last executing test programs:

24m14.839644937s ago: executing program 1 (id=22):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000900)={0x0, 0x2, 0x1, [0xffff, 0x10, 0x1, 0x88, 0x5], [0xffffffffffffff63, 0x8, 0xffffffffffffff4a, 0x80000001, 0x10000, 0x9, 0x2d9, 0x4, 0x40000003, 0xc5, 0x8001, 0x9, 0x4, 0x7e, 0x7d, 0x3ae7, 0x8, 0x101, 0x80, 0xffffffffffff8000, 0x3, 0x9, 0x7f, 0x862, 0x1, 0xc, 0x5, 0xff800000000000, 0x401, 0x7fffffff, 0xc333, 0x9, 0x6, 0x8001, 0x1, 0xd5d, 0x8, 0x1, 0x7, 0x5, 0x6cf2, 0x2, 0x9, 0xa, 0x0, 0xffffffff00000001, 0x7fffffffffffffff, 0x2, 0x1000, 0x4cc2, 0xfffffffffffffff7, 0x6, 0x5, 0x3a66, 0x7f, 0x1aac, 0xfff, 0xffffffffffffffff, 0x401, 0x3, 0x706, 0x4002, 0x5b4, 0x8, 0xfffffffffffffffb, 0xb, 0xb88a, 0x6, 0x3, 0x6, 0x2, 0x77, 0x8, 0x346, 0x7, 0xfffffffffffffff9, 0x8, 0xffff800000000000, 0x7, 0xc67d, 0x7, 0xffffffffffffff92, 0x100000001, 0x5, 0xe35, 0x3, 0x9, 0x5, 0x8, 0x6, 0x40000000000000, 0x6, 0x9a, 0x2, 0x401, 0x5, 0x6fc, 0xc90, 0xfff, 0xfffffffffffffeff, 0x200, 0x3, 0x6, 0x6, 0x3, 0x3, 0x8d45, 0x100000000, 0x3ff, 0xf2, 0x800, 0x8, 0x8, 0x8001, 0x5, 0x9, 0x1, 0x1ff, 0x2, 0x6b, 0x334]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x40408c1)
ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140))

24m14.705767259s ago: executing program 1 (id=24):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000000)=ANY=[@ANYBLOB="40184f7a02"])

24m14.633559111s ago: executing program 1 (id=25):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x10000)

24m14.586741331s ago: executing program 1 (id=27):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='fmask=00000000000000000000002,utf8,errors=continue,errors=continue,sys_tz,uid=', @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,iocharset=macturkish,gid=', @ANYRESHEX=0x0, @ANYBLOB=',\x00\x00\x00\x00\x00\x00\x00\x00t_dots,\x00'], 0x1, 0x152b, &(0x7f00000034c0)="$eJzs3AuYTtUaOPD3XWvtMSbxNcllWGu9my+5LJMkuSTJJUkqSZJbQtKkjiQkhpCkIQnJZUhiCMllYtK43++XhCRpkiQkt2T9nwl/p1Pn37n0P85z5v09z36s197v2u/+3vm+b+39MN92GVK7SZ0ajYgI/i14/o9kAIgFgAEAkA8AAgCoEF8hPnt/bonJ/95J2J/rgbTLXQG7nLj/ORv3P2fj/uds3P+cjfufs3H/czbuf87G/WcsJ9s4tfBVvOXcjZ//52T8/f8/JKvsmC9Xl72mK0DMP5rC/c/ZuP//s4J/5CDuf87G/c+pYi93Aey/AL//c4Jcf3cP9z9n4/4zlpNd7ufPl3uDyH/Za3A49/nG/BlzVYI/vn7GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+w/4JS/RAHAxfHlrosxxhhjjDHGGGN/Hp/rclfAGGOMMcYYY4yx//8QBEhQEEAM5IJYyA1xIADgSsgL+SACV0E8XA354RooAAWhEBSGBCgCRUGDAQsEIRSD4hCFa6EEXAcloRSUhjLgoCwkwvVQDm6A8nAjVICboCLcDJWgMlSBqnALVINboTrcBjXgdqgJtaA21IE7oC7cCfXgLqgPd0MDuAfuhfugIdwPjeABaAwPQhN4CJrCw9AMmkMLaAmt/qX856EHvAA9oRckQ2/oAy9CX+gH/eElGAAvw0B4BQbBq5ACg2EIvAZD4XUYBm/AcBgBI+FNGAVvwWgYA2NhHKTCeJgAb8NEeAcmwbswGaZAGkyFafAeTIcZMBPeh1nwAcyGOTAX5kE6fAjzYQFkwEewED6GTFgEi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHT6BHfAp7IRdsBs+gz3w+T+Zf/Jv8rsiIKBAgQoVxmAMxmIsxmEc5sE8mBfzYgQjGI/xmB/zYwEsgIWwECZgAhbFomjQICFhMSyGUYxiCSyBJbEklsbS6NBhIiZiObwBy2N5rIAVsCJWxEpYGStjVayK1bAaVsfqWANrYE2sibWxNt6Bd2BvrIf1sD7WxwbY4OLjKWyEjbAxNsYm2ASbYlNshs2wBbbAVtgKW2NrbINtsB22w/bYHjtgB0zCJOyIHfHuuPMTdMbO2AW7YFfsht2yns8F+AK+gL2wpuiNfbAP9sWUXP3xJXwJX8aB+Aq+gq9iCg7GIfgavoav4zA8gcNxBI7EkVhNvIWjcQySGIepmIoTcAJOxImYfZ53cQqm4VSchtNwOs7AGfg+zsIP8AOcg3NwHqZjOs7HBZiBGbgQT2ImLsLFuASX4jJciitwJa7A1bgGV+M6XIcbcANuwk24BbfgNtyGn6ACwE9xF+7CFNyDe3Av7sV9uA/3437Mwiw8gAfwIB7EQ3gID+NhPIJH8RgexeN4HE/gSTyFp/AMnsGz+GzC140/KbUqBUQ2JZSIETEiVsSKOBEn8og8Iq/IKyIiIuJFvMgv8osCooAoJAqJBJEgioqiwggjSIQxACCiIipKiBKipCgpSovSwgknEkWiKCfKifKivKggbhIVxc2ikqgs2rqqoqqoJtq56uI2UUPUEDVFLVFb1BF1RF1RV9QT9UR9UV80EA3EveI+0VD0xv74gMjuTBMxGJuKIdhMNBfywidYazEM24i2op14TIzA4dhBtHZJ4knRUYzGp8VfxBh8RnQW47CLeE50Fd1Ed/G86CHauJ6il5iEvUUfMQX7in6iv3hJTMda4n2clbu2eFWkiMFiiHhNzMPXxTDxhhguRoiR4k0xSrwlRosxYqwYJ1LFeDFBvC0minfEJPGumCymiDQxVUwT74npYoaYKd4Xs8QHYraYI+aKeSJdfCjmiwUiQ3wkFoqPRaZYJBaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CQ2i1jYKraJ7eITsUN8KnaKXWK3+EzsEZ+LveILsU98KfaLr0SW+FocEN+Ig+JbcUh8Jw6L78URcVQcEz+I4+JHcUKcFKfEaXFG/CTOip/FOeEFSJRCSqlkIGNkLhkrc8s4eYXMI4MLr+5VMl5eLfPLa2QBWVAWkoVlgiwii0otjbSSZCiLyeIyKq+VJeR1sqQsJUvLMtLJsjJRXi/LyRtkeXmjrCBvkhXlzbKSrCyryKryFllN3iohcv4cNWUtWVvWkXfIZLhT1pN3yfrybtlA3iPvlffJhvJ+2Ug+IBvLB2UT+ZBsKh+WzWRz2UK2lK3kI7K1fFS2kW1lO/mYbC8flx3kEzJJPik7Sn/hR+QZ2Vk+K7vI52RX2U12lz/Lc9LLnrKXhN4g+8gXB/aV/WT/WACQL8uB8hU5SL4qU+RgOUS+JofK1+Uw+YYcLkfIkfJNOUq+JUfLMXKsHCdT5Xg5Qb4tJ8p35CT5rpwsp8g0OVX2lwN+mWmmlH+Y//bv5A/65ewb5Ea5SW6WW+RWuU1ul5/IHXKH3Cl3yt1yt9wj98i9cq/cJ/fJ/XK/zJJZ8oA8IA/Kg/KQPCQPy8PyiDwqT8sf5HH5ozwhT8qT8rQ8I8/IsxdeA1CohJJKqUDFqFwqVuVWceoKlUddqfKqfCqirlLx6mqVX12jCqiCqpAqrBJUEVVUaWWUVaRCVUwVV1F1LV74gVGlVRnlVFmVqK7/Z/JVCXWdKqlK/Sr/Yn3Jf6e+VqqVaq1aqzaqjWqn2qn2qr3qoDqoJJWkOqqO6mn1tOqkOqnOqrPqorqorqqr6q66qx6qh+qpeqpklaz6qBdVX9VP9VcvqQHqZTVQDVSD1CCVolLUEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVapKVRPUBDVRTVST1CQ1WU1WaSpNTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpat0NV/NVxkqQy1UC1WmWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqUy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VdZKksdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS572ReIQAQqUEFMEBPEBrFBXBAX5AnyBHmDvEEkiATxQXyQP7gmKBAUDAoFhYOEoEhQNNCBCWwgLjQ9GlwblAiuC0oGpYLSQZnABWWDxOD6oFxwQ1A+uDGoENwUVAxuDioFlYMqQdXglqBacGtQPbgtqBHcHtQMagW1gzrBHUHd4M6gXnBXUD+4O2gQ3BPcG9wXNAzuDxoFDwSNgweDJsFDQdPg4aBZ0DxoEbQMWv2p83t/ouCjrqfupZN1b91Hv6j76n66v35JD9Av64H6FT1Iv6pT9GA9RL+mh+rX9TD9hh6uR+iR+k09Sr+lR+sxeqwep1P1eD1Bv60n6nf0JP2unqyn6DQ9VU/T7+npeoaeqd/Xs/QHeraeo+fqeTpdf6jn6wU6Q3+kF+qPdaZepBfrJXqpXqaX6xV6pV6lV+s1eq1ep9frDXqj3qQ36y16q96mt+tP9A79qd6pd+nd+jO9R3+u9+ov9D79pd6vv9JZ+mt9QH+jD+pv9SH9nT6sv9dH9FF9TP+gj+sf9Ql9Up/Sp/UZ/ZM+q3/W57TPXtxnf70bZZSJMTEm1sSaOBNn8pg8Jq/JayImYuJNvMlv8psCpoApZAqZBJNgipqiJhsZMsVMMRM1UVPClDAlTUlT2pQ2zjiTaBJNOVPOlDflTQVTwVQ0FU0lU8lUMVXMLeYWc6u51dxmbjO3m9tNLVPL1DF1TF1T19Qz9Ux9U980MA3MveZe09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MEkmyXQ0Hc3T5mnTyXQynU1n08V0MV1NV9PddDc9TA/T0/Q0ySbZ9DF9TF/T1/Q3/c0AM8AMNAPNIDPIpJgUM8QMMUPNUDPMDDPDzQgzMnuhat4yo80YM9aMM6km1UwwE8xEM9FMMpPMZDPZpJk0M81MM9PNdDPTzDSzzCwz28w2c81ck27SzXwz32SYDLPQLDSZJtMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W+yTJY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTOm4IXvS29ibW4bZ6+weeyVNq/NZ/82LmQL2wRbxBa12hawBX8VG2ttSVvKlrZlrLNlbaK9/jdxJVvZVrFV7S22mr3VVv9NXNfeaevZu2x9e7etY+/4VdzA3mOzVycNEQFsc9vYtrRN7EO2qX3YNrPNbQvb0ra3j9sO9gmbZJ+0He1Tv4nn2wV2pV1lV9s1dqfdZU/Z0/ag/daesT/ZnraXHWBftgPtK3aQfdWm2MG/iUfaN+0o+5YdbcfYsXbcb+LJdopNs1PtNPuenW5n/CZOtx/aWTbDzrZz7Fw775c4u6YM+5FdaD+2mTaAxXaJXWqX2eV2xcVafT67zq63G+wO+6ndbLfYrXab3X5xIWx32d32M7vHfm4P2G/sPvul3W8P2Sz79S9x9vUdst/Zw/Z7e8QetcfsD/a4/VFdzM6+9h/sz/ac9RYICUiSooBiKBfFUm6KoysoD11JeSkfRegqiqerKT9dQwWoIBWiwpRARagoaTJkiSikYlSconQtXSyvNJUhR2Upka6ncnQDlacbqQLdRBXpZqpElakKVaVbqBrdStXpNqpBt1NNqkW1qQ7dQXXpTqpHd1F9upsa0D10L91HDel+akQPUGN6kJrQQ9SUHqZm1JxaUEtqRY9Qa3qU2lBbakePUXt6nDrQE5RET1JHeoqepr9QJ3qGOtOz1IWeo67UjbrT89SDXqCe1IuSqTf1oRepL/Wj/vQSDaCXaSC9QoPoVUqhwTSEXqOh9DoNozdoOI2gkfQmjaK3aDSNobE0jlJpPE2gt2kivUOT6F2aTFMojabSNHqPptMMmknv0yz6gGbTHJpL8yidPqT5tIAy6CNaSB9TJi2ixbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTp/QDvqUdtIu2k2f0R76nJC+oH30Je2nryiLvqYD9A0dpG/pEH3ne9H3dISO0jH6gY7Tj3SCTtIpOk1n6Cc6Sz/TOfIEIYYilKEKgzAmzBXGhrnDuPCKME94ZZg3zBdGwqvC+PDqMH94TVggLBgWCguHCWGRsGioQxPakMIwLBYWD6PhtWGJ8LqwZFgqLB2WCV1YNkwMrw/LhTeE5cMbwwrhTWHF8OawUlg5fOjuquEtYbXw1rB6eFtYI7w9rBnWCmuHdcI7wrrhnWG98K6wfnh3WD68J7w3vC9sGN4fNgofCBuHD4ZNwofCpuHDYbOwedgibBm2Ch8JW4ePhm3CtmG78LGwffh42CF8IkwKnww7hk/9sv+eBX9/f3LYO+wTvhi+GHp/l5wbnRdNj34YnR9dEM2IfhRdGP04mhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vk4ucOiEk065wMW4XC7W5XZx7gqXx13p8rp8LuKucvHuapffXeMKuIKukCvsElwRV9RpZ5x15EJXzBV3UXetK+GucyVdKVfalXHOlXWJrqVr5Vq51u5R18a1de3cY+4x97h73D3hnnBPuo7uKfe0+4vr5J5xnd2z7ln3nOvqurnu7nnXw43Pe/49mez6uD6ur+vr+rv+boAb4Aa6gW6QG+RSXIob4oa4oW6oG+aGueFuuBvpRrpRbpQb7Ua7sW6sS3WpboKb4Ca6iW6Sm+Qmu8kuzaW5aW6am+6mu2ozzp9ltpvt5rq5Lt2lu/kue82Y4Ra6hS7TZbrFbrFb6pa65W65W+lWutVutVvr1rr1br3b6Da6zW6z2+q2uu1uu9vhdridPt/5Sd0et9ftdfvcPrfffeWy3NfugPvGHXTfukPuO3fYfe+OuKPumPvBHXc/uhPupDvlTrsz7id31v3szjnvUiPjIxMib0cmRt6JTIq8G5kcmRJJi0yNTIu8F5kemRGZGXk/MivyQfKFD7BIeuTDyPzIgkhG5KPIwsjHkczIosjiyJLI0siyiPdFNoe+mC/uo/5aX8Jf50v6Ur60L+OdL+sT/fW+nL/Bl/c3+gr+Jl/R3+wr+cq+in/YN/PNfQvf0rfyj/jW/lHfxrf17fxjvr1/3HfwT/gk/6Tv6J/yT/u/+E7+Gd/ZP+u7+Od8V9/Nd/fP+x7+Bd/T9/LJvrfv41/0fX0/39+/5Af4l/1A/4of5F/1KX6wH+Jf80P9636Yf8MP9yP8yJg3/aiLt8gwzqf68X6Cf9tP9O/4Sf5dP9lP8Wl+qp/m3/PT/Qw/07/vZ/kP/Gw/x8/183y6/9DP9wt8hv/IL/Qf+0y/6OJDZb/cr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/id/hP/U6/y+/2n/k9/nO/13/h9/kv/X7/lc/yX/sD/ht/0H/rD/nv/GH/vT/ij/pj/gd/3P/oT/iT/pQ/7c/4n/xZ/7M/x/9njTHGGGPsHzL+0lD8es/5x/m9fydH/NXBfQDgyi2Fs/56f/aKcm2B8+N+IqF9BACe7NXlgYtbzZrJyReX1JkSguJzstfWl/Jj4FK8CNrB45AEbaHc79bfT3Q7Q38wf/QmgLi/yomFS/Gl+b8AwOTfmf+Rx0bOrxieiv9/zD8HoGTxSzm54VK8CNr98nylLZT/O/UXbP0H9ef+MhWgzV/l5IFL8aX6E+FReAqSfnUkY4wxxhhjjDF2Xj9RpdPF+8+L/+Lz9+7PE9SlnFxwKf6j+3PGGGOMMcYYY4xdfs906/7EI0lJbTv984Pqf3yM+tdm/mXQFP7VwnjwLw28B/i/jQOAf3NCgOyB/E9exab/yLlSLrx1/nbX0tM+gP+OVv4Zg8v8wcQYY4wxxhj7011a9P/679XlKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuB/t3f8Qb/wG/pu9zXyBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjF1u/ycAAP//pF711g==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x808005, 0x0, 0x3, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000e6d60210000000000000000000000100", [0x200, 0x1000]})

