52
[ 2431.802596][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2431.803322][T23045] EXT4-fs (loop3): Block reservation details
[ 2431.824273][T22999] device veth1_macvtap entered promiscuous mode
[ 2431.830764][T23045] EXT4-fs (loop3): i_reserved_data_blocks=1
[ 2431.839971][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2431.849540][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2431.857700][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2431.875040][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2431.885723][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2431.894791][T23055] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2431.895315][ T7930] EXT4-fs (loop3): unmounting filesystem.
[ 2431.924271][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2431.932724][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2432.209735][T23051] loop1: detected capacity change from 0 to 40427
[ 2432.224840][T23051] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 2432.240007][T23051] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2432.254321][T23059] loop3: detected capacity change from 0 to 40427
[ 2432.261400][T23051] F2FS-fs (loop1): invalid crc value
[ 2432.267334][T23059] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 2432.275574][T23059] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2432.284329][T23051] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2432.298756][T23059] F2FS-fs (loop3): invalid crc value
[ 2432.330810][T23059] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2432.366891][T23051] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2432.378252][T23051] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2432.411923][T23059] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 2432.422149][T23059] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2432.560155][T23064] loop0: detected capacity change from 0 to 131072
[ 2432.568238][T23064] F2FS-fs (loop0): invalid crc value
[ 2432.574974][T23064] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2432.599249][T23064] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[ 2432.624661][T23051] loop1: detected capacity change from 40427 to 11
[ 2432.631050][T23059] loop3: detected capacity change from 40427 to 11
[ 2432.660967][T16732] syz-executor.1: attempt to access beyond end of device
[ 2432.660967][T16732] loop1: rw=2049, sector=32800, nr_sectors = 8 limit=11
[ 2432.675234][ T7930] syz-executor.3: attempt to access beyond end of device
[ 2432.675234][ T7930] loop3: rw=2049, sector=32800, nr_sectors = 8 limit=11
[ 2432.692790][T16732] syz-executor.1: attempt to access beyond end of device
[ 2432.692790][T16732] loop1: rw=2049, sector=36928, nr_sectors = 8 limit=11
[ 2432.707211][ T7930] syz-executor.3: attempt to access beyond end of device
[ 2432.707211][ T7930] loop3: rw=2049, sector=36928, nr_sectors = 8 limit=11
[ 2432.723334][T13577] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2432.723355][  T343] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2432.741114][  T343] F2FS-fs (loop3): f2fs_commit_super fails to record errors:4, err:-5
[ 2432.749224][  T343] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2432.758096][T13577] F2FS-fs (loop1): f2fs_commit_super fails to record errors:4, err:-5
[ 2432.784623][T13577] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2432.905723][T23088] loop2: detected capacity change from 0 to 1024
[ 2432.937376][T23088] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2432.960441][T23088] EXT4-fs (loop2): unmounting filesystem.
[ 2433.009007][T23096] bpf_get_probe_write_proto: 4 callbacks suppressed
[ 2433.009025][T23096] syz-executor.1[23096] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2433.019683][T23096] syz-executor.1[23096] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2433.417277][T23127] syz-executor.3[23127] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2433.468117][T23127] syz-executor.3[23127] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2433.699674][T23113] loop0: detected capacity change from 0 to 131072
[ 2433.718978][T23113] F2FS-fs (loop0): invalid crc value
[ 2433.745371][T23113] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2433.791659][T23113] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[ 2433.968458][T23120] loop4: detected capacity change from 0 to 40427
[ 2433.984560][T23120] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 2433.999758][T23120] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2434.019777][T23120] F2FS-fs (loop4): invalid crc value
[ 2434.043038][T23120] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2434.131733][T23120] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2434.141879][T23120] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2434.196244][T23143] loop0: detected capacity change from 0 to 1024
[ 2434.211540][T23143] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 2434.238407][T23143] EXT4-fs (loop0): unmounting filesystem.
[ 2434.274902][T23120] loop4: detected capacity change from 40427 to 11
[ 2434.288919][T23149] syz-executor.4: attempt to access beyond end of device
[ 2434.288919][T23149] loop4: rw=14337, sector=4096, nr_sectors = 40 limit=11
[ 2434.323572][T23149] F2FS-fs (loop4): do_checkpoint failed err:-5, stop checkpoint
[ 2434.405641][  T343] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2434.418664][  T343] F2FS-fs (loop4): f2fs_commit_super fails to record errors:4, err:-5
[ 2434.435297][  T343] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2434.734745][T23155] loop1: detected capacity change from 0 to 40427
[ 2434.750773][T23155] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 2434.764712][T23160] loop0: detected capacity change from 0 to 40427
[ 2434.771007][T23155] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2434.780881][T23160] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2434.789232][T23155] F2FS-fs (loop1): invalid crc value
[ 2434.794387][T23160] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2434.798953][T23164] loop2: detected capacity change from 0 to 40427
[ 2434.803148][T23160] F2FS-fs (loop0): invalid crc value
[ 2434.815502][T23164] F2FS-fs (loop2): invalid crc value
[ 2434.822112][T23164] F2FS-fs (loop2): invalid journal entries nats 65535 sits 6
[ 2434.829450][T23155] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2434.829447][T23164] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-22)
[ 2434.844674][T23160] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2434.884663][T23155] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2434.893197][T23155] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2434.893630][T23169] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2434.908125][T23160] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2434.909031][T23169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2434.915097][T23160] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2434.935220][T23169] device bridge_slave_0 entered promiscuous mode
[ 2434.942890][T23160] syz-executor.0: attempt to access beyond end of device
[ 2434.942890][T23160] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[ 2434.958743][T23169] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2434.969487][T23169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2434.977056][T23169] device bridge_slave_1 entered promiscuous mode
[ 2434.999796][ T5655] kworker/u4:0: attempt to access beyond end of device
[ 2434.999796][ T5655] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 2435.013653][T23155] loop1: detected capacity change from 40427 to 11
[ 2435.013869][T23183] syz-executor.1: attempt to access beyond end of device
[ 2435.013869][T23183] loop1: rw=2049, sector=36920, nr_sectors = 8 limit=11
[ 2435.034435][T13577] device bridge_slave_1 left promiscuous mode
[ 2435.042974][T13577] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2435.051259][T13577] device bridge_slave_0 left promiscuous mode
[ 2435.057496][T13577] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2435.072014][T13577] device veth1_macvtap left promiscuous mode
[ 2435.079301][T13577] device veth0_vlan left promiscuous mode
[ 2435.230516][T23169] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2435.237400][T23169] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2435.244482][T23169] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2435.251275][T23169] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2435.277024][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2435.284749][ T1291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2435.294325][ T1291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2435.303988][T19871] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2435.335341][T19871] F2FS-fs (loop1): f2fs_commit_super fails to record errors:4, err:-5
[ 2435.343790][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2435.350947][T19871] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2435.357372][ T1291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2435.367136][ T1291] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2435.399058][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2435.414868][ T1291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2435.421722][ T1291] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2435.444047][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2435.455265][T23193] loop0: detected capacity change from 0 to 40427
[ 2435.461838][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2435.470311][T23193] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2435.479110][T23193] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2435.487661][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2435.497265][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2435.505920][T23193] F2FS-fs (loop0): invalid crc value
[ 2435.507745][T23169] device veth0_vlan entered promiscuous mode
[ 2435.518117][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2435.526171][T23193] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2435.526216][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2435.558664][T23169] device veth1_macvtap entered promiscuous mode
[ 2435.568964][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2435.577470][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2435.591462][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2435.608696][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2435.624516][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2435.640612][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2435.648699][T23193] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2435.655704][T23193] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2435.663372][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2435.678121][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2435.694022][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2435.748186][T23193] loop0: detected capacity change from 40427 to 11
[ 2435.748480][T23207] syz-executor.0: attempt to access beyond end of device
[ 2435.748480][T23207] loop0: rw=2049, sector=36920, nr_sectors = 8 limit=11
[ 2435.764817][T23199] loop3: detected capacity change from 0 to 40427
[ 2435.779916][T23199] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 2435.789421][T23199] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 2435.798527][T23199] F2FS-fs (loop3): invalid crc value
[ 2435.819644][T23199] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2435.828476][T23205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2435.835417][T23205] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2435.842645][T23205] device bridge_slave_0 entered promiscuous mode
[ 2435.855055][T23205] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2435.856381][ T5655] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2435.866606][T23205] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2435.877741][T23199] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 2435.884588][T23199] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2435.884985][ T5655] F2FS-fs (loop0): f2fs_commit_super fails to record errors:4, err:-5
[ 2435.900776][T23205] device bridge_slave_1 entered promiscuous mode
[ 2435.917896][ T5655] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2435.975597][T23199] loop3: detected capacity change from 40427 to 11
[ 2435.996652][T23199] syz-executor.3: attempt to access beyond end of device
[ 2435.996652][T23199] loop3: rw=2049, sector=36920, nr_sectors = 8 limit=11
[ 2436.071049][T23205] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2436.077929][T23205] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2436.085022][T23205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2436.091796][T23205] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2436.140355][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2436.150132][ T5626] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2436.165000][ T5626] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2436.185444][ T5655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2436.194707][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2436.200477][ T5655] F2FS-fs (loop3): f2fs_commit_super fails to record errors:4, err:-5
[ 2436.202672][T14254] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2436.217361][T14254] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2436.225081][ T5655] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 2436.258511][T23234] loop2: detected capacity change from 0 to 256
[ 2436.268070][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2436.276513][T23234] FAT-fs (loop2): Unrecognized mount option "smackfshat=+:$" or missing value
[ 2436.291971][T14254] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2436.298835][T14254] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2436.315029][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2436.322844][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2436.373652][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2436.396078][T23205] device veth0_vlan entered promiscuous mode
[ 2436.402846][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2436.411783][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2436.419195][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2436.431840][T23205] device veth1_macvtap entered promiscuous mode
[ 2436.440006][T13577] device bridge_slave_1 left promiscuous mode
[ 2436.446251][T13577] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2436.453558][T13577] device bridge_slave_0 left promiscuous mode
[ 2436.474679][T13577] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2436.482487][T13577] device veth1_macvtap left promiscuous mode
[ 2436.488338][T13577] device veth0_vlan left promiscuous mode
[ 2436.618802][ T1292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2436.645999][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2436.654074][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2436.665742][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2436.673779][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2436.709783][T23230] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2436.716870][T23230] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2436.724093][T23230] device bridge_slave_0 entered promiscuous mode
[ 2436.763409][T23255] loop4: detected capacity change from 0 to 40427
[ 2436.770791][T23230] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2436.778534][T23255] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64)
[ 2436.784859][T23230] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2436.785640][T23255] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2436.794923][T23230] device bridge_slave_1 entered promiscuous mode
[ 2436.804173][T23255] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2436.838328][T23248] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2436.845266][T23248] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2436.852510][T23248] device bridge_slave_0 entered promiscuous mode
[ 2436.858652][T23255] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2436.858673][T23255] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2436.879569][T23261] f2fs_ckpt-7:4: attempt to access beyond end of device
[ 2436.879569][T23261] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 2436.880486][T23248] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2436.900310][T23248] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2436.908209][T23248] device bridge_slave_1 entered promiscuous mode
[ 2436.989717][T23230] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2436.996598][T23230] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2436.999189][   T28] audit: type=1400 audit(1717002209.866:446294): avc:  denied  { read } for  pid=23274 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2437.003658][T23230] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2437.030179][T23230] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2437.072740][T23248] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2437.079608][T23248] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2437.086692][T23248] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2437.093471][T23248] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2437.131108][ T1291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2437.138328][ T1291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2437.147100][ T1291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2437.154196][ T1291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2437.161518][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2437.168780][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2437.185820][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2437.193849][T15498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2437.200687][T15498] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2437.208012][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2437.216169][T15498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2437.222988][T15498] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2437.230230][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2437.244668][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2437.258299][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2437.266460][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2437.274469][T18309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2437.281446][T18309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2437.305404][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2437.314656][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2437.322589][T15498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2437.329419][T15498] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2437.336596][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2437.339165][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2437.344452][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2437.369126][T23248] device veth0_vlan entered promiscuous mode
[ 2437.378245][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2437.386386][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2437.394262][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2437.401451][ T5626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2437.411924][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2437.420244][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2437.427655][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2437.441039][T23248] device veth1_macvtap entered promiscuous mode
[ 2437.447782][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2437.455873][T23230] device veth0_vlan entered promiscuous mode
[ 2437.466016][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2437.479860][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2437.489190][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2437.501484][T23230] device veth1_macvtap entered promiscuous mode
[ 2437.513735][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2437.526429][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2437.665796][T13577] device bridge_slave_1 left promiscuous mode
[ 2437.671804][T13577] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2437.679000][T13577] device bridge_slave_0 left promiscuous mode
[ 2437.685077][T13577] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2437.692561][T13577] device bridge_slave_1 left promiscuous mode
[ 2437.698643][T13577] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2437.705902][T13577] device bridge_slave_0 left promiscuous mode
[ 2437.711794][T13577] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2437.719625][T13577] device veth1_macvtap left promiscuous mode
[ 2437.725584][T13577] device veth0_vlan left promiscuous mode
[ 2437.731348][T13577] device veth1_macvtap left promiscuous mode
[ 2437.737288][T13577] device veth0_vlan left promiscuous mode
[ 2437.874657][T14254] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 2437.893507][   T28] audit: type=1400 audit(1717002210.756:446295): avc:  denied  { ioctl } for  pid=23295 comm="syz-executor.1" path="uts:[4026532626]" dev="nsfs" ino=4026532626 ioctlcmd=0x5451 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 2437.996097][T23288] loop4: detected capacity change from 0 to 40427
[ 2438.004478][T23288] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 2438.014115][T23288] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2438.022998][T23288] F2FS-fs (loop4): invalid crc value
[ 2438.030848][T23288] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2438.073933][T23288] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2438.080970][T23288] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2438.103028][T23288] syz-executor.4: attempt to access beyond end of device
[ 2438.103028][T23288] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[ 2438.114622][T14254] usb 1-1: Using ep0 maxpacket: 32
[ 2440.026147][T19871] kworker/u4:1: attempt to access beyond end of device
[ 2440.026147][T19871] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 2440.096104][T14254] usb 1-1: config 0 has an invalid interface number: 179 but max is 1
[ 2440.104390][T14254] usb 1-1: config 0 has no interface number 1
[ 2440.110334][T14254] usb 1-1: config 0 interface 179 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[ 2440.120784][T14254] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0xD, skipping
[ 2440.285340][T14254] usb 1-1: New USB device found, idVendor=2100, idProduct=9e69, bcdDevice=a9.19
[ 2440.302362][T14254] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2440.432307][T14254] usb 1-1: Product: syz
[ 2440.446416][T14254] usb 1-1: Manufacturer: syz
[ 2440.450836][T14254] usb 1-1: SerialNumber: syz
[ 2440.455416][T23335] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2440.472149][T14254] usb 1-1: config 0 descriptor??