24m14.386020664s ago: executing program 1 (id=28):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000005980)={[{@jqfmt_vfsv1}, {@heap}, {@alloc_mode_def}, {@six_active_logs}, {@acl}, {@fault_injection={'fault_injection', 0x3d, 0x17}}, {@discard}, {@two_active_logs}, {@fsync_mode_posix}, {@alloc_mode_def}, {@noextent_cache}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfffffe}}]}, 0x1, 0x5512, &(0x7f0000005a80)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG/CSmamuvUDhabNdvv7weSZ982bZ543LAvPTEkA59Zc8uvPpbgelyNiOiKuRWTnpeLIrOXhhYi4ERFTjx2lYv6PiQsRcSUiro+S5zlLxVuf3xreXP3prV+++e7izNUvvv5+crsGJu3FiOhu5+d73TymrTw+KOZrw3YWuyvDIuZvdB8W4zSPe83NLMNe7XBdLYvLrXx9ur3bH8WtTq0+iq32Vja/3csv2B+2DvNkH3hQ28nGjeZmFtv9NIutg7yu/YP8/7aD/iDP0yjyfZSlj8HgMObzzf1mvp/th1ms9wbFfJ43bTT3R3FYxOJyUU87jayOzeN800+2t9u93f1k2Nzpt9NeslqpvlSp3i5Xd9JGc9BcKde6jdsryXyrM1pWHjRr3bVWmrY6zUo97S4k8616vVytJvN3mpvtWi+pVivLlcXy6kJxdit5/d57SaeRzI/iq+3e7qDd6Sdb6U6Sf2IhWaosv7yQ3Kwm76xvJBv3795d33j3gzvv33tl/c3XikV/KyuZX1pcWipXF8tL1YVztP9PiqLHuH84ltKkCwA4e/T/wCScXP+/cz/i5Pv/0P+PxZnqf897/38C+4dj0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxbP8x++UZ2MpePrxbzzxRTzxXjUkRMRcSjfzAdF47knC7yzP7L+tm/1PBtKbIMo2tcLI4rEbFWHL89e9LfAgAAADy9vvr4xmd5t56/zE26IE5TftNm6tqHY8pXiojZuR/HlG1q9PL8mJJl/75nYn9M2bIbWJfGlCy/5TYzrmz/y/SRcOmxUMrD1KmWAwAAnIqjncDpdiEAAACcpk8nXQCTUYrDR5mHz4Kzv7z/84Hg5SMjAAAA4AwqTboAAAAA4Hge/feSrP/3+38AAADwdMt//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB3du7nNnEgigPws8EL+0+LVnvfVvYGZWwJe9xjRAFpggJyIC2kAWogt5QQQYTHIRBxiOSxrUTfJzmTscyPNwgOMyMNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqv1ovbq9/XbXN2+3byjAYAAAC4ZFutF/U/s9T/2tz/3tz62fSLiCgj4tLcfRSfzjJHTU718vzN6fPVqxruIuqEw3tMmutLRPxprscfXX8KAAAA8HFtlqt5mq2nP7OhC6JPadGm/PY3U14REdXsIVNaecj7lSms/n6P43+mtHoBa5opLC25jXOlvUn9cz+u2k1PmiI15cWXHYvMNnYAAKBHo7Om31kIAAAAffo3dAEMo4jnrczjVuAkNc323uezHgAAAPAOFUMXAAAAAHSunv/3dP7f3vl/AAAAMIx0/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lbrxWa5mrfN2e3byTMaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDe/+8v/ialxJpl7bSw9jyRrp8bWqbF3bhz9YXz9GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgi373y/+JqXEmmTttLB2PJGtXja2rxt6DxtGD8fZvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Ll/3zaqOADg7+58Li0gTEAeghBIDLBQ1y0t3RADKGLgT0CKUqeYuvxoM7RVhcjChjJ3QTAihAQKW3bGDkyt1KVsHTwUiRl0v5JrG6mG0Dsn+Xykd+/r08Xv+85SpO+9ZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACV6bs7cZIdekUcl+du3b++kvW3H+ozWxt3FrOWxVGTSe8PL9dfRP32EgEAAODwSKr6PoRwN91cyvq4l9f/aXVNVvN/92wRV/X8w3V/1Ve1f9Z+/eXei9sD9YpxsjddHU9GJx5NpfPkZjnfnnvsFZ38zufPXpL8A4k/WH9hmub3M/rm5s33unl4pIlsAYD/4njVl8Hq71eKYDwZDVvLCoDDpFMrvKv6P+m1mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAE6br4ekqjkIIi52dOHP7/vWV3fqtjTuLVTtz48ZG+Co7m+Z/0ymj1fFkdKLxGc2vy1evXVieTEaXmg9eCSG0Nfo75fQvfDTDxSG0cn8E/1MQlx/2vOSzP4IW/ykBAHAgpWXL6vq76eZSdi5aCOHv7x+s/1+vxWHG+v/ex2du1ceq1//DxmY4/wZrFz8fXL567c3xxeXzo/OjT986OXx7eOrs6dNnB/mzkoEnJgAAAOxNt2z1+j9eeHT9/1gtDjPW/198O/yyPlai/t/VzqJf25kAAAAcbs+/+tef0S7no243XFleW7s0LI7br08WxxZS/deOlK1e/ycLbWcFAAAANGG6Hj2w/n+uFocZ1/+f+eGln+rvmYQQjpbr/8dXPpuca246c+3x3wfe+m2vXydue44AAAC062jZ6uv/ab7/P97e8hCHEN54rYjLnwGcqf5P3v/6x/pY9f3/p5qb4lyK+8X9yPt+CJ1+2xkBAABwkD1VtqzY/yPdXPrk52Mfdu3/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjaPwEAAP//m6w/ug==")
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
open(&(0x7f0000000080)='./bus\x00', 0x44080, 0x1e2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='.\x02\x00', 0x4)

24m14.218447157s ago: executing program 1 (id=31):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0x65c, 0x80000)
r3 = eventfd2(0x25, 0x801)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x7, 0x2, r3})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = eventfd2(0x4001, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r3, 0x9, 0x2, r5})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2a, 0xc0, 0x5, 0x7, 0x7f, 0x0, 0xf, 0x4, 0x3, 0x41, 0x3, 0x58, 0x90, 0x5, 0xb, 0x7f}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x180, 0x4, 0x10, 0xf1, 0x0, 0x7fffffffffffb, 0x5, 0x0, 0x9, 0x0, 0x5, 0x0, 0xbdb], 0x1, 0x3c4210})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

24m14.110747299s ago: executing program 32 (id=31):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0x65c, 0x80000)
r3 = eventfd2(0x25, 0x801)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x7, 0x2, r3})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r5 = eventfd2(0x4001, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r3, 0x9, 0x2, r5})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2a, 0xc0, 0x5, 0x7, 0x7f, 0x0, 0xf, 0x4, 0x3, 0x41, 0x3, 0x58, 0x90, 0x5, 0xb, 0x7f}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x180, 0x4, 0x10, 0xf1, 0x0, 0x7fffffffffffb, 0x5, 0x0, 0x9, 0x0, 0x5, 0x0, 0xbdb], 0x1, 0x3c4210})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12.769285919s ago: executing program 3 (id=4945):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1806000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
mknodat$null(0xffffffffffffffff, 0x0, 0xc000, 0x103)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x0, 0x243, &(0x7f0000000900)="$eJzsmDtvE0EQx/+7dz77ACFoUtCkIBJBEDs+N2ksHhISFUJKeFVgkSMKduLIOSRiCYmIhgY6CiQahPgCFClSpaDjCyBBAUhIFLigoIFi0T7uvPKdcw4xFfMrNv/dnZ2dGa8nkkEQxH/Ll88/Pz05P7dwGsAhTKFo1r85AGNac8v+4/N7p57VL7x48+H129XDD7YH/ckjQlinGFDa5X4XwM5kPOPJaQC/5LkpM1kAT/QVcJw0+hoYykbfAsdVo0Mw3DD6Lhhe3dS6Le3L5TvLrbB8u91alGJWDlU5BHKoDcbX22RYNHMhhDBlgWP+NlqtsLO+0W0a4Zr1/sr+RBJMcyJVvwI89M5x1K34ZBWvP360KedxbWat+lXBUTVJ1MAwb9bnUIxro0ti5X/M7ft3rPt1lJnZSlO5kZdkSYv6j7EUSwoPWhydiT+KvfmZlumcTW8dSfzET3oUhwO3F9DfkpUcT8pDn44Sbv5bPBNXKsPG3T3TS6ksYDrBgPFTP+Pb8g9EdhYdrGV9Og913snKRG/7Xfr417xLBRsej2/icUd+h7/FqCnjr164LXx0mzy7YvsRwPst3T/ES4YTVn9yrf5RiVbWKusb3ZnllcZSuBSuBkGteFDvqUZUUWOq7/X7s6/60wHLf2GIrcc93G9EUaeqR4958BHtlAI1D6yvzfxW+7v5j4EIFwEc1xP5qr3Eo5O6g3nahitbqaYdsKHhEwRBEARBEARBEARBEARB7IFJMPUraA7BZWX9JwAA//+VX0/8")
r5 = syz_usb_connect$uac1(0x4, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xaf, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0xca, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xc00, 0x8}, [@output_terminal={0x9, 0x24, 0x3, 0x6, 0x4f8, 0x3, 0x1, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x8, 0x7}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x3, 0x1, 0x0, 0x0, "15"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x3, 0x4, 0xca, 0x2, "7739ee", 'b1'}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x2, 0x2, 0x6, "d4ed7234"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7, 0x10, 0x0, {0x7, 0x25, 0x1, 0x0, 0x3, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x3, 0x1, 0x9, 0x9, "aea1", "caa8"}, @as_header={0x7, 0x24, 0x1, 0xfb, 0x7, 0x2}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8, 0x8, 0x0, "11"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0xf, 0x3, "c53e5b27"}]}, {{0x9, 0x5, 0x82, 0x9, 0x90cb33230f78c867, 0xc, 0x0, 0x7, {0x7, 0x25, 0x1, 0x81, 0x24}}}}}}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x76, 0x46, 0x1, 0x10, 0x6}, 0x5d, &(0x7f0000000180)={0x5, 0xf, 0x5d, 0x3, [@generic={0x3a, 0x10, 0x3, "41ffe5c227722f97823e79e1d2f6f257ee52e626b46b92ec0e9bf0d20e4fd34bbe4810f40bb2bdda88f0257ebbdd1fba123a6822bf43f6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x1, 0xb, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "ea372773e676c16b0c4bd7f8fb9015fc"}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x816}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x41c}}, {0x5, &(0x7f00000002c0)=@string={0x5, 0x3, "8daaee"}}, {0x1f, &(0x7f0000000300)=@string={0x1f, 0x3, "7b4d4e49f3de1869ec3ebaaa550d33e57f647d1d496371b44120b9ac7d"}}]})
syz_usb_control_io$uac1(r5, &(0x7f00000004c0)={0x14, &(0x7f0000000880)={0x40, 0x23, 0xa, {0xa, 0x3, "b098671ca5962b0d"}}, &(0x7f0000000480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x988268dbc2c2c2db}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000500)={0x0, 0x10, 0xf4, "375a54092a40c87f1324923dae8cedf1401eb3bc933081d13a266cc95177f49c55c40c8dffb9684c676da31e9566ca91d2636a9bdf442ba50e8bf0ffe91e7df06910070ced359c186e4cc7f4caa1b4913c9fdc402672605d356f5f22335ae763b3682fceb94f1e2540569ce8dc0f495e7cfe30f4063e4e4f726dfe698b83f8bee5b7bd1c4be33b630adef48e5d34cd45e0ff63a0f85a7c7c897c82c8d23475750d2ef956063dd88940e24539dc8826f3471897628e5cff06954ba96a9da9671b57f32fc373d97b56402660fe1930f781e3d11d33d2478676becefa12a17f42a2861d91fed1c4a9cb64c9389d8ba1d91ced6330f6"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0xbe}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000000680)={0x20, 0x81, 0x2, "1d4a"}, &(0x7f00000006c0)={0x20, 0x82, 0x2, "b582"}, &(0x7f0000000700)={0x20, 0x83, 0x2, "3388"}, &(0x7f0000000740)={0x20, 0x84, 0x1, '\x00'}, &(0x7f0000000780)={0x20, 0x85, 0x3, "7ba075"}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)

10.197894452s ago: executing program 0 (id=4952):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1806000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
mknodat$null(0xffffffffffffffff, 0x0, 0xc000, 0x103)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x0, 0x243, &(0x7f0000000900)="$eJzsmDtvE0EQx/+7dz77ACFoUtCkIBJBEDs+N2ksHhISFUJKeFVgkSMKduLIOSRiCYmIhgY6CiQahPgCFClSpaDjCyBBAUhIFLigoIFi0T7uvPKdcw4xFfMrNv/dnZ2dGa8nkkEQxH/Ll88/Pz05P7dwGsAhTKFo1r85AGNac8v+4/N7p57VL7x48+H129XDD7YH/ckjQlinGFDa5X4XwM5kPOPJaQC/5LkpM1kAT/QVcJw0+hoYykbfAsdVo0Mw3DD6Lhhe3dS6Le3L5TvLrbB8u91alGJWDlU5BHKoDcbX22RYNHMhhDBlgWP+NlqtsLO+0W0a4Zr1/sr+RBJMcyJVvwI89M5x1K34ZBWvP360KedxbWat+lXBUTVJ1MAwb9bnUIxro0ti5X/M7ft3rPt1lJnZSlO5kZdkSYv6j7EUSwoPWhydiT+KvfmZlumcTW8dSfzET3oUhwO3F9DfkpUcT8pDn44Sbv5bPBNXKsPG3T3TS6ksYDrBgPFTP+Pb8g9EdhYdrGV9Og913snKRG/7Xfr417xLBRsej2/icUd+h7/FqCnjr164LXx0mzy7YvsRwPst3T/ES4YTVn9yrf5RiVbWKusb3ZnllcZSuBSuBkGteFDvqUZUUWOq7/X7s6/60wHLf2GIrcc93G9EUaeqR4958BHtlAI1D6yvzfxW+7v5j4EIFwEc1xP5qr3Eo5O6g3nahitbqaYdsKHhEwRBEARBEARBEARBEARB7IFJMPUraA7BZWX9JwAA//+VX0/8")
r4 = syz_usb_connect$uac1(0x4, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xaf, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0xca, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xc00, 0x8}, [@output_terminal={0x9, 0x24, 0x3, 0x6, 0x4f8, 0x3, 0x1, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x8, 0x7}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x3, 0x1, 0x0, 0x0, "15"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x3, 0x4, 0xca, 0x2, "7739ee", 'b1'}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x2, 0x2, 0x6, "d4ed7234"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7, 0x10, 0x0, {0x7, 0x25, 0x1, 0x0, 0x3, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x3, 0x1, 0x9, 0x9, "aea1", "caa8"}, @as_header={0x7, 0x24, 0x1, 0xfb, 0x7, 0x2}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8, 0x8, 0x0, "11"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0xf, 0x3, "c53e5b27"}]}, {{0x9, 0x5, 0x82, 0x9, 0x90cb33230f78c867, 0xc, 0x0, 0x7, {0x7, 0x25, 0x1, 0x81, 0x24}}}}}}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x76, 0x46, 0x1, 0x10, 0x6}, 0x5d, &(0x7f0000000180)={0x5, 0xf, 0x5d, 0x3, [@generic={0x3a, 0x10, 0x3, "41ffe5c227722f97823e79e1d2f6f257ee52e626b46b92ec0e9bf0d20e4fd34bbe4810f40bb2bdda88f0257ebbdd1fba123a6822bf43f6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x1, 0xb, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "ea372773e676c16b0c4bd7f8fb9015fc"}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x816}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x41c}}, {0x5, &(0x7f00000002c0)=@string={0x5, 0x3, "8daaee"}}, {0x1f, &(0x7f0000000300)=@string={0x1f, 0x3, "7b4d4e49f3de1869ec3ebaaa550d33e57f647d1d496371b44120b9ac7d"}}]})
syz_usb_control_io$uac1(r4, &(0x7f00000004c0)={0x14, &(0x7f0000000880)={0x40, 0x23, 0xa, {0xa, 0x3, "b098671ca5962b0d"}}, &(0x7f0000000480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x988268dbc2c2c2db}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000500)={0x0, 0x10, 0xf4, "375a54092a40c87f1324923dae8cedf1401eb3bc933081d13a266cc95177f49c55c40c8dffb9684c676da31e9566ca91d2636a9bdf442ba50e8bf0ffe91e7df06910070ced359c186e4cc7f4caa1b4913c9fdc402672605d356f5f22335ae763b3682fceb94f1e2540569ce8dc0f495e7cfe30f4063e4e4f726dfe698b83f8bee5b7bd1c4be33b630adef48e5d34cd45e0ff63a0f85a7c7c897c82c8d23475750d2ef956063dd88940e24539dc8826f3471897628e5cff06954ba96a9da9671b57f32fc373d97b56402660fe1930f781e3d11d33d2478676becefa12a17f42a2861d91fed1c4a9cb64c9389d8ba1d91ced6330f6"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0xbe}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000000680)={0x20, 0x81, 0x2, "1d4a"}, &(0x7f00000006c0)={0x20, 0x82, 0x2, "b582"}, &(0x7f0000000700)={0x20, 0x83, 0x2, "3388"}, &(0x7f0000000740)={0x20, 0x84, 0x1, '\x00'}, &(0x7f0000000780)={0x20, 0x85, 0x3, "7ba075"}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xc, 0xffffffff, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r6}, 0x10)

6.454697453s ago: executing program 0 (id=4958):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r1)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])

6.452734643s ago: executing program 5 (id=4959):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000040000008500000008000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8fbffffb702000008000000b703000005000000850000007b00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0xc)

6.450533043s ago: executing program 3 (id=4960):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b0000"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',privport,access=', @ANYRESDEC])

6.448830694s ago: executing program 0 (id=4962):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x150}, 0x1, 0x0, 0x0, 0x2000c884}, 0x4040084)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040)=0x63, 0x4)
mount(0x0, 0x0, 0x0, 0x220440, 0x0)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000340)='./file1\x00', 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r2}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, 0x0}, 0x20)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='net/nf_conntrack\x00')
pread64(r4, &(0x7f0000000480)=""/177, 0xb1, 0x0)

6.447659464s ago: executing program 5 (id=4963):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000006fc0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)="cbd51679", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f00000053c0)=[{&(0x7f0000002cc0)="a1", 0x1}], 0x1, &(0x7f0000003cc0)}}], 0x2, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', &(0x7f0000002780)=""/4112, 0x1010)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="330000000000000001000000000000009510000000000000b377779706e8b65e67d70c99bcff5e186bfc962773828459b4d1adc8e5528471aa233ffb37de0e1376ad2e9ff87234fd43a9b8d7237ffa15e526bf1b5c5320ccf0f1a91573f9aea98d6dbc5d34d9936b6b53ef40f9259b42fed76c20197c0962123033ce227163c59a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2004}, 0x80)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
listen(r4, 0x5)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000180)='u', 0x1}], 0x1)
r6 = accept4$unix(r4, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
sendto$packet(r5, &(0x7f0000000600)="5f0efc3e1792a50972d2eb21bdff9ca4ac804c2847fe7bf05ddc63ff512d4074687760a5fbd1fc97772c6f5027dcea15b6658de3b024a6ea22baafb445bf8427c8055d00", 0xffffff3d, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000003c0)=""/74, 0x4a}], 0x2d}, 0x10000)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r7, 0x1, 0x1d, &(0x7f0000000080)=0x4, 0x4)
bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r7, &(0x7f0000003840)=[{{0x0, 0x0, 0x0}, 0xa}], 0x1, 0x2162, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x10)

6.446968264s ago: executing program 3 (id=4964):
syz_open_dev$usbmon(&(0x7f0000000080), 0xffffffffffff6176, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000ab3dc9350000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x7fff, <r5=>0x0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x68, 0x24, 0xf0b, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8, 0x8, 0x9}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffff}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x10}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x4}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x100}]}}]}, 0x68}}, 0x0)

6.445823343s ago: executing program 2 (id=4967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)

6.437329264s ago: executing program 5 (id=4968):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1806000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
mknodat$null(0xffffffffffffffff, 0x0, 0xc000, 0x103)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x0, 0x243, &(0x7f0000000900)="$eJzsmDtvE0EQx/+7dz77ACFoUtCkIBJBEDs+N2ksHhISFUJKeFVgkSMKduLIOSRiCYmIhgY6CiQahPgCFClSpaDjCyBBAUhIFLigoIFi0T7uvPKdcw4xFfMrNv/dnZ2dGa8nkkEQxH/Ll88/Pz05P7dwGsAhTKFo1r85AGNac8v+4/N7p57VL7x48+H129XDD7YH/ckjQlinGFDa5X4XwM5kPOPJaQC/5LkpM1kAT/QVcJw0+hoYykbfAsdVo0Mw3DD6Lhhe3dS6Le3L5TvLrbB8u91alGJWDlU5BHKoDcbX22RYNHMhhDBlgWP+NlqtsLO+0W0a4Zr1/sr+RBJMcyJVvwI89M5x1K34ZBWvP360KedxbWat+lXBUTVJ1MAwb9bnUIxro0ti5X/M7ft3rPt1lJnZSlO5kZdkSYv6j7EUSwoPWhydiT+KvfmZlumcTW8dSfzET3oUhwO3F9DfkpUcT8pDn44Sbv5bPBNXKsPG3T3TS6ksYDrBgPFTP+Pb8g9EdhYdrGV9Og913snKRG/7Xfr417xLBRsej2/icUd+h7/FqCnjr164LXx0mzy7YvsRwPst3T/ES4YTVn9yrf5RiVbWKusb3ZnllcZSuBSuBkGteFDvqUZUUWOq7/X7s6/60wHLf2GIrcc93G9EUaeqR4958BHtlAI1D6yvzfxW+7v5j4EIFwEc1xP5qr3Eo5O6g3nahitbqaYdsKHhEwRBEARBEARBEARBEARB7IFJMPUraA7BZWX9JwAA//+VX0/8")
r5 = syz_usb_connect$uac1(0x4, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xaf, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0xca, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xc00, 0x8}, [@output_terminal={0x9, 0x24, 0x3, 0x6, 0x4f8, 0x3, 0x1, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x8, 0x7}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x3, 0x1, 0x0, 0x0, "15"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x3, 0x4, 0xca, 0x2, "7739ee", 'b1'}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x2, 0x2, 0x6, "d4ed7234"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7, 0x10, 0x0, {0x7, 0x25, 0x1, 0x0, 0x3, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x3, 0x1, 0x9, 0x9, "aea1", "caa8"}, @as_header={0x7, 0x24, 0x1, 0xfb, 0x7, 0x2}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8, 0x8, 0x0, "11"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0xf, 0x3, "c53e5b27"}]}, {{0x9, 0x5, 0x82, 0x9, 0x90cb33230f78c867, 0xc, 0x0, 0x7, {0x7, 0x25, 0x1, 0x81, 0x24}}}}}}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x76, 0x46, 0x1, 0x10, 0x6}, 0x5d, &(0x7f0000000180)={0x5, 0xf, 0x5d, 0x3, [@generic={0x3a, 0x10, 0x3, "41ffe5c227722f97823e79e1d2f6f257ee52e626b46b92ec0e9bf0d20e4fd34bbe4810f40bb2bdda88f0257ebbdd1fba123a6822bf43f6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x1, 0xb, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "ea372773e676c16b0c4bd7f8fb9015fc"}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x816}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x41c}}, {0x5, &(0x7f00000002c0)=@string={0x5, 0x3, "8daaee"}}, {0x1f, &(0x7f0000000300)=@string={0x1f, 0x3, "7b4d4e49f3de1869ec3ebaaa550d33e57f647d1d496371b44120b9ac7d"}}]})
syz_usb_control_io$uac1(r5, &(0x7f00000004c0)={0x14, &(0x7f0000000880)={0x40, 0x23, 0xa, {0xa, 0x3, "b098671ca5962b0d"}}, &(0x7f0000000480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x988268dbc2c2c2db}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000500)={0x0, 0x10, 0xf4, "375a54092a40c87f1324923dae8cedf1401eb3bc933081d13a266cc95177f49c55c40c8dffb9684c676da31e9566ca91d2636a9bdf442ba50e8bf0ffe91e7df06910070ced359c186e4cc7f4caa1b4913c9fdc402672605d356f5f22335ae763b3682fceb94f1e2540569ce8dc0f495e7cfe30f4063e4e4f726dfe698b83f8bee5b7bd1c4be33b630adef48e5d34cd45e0ff63a0f85a7c7c897c82c8d23475750d2ef956063dd88940e24539dc8826f3471897628e5cff06954ba96a9da9671b57f32fc373d97b56402660fe1930f781e3d11d33d2478676becefa12a17f42a2861d91fed1c4a9cb64c9389d8ba1d91ced6330f6"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0xbe}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000000680)={0x20, 0x81, 0x2, "1d4a"}, &(0x7f00000006c0)={0x20, 0x82, 0x2, "b582"}, &(0x7f0000000700)={0x20, 0x83, 0x2, "3388"}, &(0x7f0000000740)={0x20, 0x84, 0x1, '\x00'}, &(0x7f0000000780)={0x20, 0x85, 0x3, "7ba075"}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)

6.436153074s ago: executing program 2 (id=4969):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r4, 0x8800000)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendfile(r5, r4, 0x0, 0x20000578410e9)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x1010000, &(0x7f0000000600)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@utf8no}, {@utf8}, {@shortname_winnt}, {@numtail}, {}, {@shortname_lower}, {@utf8no}, {@shortname_win95}, {@shortname_lower}, {@uni_xlateno}, {@shortname_lower}, {@fat=@check_strict}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffbb2}}]}, 0x1, 0x363, &(0x7f0000000280)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ8Hmpy+57znnPtDcntJTp9bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6f/+fOazNzEEVr5zIlACAEzZ2///efdW13k+1+LVa+lQAAHBaPfH0M48urUQ83mjMRKy9udncbMZDw/qly/FSdGI1zsVs3IzILxS6D5Xe44WLK8vnGo3GTvw0F82ImOonNvMrhaWsl1+PhZiNuX5+/2ojpZRd+GRleaHRExG7O73xY62y2ZyOs/3xvz8bq8MLj6KT3lPExZXl841+B821In8nYm9436I7//mYjW+fH3STUvEJxpXlKwvFpIf5m816XBrshQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2ZbwzMDdbPSd3nfKWc+fkJ9b31cfL8/vpAe/n6QKmeIqXfXnug+VYW+9YHGl2fZ9NCggAAAAAAAAAAAAAAAAAAADCwsVWLVqezur6xtd0uF3bWN7amIqIbefnrj744E+NtblGo5kPUIwZDNPrDbrdbKSsapyxiPD3rDl5EPvh0MONym/pgKyZOo35wVafzv3t+fHcYuTsrev5z2CaLyRuYlabx8EjPa//Pp3ScHTUonC9H6uOjX00plSJvlNOvPDveYVQiqsc/cNvtqTi4TeoWvrr24p3F3m99nnL33T/75NV33v+l3ep0R47eEaytb9xM7ValaHy83dLd1UWkEnmhUj4Tqoel7+2PtLLvfn3qrre/OdroqRx5tXs+j7TJ8s35eDS9lhe60xypOjNMn+5vRGd1esLJf6vCbRzTO9777MOUfvj5yEMMTY29bFT+nlcfAAAAAAAAAAAAAAAAAACgrPRd8b7+l32nD8t68LGTnxkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HOG//+/VNjbjZHIUQp/7EzIqq+ub0TU/u3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA///tLFqQ")

6.435848524s ago: executing program 3 (id=4970):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/ip6_tables_matches\x00')
close_range(r1, 0xffffffffffffffff, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
r3 = openat$cgroup_ro(r2, &(0x7f00000002c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004080000000000000003000000000000000000000002000000000000000000000000000002000000000000000000000004"], 0x0, 0x56}, 0x28)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a310000000008000340000000000800018000000000380002800800034000000000080001800000000008000340000000000800034000000000090002"], 0x17d4}}, 0x0)
pipe2(&(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r2, @ANYBLOB="05", @ANYRES16=r2, @ANYRES8, @ANYRES16=r3, @ANYRES16=r5], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket(0x11, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r6)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000005c0)={'gre0\x00'})

6.394703805s ago: executing program 0 (id=4971):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x843)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

4.881617649s ago: executing program 0 (id=4972):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1806000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
mknodat$null(0xffffffffffffffff, 0x0, 0xc000, 0x103)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x0, 0x243, &(0x7f0000000900)="$eJzsmDtvE0EQx/+7dz77ACFoUtCkIBJBEDs+N2ksHhISFUJKeFVgkSMKduLIOSRiCYmIhgY6CiQahPgCFClSpaDjCyBBAUhIFLigoIFi0T7uvPKdcw4xFfMrNv/dnZ2dGa8nkkEQxH/Ll88/Pz05P7dwGsAhTKFo1r85AGNac8v+4/N7p57VL7x48+H129XDD7YH/ckjQlinGFDa5X4XwM5kPOPJaQC/5LkpM1kAT/QVcJw0+hoYykbfAsdVo0Mw3DD6Lhhe3dS6Le3L5TvLrbB8u91alGJWDlU5BHKoDcbX22RYNHMhhDBlgWP+NlqtsLO+0W0a4Zr1/sr+RBJMcyJVvwI89M5x1K34ZBWvP360KedxbWat+lXBUTVJ1MAwb9bnUIxro0ti5X/M7ft3rPt1lJnZSlO5kZdkSYv6j7EUSwoPWhydiT+KvfmZlumcTW8dSfzET3oUhwO3F9DfkpUcT8pDn44Sbv5bPBNXKsPG3T3TS6ksYDrBgPFTP+Pb8g9EdhYdrGV9Og913snKRG/7Xfr417xLBRsej2/icUd+h7/FqCnjr164LXx0mzy7YvsRwPst3T/ES4YTVn9yrf5RiVbWKusb3ZnllcZSuBSuBkGteFDvqUZUUWOq7/X7s6/60wHLf2GIrcc93G9EUaeqR4958BHtlAI1D6yvzfxW+7v5j4EIFwEc1xP5qr3Eo5O6g3nahitbqaYdsKHhEwRBEARBEARBEARBEARB7IFJMPUraA7BZWX9JwAA//+VX0/8")
r6 = syz_usb_connect$uac1(0x4, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xaf, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0xca, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xc00, 0x8}, [@output_terminal={0x9, 0x24, 0x3, 0x6, 0x4f8, 0x3, 0x1, 0x5}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x8, 0x7}, @format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x3, 0x1, 0x0, 0x0, "15"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x3, 0x4, 0xca, 0x2, "7739ee", 'b1'}, @format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0x2, 0x2, 0x6, "d4ed7234"}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7, 0x10, 0x0, {0x7, 0x25, 0x1, 0x0, 0x3, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x3, 0x1, 0x9, 0x9, "aea1", "caa8"}, @as_header={0x7, 0x24, 0x1, 0xfb, 0x7, 0x2}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8, 0x8, 0x0, "11"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0xf, 0x3, "c53e5b27"}]}, {{0x9, 0x5, 0x82, 0x9, 0x90cb33230f78c867, 0xc, 0x0, 0x7, {0x7, 0x25, 0x1, 0x81, 0x24}}}}}}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x76, 0x46, 0x1, 0x10, 0x6}, 0x5d, &(0x7f0000000180)={0x5, 0xf, 0x5d, 0x3, [@generic={0x3a, 0x10, 0x3, "41ffe5c227722f97823e79e1d2f6f257ee52e626b46b92ec0e9bf0d20e4fd34bbe4810f40bb2bdda88f0257ebbdd1fba123a6822bf43f6"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x1, 0xb, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "ea372773e676c16b0c4bd7f8fb9015fc"}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x816}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x41c}}, {0x5, &(0x7f00000002c0)=@string={0x5, 0x3, "8daaee"}}, {0x1f, &(0x7f0000000300)=@string={0x1f, 0x3, "7b4d4e49f3de1869ec3ebaaa550d33e57f647d1d496371b44120b9ac7d"}}]})
syz_usb_control_io$uac1(r6, &(0x7f00000004c0)={0x14, &(0x7f0000000880)={0x40, 0x23, 0xa, {0xa, 0x3, "b098671ca5962b0d"}}, &(0x7f0000000480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x988268dbc2c2c2db}}}, &(0x7f00000007c0)={0x44, &(0x7f0000000500)={0x0, 0x10, 0xf4, "375a54092a40c87f1324923dae8cedf1401eb3bc933081d13a266cc95177f49c55c40c8dffb9684c676da31e9566ca91d2636a9bdf442ba50e8bf0ffe91e7df06910070ced359c186e4cc7f4caa1b4913c9fdc402672605d356f5f22335ae763b3682fceb94f1e2540569ce8dc0f495e7cfe30f4063e4e4f726dfe698b83f8bee5b7bd1c4be33b630adef48e5d34cd45e0ff63a0f85a7c7c897c82c8d23475750d2ef956063dd88940e24539dc8826f3471897628e5cff06954ba96a9da9671b57f32fc373d97b56402660fe1930f781e3d11d33d2478676becefa12a17f42a2861d91fed1c4a9cb64c9389d8ba1d91ced6330f6"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0xbe}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000000680)={0x20, 0x81, 0x2, "1d4a"}, &(0x7f00000006c0)={0x20, 0x82, 0x2, "b582"}, &(0x7f0000000700)={0x20, 0x83, 0x2, "3388"}, &(0x7f0000000740)={0x20, 0x84, 0x1, '\x00'}, &(0x7f0000000780)={0x20, 0x85, 0x3, "7ba075"}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r8}, 0x10)