[ 2440.540227][   T28] audit: type=1326 audit(1717002213.406:446296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23332 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d50a7cee9 code=0x7fc00000
[ 2440.565447][   T28] audit: type=1326 audit(1717002213.406:446297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23332 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f4d50a7cee9 code=0x7fc00000
[ 2440.590023][   T28] audit: type=1326 audit(1717002213.406:446298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23332 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d50a7cee9 code=0x7fc00000
[ 2440.645161][T14254] ftdi_sio 1-1:0.179: FTDI USB Serial Device converter detected
[ 2440.655165][T14254] ftdi_sio ttyUSB0: unknown device type: 0xa919
[ 2440.668723][T14254] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[ 2442.032374][T14254] ftdi_sio ttyUSB1: unknown device type: 0xa919
[ 2442.045971][T14254] usb 1-1: USB disconnect, device number 22
[ 2442.052303][T14254] ftdi_sio 1-1:0.179: device disconnected
[ 2442.060240][T14254] ftdi_sio 1-1:0.0: device disconnected
[ 2442.294366][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2443.176207][T23417] loop0: detected capacity change from 0 to 2048
[ 2443.193664][T23417] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: casefold flag without casefold feature
[ 2443.218483][T23417] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[ 2443.245720][T23417] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[ 2443.253155][T23417] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 2443.513675][T23230] EXT4-fs (loop0): unmounting filesystem.
[ 2443.561723][T23427] bridge0: port 3(vlan2) entered blocking state
[ 2443.592704][T23427] bridge0: port 3(vlan2) entered disabled state
[ 2443.824869][   T28] audit: type=1400 audit(1717002216.696:446299): avc:  denied  { setopt } for  pid=23435 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 2443.848976][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2444.065621][T23444] loop2: detected capacity change from 0 to 2048
[ 2444.109042][T23450] loop3: detected capacity change from 0 to 2048
[ 2444.116097][T23444] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 2444.128550][T23444] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz-executor.2: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[ 2444.129734][T23450] EXT4-fs error (device loop3): __ext4_fill_super:5386: inode #2: comm syz-executor.3: casefold flag without casefold feature
[ 2444.165783][T23450] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 2444.175987][T23450] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[ 2444.178406][T14216] EXT4-fs (loop2): unmounting filesystem.
[ 2444.185938][T23450] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 2444.254452][T23460] loop2: detected capacity change from 0 to 2048
[ 2444.275648][T23463] loop1: detected capacity change from 0 to 512
[ 2444.284330][T23463] EXT4-fs: Ignoring removed bh option
[ 2444.289621][T23463] EXT4-fs: Ignoring removed nobh option
[ 2444.296207][T23460] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 2444.323001][T14216] EXT4-fs (loop2): unmounting filesystem.
[ 2444.323725][T23463] EXT4-fs (loop1): 1 orphan inode deleted
[ 2444.334888][T23463] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 2444.351621][T23463] ext4 filesystem being mounted at /root/syzkaller-testdir2052843849/syzkaller.qE3gHc/24/file1 supports timestamps until 2038 (0x7fffffff)
[ 2444.371762][   T28] audit: type=1400 audit(1717002217.236:446300): avc:  denied  { map } for  pid=23468 comm="syz-executor.2" path="socket:[262164]" dev="sockfs" ino=262164 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 2444.401525][T23205] EXT4-fs (loop1): unmounting filesystem.
[ 2444.446732][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2444.695741][T23479] loop4: detected capacity change from 0 to 128
[ 2444.706902][T23479] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 2444.715817][T23479] ext4 filesystem being mounted at /root/syzkaller-testdir3768095626/syzkaller.rF0eOC/20/mnt supports timestamps until 2038 (0x7fffffff)
[ 2444.749709][T23169] EXT4-fs (loop4): unmounting filesystem.
[ 2444.786814][T23488] loop4: detected capacity change from 0 to 2048
[ 2444.797366][T23473] loop2: detected capacity change from 0 to 40427
[ 2444.806258][T23488] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 2444.814709][T23473] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 2444.821905][T23488] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz-executor.4: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[ 2444.828970][T23473] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2444.850107][T23248] EXT4-fs (loop3): unmounting filesystem.
[ 2444.860722][T23169] EXT4-fs (loop4): unmounting filesystem.
[ 2444.867374][T23473] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2444.913765][T23473] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 2444.934671][T23473] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2444.941573][T23473] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 2444.965005][T23473] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[ 2445.510253][T23529] loop1: detected capacity change from 0 to 2048
[ 2445.545048][T23529] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 2445.561201][T23529] EXT4-fs error (device loop1): ext4_find_extent:936: inode #2: comm syz-executor.1: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[ 2445.602286][T23205] EXT4-fs (loop1): unmounting filesystem.
[ 2446.021817][T23565] loop3: detected capacity change from 0 to 512
[ 2446.040839][T23565] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 2446.065337][T23565] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[ 2446.098414][T23565] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[ 2446.118395][T23565] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[ 2446.132147][T23565] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[ 2446.144809][T23565] EXT4-fs (loop3): 1 orphan inode deleted
[ 2446.150429][T23565] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 2446.168150][T23248] EXT4-fs (loop3): unmounting filesystem.
[ 2446.769274][T23574] loop4: detected capacity change from 0 to 40427
[ 2446.788289][T23574] F2FS-fs (loop4): invalid crc value
[ 2446.833339][T23574] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2446.871284][T23595] loop2: detected capacity change from 0 to 512
[ 2446.888850][T23595] EXT4-fs: Ignoring removed bh option
[ 2446.903894][T23595] EXT4-fs: Ignoring removed nobh option
[ 2446.931091][T23574] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2446.952659][T23595] EXT4-fs (loop2): 1 orphan inode deleted
[ 2446.959361][T23595] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2446.973630][T23586] loop0: detected capacity change from 0 to 40427
[ 2446.981647][T23574] syz-executor.4: attempt to access beyond end of device
[ 2446.981647][T23574] loop4: rw=2049, sector=45096, nr_sectors = 2000 limit=40427
[ 2446.987509][T23586] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2447.003353][T23586] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2447.003514][T23595] ext4 filesystem being mounted at /root/syzkaller-testdir820556241/syzkaller.FmvGPi/607/file1 supports timestamps until 2038 (0x7fffffff)
[ 2447.014580][T23574] syz-executor.4: attempt to access beyond end of device
[ 2447.014580][T23574] loop4: rw=0, sector=47088, nr_sectors = 8 limit=40427
[ 2447.048042][T23586] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2447.054570][T23169] syz-executor.4: attempt to access beyond end of device
[ 2447.054570][T23169] loop4: rw=2049, sector=47096, nr_sectors = 8 limit=40427
[ 2447.144980][T14216] EXT4-fs (loop2): unmounting filesystem.