4.768167291s ago: executing program 2 (id=4979):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

4.506192176s ago: executing program 2 (id=4981):
syz_open_dev$usbmon(&(0x7f0000000080), 0xffffffffffff6176, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000ab3dc9350000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x7fff, <r5=>0x0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x68, 0x24, 0xf0b, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8, 0x8, 0x9}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffff}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x10}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x4}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x100}]}}]}, 0x68}}, 0x0)

3.179385998s ago: executing program 3 (id=4984):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b7080000000000000301090292", @ANYRES16], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

3.162201988s ago: executing program 2 (id=4985):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x843)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

3.133373248s ago: executing program 4 (id=4987):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
r3 = dup(r1)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])

3.116575959s ago: executing program 4 (id=4988):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c80)=ANY=[@ANYBLOB="bf16000000000000b70700001f0000005070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71afe6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a49ef23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeac698890c864d59887a59905f1e07f40b1cd3641f8c192c368590f894cd4e1110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068f4025c0bf1aad90738725837079e468ee207d2f73902fbcfcf49822775985bf31b715f5888b24efa000000000000ffffff010100000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9736bdeab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cfe36bc120e3b39a6e5a796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f7da31cf41ab11e0a494034127dd1c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde74fa4ffa4d9aaa705989b8e6731e2401b6a560e3296e52d337c56abf112874ec309bae5fa4c81e5c9f42d9383e41d277b10392a96286744f839c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7b06000e3b1c39b2e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec737555393c61a008280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf03b5ed04465746ff8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e827172ea3b774a1467c89fa0f82e8440105051e5510a33dc5a5e143fbfff161c12ca389cbe4c51b3fa00055cc1b66c5fd9c26a54d43fa050645bd6109b113be7664e08add7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79e184f5e93ba5c8c2a4c0443fb652b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb5288aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6640a9dea0b6c91996d65da6c24a8f2a86c814459f3cdaaf99000000000000000000bf2130d1b32c826563c508d0ad23bc83ba3f3757210afcf2a64783057e177615c068bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd13ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64d7cfa6396a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783499d4411ccbbeed215b745058e56c70afe8016b3dd359e785b36e609f173cc6b893ecd138289709839af6c95fbed6c33e401ec747820d6a6283b3452c57a5d44cacd363589845637071320921d22c1663964ed0700000062f3d90f0eb634ae331385d502fc7cc33158bc306d8c3bdae8108a2380000000000000008832ec0906aaec43659c79c8adfdeb1fd291c6fc6737b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9edfe6dca9c43907f3a85cf655ccd9d624e8c6f7932c4d719347f39ef006c2df747e27a2d16304fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57776e5fe25cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed0000800b805fbd1b474c9ed0dc19ad6e99b66ee0f8c9d697655ebdf5ef30d1b92bd283df88c1096d4bd3686e18ab07f9b580afbd4bd4d8979686422849b04024f609a7b76e902d35343793d99fe395ae73166187c64a501c1f4bb736fcf1dfde7da6bea1945a14f1c578093e6cfb4702a95fb4f653064244950ae227f2a22678e2ff4699bfcba3b7d5656d9be441d07cc3ba51f5b9e825fbec6aee7f9e1b04cdabf99bd760036f74dec91d341c885e785c8517cc50138be2447fa04b77acd2fd078f1da244051e44b5a881197733ba420c9"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x7, 0xe, 0x0, &(0x7f0000000040)="24c2afc3a2e05271070000541650", 0x0, 0xffb0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000540)}, 0x20)

3.058517389s ago: executing program 4 (id=4989):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b0000"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',privport,access=', @ANYRESDEC])

3.05220121s ago: executing program 4 (id=4990):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',privport,access=', @ANYRESDEC])
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

2.801281344s ago: executing program 4 (id=4991):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0000000000000000b00d00"/23], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES16=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
lseek(0xffffffffffffffff, 0xffffffffffffff7f, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, r10, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @val={0xc, 0x99, {0x8, 0x64}}}}}, 0x20}}, 0x0)

2.39440092s ago: executing program 5 (id=4992):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x150}, 0x1, 0x0, 0x0, 0x2000c884}, 0x4040084)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040)=0x63, 0x4)
fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000340)='./file1\x00', 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00'}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x38a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)

1.560693034s ago: executing program 2 (id=4993):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_PTRACER(0x59616d61, r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0xd, 0x0, 0x5, 0x14, 0x0, 0x70bd2d, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x20, 0x0, @mcast1}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@private1, @in6=@private1}}]}, 0xa0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "0100"}, @global=@item_012={0x2, 0x1, 0x0, "0100"}, @main=@item_4, @local=@item_012={0x2, 0x2, 0x2, "90a0"}, @global=@item_4={0x3, 0x1, 0x2}, @main=@item_4={0x3, 0x0, 0xb, "813e2503"}, @local=@item_4={0x3, 0x2, 0x1, "dde84050"}, @local=@item_4={0x3, 0x2, 0x3, "5d8c3dda"}]}}, 0x0}, 0x0)

1.146354481s ago: executing program 4 (id=4994):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000564404204e080110f9330800030109021b00010000000009040000014a90c200090588df7b"], 0x0)
syz_usb_connect$printer(0x5, 0x36, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000000000202505a8a4400001020301090224000101f9068e21072000090400aec6c5000304090501022f000505000905820200048108e6842c9d57d9a926dd9c78366b0e98af9bc04474dca3b061667cc109675689654d182a3a86b6ce6353cbf703c09f1559d88fe53781f452cf1520df8f53c109edf60c6d82ad8f8e80cb986766caf1ae1f655562a0a8b7bd02c6e62cf8ad8a6c972064701a5c1aa80d7ae85579"], &(0x7f0000000380)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x300, 0x17, 0x3, 0xfe, 0x20, 0x4}, 0x5a, &(0x7f0000000300)={0x5, 0xf, 0x5a, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x80, 0xf4, 0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x7, 0x0, 0x9, 0xf0f, 0x8001}, @ssp_cap={0x24, 0x10, 0xa, 0x7, 0x6, 0x5, 0xf000, 0x0, [0xff0030, 0xff0000, 0xff0000, 0xc0, 0xff0000, 0x1f80]}, @generic={0xe, 0x10, 0xb, "bdeb472283015c7e75bad2"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x6a, 0x5, 0x2}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x459}}]})
tkill(0x0, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[], 0x15)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x38, 0x10, 0x439, 0x70bd25, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x54000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4008040)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000440)=ANY=[], 0xb0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x88, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")

1.031580653s ago: executing program 3 (id=4995):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000564404204e080110f9330800030109021b00010000000009040000014a90c200090588df7b"], 0x0)
syz_usb_connect$printer(0x5, 0x36, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000000000202505a8a4400001020301090224000101f9068e21072000090400aec6c5000304090501022f000505000905820200048108e6842c9d57d9a926dd9c78366b0e98af9bc04474dca3b061667cc109675689654d182a3a86b6ce6353cbf703c09f1559d88fe53781f452cf1520df8f53c109edf60c6d82ad8f8e80cb986766caf1ae1f655562a0a8b7bd02c6e62cf8ad8a6c972064701a5c1aa80d7ae85579"], &(0x7f0000000380)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x300, 0x17, 0x3, 0xfe, 0x20, 0x4}, 0x5a, &(0x7f0000000300)={0x5, 0xf, 0x5a, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x1, 0x80, 0xf4, 0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x7, 0x0, 0x9, 0xf0f, 0x8001}, @ssp_cap={0x24, 0x10, 0xa, 0x7, 0x6, 0x5, 0xf000, 0x0, [0xff0030, 0xff0000, 0xff0000, 0xc0, 0xff0000, 0x1f80]}, @generic={0xe, 0x10, 0xb, "bdeb472283015c7e75bad2"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x6a, 0x5, 0x2}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x459}}]})
tkill(0x0, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[], 0x15)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x38, 0x10, 0x439, 0x70bd25, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x54000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4008040)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000440)=ANY=[], 0xb0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x88, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x1, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==")
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)

721.381578ms ago: executing program 5 (id=4996):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])

703.653398ms ago: executing program 5 (id=4997):
syz_open_dev$usbmon(&(0x7f0000000080), 0xffffffffffff6176, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000ab3dc9350000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x7fff, <r5=>0x0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x68, 0x24, 0xf0b, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8, 0x8, 0x9}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffff}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x10}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x4}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x100}]}}]}, 0x68}}, 0x0)

0s ago: executing program 0 (id=4998):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x1080000, 0x0, 0x8, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r4=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4])

kernel console output (not intermixed with test programs):


[ 1357.667322][T16699] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1357.913954][T16714] overlayfs: failed to resolve './bus': -2
[ 1358.403243][  T931] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1358.904294][  T931] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1358.914524][  T931] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1358.983911][T16727] loop4: detected capacity change from 0 to 256
[ 1358.991546][T16727] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1359.004206][  T931] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1359.009088][T16727] FAT-fs (loop4): Directory bread(block 64) failed
[ 1359.018676][  T931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.020258][T16727] FAT-fs (loop4): Directory bread(block 65) failed
[ 1359.035045][T16727] FAT-fs (loop4): Directory bread(block 66) failed
[ 1359.036563][  T931] usb 3-1: Product: syz
[ 1359.041627][T16727] FAT-fs (loop4): Directory bread(block 67) failed
[ 1359.052622][T16727] FAT-fs (loop4): Directory bread(block 68) failed
[ 1359.054322][  T931] usb 3-1: Manufacturer: syz
[ 1359.059404][T16727] FAT-fs (loop4): Directory bread(block 69) failed
[ 1359.063878][  T931] usb 3-1: SerialNumber: syz
[ 1359.071501][T16727] FAT-fs (loop4): Directory bread(block 70) failed
[ 1359.108512][  T203] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1359.190811][T16729] loop3: detected capacity change from 0 to 256
[ 1359.208016][T16729] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1359.271577][T16729] FAT-fs (loop3): Directory bread(block 64) failed
[ 1359.278247][T16729] FAT-fs (loop3): Directory bread(block 65) failed
[ 1359.284924][T16729] FAT-fs (loop3): Directory bread(block 66) failed
[ 1359.291514][T16729] FAT-fs (loop3): Directory bread(block 67) failed
[ 1359.298141][T16729] FAT-fs (loop3): Directory bread(block 68) failed
[ 1359.304769][T16729] FAT-fs (loop3): Directory bread(block 69) failed
[ 1359.311391][T16729] FAT-fs (loop3): Directory bread(block 70) failed
[ 1359.318027][T16729] FAT-fs (loop3): Directory bread(block 71) failed
[ 1359.324650][T16729] FAT-fs (loop3): Directory bread(block 72) failed
[ 1359.331263][T16729] FAT-fs (loop3): Directory bread(block 73) failed
[ 1359.396073][T16727] FAT-fs (loop4): Directory bread(block 71) failed
[ 1359.432055][  T931] cdc_ncm 3-1:1.0: bind() failure
[ 1359.445563][  T931] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 1359.454194][T16727] FAT-fs (loop4): Directory bread(block 72) failed
[ 1359.460883][T16727] FAT-fs (loop4): Directory bread(block 73) failed
[ 1359.468951][  T931] cdc_ncm 3-1:1.1: bind() failure
[ 1359.479757][  T931] usb 3-1: USB disconnect, device number 92
[ 1359.664090][  T203] usb 1-1: Using ep0 maxpacket: 32
[ 1359.696482][  T203] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1359.707762][  T203] usb 1-1: config 0 has no interface number 0
[ 1359.750490][  T203] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1359.825346][  T203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.833645][  T203] usb 1-1: Product: syz
[ 1359.837865][  T203] usb 1-1: Manufacturer: syz
[ 1359.842496][  T203] usb 1-1: SerialNumber: syz
[ 1359.889503][  T931] usb 6-1: USB disconnect, device number 102
[ 1359.934770][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1360.097019][  T203] usb 1-1: config 0 descriptor??
[ 1360.104708][  T203] smsc95xx v2.0.0
[ 1360.720415][T16744] loop0: detected capacity change from 0 to 16
[ 1360.731742][T16744] erofs: (device loop0): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1360.945987][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1361.073177][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1361.674677][  T390] usb 4-1: new full-speed USB device number 97 using dummy_hcd
[ 1362.336914][  T390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1362.349535][  T390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1362.355202][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1362.362424][  T390] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1362.371782][  T203] smsc95xx: probe of 1-1:0.67 failed with error -71
[ 1362.381074][  T390] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1362.388815][  T203] usb 1-1: USB disconnect, device number 113
[ 1362.395938][  T390] usb 4-1: Manufacturer: syz
[ 1362.406061][  T390] usb 4-1: SerialNumber: syz
[ 1362.411235][  T390] usb 4-1: config 0 descriptor??
[ 1362.416586][T16752] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1362.424632][  T390] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input112
[ 1362.543736][    T6] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1362.630791][T16752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1362.639359][T16752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1362.651044][T16752] loop3: detected capacity change from 0 to 512
[ 1362.664290][T16752] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1363.074389][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1363.084791][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1363.095026][    T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1363.104350][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1363.112750][    T6] usb 5-1: SerialNumber: syz
[ 1363.117550][  T203] usb 1-1: new full-speed USB device number 114 using dummy_hcd
[ 1363.304234][  T203] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1363.315428][  T203] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1363.327854][  T203] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1363.337072][  T203] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1363.345320][  T203] usb 1-1: Manufacturer: syz
[ 1363.350757][    T6] usb 5-1: 0:2 : does not exist
[ 1363.357204][    T6] usb 5-1: USB disconnect, device number 90
[ 1363.363197][  T203] usb 1-1: SerialNumber: syz
[ 1363.390312][  T203] usb 1-1: config 0 descriptor??
[ 1363.395619][T16760] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1363.403977][  T203] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input113
[ 1363.620100][T16760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1363.628769][T16760] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1363.641421][T16760] loop0: detected capacity change from 0 to 512
[ 1363.649605][T16760] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1365.308968][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1365.331629][  T931] usb 4-1: USB disconnect, device number 97
[ 1365.374481][   T24] usb 1-1: USB disconnect, device number 114
[ 1365.384199][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1365.893748][   T24] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 1365.923179][    T6] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1366.084333][   T24] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1366.094355][   T24] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1366.104393][    T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1366.112841][   T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1366.114520][    T6] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1366.123591][    T6] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1366.133194][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1366.149232][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1366.150056][   T24] usb 1-1: Product: syz
[ 1366.162170][   T24] usb 1-1: Manufacturer: syz
[ 1366.163079][    T6] usb 3-1: SerialNumber: syz
[ 1366.167151][   T24] usb 1-1: SerialNumber: syz
[ 1366.381332][   T24] cdc_ncm 1-1:1.0: bind() failure
[ 1366.387736][    T6] usb 3-1: 0:2 : does not exist
[ 1366.389420][   T24] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1366.401864][    T6] usb 3-1: USB disconnect, device number 93
[ 1366.458921][   T24] cdc_ncm 1-1:1.1: bind() failure
[ 1366.476249][   T24] usb 1-1: USB disconnect, device number 115
[ 1366.772998][T16817] loop5: detected capacity change from 0 to 256
[ 1366.782430][T16817] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1366.816039][T16817] FAT-fs (loop5): Directory bread(block 64) failed
[ 1366.822931][T16817] FAT-fs (loop5): Directory bread(block 65) failed
[ 1366.843372][T16817] FAT-fs (loop5): Directory bread(block 66) failed
[ 1366.850482][T16817] FAT-fs (loop5): Directory bread(block 67) failed
[ 1366.858556][T16817] FAT-fs (loop5): Directory bread(block 68) failed
[ 1366.866426][T16817] FAT-fs (loop5): Directory bread(block 69) failed
[ 1366.873830][T16817] FAT-fs (loop5): Directory bread(block 70) failed
[ 1366.880879][T16817] FAT-fs (loop5): Directory bread(block 71) failed
[ 1366.887725][T16817] FAT-fs (loop5): Directory bread(block 72) failed
[ 1366.894611][T16817] FAT-fs (loop5): Directory bread(block 73) failed
[ 1367.553228][    T6] usb 3-1: new full-speed USB device number 94 using dummy_hcd
[ 1368.048367][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1368.059533][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1368.071825][    T6] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1368.081176][    T6] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1368.123792][    T6] usb 3-1: Manufacturer: syz
[ 1368.128842][    T6] usb 3-1: SerialNumber: syz
[ 1368.134742][    T6] usb 3-1: config 0 descriptor??
[ 1368.140638][T16823] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1368.149405][    T6] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input114
[ 1368.361861][T16823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1368.370451][T16823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1368.382113][T16823] loop2: detected capacity change from 0 to 512
[ 1368.390851][T16823] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1368.403214][  T203] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[ 1368.623034][T16855] overlayfs: failed to resolve './bus': -2
[ 1368.646509][    T6] usb 6-1: new full-speed USB device number 103 using dummy_hcd
[ 1368.703960][  T203] usb 1-1: Using ep0 maxpacket: 32
[ 1368.710515][  T203] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1368.719051][  T203] usb 1-1: config 0 has no interface number 0
[ 1368.727111][  T203] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1368.736451][  T203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1368.744733][  T203] usb 1-1: Product: syz
[ 1368.749134][  T203] usb 1-1: Manufacturer: syz
[ 1368.765815][T16859] loop4: detected capacity change from 0 to 256
[ 1368.772710][T16859] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1368.849734][T16859] FAT-fs (loop4): Directory bread(block 64) failed
[ 1368.856446][T16859] FAT-fs (loop4): Directory bread(block 65) failed
[ 1368.863106][T16859] FAT-fs (loop4): Directory bread(block 66) failed
[ 1368.869757][T16859] FAT-fs (loop4): Directory bread(block 67) failed
[ 1368.876418][T16859] FAT-fs (loop4): Directory bread(block 68) failed
[ 1368.883017][T16859] FAT-fs (loop4): Directory bread(block 69) failed
[ 1368.885715][  T203] usb 1-1: SerialNumber: syz
[ 1368.894317][T16859] FAT-fs (loop4): Directory bread(block 70) failed
[ 1368.900961][T16859] FAT-fs (loop4): Directory bread(block 71) failed
[ 1368.902004][  T203] usb 1-1: config 0 descriptor??
[ 1368.907706][T16859] FAT-fs (loop4): Directory bread(block 72) failed
[ 1368.914390][  T203] smsc95xx v2.0.0
[ 1368.919159][T16859] FAT-fs (loop4): Directory bread(block 73) failed
[ 1368.922865][    T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1368.941072][    T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1368.963200][    T6] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1368.972411][    T6] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1368.980861][    T6] usb 6-1: Manufacturer: syz
[ 1368.986863][    T6] usb 6-1: SerialNumber: syz
[ 1368.993775][    T6] usb 6-1: config 0 descriptor??
[ 1368.999181][T16843] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1369.008166][    T6] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input115
[ 1369.237687][T16843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1369.246454][T16843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1369.264290][T16843] loop5: detected capacity change from 0 to 512
[ 1369.276537][T16843] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1369.429015][T16863] overlayfs: failed to resolve './bus': -2
[ 1369.781777][T16865] loop0: detected capacity change from 0 to 16
[ 1369.789720][T16865] erofs: (device loop0): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1369.859799][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1369.957615][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1370.083311][  T931] usb 3-1: USB disconnect, device number 94
[ 1370.090875][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1370.693227][  T931] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1370.874362][  T931] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1370.884783][  T931] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1370.894804][  T931] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1370.904017][  T931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1370.912276][  T931] usb 5-1: SerialNumber: syz
[ 1371.122360][  T931] usb 5-1: 0:2 : does not exist
[ 1371.128673][  T931] usb 5-1: USB disconnect, device number 91
[ 1371.143474][  T203] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1371.517363][  T203] smsc95xx: probe of 1-1:0.67 failed with error -71
[ 1371.525332][  T203] usb 1-1: USB disconnect, device number 116
[ 1371.567502][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1371.573449][  T377] usb 6-1: USB disconnect, device number 103
[ 1371.646576][   T28] audit: type=1400 audit(1753567597.874:419): avc:  denied  { execute } for  pid=16893 comm="syz.3.4577" path=2F6D656D66643A0241BBCC960E6F1FE240CCB15967202864656C6574656429 dev="tmpfs" ino=511 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1371.784268][T16899] loop0: detected capacity change from 0 to 256
[ 1371.791008][T16899] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1371.808662][T16899] FAT-fs (loop0): Directory bread(block 64) failed
[ 1371.815323][T16899] FAT-fs (loop0): Directory bread(block 65) failed
[ 1371.821928][T16899] FAT-fs (loop0): Directory bread(block 66) failed
[ 1371.828541][T16899] FAT-fs (loop0): Directory bread(block 67) failed
[ 1371.865407][T16899] FAT-fs (loop0): Directory bread(block 68) failed
[ 1371.871990][T16899] FAT-fs (loop0): Directory bread(block 69) failed
[ 1371.878588][T16899] FAT-fs (loop0): Directory bread(block 70) failed
[ 1371.885153][T16899] FAT-fs (loop0): Directory bread(block 71) failed
[ 1371.891711][T16899] FAT-fs (loop0): Directory bread(block 72) failed
[ 1371.898255][T16899] FAT-fs (loop0): Directory bread(block 73) failed
[ 1372.265834][  T390] usb 6-1: new full-speed USB device number 104 using dummy_hcd
[ 1372.774517][  T390] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1372.788471][  T390] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1372.788872][T16922] 9pnet_fd: Insufficient options for proto=fd
[ 1372.811386][  T390] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1372.820573][  T390] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1372.828843][  T390] usb 6-1: Manufacturer: syz
[ 1372.834037][  T390] usb 6-1: SerialNumber: syz
[ 1372.839584][  T390] usb 6-1: config 0 descriptor??
[ 1372.846272][T16902] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1372.855341][  T390] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input116
[ 1372.925087][   T24] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1373.263848][T16902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1373.274956][T16902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1373.303288][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1373.314923][   T24] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1373.326229][T16902] loop5: detected capacity change from 0 to 512
[ 1373.332812][   T24] usb 4-1: config 0 has no interface number 0
[ 1373.348000][   T24] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1373.357732][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.367163][   T24] usb 4-1: Product: syz
[ 1373.371795][   T24] usb 4-1: Manufacturer: syz
[ 1373.377467][   T24] usb 4-1: SerialNumber: syz
[ 1373.386396][   T24] usb 4-1: config 0 descriptor??
[ 1373.395106][   T24] smsc95xx v2.0.0
[ 1373.410627][T16902] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1374.160077][ T1513] usb 6-1: USB disconnect, device number 104
[ 1374.180395][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1374.279325][T16936] loop3: detected capacity change from 0 to 16
[ 1374.286355][T16936] erofs: (device loop3): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1374.319227][T16948] loop4: detected capacity change from 0 to 512
[ 1374.459831][   T24] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1374.472865][T16948] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1374.483374][T16948] overlayfs: failed to resolve './bus': -2
[ 1374.497392][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1374.514652][   T24] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1374.571439][T16956] loop0: detected capacity change from 0 to 256
[ 1374.578274][T16956] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1374.605325][T16956] FAT-fs (loop0): Directory bread(block 64) failed
[ 1374.612022][T16956] FAT-fs (loop0): Directory bread(block 65) failed
[ 1374.619254][T16956] FAT-fs (loop0): Directory bread(block 66) failed
[ 1374.625902][T16956] FAT-fs (loop0): Directory bread(block 67) failed
[ 1374.632598][T16956] FAT-fs (loop0): Directory bread(block 68) failed
[ 1374.639205][T16956] FAT-fs (loop0): Directory bread(block 69) failed
[ 1374.645828][T16956] FAT-fs (loop0): Directory bread(block 70) failed
[ 1374.652409][T16956] FAT-fs (loop0): Directory bread(block 71) failed
[ 1374.659040][T16956] FAT-fs (loop0): Directory bread(block 72) failed
[ 1374.665619][T16956] FAT-fs (loop0): Directory bread(block 73) failed
[ 1374.863202][T11600] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1375.044425][T11600] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1375.096441][T11600] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1375.108068][T11600] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1375.149087][T11600] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1375.157192][T11600] usb 5-1: SerialNumber: syz
[ 1375.173207][  T203] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1375.253256][ T1513] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[ 1375.354365][  T203] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1375.364651][  T203] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1375.375292][T11600] usb 5-1: 0:2 : does not exist
[ 1375.375337][  T203] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1375.382518][T11600] usb 5-1: USB disconnect, device number 92
[ 1375.389432][  T203] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1375.403436][  T203] usb 3-1: SerialNumber: syz
[ 1375.434295][ T1513] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1375.444836][ T1513] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1375.454582][ T1513] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1375.463763][ T1513] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1375.471834][ T1513] usb 6-1: SerialNumber: syz
[ 1375.525063][   T24] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1375.536076][   T24] smsc95xx: probe of 4-1:0.67 failed with error -71
[ 1375.544093][   T24] usb 4-1: USB disconnect, device number 98
[ 1375.611191][  T203] usb 3-1: 0:2 : does not exist
[ 1375.616223][  T203] usb 3-1: unit 5 not found!
[ 1375.622294][  T203] usb 3-1: USB disconnect, device number 95
[ 1375.685380][ T1513] usb 6-1: 0:2 : does not exist
[ 1375.691409][ T1513] usb 6-1: USB disconnect, device number 105
[ 1375.953217][   T24] usb 4-1: new full-speed USB device number 99 using dummy_hcd
[ 1376.029426][T16969] loop0: detected capacity change from 0 to 512
[ 1376.045204][T16969] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1376.054426][T16969] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1376.066125][T16969] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.4603: path /298/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1376.119023][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1376.134311][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1376.145809][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1376.158701][   T24] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1376.168478][   T24] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1376.178058][   T24] usb 4-1: Manufacturer: syz
[ 1376.182680][   T24] usb 4-1: SerialNumber: syz
[ 1376.197446][   T24] usb 4-1: config 0 descriptor??
[ 1376.208616][T16964] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1376.218445][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input117
[ 1376.463097][T16964] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1376.472021][T16964] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1376.486484][T16964] loop3: detected capacity change from 0 to 512
[ 1376.495458][T16964] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1376.562728][ T1513] usb 1-1: new full-speed USB device number 117 using dummy_hcd
[ 1376.784797][ T1513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1376.795937][ T1513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1376.807912][ T1513] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1376.817066][ T1513] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1376.825146][ T1513] usb 1-1: Manufacturer: syz
[ 1376.829808][ T1513] usb 1-1: SerialNumber: syz
[ 1376.835206][ T1513] usb 1-1: config 0 descriptor??
[ 1376.840519][T16977] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1376.849013][ T1513] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input118
[ 1377.023183][  T203] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1377.051761][T16977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1377.060437][T16977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1377.113189][T16977] loop0: detected capacity change from 0 to 512
[ 1377.121902][T16996] 9pnet_fd: Insufficient options for proto=fd
[ 1377.132255][T16977] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1377.201257][T17003] loop5: detected capacity change from 0 to 512
[ 1377.224941][ T1513] usb 1-1: USB disconnect, device number 117
[ 1377.232653][  T203] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1377.234939][T17007] loop2: detected capacity change from 0 to 512
[ 1377.244436][  T203] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1377.259852][T17003] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1377.261117][  T203] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1377.269496][T17003] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1377.279130][  T203] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1377.291212][T17007] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1377.305594][T17007] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1377.316198][  T203] usb 5-1: SerialNumber: syz
[ 1377.317723][T17003] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz.5.4613: path /289/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1377.343532][T17007] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 3: comm syz.2.4615: path /358/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1377.411584][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1377.426942][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1377.542934][  T203] usb 5-1: 0:2 : does not exist
[ 1377.547934][  T203] usb 5-1: unit 5 not found!
[ 1377.554290][  T203] usb 5-1: USB disconnect, device number 93
[ 1377.713233][   T24] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 1377.770451][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1377.894289][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1377.904512][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1377.951211][   T24] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1378.000830][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1378.070440][   T24] usb 6-1: SerialNumber: syz
[ 1378.682161][  T377] usb 4-1: USB disconnect, device number 99
[ 1378.725996][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1378.929085][   T24] usb 6-1: 0:2 : does not exist
[ 1378.939029][   T24] usb 6-1: USB disconnect, device number 106
[ 1379.034877][T17035] loop4: detected capacity change from 0 to 256
[ 1379.042446][T17035] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1379.062199][T17035] FAT-fs (loop4): Directory bread(block 64) failed