[ 2447.149708][T23572] loop3: detected capacity change from 0 to 131072
[ 2447.157205][T23586] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2447.159249][T23572] F2FS-fs (loop3): Test dummy encryption mode enabled
[ 2447.170667][T23586] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2447.215293][T23572] F2FS-fs (loop3): invalid crc value
[ 2447.244127][T23572] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2447.313118][T23614] loop4: detected capacity change from 0 to 256
[ 2447.327957][T23572] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2447.351381][   T28] audit: type=1400 audit(1717002220.216:446301): avc:  denied  { unlink } for  pid=23571 comm="syz-executor.3" name="#2a8" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[ 2447.374119][   T28] audit: type=1400 audit(1717002220.216:446302): avc:  denied  { link } for  pid=23571 comm="syz-executor.3" name="#19" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 2447.403273][T23248] F2FS-fs (loop3): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2447.417134][   T28] audit: type=1400 audit(1717002220.266:446303): avc:  denied  { rename } for  pid=23571 comm="syz-executor.3" name="file0" dev="loop3" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[ 2447.419656][T23628] syz-executor.4[23628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2447.472955][T23628] syz-executor.4[23628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2447.639603][T23644] loop0: detected capacity change from 0 to 256
[ 2447.774340][   T28] audit: type=1326 audit(1717002220.636:446304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23645 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe462e7cee9 code=0x7ffc0000
[ 2447.848272][   T28] audit: type=1326 audit(1717002220.636:446305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23645 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe462e7cee9 code=0x7ffc0000
[ 2447.929969][   T28] audit: type=1326 audit(1717002220.646:446306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23645 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fe462e7cee9 code=0x7ffc0000
[ 2448.014671][   T28] audit: type=1326 audit(1717002220.646:446307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23645 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe462e7cee9 code=0x7ffc0000
[ 2448.055819][  T343] device bridge_slave_1 left promiscuous mode
[ 2448.061774][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2448.090373][  T343] device bridge_slave_0 left promiscuous mode
[ 2448.102664][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2448.124631][   T28] audit: type=1326 audit(1717002220.646:446308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23645 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe462e7cee9 code=0x7ffc0000
[ 2448.151492][T23664] syz-executor.1[23664] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2448.151561][T23664] syz-executor.1[23664] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2448.151831][  T343] device veth1_macvtap left promiscuous mode
[ 2448.184756][T23641] loop4: detected capacity change from 0 to 40427
[ 2448.204643][T23641] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 2448.212212][T23641] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2448.235207][  T343] device veth0_vlan left promiscuous mode
[ 2448.268155][T23641] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2448.276955][T23670] loop1: detected capacity change from 0 to 256
[ 2448.399912][T23641] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2448.407574][T23641] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2448.505315][T23671] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2448.513758][T23671] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2448.528480][T23671] device bridge_slave_0 entered promiscuous mode
[ 2448.543595][T23671] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2448.558040][T23671] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2448.572888][T23671] device bridge_slave_1 entered promiscuous mode
[ 2448.600217][T23683] overlayfs: failed to resolve './file0': -2
[ 2448.654650][ T1291] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 2448.786165][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2448.795644][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2448.821617][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2448.833049][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2448.849717][T18309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2448.856581][T18309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2448.878911][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2448.894678][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2448.911424][T18309] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2448.918278][T18309] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2448.939543][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2448.970184][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2448.991657][T18309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2449.021672][T23671] device veth0_vlan entered promiscuous mode
[ 2449.027615][ T1291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2449.046914][ T1291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2449.070583][ T1291] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2449.074204][T23671] device veth1_macvtap entered promiscuous mode
[ 2449.093443][ T1291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2449.116594][ T1291] usb 2-1: config 0 descriptor??
[ 2449.121709][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2449.134249][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2449.156138][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2449.177413][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2449.199380][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2449.222739][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2449.236582][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2449.346686][T23650] loop0: detected capacity change from 0 to 131072
[ 2449.362098][T23650] F2FS-fs (loop0): Test dummy encryption mode enabled
[ 2449.379701][T23650] F2FS-fs (loop0): invalid crc value
[ 2449.408575][T23650] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2449.444493][T23706] syz-executor.3[23706] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2449.444564][T23706] syz-executor.3[23706] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2449.518324][T23650] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2449.579428][T23230] F2FS-fs (loop0): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2449.774095][T23694] loop4: detected capacity change from 0 to 131072
[ 2449.782979][T23694] F2FS-fs (loop4): Test dummy encryption mode enabled
[ 2449.790377][T23694] F2FS-fs (loop4): invalid crc value
[ 2449.794637][T14714] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[ 2449.804019][T23694] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2449.846383][T23694] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2449.886807][T23169] F2FS-fs (loop4): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2449.991181][T23715] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2449.998176][T23715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2450.005787][T23715] device bridge_slave_0 entered promiscuous mode
[ 2450.014783][T23715] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2450.021631][T23715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2450.028806][T23715] device bridge_slave_1 entered promiscuous mode
[ 2450.034647][T14714] usb 4-1: Using ep0 maxpacket: 8
[ 2450.102941][T23715] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2450.109819][T23715] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2450.116902][T23715] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2450.123681][T23715] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2450.131258][ T1291] usb 2-1: string descriptor 0 read error: -71
[ 2450.138848][  T343] device bridge_slave_1 left promiscuous mode
[ 2450.145159][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2450.152552][  T343] device bridge_slave_0 left promiscuous mode
[ 2450.154751][T14714] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2450.158578][ T1291] uclogic 0003:256C:006D.03EA: failed retrieving string descriptor #200: -71
[ 2450.177968][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2450.178677][T14714] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2450.185272][ T1291] uclogic 0003:256C:006D.03EA: failed retrieving pen parameters: -71
[ 2450.202895][ T1291] uclogic 0003:256C:006D.03EA: failed probing pen v2 parameters: -71
[ 2450.202981][  T343] device veth1_macvtap left promiscuous mode
[ 2450.214859][T14714] usb 4-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[ 2450.225616][T14714] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2450.230989][  T343] device veth0_vlan left promiscuous mode
[ 2450.233933][T14714] usb 4-1: config 0 descriptor??
[ 2450.238953][ T1291] uclogic 0003:256C:006D.03EA: failed probing parameters: -71
[ 2450.252836][ T1291] uclogic: probe of 0003:256C:006D.03EA failed with error -71
[ 2450.269715][ T1291] usb 2-1: USB disconnect, device number 55
[ 2450.392611][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2450.402317][   T19] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2450.409398][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2450.425832][T23720] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2450.432748][T23720] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2450.439865][T23720] device bridge_slave_0 entered promiscuous mode
[ 2450.446558][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2450.454451][T15498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2450.461211][T15498] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2450.468614][T23720] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2450.475604][T23720] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2450.482881][T23720] device bridge_slave_1 entered promiscuous mode
[ 2450.506678][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2450.514676][ T1291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2450.521505][ T1291] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2450.539758][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2450.548352][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2450.568494][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2450.576673][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2450.586757][T23715] device veth0_vlan entered promiscuous mode
[ 2450.597507][T14975] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2450.605324][T14975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2450.613043][T14975] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2450.620285][T14975] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2450.642217][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2450.650244][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2450.658750][T23715] device veth1_macvtap entered promiscuous mode
[ 2450.677381][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2450.685045][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2450.693014][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2450.704835][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2450.713493][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2450.722284][T14714] greenasia 0003:0E8F:0012.03EB: global environment stack underflow
[ 2450.730758][T14714] greenasia 0003:0E8F:0012.03EB: item 0 4 1 11 parsing failed
[ 2450.738307][T14714] greenasia 0003:0E8F:0012.03EB: parse failed
[ 2450.744258][T14714] greenasia: probe of 0003:0E8F:0012.03EB failed with error -22
[ 2450.766217][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2450.783572][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2450.788039][   T28] audit: type=1326 audit(1717002223.646:446309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23726 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9a027cee9 code=0x0
[ 2450.821434][T23730] loop0: detected capacity change from 0 to 8192
[ 2450.828196][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2450.836665][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2450.844758][T14714] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2450.851619][T14714] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2450.859557][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2450.867626][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2450.875576][T14714] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2450.882409][T14714] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2450.889873][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2450.897717][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2450.905790][T14714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2450.923798][T23720] device veth0_vlan entered promiscuous mode
[ 2450.926239][T14975] usb 4-1: USB disconnect, device number 45
[ 2450.935639][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2450.943938][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2450.953995][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2450.961706][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2450.969114][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2450.988713][T23720] device veth1_macvtap entered promiscuous mode
[ 2451.002765][T23733] device syzkaller0 entered promiscuous mode
[ 2451.019956][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2451.028317][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2451.036488][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2451.044417][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2451.076315][T23737] loop4: detected capacity change from 0 to 256
[ 2451.082685][T23737] exfat: Deprecated parameter 'namecase'
[ 2451.090784][T23737] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2451.325360][  T343] device bridge_slave_1 left promiscuous mode
[ 2451.332457][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2451.346352][  T343] device bridge_slave_0 left promiscuous mode
[ 2451.358857][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2451.374341][  T343] device veth1_macvtap left promiscuous mode
[ 2451.386884][  T343] device veth0_vlan left promiscuous mode
[ 2451.581915][   T28] audit: type=1326 audit(1717002224.446:446310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x0
[ 2452.147373][T23741] loop4: detected capacity change from 0 to 131072
[ 2452.163565][T23741] F2FS-fs (loop4): Test dummy encryption mode enabled
[ 2452.177876][T23741] F2FS-fs (loop4): invalid crc value
[ 2452.208944][T23741] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2452.307133][T23745] loop0: detected capacity change from 0 to 131072
[ 2452.313564][T23741] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2452.321363][T23745] F2FS-fs (loop0): Test dummy encryption mode enabled
[ 2452.331478][T23745] F2FS-fs (loop0): invalid crc value
[ 2452.352546][T23745] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2452.387630][T23769] loop2: detected capacity change from 0 to 512
[ 2452.400470][T23720] F2FS-fs (loop4): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2452.402024][T23769] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2452.411577][T23745] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2452.433720][T23769] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e09c, mo2=0002]
[ 2452.442432][T23769] System zones: 1-12
[ 2452.468372][T23769] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature
[ 2452.498487][T23769] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag
[ 2452.518443][T23773] loop3: detected capacity change from 0 to 8192
[ 2452.522310][T23769] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117
[ 2452.545054][T23769] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag
[ 2452.575226][T23769] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117
[ 2452.581825][T23715] F2FS-fs (loop0): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2452.598613][T23769] EXT4-fs (loop2): 1 orphan inode deleted
[ 2452.605076][T23769] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 2452.662351][T23769] SELinux:  Context @ is not valid (left unmapped).
[ 2452.671324][   T28] audit: type=1400 audit(1717002225.536:446311): avc:  denied  { relabelto } for  pid=23768 comm="syz-executor.2" name="cgroup.controllers" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[ 2452.705479][T14216] EXT4-fs (loop2): unmounting filesystem.
[ 2452.753311][T23779] loop2: detected capacity change from 0 to 256
[ 2452.846513][T23781] device syzkaller0 entered promiscuous mode
[ 2452.879352][T23787] loop3: detected capacity change from 0 to 256
[ 2452.885945][T23787] exfat: Deprecated parameter 'namecase'
[ 2452.914914][T23787] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2453.085701][T23796] overlayfs: failed to resolve './file0': -2
[ 2453.145367][T19871] device bridge_slave_1 left promiscuous mode
[ 2453.151319][T19871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2453.175118][T19871] device bridge_slave_0 left promiscuous mode
[ 2453.200459][T19871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2453.224929][T19871] device veth1_macvtap left promiscuous mode
[ 2453.243774][T19871] device veth0_vlan left promiscuous mode
[ 2453.653862][T23800] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2453.660952][T23800] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2453.688271][T23800] device bridge_slave_0 entered promiscuous mode
[ 2453.699256][T23801] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2453.706370][T23801] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2453.713692][T23801] device bridge_slave_0 entered promiscuous mode
[ 2453.720273][T23800] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2453.727163][T23800] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2453.734382][T23800] device bridge_slave_1 entered promiscuous mode
[ 2453.749022][T23801] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2453.779427][T23801] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2453.812370][T23801] device bridge_slave_1 entered promiscuous mode
[ 2454.092227][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2454.101703][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2454.142220][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2454.150612][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2454.158691][T15498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2454.165547][T15498] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2454.173491][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2454.181700][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2454.190061][T15498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2454.196917][T15498] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2454.204095][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2454.211958][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2454.220067][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2454.222809][T23811] loop2: detected capacity change from 0 to 256
[ 2454.227406][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2454.240486][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2454.248662][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2454.256748][T15498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2454.263612][T15498] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2454.270857][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2454.279072][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2454.287133][T15498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2454.293977][T15498] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2454.301431][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2454.330357][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2454.337705][T23813] loop2: detected capacity change from 0 to 8192
[ 2454.345121][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2454.363141][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2454.378417][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2454.385975][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2454.395363][T23800] device veth0_vlan entered promiscuous mode
[ 2454.410375][T23794] loop3: detected capacity change from 0 to 131072
[ 2454.417032][T23800] device veth1_macvtap entered promiscuous mode
[ 2454.423770][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2454.425214][T23794] F2FS-fs (loop3): Test dummy encryption mode enabled
[ 2454.432942][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2454.438814][T23794] F2FS-fs (loop3): invalid crc value
[ 2454.449183][T23801] device veth0_vlan entered promiscuous mode
[ 2454.462218][T23794] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 2454.468394][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2454.476834][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2454.486686][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2454.494230][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2454.501990][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2454.509329][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2454.522644][T23801] device veth1_macvtap entered promiscuous mode
[ 2454.538238][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2454.546679][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2454.551567][T23822] loop2: detected capacity change from 0 to 256
[ 2454.561442][T23822] exfat: Deprecated parameter 'namecase'
[ 2454.562024][T23794] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 2454.569076][T23822] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2454.600115][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2454.608517][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2454.630700][T23671] F2FS-fs (loop3): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[ 2454.665473][T19871] device bridge_slave_1 left promiscuous mode
[ 2454.671412][T19871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2454.679463][T19871] device bridge_slave_0 left promiscuous mode
[ 2454.685588][T19871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2454.693397][T19871] device veth1_macvtap left promiscuous mode
[ 2454.699486][T19871] device veth0_vlan left promiscuous mode
[ 2454.904679][T14975] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 2455.274675][T14975] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 8192, setting to 1024
[ 2455.290005][T23839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2455.293120][T14975] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1024
[ 2455.297444][T23839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2455.314117][T23839] device bridge_slave_0 entered promiscuous mode
[ 2455.320738][T14975] usb 1-1: New USB device found, idVendor=0499, idProduct=1035, bcdDevice=56.12
[ 2455.331738][T23839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2455.338359][T14975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2455.339208][T23839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2455.353658][T23839] device bridge_slave_1 entered promiscuous mode
[ 2455.354270][T14975] usb 1-1: config 0 descriptor??