[ 1379.069803][T17035] FAT-fs (loop4): Directory bread(block 65) failed
[ 1379.076656][T17035] FAT-fs (loop4): Directory bread(block 66) failed
[ 1379.083549][T17035] FAT-fs (loop4): Directory bread(block 67) failed
[ 1379.090173][T17035] FAT-fs (loop4): Directory bread(block 68) failed
[ 1379.097483][T17035] FAT-fs (loop4): Directory bread(block 69) failed
[ 1379.104414][T17035] FAT-fs (loop4): Directory bread(block 70) failed
[ 1379.111106][T17035] FAT-fs (loop4): Directory bread(block 71) failed
[ 1379.117934][T17035] FAT-fs (loop4): Directory bread(block 72) failed
[ 1379.124732][T17035] FAT-fs (loop4): Directory bread(block 73) failed
[ 1379.253191][  T377] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1379.423204][  T377] usb 4-1: device descriptor read/64, error -71
[ 1379.435383][T17054] loop0: detected capacity change from 0 to 256
[ 1379.448709][T17054] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1379.483023][T17054] FAT-fs (loop0): Directory bread(block 64) failed
[ 1379.498538][T17054] FAT-fs (loop0): Directory bread(block 65) failed
[ 1379.511750][T17054] FAT-fs (loop0): Directory bread(block 66) failed
[ 1379.525999][T17054] FAT-fs (loop0): Directory bread(block 67) failed
[ 1379.541086][T17054] FAT-fs (loop0): Directory bread(block 68) failed
[ 1379.560715][T17054] FAT-fs (loop0): Directory bread(block 69) failed
[ 1379.580377][T17054] FAT-fs (loop0): Directory bread(block 70) failed
[ 1379.604015][T17054] FAT-fs (loop0): Directory bread(block 71) failed
[ 1379.618257][T17054] FAT-fs (loop0): Directory bread(block 72) failed
[ 1379.631390][T17054] FAT-fs (loop0): Directory bread(block 73) failed
[ 1379.693195][  T377] usb 4-1: device descriptor read/64, error -71
[ 1380.307434][  T377] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1380.468724][T17067] loop5: detected capacity change from 0 to 128
[ 1380.475161][  T377] usb 4-1: device descriptor read/64, error -71
[ 1380.507719][T17067] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1380.523705][T17067] ext4 filesystem being mounted at /294/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1381.732000][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1381.753216][  T377] usb 4-1: device descriptor read/64, error -71
[ 1381.883287][  T377] usb usb4-port1: attempt power cycle
[ 1384.343160][T11316] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1384.442660][T17118] loop5: detected capacity change from 0 to 128
[ 1384.457163][T17118] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1384.466322][T17118] ext4 filesystem being mounted at /298/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1384.584721][T11316] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1384.600834][T11316] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1384.729356][T11316] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1384.779327][T11316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1384.920386][T11316] usb 5-1: SerialNumber: syz
[ 1385.533984][T17146] loop2: detected capacity change from 0 to 256
[ 1385.549165][T17146] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1389.976261][T11316] usb 5-1: 0:2 : does not exist
[ 1389.982868][T11316] usb 5-1: USB disconnect, device number 94
[ 1389.995800][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1390.007976][T17146] FAT-fs (loop2): Directory bread(block 64) failed
[ 1390.014895][T17146] FAT-fs (loop2): Directory bread(block 65) failed
[ 1390.021481][T17146] FAT-fs (loop2): Directory bread(block 66) failed
[ 1390.028084][T17146] FAT-fs (loop2): Directory bread(block 67) failed
[ 1390.034697][T17146] FAT-fs (loop2): Directory bread(block 68) failed
[ 1390.041259][T17146] FAT-fs (loop2): Directory bread(block 69) failed
[ 1390.047869][T17146] FAT-fs (loop2): Directory bread(block 70) failed
[ 1390.054427][T17146] FAT-fs (loop2): Directory bread(block 71) failed
[ 1390.061025][T17146] FAT-fs (loop2): Directory bread(block 72) failed
[ 1390.067650][T17146] FAT-fs (loop2): Directory bread(block 73) failed
[ 1394.971952][T17177] loop0: detected capacity change from 0 to 512
[ 1394.985243][T17177] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1395.003356][T17177] ext4 filesystem being mounted at /312/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1395.022448][T17177] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.4670: path /312/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1395.124441][T17190] loop5: detected capacity change from 0 to 128
[ 1395.132761][T17190] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1395.149706][  T377] usb 3-1: new full-speed USB device number 96 using dummy_hcd
[ 1395.157491][T17190] ext4 filesystem being mounted at /301/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1395.168723][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1395.334580][  T377] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1395.346311][ T1513] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1395.464972][  T377] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1395.590881][  T377] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1395.602175][  T377] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1395.612398][  T377] usb 3-1: Manufacturer: syz
[ 1395.620247][  T377] usb 3-1: SerialNumber: syz
[ 1395.729208][ T1513] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1395.800440][  T377] usb 3-1: config 0 descriptor??
[ 1395.807696][ T1513] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1395.880876][T17171] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1395.970780][  T377] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input119
[ 1395.991973][ T1513] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1396.001520][ T1513] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1396.009715][ T1513] usb 4-1: SerialNumber: syz
[ 1396.147859][T17171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1396.168083][T17171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1396.672450][T17171] loop2: detected capacity change from 0 to 512
[ 1396.685536][T17171] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1396.700216][ T1513] usb 4-1: 0:2 : does not exist
[ 1396.706521][ T1513] usb 4-1: USB disconnect, device number 103
[ 1396.726514][  T695] usb 3-1: USB disconnect, device number 96
[ 1396.778875][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1396.829324][T17220] loop5: detected capacity change from 0 to 512
[ 1396.835884][T17220] EXT4-fs: Ignoring removed oldalloc option
[ 1396.842355][T17220] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1396.852417][T17220] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1396.859269][T17220] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[ 1396.868914][T17220] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[ 1396.878528][T17220] EXT4-fs error (device loop5): ext4_acquire_dquot:6801: comm syz.5.4683: Failed to acquire dquot type 1
[ 1396.890457][T17220] EXT4-fs (loop5): 1 truncate cleaned up
[ 1396.896363][T17220] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1396.914787][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1397.033207][   T24] usb 1-1: new full-speed USB device number 118 using dummy_hcd
[ 1397.304831][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1397.360845][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1397.411446][T17234] loop3: detected capacity change from 0 to 512
[ 1397.425135][T17234] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1397.434614][T17234] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1397.449454][T17234] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.4689: path /343/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1397.455650][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1397.493667][   T24] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1397.502786][   T24] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1397.510916][   T24] usb 1-1: Manufacturer: syz
[ 1397.515619][   T24] usb 1-1: SerialNumber: syz
[ 1397.548070][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1397.634884][   T24] usb 1-1: config 0 descriptor??
[ 1397.640315][T17218] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1397.648769][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input120
[ 1397.753217][ T1513] usb 3-1: new full-speed USB device number 97 using dummy_hcd
[ 1398.214947][T17218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1398.223664][T17218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1398.240997][T17218] loop0: detected capacity change from 0 to 512
[ 1398.275993][T17218] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1398.287469][ T1513] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1398.299117][ T1513] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1398.313774][T17218] overlayfs: failed to resolve './bus': -2
[ 1398.317224][ T1513] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1398.328851][ T1513] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1398.337696][ T1513] usb 3-1: Manufacturer: syz
[ 1398.342486][ T1513] usb 3-1: SerialNumber: syz
[ 1398.352483][ T1513] usb 3-1: config 0 descriptor??
[ 1398.357877][T17239] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1398.366210][  T695] usb 1-1: USB disconnect, device number 118
[ 1398.376143][ T1513] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input121
[ 1398.575622][T17239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1398.584399][T17239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1398.597100][T17239] loop2: detected capacity change from 0 to 512
[ 1398.623587][T17239] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1398.943435][T17260] overlayfs: failed to resolve './bus': -2
[ 1399.237312][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1399.253925][T17263] loop0: detected capacity change from 0 to 128
[ 1399.262606][T17263] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1399.271622][T17263] ext4 filesystem being mounted at /319/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1399.298034][T17257] loop3: detected capacity change from 0 to 256
[ 1399.304796][T17257] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1399.322081][T17257] FAT-fs (loop3): Directory bread(block 64) failed
[ 1399.328805][T17257] FAT-fs (loop3): Directory bread(block 65) failed
[ 1399.335451][T17257] FAT-fs (loop3): Directory bread(block 66) failed
[ 1399.342052][T17257] FAT-fs (loop3): Directory bread(block 67) failed
[ 1399.348689][T17257] FAT-fs (loop3): Directory bread(block 68) failed
[ 1399.355303][T17257] FAT-fs (loop3): Directory bread(block 69) failed
[ 1399.361924][T17257] FAT-fs (loop3): Directory bread(block 70) failed
[ 1399.368558][T17257] FAT-fs (loop3): Directory bread(block 71) failed
[ 1399.375352][T17257] FAT-fs (loop3): Directory bread(block 72) failed
[ 1399.381958][T17257] FAT-fs (loop3): Directory bread(block 73) failed
[ 1399.724816][  T695] usb 6-1: new full-speed USB device number 107 using dummy_hcd
[ 1400.104273][  T695] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1400.115440][  T695] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1400.589489][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1400.596432][  T695] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1400.606075][  T695] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1400.606571][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1400.621900][T11316] usb 3-1: USB disconnect, device number 97
[ 1400.626201][  T695] usb 6-1: Manufacturer: syz
[ 1400.632662][  T695] usb 6-1: SerialNumber: syz
[ 1400.638616][  T695] usb 6-1: config 0 descriptor??
[ 1400.644518][T17266] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1400.659639][  T695] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input122
[ 1400.953431][  T744] usb 1-1: new full-speed USB device number 119 using dummy_hcd
[ 1401.050129][T17266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1401.058867][T17266] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1401.071836][T17266] loop5: detected capacity change from 0 to 512
[ 1401.080352][T17266] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1401.275013][T17291] overlayfs: failed to resolve './bus': -2
[ 1401.286073][  T744] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1401.297248][  T744] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1401.321495][  T744] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1401.362660][  T744] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1401.387843][  T744] usb 1-1: Manufacturer: syz
[ 1401.405060][  T744] usb 1-1: SerialNumber: syz
[ 1402.041835][  T744] usb 1-1: config 0 descriptor??
[ 1402.062182][T17276] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1402.444968][  T744] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input123
[ 1402.591455][   T24] usb 6-1: USB disconnect, device number 107
[ 1402.630067][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1402.644839][T17311] loop5: detected capacity change from 0 to 128
[ 1402.652898][T17311] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1402.661868][T17311] ext4 filesystem being mounted at /307/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1402.665791][T17276] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1402.680731][T17276] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1402.694854][T17276] loop0: detected capacity change from 0 to 512
[ 1402.714159][T17276] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1402.733016][ T1513] usb 1-1: USB disconnect, device number 119
[ 1402.753215][  T744] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1402.903267][T11316] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1402.935156][  T744] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1402.945881][  T744] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1402.957846][  T744] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1402.973491][  T744] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1402.982086][  T744] usb 3-1: SerialNumber: syz
[ 1403.106537][T11316] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1403.121582][T11316] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1403.139720][T11316] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1403.150626][T11316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1403.160311][T11316] usb 4-1: SerialNumber: syz
[ 1403.337843][  T744] usb 3-1: 0:2 : does not exist
[ 1403.396010][  T744] usb 3-1: USB disconnect, device number 98
[ 1403.412035][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1403.422566][T11316] usb 4-1: 0:2 : does not exist
[ 1403.437294][T11316] usb 4-1: USB disconnect, device number 104
[ 1403.692353][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1404.003315][ T1513] usb 1-1: new full-speed USB device number 120 using dummy_hcd
[ 1404.053200][  T377] usb 6-1: new full-speed USB device number 108 using dummy_hcd
[ 1404.184251][ T1513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1404.195429][ T1513] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1404.215342][ T1513] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1404.224577][ T1513] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1404.232597][ T1513] usb 1-1: Manufacturer: syz
[ 1404.237574][ T1513] usb 1-1: SerialNumber: syz
[ 1404.243311][  T377] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1404.257917][  T377] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1404.269808][ T1513] usb 1-1: config 0 descriptor??
[ 1404.277338][T17318] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1404.286192][ T1513] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input124
[ 1404.304676][  T377] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1404.316501][  T377] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1404.324606][  T377] usb 6-1: Manufacturer: syz
[ 1404.329280][  T377] usb 6-1: SerialNumber: syz
[ 1404.334750][  T377] usb 6-1: config 0 descriptor??
[ 1404.340330][T17327] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1404.349004][  T377] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input125
[ 1405.406564][T17318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1405.415895][T17318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1405.419194][T17327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1405.432222][T17327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1405.437240][T17318] loop0: detected capacity change from 0 to 512
[ 1405.448422][T17327] loop5: detected capacity change from 0 to 512
[ 1405.457953][T17327] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1405.460182][T17318] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1405.612331][T17327] overlayfs: failed to resolve './bus': -2
[ 1406.053358][T17351] overlayfs: failed to resolve './bus': -2
[ 1406.345653][  T377] usb 6-1: USB disconnect, device number 108
[ 1406.353420][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1407.018023][T17363] loop4: detected capacity change from 0 to 128
[ 1407.026681][T17363] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1407.035951][T17363] ext4 filesystem being mounted at /333/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1408.285009][T11316] usb 1-1: USB disconnect, device number 120
[ 1408.292827][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1408.299845][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1408.462812][T17392] loop2: detected capacity change from 0 to 128
[ 1408.719403][  T377] usb 6-1: new full-speed USB device number 109 using dummy_hcd
[ 1408.729995][T17397] loop3: detected capacity change from 0 to 256
[ 1408.745066][T17397] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1408.760145][T17392] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1408.764905][T17397] FAT-fs (loop3): Directory bread(block 64) failed
[ 1408.775381][T17397] FAT-fs (loop3): Directory bread(block 65) failed
[ 1408.781997][T17397] FAT-fs (loop3): Directory bread(block 66) failed
[ 1408.788603][T17397] FAT-fs (loop3): Directory bread(block 67) failed
[ 1408.795211][T17397] FAT-fs (loop3): Directory bread(block 68) failed
[ 1408.801793][T17397] FAT-fs (loop3): Directory bread(block 69) failed
[ 1408.808571][T17397] FAT-fs (loop3): Directory bread(block 70) failed
[ 1408.815165][T17397] FAT-fs (loop3): Directory bread(block 71) failed
[ 1408.821757][T17397] FAT-fs (loop3): Directory bread(block 72) failed
[ 1408.828354][T17397] FAT-fs (loop3): Directory bread(block 73) failed
[ 1408.851880][T17392] ext4 filesystem being mounted at /387/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1409.009543][  T377] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1409.021172][  T377] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1409.036090][  T377] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1409.045549][  T377] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1409.053875][  T377] usb 6-1: Manufacturer: syz
[ 1409.058752][  T377] usb 6-1: SerialNumber: syz
[ 1409.076793][  T377] usb 6-1: config 0 descriptor??
[ 1409.085195][T17358] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1409.114046][  T377] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input126
[ 1409.133176][    C1] kbtab 6-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[ 1409.312801][T17358] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1409.321490][T17358] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1409.335861][T17358] loop5: detected capacity change from 0 to 512
[ 1409.344582][T17358] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1411.022346][T11316] usb 6-1: USB disconnect, device number 109
[ 1411.030190][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1411.070137][T17410] loop3: detected capacity change from 0 to 128
[ 1411.179914][T17410] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1411.189160][T17410] ext4 filesystem being mounted at /363/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1412.537490][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1412.754625][T17427] loop5: detected capacity change from 0 to 512
[ 1412.764540][T17427] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1412.808406][T17427] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1412.827442][T17427] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz.5.4744: path /314/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1413.335550][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1413.492631][T11316] usb 5-1: new full-speed USB device number 95 using dummy_hcd
[ 1413.501042][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1413.936142][  T377] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1413.954279][T11316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1413.965369][T11316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1413.977660][T11316] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1413.991260][T11316] usb 5-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1414.000421][T11316] usb 5-1: Manufacturer: syz
[ 1414.006052][T11316] usb 5-1: SerialNumber: syz
[ 1414.014355][T11316] usb 5-1: config 0 descriptor??
[ 1414.020292][T17419] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1414.195493][T17461] loop3: detected capacity change from 0 to 256
[ 1414.204645][T17461] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1414.241941][T17461] FAT-fs (loop3): Directory bread(block 64) failed
[ 1414.248684][T17461] FAT-fs (loop3): Directory bread(block 65) failed
[ 1414.255520][T17461] FAT-fs (loop3): Directory bread(block 66) failed
[ 1414.262165][T17461] FAT-fs (loop3): Directory bread(block 67) failed
[ 1414.269025][T17461] FAT-fs (loop3): Directory bread(block 68) failed
[ 1414.275668][T17461] FAT-fs (loop3): Directory bread(block 69) failed
[ 1414.282483][T17461] FAT-fs (loop3): Directory bread(block 70) failed
[ 1414.289139][T17461] FAT-fs (loop3): Directory bread(block 71) failed
[ 1414.295886][T17461] FAT-fs (loop3): Directory bread(block 72) failed
[ 1414.302503][T17461] FAT-fs (loop3): Directory bread(block 73) failed
[ 1414.360026][T11316] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input127
[ 1414.597789][T17419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1414.607339][T17419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1414.726685][T17419] loop4: detected capacity change from 0 to 512
[ 1414.735028][T17419] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1414.931968][T17466] overlayfs: failed to resolve './bus': -2
[ 1415.092446][T17468] FAULT_INJECTION: forcing a failure.
[ 1415.092446][T17468] name failslab, interval 1, probability 0, space 0, times 0
[ 1415.105159][T17468] CPU: 0 PID: 17468 Comm: syz.3.4754 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1415.115077][T17468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1415.125140][T17468] Call Trace:
[ 1415.128447][T17468]  <TASK>
[ 1415.131389][T17468]  __dump_stack+0x21/0x24
[ 1415.135743][T17468]  dump_stack_lvl+0xee/0x150
[ 1415.140379][T17468]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1415.145420][T17468]  ? __kasan_check_write+0x14/0x20
[ 1415.150545][T17468]  dump_stack+0x15/0x24
[ 1415.154712][T17468]  should_fail_ex+0x3d4/0x520
[ 1415.159397][T17468]  ? getname_flags+0xb9/0x500
[ 1415.164089][T17468]  __should_failslab+0xac/0xf0
[ 1415.168864][T17468]  should_failslab+0x9/0x20
[ 1415.173387][T17468]  kmem_cache_alloc+0x3b/0x330
[ 1415.178172][T17468]  getname_flags+0xb9/0x500
[ 1415.182697][T17468]  getname+0x19/0x20
[ 1415.186611][T17468]  do_sys_openat2+0xcb/0x7e0
[ 1415.191209][T17468]  ? __kasan_check_write+0x14/0x20
[ 1415.196337][T17468]  ? do_sys_open+0xe0/0xe0
[ 1415.200763][T17468]  ? ksys_write+0x1eb/0x240
[ 1415.205284][T17468]  ? __cfi_ksys_write+0x10/0x10
[ 1415.210157][T17468]  __x64_sys_openat+0x136/0x160
[ 1415.215032][T17468]  x64_sys_call+0x783/0x9a0
[ 1415.219545][T17468]  do_syscall_64+0x4c/0xa0
[ 1415.223982][T17468]  ? clear_bhb_loop+0x30/0x80
[ 1415.228674][T17468]  ? clear_bhb_loop+0x30/0x80
[ 1415.233365][T17468]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1415.239267][T17468] RIP: 0033:0x7ffaff78e9a9
[ 1415.243687][T17468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1415.263298][T17468] RSP: 002b:00007ffb00672038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1415.271723][T17468] RAX: ffffffffffffffda RBX: 00007ffaff9b6160 RCX: 00007ffaff78e9a9
[ 1415.279704][T17468] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[ 1415.287684][T17468] RBP: 00007ffb00672090 R08: 0000000000000000 R09: 0000000000000000
[ 1415.295660][T17468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1415.303634][T17468] R13: 0000000000000000 R14: 00007ffaff9b6160 R15: 00007ffc5df91848
[ 1415.311620][T17468]  </TASK>