[ 2455.427450][T23839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2455.434330][T23839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2455.441418][T23839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2455.448207][T23839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2455.472215][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2455.483000][T15498] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2455.491878][T15498] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2455.516257][T23844] device syzkaller0 entered promiscuous mode
[ 2455.537276][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2455.545341][ T1291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2455.552174][ T1291] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2455.559518][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2455.567719][ T1291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2455.574554][ T1291] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2455.582553][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2455.590368][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2455.609847][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2455.618257][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2455.618304][T14975] usb 1-1: USB disconnect, device number 23
[ 2455.626059][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2455.639393][T15498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2455.649618][T23839] device veth0_vlan entered promiscuous mode
[ 2455.668149][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2455.676888][T23839] device veth1_macvtap entered promiscuous mode
[ 2455.686383][T14254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2455.697497][T19871] device bridge_slave_1 left promiscuous mode
[ 2455.703464][T19871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2455.710690][T19871] device bridge_slave_0 left promiscuous mode
[ 2455.716692][T19871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2455.724197][T19871] device veth1_macvtap left promiscuous mode
[ 2455.730228][T19871] device veth0_vlan left promiscuous mode
[ 2455.791687][T23850] loop4: detected capacity change from 0 to 8192
[ 2455.831416][ T7566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2455.881927][T23858] loop1: detected capacity change from 0 to 256
[ 2455.888809][T23858] exfat: Deprecated parameter 'namecase'
[ 2455.898980][T23858] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2455.938441][T23861] device syzkaller0 entered promiscuous mode
[ 2456.221199][T23867] loop4: detected capacity change from 0 to 40427
[ 2456.236205][T23867] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 2456.251359][T23867] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2456.288162][T23867] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2456.363131][T23867] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2456.373313][T23867] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 2456.676260][T23888] loop2: detected capacity change from 0 to 8192
[ 2456.786440][T23892] overlayfs: failed to resolve './file0': -2
[ 2457.282375][T23904] usb usb8: usbfs: process 23904 (syz-executor.1) did not claim interface 0 before use
[ 2457.827469][T23912] loop0: detected capacity change from 0 to 40427
[ 2457.849055][T23912] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2457.872988][T23912] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2457.886634][T23919] syz-executor.2[23919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2457.886706][T23919] syz-executor.2[23919] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2457.906817][T23912] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2458.012824][T23912] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2458.024118][T23912] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2458.642611][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2458.895366][T23943] loop3: detected capacity change from 0 to 256
[ 2458.966951][T23949] device syzkaller0 entered promiscuous mode
[ 2458.984062][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2459.061557][T23953] syz-executor.0[23953] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2459.061604][T23953] syz-executor.0[23953] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2459.509071][T23972] loop1: detected capacity change from 0 to 256
[ 2459.538876][T23974] usb usb8: usbfs: process 23974 (syz-executor.2) did not claim interface 0 before use
[ 2459.601338][T23980] syz-executor.4[23980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2459.601412][T23980] syz-executor.4[23980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2459.642885][T23983] device syzkaller0 entered promiscuous mode
[ 2459.959360][T24000] loop0: detected capacity change from 0 to 256
[ 2460.051073][T24005] usb usb8: usbfs: process 24005 (syz-executor.2) did not claim interface 0 before use
[ 2460.567818][T24014] loop1: detected capacity change from 0 to 40427
[ 2460.579508][T24014] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 2460.591422][T24014] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 2460.618892][T24014] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 2460.697416][T24014] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 2460.704295][T24014] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 2460.745082][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2460.943875][T24034] loop1: detected capacity change from 0 to 256
[ 2460.987122][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[ 2461.538816][T24054] syz-executor.4[24054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2461.538884][T24054] syz-executor.4[24054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2461.610025][T24066] loop3: detected capacity change from 0 to 256
[ 2461.672473][T24071] loop3: detected capacity change from 0 to 256
[ 2461.688304][T24071] exfat: Deprecated parameter 'namecase'
[ 2461.701841][T24071] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2461.762749][T24077] syz-executor.3[24077] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2461.762822][T24077] syz-executor.3[24077] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2461.956914][T24084] kvm: emulating exchange as write
[ 2462.704907][T24096] loop1: detected capacity change from 0 to 256
[ 2462.796515][T24102] loop1: detected capacity change from 0 to 256
[ 2462.812586][T24102] exfat: Deprecated parameter 'namecase'
[ 2462.845885][T24102] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2462.850568][T24114] loop4: detected capacity change from 0 to 2048
[ 2462.865075][T24114] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 2462.902181][T24114] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 2462.923079][T24114] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz-executor.4: bg 0: block 2: invalid block bitmap
[ 2462.974494][T23800] EXT4-fs (loop4): unmounting filesystem.
[ 2463.234649][T14254] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 2463.474647][T14254] usb 2-1: Using ep0 maxpacket: 8
[ 2463.594809][T14254] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2463.607042][T14254] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2463.624284][T14254] usb 2-1: config 0 descriptor??
[ 2463.891377][T24148] bpf_get_probe_write_proto: 2 callbacks suppressed
[ 2463.891405][T24148] syz-executor.3[24148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2463.908588][T24148] syz-executor.3[24148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2463.918601][T24151] loop2: detected capacity change from 0 to 256
[ 2463.953586][T24151] exfat: Deprecated parameter 'namecase'
[ 2463.963886][T24151] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[ 2464.148831][T24166] 9pnet_fd: Insufficient options for proto=fd
[ 2464.314635][   T19] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 2464.684679][   T19] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2464.874681][   T19] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2464.883655][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2464.891847][   T19] usb 5-1: Product: syz
[ 2464.895921][   T19] usb 5-1: Manufacturer: syz
[ 2464.900331][   T19] usb 5-1: SerialNumber: syz
[ 2464.974663][T14254] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2464.990053][T14254] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2465.012241][T14254] asix: probe of 2-1:0.0 failed with error -71
[ 2465.025212][T14254] usb 2-1: USB disconnect, device number 56
[ 2465.069289][   T28] audit: type=1326 audit(1717002237.936:446312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.098264][   T28] audit: type=1326 audit(1717002237.956:446313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.127833][   T28] audit: type=1326 audit(1717002237.956:446314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.153277][   T28] audit: type=1326 audit(1717002237.956:446315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.183889][   T28] audit: type=1326 audit(1717002237.956:446316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.233908][   T28] audit: type=1326 audit(1717002237.956:446317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.284326][   T28] audit: type=1326 audit(1717002237.966:446318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.333419][   T28] audit: type=1326 audit(1717002237.966:446319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.383609][   T28] audit: type=1326 audit(1717002237.966:446320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24194 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3e407cee9 code=0x7ffc0000
[ 2465.473824][T24197] loop0: detected capacity change from 0 to 40427
[ 2465.489863][T24197] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 2465.499878][T24197] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 2465.533425][T24197] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 2465.574987][T24197] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 2465.581961][T24197] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 2465.673910][T24205] 9pnet_fd: Insufficient options for proto=fd
[ 2466.009282][   T28] audit: type=1326 audit(1717002238.876:446321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24217 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98247cee9 code=0x7ffc0000
[ 2466.035534][ T1291] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 2466.104719][   T19] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 2466.112176][   T19] cdc_ncm 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 2466.135664][   T19] cdc_ncm 5-1:1.0: setting rx_max = 2048
[ 2466.294608][ T1291] usb 1-1: Using ep0 maxpacket: 16
[ 2466.334783][   T19] cdc_ncm 5-1:1.0: setting tx_max = 184
[ 2466.348267][   T19] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 2466.387859][   T19] usb 5-1: USB disconnect, device number 53
[ 2466.410511][   T19] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[ 2466.434765][ T1291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2466.456044][ T1291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2466.481100][ T1291] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 2466.505774][ T1291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2466.526397][T18309] ==================================================================
[ 2466.534282][T18309] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[ 2466.541912][T18309] Read of size 8 at addr ffff888111bb8cf0 by task kworker/0:0/18309
[ 2466.549721][T18309] 
[ 2466.551892][T18309] CPU: 0 PID: 18309 Comm: kworker/0:0 Not tainted 6.1.75-syzkaller-00030-g3f139724700e #0
[ 2466.561611][T18309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 2466.571509][T18309] Workqueue: events linkwatch_event
[ 2466.576541][T18309] Call Trace:
[ 2466.579676][T18309]  <TASK>
[ 2466.582443][T18309]  dump_stack_lvl+0x151/0x1b7
[ 2466.586954][T18309]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 2466.592248][T18309]  ? _printk+0xd1/0x111
[ 2466.596243][T18309]  ? __virt_addr_valid+0x242/0x2f0
[ 2466.601191][T18309]  print_report+0x158/0x4e0
[ 2466.605529][T18309]  ? __virt_addr_valid+0x242/0x2f0
[ 2466.610476][T18309]  ? kasan_complete_mode_report_info+0x90/0x1b0
[ 2466.616551][T18309]  ? __list_del_entry_valid+0xa6/0x130
[ 2466.621843][T18309]  kasan_report+0x13c/0x170
[ 2466.626183][T18309]  ? __list_del_entry_valid+0xa6/0x130
[ 2466.631479][T18309]  __asan_report_load8_noabort+0x14/0x20
[ 2466.636948][T18309]  __list_del_entry_valid+0xa6/0x130
[ 2466.642067][T18309]  process_one_work+0x4d7/0xcb0
[ 2466.646754][T18309]  worker_thread+0xa60/0x1260
[ 2466.651269][T18309]  kthread+0x26d/0x300
[ 2466.655171][T18309]  ? worker_clr_flags+0x1a0/0x1a0
[ 2466.660033][T18309]  ? kthread_blkcg+0xd0/0xd0
[ 2466.664459][T18309]  ret_from_fork+0x1f/0x30
[ 2466.668712][T18309]  </TASK>
[ 2466.671577][T18309] 
[ 2466.673746][T18309] Allocated by task 19:
[ 2466.677738][T18309]  kasan_set_track+0x4b/0x70
[ 2466.682163][T18309]  kasan_save_alloc_info+0x1f/0x30
[ 2466.687110][T18309]  __kasan_kmalloc+0x9c/0xb0
[ 2466.691536][T18309]  __kmalloc_node+0xb4/0x1e0
[ 2466.695963][T18309]  kvmalloc_node+0x221/0x640
[ 2466.700390][T18309]  alloc_netdev_mqs+0x8c/0xf90
[ 2466.704990][T18309]  alloc_etherdev_mqs+0x36/0x40
[ 2466.709677][T18309]  usbnet_probe+0x207/0x27c0
[ 2466.714104][T18309]  usb_probe_interface+0x5b6/0xa90
[ 2466.719049][T18309]  really_probe+0x2b8/0x920
[ 2466.723390][T18309]  __driver_probe_device+0x1a0/0x310
[ 2466.728509][T18309]  driver_probe_device+0x54/0x3d0
[ 2466.733372][T18309]  __device_attach_driver+0x2e3/0x490
[ 2466.738578][T18309]  bus_for_each_drv+0x183/0x200
[ 2466.743267][T18309]  __device_attach+0x312/0x510
[ 2466.747865][T18309]  device_initial_probe+0x1a/0x20
[ 2466.752724][T18309]  bus_probe_device+0xbe/0x1e0
[ 2466.757327][T18309]  device_add+0xb60/0xf10
[ 2466.761490][T18309]  usb_set_configuration+0x190f/0x1e80
[ 2466.766784][T18309]  usb_generic_driver_probe+0x8b/0x150
[ 2466.772086][T18309]  usb_probe_device+0x144/0x260
[ 2466.776768][T18309]  really_probe+0x2b8/0x920
[ 2466.781109][T18309]  __driver_probe_device+0x1a0/0x310
[ 2466.786226][T18309]  driver_probe_device+0x54/0x3d0
[ 2466.791089][T18309]  __device_attach_driver+0x2e3/0x490
[ 2466.796294][T18309]  bus_for_each_drv+0x183/0x200
[ 2466.800981][T18309]  __device_attach+0x312/0x510
[ 2466.805582][T18309]  device_initial_probe+0x1a/0x20
[ 2466.810448][T18309]  bus_probe_device+0xbe/0x1e0
[ 2466.815045][T18309]  device_add+0xb60/0xf10
[ 2466.819207][T18309]  usb_new_device+0xf32/0x1810
[ 2466.823808][T18309]  hub_event+0x2db1/0x4830
[ 2466.828066][T18309]  process_one_work+0x73d/0xcb0
[ 2466.832748][T18309]  worker_thread+0xa60/0x1260
[ 2466.837261][T18309]  kthread+0x26d/0x300
[ 2466.841167][T18309]  ret_from_fork+0x1f/0x30
[ 2466.845422][T18309] 
[ 2466.847588][T18309] Freed by task 19:
[ 2466.851234][T18309]  kasan_set_track+0x4b/0x70
[ 2466.855661][T18309]  kasan_save_free_info+0x2b/0x40
[ 2466.860520][T18309]  ____kasan_slab_free+0x131/0x180
[ 2466.865466][T18309]  __kasan_slab_free+0x11/0x20
[ 2466.870066][T18309]  __kmem_cache_free+0x218/0x3b0
[ 2466.874842][T18309]  kfree+0x7a/0xf0
[ 2466.878400][T18309]  kvfree+0x35/0x40
[ 2466.882044][T18309]  netdev_freemem+0x3f/0x60
[ 2466.886384][T18309]  netdev_release+0x7f/0xb0
[ 2466.890723][T18309]  device_release+0x95/0x1c0
[ 2466.895149][T18309]  kobject_put+0x178/0x260
[ 2466.899403][T18309]  put_device+0x1f/0x30
[ 2466.903394][T18309]  free_netdev+0x393/0x480
[ 2466.907649][T18309]  usbnet_disconnect+0x245/0x390
[ 2466.912421][T18309]  usb_unbind_interface+0x1fa/0x8c0
[ 2466.917455][T18309]  device_release_driver_internal+0x53e/0x870
[ 2466.923355][T18309]  device_release_driver+0x19/0x20
[ 2466.928303][T18309]  bus_remove_device+0x2fa/0x360
[ 2466.933077][T18309]  device_del+0x663/0xe90
[ 2466.937244][T18309]  usb_disable_device+0x380/0x720
[ 2466.942104][T18309]  usb_disconnect+0x32a/0x890
[ 2466.946615][T18309]  hub_event+0x1ed8/0x4830
[ 2466.950870][T18309]  process_one_work+0x73d/0xcb0
[ 2466.955555][T18309]  worker_thread+0xd71/0x1260
[ 2466.960069][T18309]  kthread+0x26d/0x300
[ 2466.963974][T18309]  ret_from_fork+0x1f/0x30
[ 2466.968230][T18309] 
[ 2466.970399][T18309] Last potentially related work creation:
[ 2466.975955][T18309]  kasan_save_stack+0x3b/0x60
[ 2466.980465][T18309]  __kasan_record_aux_stack+0xb4/0xc0
[ 2466.985672][T18309]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2466.991314][T18309]  insert_work+0x56/0x310
[ 2466.995481][T18309]  __queue_work+0x9b6/0xd70
[ 2466.999818][T18309]  queue_work_on+0x105/0x170
[ 2467.004246][T18309]  usbnet_link_change+0xeb/0x100
[ 2467.009018][T18309]  usbnet_probe+0x1dbe/0x27c0
[ 2467.013549][T18309]  usb_probe_interface+0x5b6/0xa90
[ 2467.018480][T18309]  really_probe+0x2b8/0x920
[ 2467.022819][T18309]  __driver_probe_device+0x1a0/0x310
[ 2467.027939][T18309]  driver_probe_device+0x54/0x3d0
[ 2467.032799][T18309]  __device_attach_driver+0x2e3/0x490
[ 2467.038007][T18309]  bus_for_each_drv+0x183/0x200
[ 2467.042694][T18309]  __device_attach+0x312/0x510
[ 2467.047293][T18309]  device_initial_probe+0x1a/0x20
[ 2467.052157][T18309]  bus_probe_device+0xbe/0x1e0
[ 2467.056754][T18309]  device_add+0xb60/0xf10
[ 2467.060919][T18309]  usb_set_configuration+0x190f/0x1e80
[ 2467.066214][T18309]  usb_generic_driver_probe+0x8b/0x150
[ 2467.071508][T18309]  usb_probe_device+0x144/0x260
[ 2467.076194][T18309]  really_probe+0x2b8/0x920
[ 2467.080535][T18309]  __driver_probe_device+0x1a0/0x310
[ 2467.085655][T18309]  driver_probe_device+0x54/0x3d0
[ 2467.090515][T18309]  __device_attach_driver+0x2e3/0x490
[ 2467.095723][T18309]  bus_for_each_drv+0x183/0x200
[ 2467.100413][T18309]  __device_attach+0x312/0x510
[ 2467.105009][T18309]  device_initial_probe+0x1a/0x20
[ 2467.109871][T18309]  bus_probe_device+0xbe/0x1e0
[ 2467.114470][T18309]  device_add+0xb60/0xf10
[ 2467.118638][T18309]  usb_new_device+0xf32/0x1810
[ 2467.123235][T18309]  hub_event+0x2db1/0x4830
[ 2467.127491][T18309]  process_one_work+0x73d/0xcb0
[ 2467.132178][T18309]  worker_thread+0xa60/0x1260
[ 2467.136689][T18309]  kthread+0x26d/0x300
[ 2467.140594][T18309]  ret_from_fork+0x1f/0x30
[ 2467.144847][T18309] 
[ 2467.147018][T18309] The buggy address belongs to the object at ffff888111bb8000
[ 2467.147018][T18309]  which belongs to the cache kmalloc-4k of size 4096
[ 2467.160907][T18309] The buggy address is located 3312 bytes inside of
[ 2467.160907][T18309]  4096-byte region [ffff888111bb8000, ffff888111bb9000)
[ 2467.174183][T18309] 
[ 2467.176354][T18309] The buggy address belongs to the physical page:
[ 2467.182604][T18309] page:ffffea000446ee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x111bb8
[ 2467.192668][T18309] head:ffffea000446ee00 order:3 compound_mapcount:0 compound_pincount:0
[ 2467.200828][T18309] flags: 0x4000000000010200(slab|head|zone=1)
[ 2467.206735][T18309] raw: 4000000000010200 ffffea0004a36e00 dead000000000002 ffff888100043380
[ 2467.215153][T18309] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[ 2467.223566][T18309] page dumped because: kasan: bad access detected
[ 2467.229825][T18309] page_owner tracks the page as allocated
[ 2467.235371][T18309] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 23633, tgid 23632 (syz-executor.0), ts 2447527770077, free_ts 2447344897948
[ 2467.258632][T18309]  post_alloc_hook+0x213/0x220
[ 2467.263230][T18309]  prep_new_page+0x1b/0x110
[ 2467.267569][T18309]  get_page_from_freelist+0x27ea/0x2870
[ 2467.272951][T18309]  __alloc_pages+0x3a1/0x780
[ 2467.277377][T18309]  alloc_slab_page+0x6c/0xf0
[ 2467.281805][T18309]  new_slab+0x90/0x3e0
[ 2467.285708][T18309]  ___slab_alloc+0x6f9/0xb80
[ 2467.290135][T18309]  __slab_alloc+0x5d/0xa0
[ 2467.294301][T18309]  __kmem_cache_alloc_node+0x1af/0x250
[ 2467.299598][T18309]  kmalloc_trace+0x2a/0xa0
[ 2467.303849][T18309]  __se_sys_mount+0x156/0x3b0
[ 2467.308363][T18309]  __x64_sys_mount+0xbf/0xd0
[ 2467.312789][T18309]  do_syscall_64+0x3d/0xb0
[ 2467.317043][T18309]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 2467.322769][T18309] page last free stack trace:
[ 2467.327282][T18309]  free_unref_page_prepare+0x83d/0x850
[ 2467.332577][T18309]  free_unref_page+0xb2/0x5c0
[ 2467.337092][T18309]  __free_pages+0x61/0xf0
[ 2467.341254][T18309]  __free_slab+0xce/0x1a0
[ 2467.345420][T18309]  __unfreeze_partials+0x165/0x1a0
[ 2467.350368][T18309]  put_cpu_partial+0xa9/0x100
[ 2467.354881][T18309]  __slab_free+0x1c8/0x280
[ 2467.359142][T18309]  ___cache_free+0xc6/0xd0
[ 2467.363388][T18309]  qlist_free_all+0xc5/0x140
[ 2467.367814][T18309]  kasan_quarantine_reduce+0x15a/0x180
[ 2467.373108][T18309]  __kasan_slab_alloc+0x24/0x80
[ 2467.377796][T18309]  slab_post_alloc_hook+0x53/0x2c0
[ 2467.382744][T18309]  kmem_cache_alloc+0x175/0x2c0
[ 2467.387430][T18309]  getname_flags+0xba/0x520
[ 2467.391772][T18309]  getname+0x19/0x20
[ 2467.395501][T18309]  do_sys_openat2+0xd7/0x850
[ 2467.399930][T18309] 
[ 2467.402096][T18309] Memory state around the buggy address:
[ 2467.407567][T18309]  ffff888111bb8b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2467.415464][T18309]  ffff888111bb8c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2467.423363][T18309] >ffff888111bb8c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2467.431260][T18309]                                                              ^
2024/05/29 17:04:00 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[ 2467.438813][T18309]  ffff888111bb8d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2467.446709][T18309]  ffff888111bb8d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2467.454604][T18309] ==================================================================
[ 2467.462511][T18309] Disabling lock debugging due to kernel taint
[ 2467.527516][ T1291] usb 1-1: config 0 descriptor??
[ 2467.664713][ T1291] usb 1-1: can't set config #0, error -71
[ 2467.677851][ T1291] usb 1-1: USB disconnect, device number 24