[ 1415.704341][  T377] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1415.714811][  T377] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1415.728988][  T377] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1415.765618][  T377] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1415.773986][  T377] usb 3-1: SerialNumber: syz
[ 1415.920894][T17475] loop5: detected capacity change from 0 to 256
[ 1415.927591][T17475] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1415.945478][T17475] FAT-fs (loop5): Directory bread(block 64) failed
[ 1415.952051][T17475] FAT-fs (loop5): Directory bread(block 65) failed
[ 1415.958644][T17475] FAT-fs (loop5): Directory bread(block 66) failed
[ 1415.965252][T17475] FAT-fs (loop5): Directory bread(block 67) failed
[ 1415.971791][T17475] FAT-fs (loop5): Directory bread(block 68) failed
[ 1415.978339][T17475] FAT-fs (loop5): Directory bread(block 69) failed
[ 1415.984934][T17475] FAT-fs (loop5): Directory bread(block 70) failed
[ 1415.991508][T17475] FAT-fs (loop5): Directory bread(block 71) failed
[ 1415.998193][T17475] FAT-fs (loop5): Directory bread(block 72) failed
[ 1416.004797][T17475] FAT-fs (loop5): Directory bread(block 73) failed
[ 1416.013206][  T390] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1416.014958][  T377] usb 3-1: 0:2 : does not exist
[ 1416.029105][  T377] usb 3-1: USB disconnect, device number 99
[ 1416.204345][  T390] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1416.214637][  T390] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1416.224257][  T390] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1416.233389][  T390] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1416.241431][  T390] usb 4-1: SerialNumber: syz
[ 1416.449695][  T390] usb 4-1: 0:2 : does not exist
[ 1416.455907][  T390] usb 4-1: USB disconnect, device number 105
[ 1416.709392][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1416.754320][T11316] usb 5-1: USB disconnect, device number 95
[ 1418.586469][  T377] usb 4-1: new full-speed USB device number 106 using dummy_hcd
[ 1419.664794][  T377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1419.676015][  T377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1419.688177][  T377] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1419.697305][  T377] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1419.705375][  T377] usb 4-1: Manufacturer: syz
[ 1419.709989][  T377] usb 4-1: SerialNumber: syz
[ 1419.715223][  T377] usb 4-1: config 0 descriptor??
[ 1419.720418][T17497] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1419.728480][  T377] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input128
[ 1419.803186][  T744] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1419.931238][T17497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1419.939810][T17497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1419.951186][T17497] loop3: detected capacity change from 0 to 512
[ 1419.959442][T17497] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1420.012632][  T390] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1420.021618][  T744] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1420.031970][  T744] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1420.041646][  T744] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1420.050747][  T744] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1420.058774][  T744] usb 5-1: SerialNumber: syz
[ 1420.136684][T17527] overlayfs: failed to resolve './bus': -2
[ 1420.221801][  T390] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1420.243148][  T390] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1420.254542][  T390] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1420.267486][  T390] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1420.275665][  T390] usb 3-1: SerialNumber: syz
[ 1420.293377][  T744] usb 5-1: 0:2 : does not exist
[ 1420.325399][  T744] usb 5-1: USB disconnect, device number 96
[ 1420.519400][  T390] usb 3-1: 0:2 : does not exist
[ 1420.525622][  T390] usb 3-1: USB disconnect, device number 100
[ 1421.012210][   T28] audit: type=1400 audit(1753567647.234:420): avc:  denied  { sqpoll } for  pid=17530 comm="syz.0.4777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1421.094917][  T390] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1421.519052][T11316] usb 4-1: USB disconnect, device number 106
[ 1421.541011][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1421.604276][  T390] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1421.614652][  T390] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1421.625172][  T390] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1421.634549][  T390] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1421.642710][  T390] usb 5-1: SerialNumber: syz
[ 1421.653203][  T744] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1421.834330][  T744] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1421.844588][  T744] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1421.854273][  T744] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1421.863453][  T744] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1421.871537][  T744] usb 1-1: SerialNumber: syz
[ 1421.877020][  T390] usb 5-1: 0:2 : does not exist
[ 1421.883589][  T390] usb 5-1: USB disconnect, device number 97
[ 1422.219033][T11316] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1422.243398][  T744] usb 1-1: 0:2 : does not exist
[ 1422.249985][  T744] usb 1-1: unit 5 not found!
[ 1422.262164][  T744] usb 1-1: USB disconnect, device number 121
[ 1422.421493][T11316] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1422.432078][T11316] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1422.443994][T11316] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1422.453724][T11316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1422.461860][T11316] usb 4-1: SerialNumber: syz
[ 1422.725973][T11316] usb 4-1: 0:2 : does not exist
[ 1423.211287][T11316] usb 4-1: USB disconnect, device number 107
[ 1423.650630][ T7469] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1423.884771][ T7469] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1423.916403][ T7469] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1423.996735][ T7469] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1424.006007][ T7469] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1424.015565][ T7469] usb 3-1: SerialNumber: syz
[ 1424.541706][ T7469] usb 3-1: 0:2 : does not exist
[ 1424.609399][ T7469] usb 3-1: USB disconnect, device number 101
[ 1425.615755][T11316] usb 5-1: new full-speed USB device number 98 using dummy_hcd
[ 1425.814262][T11316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1425.825332][T11316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1425.841082][T11316] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1425.850973][T11316] usb 5-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1425.861646][T11316] usb 5-1: Manufacturer: syz
[ 1425.868217][T11316] usb 5-1: SerialNumber: syz
[ 1425.887013][T11316] usb 5-1: config 0 descriptor??
[ 1425.893972][T17581] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1425.914488][T11316] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input129
[ 1425.933379][ T7469] usb 3-1: new full-speed USB device number 102 using dummy_hcd
[ 1426.112612][T17581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1426.121132][T17581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1426.124450][ T7469] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1426.134375][T17581] loop4: detected capacity change from 0 to 512
[ 1426.140354][ T7469] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1426.158821][T17581] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1426.167360][ T7469] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1426.176553][ T7469] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1426.191992][ T7469] usb 3-1: Manufacturer: syz
[ 1426.199077][ T7469] usb 3-1: SerialNumber: syz
[ 1426.204480][ T7469] usb 3-1: config 0 descriptor??
[ 1426.210055][T17591] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1426.224376][ T7469] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input130
[ 1426.352826][T17604] overlayfs: failed to resolve './bus': -2
[ 1426.530832][T17591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1426.539696][ T7469] usb 6-1: new full-speed USB device number 110 using dummy_hcd
[ 1426.540077][T17591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1426.807477][ T7469] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1426.826500][T17591] loop2: detected capacity change from 0 to 512
[ 1426.834006][ T7469] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1426.868968][T17591] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1426.877421][T17611] loop3: detected capacity change from 0 to 512
[ 1426.878904][ T7469] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1426.893165][ T7469] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1426.902214][ T7469] usb 6-1: Manufacturer: syz
[ 1426.909990][ T7469] usb 6-1: SerialNumber: syz
[ 1426.930430][ T7469] usb 6-1: config 0 descriptor??
[ 1426.931512][T17611] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1426.945352][T17602] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1426.945614][T17611] ext4 filesystem being mounted at /378/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1426.963526][  T744] usb 3-1: USB disconnect, device number 102
[ 1427.012922][ T7469] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input131
[ 1427.302117][T17616] loop0: detected capacity change from 0 to 256
[ 1427.308900][T17616] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1427.926832][T17616] FAT-fs (loop0): Directory bread(block 64) failed
[ 1427.934019][T17616] FAT-fs (loop0): Directory bread(block 65) failed
[ 1427.943241][T17616] FAT-fs (loop0): Directory bread(block 66) failed
[ 1427.950471][T17616] FAT-fs (loop0): Directory bread(block 67) failed
[ 1427.958695][T17616] FAT-fs (loop0): Directory bread(block 68) failed
[ 1427.965870][T17616] FAT-fs (loop0): Directory bread(block 69) failed
[ 1427.973997][T17616] FAT-fs (loop0): Directory bread(block 70) failed
[ 1427.981358][T17616] FAT-fs (loop0): Directory bread(block 71) failed
[ 1427.988552][T17616] FAT-fs (loop0): Directory bread(block 72) failed
[ 1427.995778][T17616] FAT-fs (loop0): Directory bread(block 73) failed
[ 1428.478606][  T377] usb 5-1: USB disconnect, device number 98
[ 1428.485339][T17611] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.4803: path /378/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1428.486240][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1428.506109][T17602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1428.524653][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1428.533387][T17602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1428.539512][T17618] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4805'.
[ 1428.567179][T17602] loop5: detected capacity change from 0 to 512
[ 1428.666069][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1428.674352][T17602] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1430.829454][T17638] overlayfs: failed to resolve './bus': -2
[ 1431.482122][T17643] 9p: Unknown access argument 18446744073709551615: -34
[ 1431.524227][  T744] usb 6-1: USB disconnect, device number 110
[ 1431.531042][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1431.660759][T12768] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[ 1432.767455][T17662] FAULT_INJECTION: forcing a failure.
[ 1432.767455][T17662] name failslab, interval 1, probability 0, space 0, times 0
[ 1432.780223][T17662] CPU: 0 PID: 17662 Comm: syz.4.4817 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1432.790127][T17662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1432.800188][T17662] Call Trace:
[ 1432.803479][T17662]  <TASK>
[ 1432.806426][T17662]  __dump_stack+0x21/0x24
[ 1432.810773][T17662]  dump_stack_lvl+0xee/0x150
[ 1432.815383][T17662]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1432.820421][T17662]  ? __kasan_check_write+0x14/0x20
[ 1432.825547][T17662]  dump_stack+0x15/0x24
[ 1432.829721][T17662]  should_fail_ex+0x3d4/0x520
[ 1432.834407][T17662]  ? getname_flags+0xb9/0x500
[ 1432.839111][T17662]  __should_failslab+0xac/0xf0
[ 1432.843890][T17662]  should_failslab+0x9/0x20
[ 1432.848425][T17662]  kmem_cache_alloc+0x3b/0x330
[ 1432.853206][T17662]  getname_flags+0xb9/0x500
[ 1432.857733][T17662]  getname+0x19/0x20
[ 1432.861644][T17662]  do_sys_openat2+0xcb/0x7e0
[ 1432.866263][T17662]  ? __kasan_check_write+0x14/0x20
[ 1432.871461][T17662]  ? do_sys_open+0xe0/0xe0
[ 1432.875929][T17662]  ? ksys_write+0x1eb/0x240
[ 1432.880466][T17662]  ? __cfi_ksys_write+0x10/0x10
[ 1432.885358][T17662]  __x64_sys_openat+0x136/0x160
[ 1432.890238][T17662]  x64_sys_call+0x783/0x9a0
[ 1432.894762][T17662]  do_syscall_64+0x4c/0xa0
[ 1432.899203][T17662]  ? clear_bhb_loop+0x30/0x80
[ 1432.903888][T17662]  ? clear_bhb_loop+0x30/0x80
[ 1432.908575][T17662]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1432.914481][T17662] RIP: 0033:0x7fa295b8e9a9
[ 1432.918924][T17662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1432.938539][T17662] RSP: 002b:00007fa2969d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1432.946961][T17662] RAX: ffffffffffffffda RBX: 00007fa295db6160 RCX: 00007fa295b8e9a9
[ 1432.954952][T17662] RDX: 0000000000000002 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 1432.962928][T17662] RBP: 00007fa2969d8090 R08: 0000000000000000 R09: 0000000000000000
[ 1432.970908][T17662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1432.978890][T17662] R13: 0000000000000000 R14: 00007fa295db6160 R15: 00007ffca324aeb8
[ 1432.986873][T17662]  </TASK>
[ 1433.224567][T17668] 9p: Unknown access argument 18446744073709551615: -34
[ 1433.236375][T17674] loop4: detected capacity change from 0 to 512
[ 1433.263237][  T377] usb 1-1: new full-speed USB device number 122 using dummy_hcd
[ 1433.273732][T17674] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1433.283327][T17674] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1433.300804][T17674] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.4823: path /355/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1433.363194][  T744] usb 3-1: new full-speed USB device number 103 using dummy_hcd
[ 1433.544624][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1433.555542][  T744] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1433.568701][  T744] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1433.614759][  T744] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1433.661571][  T744] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1433.686935][T17685] loop4: detected capacity change from 0 to 512
[ 1433.693493][  T744] usb 3-1: Manufacturer: syz
[ 1433.699229][  T744] usb 3-1: SerialNumber: syz
[ 1433.704850][  T744] usb 3-1: config 0 descriptor??
[ 1433.706189][T17685] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1433.710232][T17665] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1433.718870][T17685] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1433.727385][  T744] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input132
[ 1433.737807][  T377] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1433.757581][  T377] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1433.769950][T17685] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.4825: path /356/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1433.789646][  T377] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1433.798773][  T377] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1433.806930][  T377] usb 1-1: Manufacturer: syz
[ 1433.811606][  T377] usb 1-1: SerialNumber: syz
[ 1433.821592][  T377] usb 1-1: config 0 descriptor??
[ 1433.826972][T17649] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1433.835501][  T377] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input133
[ 1433.877004][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1433.950229][T17665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1433.959158][T17665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1433.972804][T17665] loop2: detected capacity change from 0 to 512
[ 1433.981141][T17665] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1434.049802][T17649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1434.073682][T17649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1434.115433][T17649] loop0: detected capacity change from 0 to 512
[ 1434.126178][T17649] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1434.450471][T17705] overlayfs: failed to resolve './bus': -2
[ 1437.732131][  T744] usb 1-1: USB disconnect, device number 122
[ 1437.742905][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1438.160211][T17709] loop3: detected capacity change from 0 to 256
[ 1438.169069][T17709] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1438.199001][T17709] FAT-fs (loop3): Directory bread(block 64) failed
[ 1438.205719][T17709] FAT-fs (loop3): Directory bread(block 65) failed
[ 1438.212439][T17709] FAT-fs (loop3): Directory bread(block 66) failed
[ 1438.219052][T17709] FAT-fs (loop3): Directory bread(block 67) failed
[ 1438.225797][T17709] FAT-fs (loop3): Directory bread(block 68) failed
[ 1438.232370][T17709] FAT-fs (loop3): Directory bread(block 69) failed
[ 1438.238957][T17709] FAT-fs (loop3): Directory bread(block 70) failed
[ 1438.245581][T17709] FAT-fs (loop3): Directory bread(block 71) failed
[ 1438.252150][T17709] FAT-fs (loop3): Directory bread(block 72) failed
[ 1438.258720][T17709] FAT-fs (loop3): Directory bread(block 73) failed
[ 1438.341507][T17717] kernel profiling enabled (shift: 5)
[ 1438.369186][T12768] usb 3-1: USB disconnect, device number 103
[ 1438.414629][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1438.436625][T17720] 9p: Unknown access argument 18446744073709551615: -34
[ 1438.459003][T17701] loop4: detected capacity change from 0 to 40427
[ 1438.459375][T17725] 9pnet_fd: Insufficient options for proto=fd
[ 1438.466536][T17701] F2FS-fs (loop4): Unrecognized mount option "compres3_cache" or missing value
[ 1438.598001][T17732] loop3: detected capacity change from 0 to 512
[ 1438.616143][T17732] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1438.625188][T17732] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1438.700213][T17732] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.4839: path /388/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1438.733253][  T744] usb 1-1: new full-speed USB device number 123 using dummy_hcd
[ 1438.776075][T17679] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[ 1438.845041][T17701] device pim6reg1 entered promiscuous mode
[ 1438.955202][  T744] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1438.970233][  T744] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1438.990267][  T744] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1439.009422][  T744] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1439.018551][  T744] usb 1-1: Manufacturer: syz
[ 1439.023828][  T744] usb 1-1: SerialNumber: syz
[ 1439.031916][  T744] usb 1-1: config 0 descriptor??
[ 1439.044148][T17715] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1439.080621][  T744] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input134
[ 1439.101063][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1439.197819][T11600] usb 6-1: new full-speed USB device number 111 using dummy_hcd
[ 1439.544745][T17715] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1439.553446][T17715] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1439.566570][T17715] loop0: detected capacity change from 0 to 512
[ 1439.575363][T17715] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1439.603179][    T6] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1439.679042][T11600] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1439.690098][T11600] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1439.702157][T11600] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1439.711267][T11600] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1439.719335][T11600] usb 6-1: Manufacturer: syz
[ 1439.724010][T11600] usb 6-1: SerialNumber: syz
[ 1439.731396][T11600] usb 6-1: config 0 descriptor??
[ 1439.737507][T17738] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1439.751841][T11600] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input135
[ 1439.972201][T17738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1439.985096][T17738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1440.006688][T17738] loop5: detected capacity change from 0 to 512
[ 1440.029068][    T6] usb 4-1: Using ep0 maxpacket: 32
[ 1440.035587][    T6] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1440.039806][T17738] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1440.046861][    T6] usb 4-1: config 0 has no interface number 0
[ 1440.066002][    T6] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1440.079377][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1440.091588][    T6] usb 4-1: Product: syz
[ 1440.097605][    T6] usb 4-1: Manufacturer: syz
[ 1440.104319][    T6] usb 4-1: SerialNumber: syz
[ 1440.179496][    T6] usb 4-1: config 0 descriptor??
[ 1440.186965][    T6] smsc95xx v2.0.0
[ 1440.283742][T17760] overlayfs: failed to resolve './bus': -2
[ 1440.589207][   T28] audit: type=1400 audit(1753567666.814:421): avc:  denied  { create } for  pid=17761 comm="syz.2.4845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1440.880351][T17763] FAULT_INJECTION: forcing a failure.
[ 1440.880351][T17763] name failslab, interval 1, probability 0, space 0, times 0
[ 1440.895016][T17763] CPU: 0 PID: 17763 Comm: syz.2.4845 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1440.904974][T17763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1440.915049][T17763] Call Trace:
[ 1440.918359][T17763]  <TASK>
[ 1440.921304][T17763]  __dump_stack+0x21/0x24
[ 1440.925672][T17763]  dump_stack_lvl+0xee/0x150
[ 1440.930292][T17763]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1440.935354][T17763]  ? __kasan_check_write+0x14/0x20
[ 1440.940501][T17763]  dump_stack+0x15/0x24
[ 1440.944685][T17763]  should_fail_ex+0x3d4/0x520
[ 1440.949390][T17763]  ? getname_flags+0xb9/0x500
[ 1440.954094][T17763]  __should_failslab+0xac/0xf0
[ 1440.958895][T17763]  should_failslab+0x9/0x20
[ 1440.963432][T17763]  kmem_cache_alloc+0x3b/0x330
[ 1440.968219][T17763]  getname_flags+0xb9/0x500
[ 1440.972747][T17763]  getname+0x19/0x20
[ 1440.976665][T17763]  do_sys_openat2+0xcb/0x7e0
[ 1440.981276][T17763]  ? __kasan_check_write+0x14/0x20
[ 1440.986409][T17763]  ? do_sys_open+0xe0/0xe0
[ 1440.990872][T17763]  ? ksys_write+0x1eb/0x240
[ 1440.995416][T17763]  ? __kasan_check_write+0x14/0x20
[ 1441.000562][T17763]  __x64_sys_open+0x11c/0x140
[ 1441.005271][T17763]  x64_sys_call+0x97b/0x9a0
[ 1441.009789][T17763]  do_syscall_64+0x4c/0xa0
[ 1441.014256][T17763]  ? clear_bhb_loop+0x30/0x80
[ 1441.018951][T17763]  ? clear_bhb_loop+0x30/0x80
[ 1441.023644][T17763]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1441.029564][T17763] RIP: 0033:0x7ff47478e9a9
[ 1441.033990][T17763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1441.053608][T17763] RSP: 002b:00007ff475669038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1441.062036][T17763] RAX: ffffffffffffffda RBX: 00007ff4749b6080 RCX: 00007ff47478e9a9
[ 1441.070020][T17763] RDX: 0000000000000000 RSI: 00000000001a1342 RDI: 0000200000000000
[ 1441.078003][T17763] RBP: 00007ff475669090 R08: 0000000000000000 R09: 0000000000000000
[ 1441.085980][T17763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1441.093959][T17763] R13: 0000000000000000 R14: 00007ff4749b6080 R15: 00007ffdbf229b48
[ 1441.101967][T17763]  </TASK>
[ 1442.648448][T17765] loop3: detected capacity change from 0 to 16
[ 1442.664715][T17765] erofs: (device loop3): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1442.764809][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1442.856630][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1442.887464][ T1513] usb 1-1: USB disconnect, device number 123
[ 1442.950945][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1443.097648][T17777] loop0: detected capacity change from 0 to 2048
[ 1443.104456][T17777] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[ 1443.755785][T17777] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4848'.
[ 1443.767406][T17777] loop0: detected capacity change from 0 to 256
[ 1443.774147][T17777] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿd


" or missing value
[ 1443.789500][  T695] usb 6-1: USB disconnect, device number 111
[ 1443.892212][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1443.963320][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1444.054018][    T6] smsc95xx: probe of 4-1:0.67 failed with error -71
[ 1444.061654][    T6] usb 4-1: USB disconnect, device number 108
[ 1445.279894][T17787] loop4: detected capacity change from 0 to 512
[ 1445.295138][T17787] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1445.304427][T17787] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1445.316270][T17787] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.4852: path /363/file1: bad entry in directory: inode out of bounds - offset=0, inode=1024, rec_len=12, size=4096 fake=1
[ 1445.376883][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1446.293152][    T6] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1446.343250][  T695] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 1446.583200][T11600] usb 1-1: new full-speed USB device number 124 using dummy_hcd
[ 1446.710026][    T6] usb 4-1: Using ep0 maxpacket: 32
[ 1446.716421][    T6] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1446.724604][    T6] usb 4-1: config 0 has no interface number 0
[ 1446.732420][    T6] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1446.741650][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1446.749706][  T695] usb 6-1: Using ep0 maxpacket: 32
[ 1446.755024][    T6] usb 4-1: Product: syz
[ 1446.759214][    T6] usb 4-1: Manufacturer: syz
[ 1446.763945][    T6] usb 4-1: SerialNumber: syz
[ 1446.769132][  T695] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1446.773153][  T744] usb 3-1: new full-speed USB device number 104 using dummy_hcd
[ 1446.777470][    T6] usb 4-1: config 0 descriptor??
[ 1446.789837][  T695] usb 6-1: config 0 has no interface number 0
[ 1446.797106][    T6] smsc95xx v2.0.0
[ 1446.801331][  T695] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1446.810473][  T695] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1446.818506][  T695] usb 6-1: Product: syz
[ 1446.822675][  T695] usb 6-1: Manufacturer: syz
[ 1446.824355][T11600] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1446.827292][  T695] usb 6-1: SerialNumber: syz
[ 1446.838703][T11600] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1446.843774][  T695] usb 6-1: config 0 descriptor??
[ 1446.855265][T11600] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1446.859580][  T695] smsc95xx v2.0.0
[ 1446.868233][T11600] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1446.879626][T11600] usb 1-1: Manufacturer: syz
[ 1446.884307][T11600] usb 1-1: SerialNumber: syz
[ 1446.889548][T11600] usb 1-1: config 0 descriptor??
[ 1446.894893][T17813] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1446.903205][T11600] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input136
[ 1446.964284][  T744] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1446.975370][  T744] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1446.987291][  T744] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1446.997786][  T744] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1447.005886][  T744] usb 3-1: Manufacturer: syz
[ 1447.010547][  T744] usb 3-1: SerialNumber: syz
[ 1447.015898][  T744] usb 3-1: config 0 descriptor??
[ 1447.021194][T17817] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[ 1447.029514][  T744] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input137
[ 1447.115065][T17813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1447.123641][T17813] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1447.136473][T17813] loop0: detected capacity change from 0 to 512
[ 1447.144971][T17813] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1447.311913][T17817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1447.320994][T17817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1447.382128][T17825] loop3: detected capacity change from 0 to 16
[ 1447.382349][T17817] loop2: detected capacity change from 0 to 512
[ 1447.394781][T17825] erofs: (device loop3): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1447.738951][T17827] loop5: detected capacity change from 0 to 16
[ 1447.820797][T17827] erofs: (device loop5): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1447.840960][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1447.852071][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1447.861688][T17817] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1448.084228][  T695] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1448.183567][  T695] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1449.066560][    T6] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1449.097505][  T695] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1449.110943][    T6] smsc95xx: probe of 4-1:0.67 failed with error -71
[ 1449.117839][  T695] smsc95xx: probe of 6-1:0.67 failed with error -71
[ 1449.135206][    T6] usb 4-1: USB disconnect, device number 109
[ 1449.144568][  T695] usb 6-1: USB disconnect, device number 112
[ 1449.507806][  T695] usb 1-1: USB disconnect, device number 124
[ 1449.607954][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1450.773211][T17858] loop3: detected capacity change from 0 to 256
[ 1450.859018][T17858] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1450.906454][T17858] FAT-fs (loop3): Directory bread(block 64) failed
[ 1450.913140][T17858] FAT-fs (loop3): Directory bread(block 65) failed
[ 1450.919731][T17858] FAT-fs (loop3): Directory bread(block 66) failed
[ 1450.926346][T17858] FAT-fs (loop3): Directory bread(block 67) failed
[ 1450.932905][T17858] FAT-fs (loop3): Directory bread(block 68) failed
[ 1450.939457][T17858] FAT-fs (loop3): Directory bread(block 69) failed
[ 1450.946054][T17858] FAT-fs (loop3): Directory bread(block 70) failed
[ 1450.952588][T17858] FAT-fs (loop3): Directory bread(block 71) failed
[ 1450.959164][T17858] FAT-fs (loop3): Directory bread(block 72) failed
[ 1450.965701][T17858] FAT-fs (loop3): Directory bread(block 73) failed
[ 1451.840491][T11600] usb 3-1: USB disconnect, device number 104
[ 1451.923418][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1451.974955][T17871] loop4: detected capacity change from 0 to 128
[ 1451.983442][T17871] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1451.992299][T17871] ext4 filesystem being mounted at /372/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1456.674283][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1457.113248][  T931] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1457.323308][  T931] usb 3-1: Using ep0 maxpacket: 32
[ 1457.330809][  T931] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[ 1457.340701][  T931] usb 3-1: config 0 has no interface number 0
[ 1457.350565][  T931] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1457.361181][  T931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1457.370028][  T931] usb 3-1: Product: syz
[ 1457.375264][  T931] usb 3-1: Manufacturer: syz
[ 1457.379985][  T931] usb 3-1: SerialNumber: syz
[ 1457.466365][  T931] usb 3-1: config 0 descriptor??
[ 1457.472221][  T931] smsc95xx v2.0.0
[ 1458.083155][T12768] usb 6-1: new high-speed USB device number 113 using dummy_hcd
[ 1458.116856][T17929] loop2: detected capacity change from 0 to 16
[ 1458.123666][T17929] erofs: (device loop2): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1458.187681][  T931] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1458.198625][  T931] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1458.213217][  T695] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1458.268502][T12768] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1458.278818][T12768] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1458.288531][T12768] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1458.297761][T12768] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1458.305951][T12768] usb 6-1: SerialNumber: syz
[ 1458.404207][  T695] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1458.414423][  T695] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1458.424099][  T695] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1458.433232][  T695] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1458.441279][  T695] usb 1-1: SerialNumber: syz
[ 1458.515109][T12768] usb 6-1: 0:2 : does not exist
[ 1458.521426][T12768] usb 6-1: USB disconnect, device number 113
[ 1458.650136][  T695] usb 1-1: 0:2 : does not exist
[ 1458.656579][  T695] usb 1-1: USB disconnect, device number 125
[ 1458.923179][  T390] usb 4-1: new full-speed USB device number 110 using dummy_hcd
[ 1459.104563][  T390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1459.116077][  T390] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1459.129107][  T390] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1459.138361][  T390] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1459.146490][  T390] usb 4-1: Manufacturer: syz
[ 1459.151152][  T390] usb 4-1: SerialNumber: syz
[ 1459.158078][  T390] usb 4-1: config 0 descriptor??
[ 1459.163536][T17931] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1459.221679][  T390] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input138
[ 1459.403308][   T24] usb 6-1: new full-speed USB device number 114 using dummy_hcd
[ 1459.510280][T17931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1459.518862][T17931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1459.532342][T17931] loop3: detected capacity change from 0 to 512
[ 1459.541342][T17931] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1459.634113][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1459.645182][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1459.657149][   T24] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1459.666281][   T24] usb 6-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1459.695509][  T931] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1459.706487][   T24] usb 6-1: Manufacturer: syz
[ 1459.711186][   T24] usb 6-1: SerialNumber: syz
[ 1459.716157][  T931] smsc95xx: probe of 3-1:0.67 failed with error -71
[ 1459.734441][T17944] overlayfs: failed to resolve './bus': -2
[ 1459.917746][   T24] usb 6-1: config 0 descriptor??
[ 1459.926003][  T931] usb 3-1: USB disconnect, device number 105
[ 1459.932392][T17936] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1459.984283][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input139
[ 1460.822190][T17936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1460.830798][T17936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1460.843056][T17936] loop5: detected capacity change from 0 to 512
[ 1460.851398][T17936] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1462.572991][T17968] overlayfs: failed to resolve './bus': -2
[ 1463.128592][  T931] usb 4-1: USB disconnect, device number 110
[ 1463.137687][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1463.162012][T17976] device vti0 entered promiscuous mode
[ 1463.203219][T12768] usb 5-1: new full-speed USB device number 100 using dummy_hcd
[ 1464.178818][T17979] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1464.179291][T11552] EXT4-fs (loop5): unmounting filesystem.
[ 1464.201905][  T390] usb 6-1: USB disconnect, device number 114
[ 1464.303858][   T24] usb 1-1: new full-speed USB device number 126 using dummy_hcd
[ 1464.319178][T17990] FAULT_INJECTION: forcing a failure.
[ 1464.319178][T17990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1464.332659][T17990] CPU: 1 PID: 17990 Comm: syz.3.4918 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1464.342592][T17990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1464.352651][T17990] Call Trace:
[ 1464.355928][T17990]  <TASK>
[ 1464.358857][T17990]  __dump_stack+0x21/0x24
[ 1464.363193][T17990]  dump_stack_lvl+0xee/0x150
[ 1464.367783][T17990]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1464.372809][T17990]  dump_stack+0x15/0x24
[ 1464.376968][T17990]  should_fail_ex+0x3d4/0x520
[ 1464.381729][T17990]  should_fail+0xb/0x10
[ 1464.385900][T17990]  should_fail_usercopy+0x1a/0x20
[ 1464.390925][T17990]  _copy_from_user+0x1e/0xc0
[ 1464.395517][T17990]  __sys_bpf+0x277/0x780
[ 1464.399864][T17990]  ? bpf_link_show_fdinfo+0x320/0x320
[ 1464.405243][T17990]  ? __cfi_ksys_write+0x10/0x10
[ 1464.410098][T17990]  ? debug_smp_processor_id+0x17/0x20
[ 1464.415470][T17990]  __x64_sys_bpf+0x7c/0x90
[ 1464.419943][T17990]  x64_sys_call+0x488/0x9a0
[ 1464.424446][T17990]  do_syscall_64+0x4c/0xa0
[ 1464.428870][T17990]  ? clear_bhb_loop+0x30/0x80
[ 1464.433561][T17990]  ? clear_bhb_loop+0x30/0x80
[ 1464.438236][T17990]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1464.444115][T17990] RIP: 0033:0x7ffaff78e9a9
[ 1464.448521][T17990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1464.468118][T17990] RSP: 002b:00007ffb006b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1464.476547][T17990] RAX: ffffffffffffffda RBX: 00007ffaff9b5fa0 RCX: 00007ffaff78e9a9
[ 1464.484511][T17990] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000011
[ 1464.492471][T17990] RBP: 00007ffb006b4090 R08: 0000000000000000 R09: 0000000000000000
[ 1464.500437][T17990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1464.508400][T17990] R13: 0000000000000000 R14: 00007ffaff9b5fa0 R15: 00007ffc5df91848
[ 1464.516376][T17990]  </TASK>
[ 1464.655643][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1464.772182][T12768] usb 5-1: device not accepting address 100, error -71
[ 1464.803643][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1464.836808][   T24] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1464.845918][   T24] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1464.853930][   T24] usb 1-1: Manufacturer: syz
[ 1464.858535][   T24] usb 1-1: SerialNumber: syz
[ 1464.863851][   T24] usb 1-1: config 0 descriptor??
[ 1464.869101][T17977] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1464.877273][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input140
[ 1465.068302][T17999] loop2: detected capacity change from 0 to 256
[ 1465.076907][T17999] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1465.122362][  T390] usb 6-1: new high-speed USB device number 115 using dummy_hcd
[ 1465.155098][T17999] FAT-fs (loop2): Directory bread(block 64) failed
[ 1465.161749][T17999] FAT-fs (loop2): Directory bread(block 65) failed
[ 1465.168475][T17999] FAT-fs (loop2): Directory bread(block 66) failed
[ 1465.175141][T17999] FAT-fs (loop2): Directory bread(block 67) failed
[ 1465.181902][T17999] FAT-fs (loop2): Directory bread(block 68) failed
[ 1465.188596][T17999] FAT-fs (loop2): Directory bread(block 69) failed
[ 1465.195386][T17999] FAT-fs (loop2): Directory bread(block 70) failed
[ 1465.201969][T17999] FAT-fs (loop2): Directory bread(block 71) failed
[ 1465.208771][T17999] FAT-fs (loop2): Directory bread(block 72) failed
[ 1465.215395][T17999] FAT-fs (loop2): Directory bread(block 73) failed
[ 1465.362245][T17977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1465.371657][T17977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1465.420755][T17977] loop0: detected capacity change from 0 to 512
[ 1465.470082][T17977] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1465.493231][  T390] usb 6-1: Using ep0 maxpacket: 32
[ 1465.500633][  T390] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1465.518350][  T390] usb 6-1: config 0 has no interface number 0
[ 1465.627777][  T390] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1465.637246][  T390] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1465.645983][  T390] usb 6-1: Product: syz
[ 1465.650531][  T390] usb 6-1: Manufacturer: syz
[ 1465.655983][  T390] usb 6-1: SerialNumber: syz
[ 1465.663799][  T390] usb 6-1: config 0 descriptor??
[ 1465.670657][  T390] smsc95xx v2.0.0
[ 1465.742569][T18005] overlayfs: failed to resolve './bus': -2
[ 1466.763158][T12768] usb 5-1: new full-speed USB device number 101 using dummy_hcd
[ 1466.885754][T18010] loop5: detected capacity change from 0 to 16
[ 1466.892704][T18010] erofs: (device loop5): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1466.935047][  T390] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1466.944472][T12768] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1466.946066][  T390] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1466.957253][T12768] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1466.978627][T12768] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1466.987969][T12768] usb 5-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1466.996295][T12768] usb 5-1: Manufacturer: syz
[ 1467.001252][T12768] usb 5-1: SerialNumber: syz
[ 1467.007102][T12768] usb 5-1: config 0 descriptor??
[ 1467.012557][T18001] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1467.021301][T12768] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input141
[ 1467.088524][  T390] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1467.099571][  T390] smsc95xx: probe of 6-1:0.67 failed with error -71
[ 1467.099654][T18012] FAULT_INJECTION: forcing a failure.
[ 1467.099654][T18012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1467.107668][  T390] usb 6-1: USB disconnect, device number 115
[ 1467.119734][T18012] CPU: 0 PID: 18012 Comm: syz.2.4923 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1467.135179][T18012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1467.145238][T18012] Call Trace:
[ 1467.148516][T18012]  <TASK>
[ 1467.151445][T18012]  __dump_stack+0x21/0x24
[ 1467.155778][T18012]  dump_stack_lvl+0xee/0x150
[ 1467.160370][T18012]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1467.165403][T18012]  dump_stack+0x15/0x24
[ 1467.169567][T18012]  should_fail_ex+0x3d4/0x520
[ 1467.174252][T18012]  should_fail+0xb/0x10
[ 1467.178430][T18012]  should_fail_usercopy+0x1a/0x20
[ 1467.183465][T18012]  _copy_from_user+0x1e/0xc0
[ 1467.188049][T18012]  __sys_bpf+0x277/0x780
[ 1467.192290][T18012]  ? bpf_link_show_fdinfo+0x320/0x320
[ 1467.197663][T18012]  ? __cfi_ksys_write+0x10/0x10
[ 1467.202518][T18012]  ? debug_smp_processor_id+0x17/0x20
[ 1467.207891][T18012]  __x64_sys_bpf+0x7c/0x90
[ 1467.212316][T18012]  x64_sys_call+0x488/0x9a0
[ 1467.216826][T18012]  do_syscall_64+0x4c/0xa0
[ 1467.221263][T18012]  ? clear_bhb_loop+0x30/0x80
[ 1467.225955][T18012]  ? clear_bhb_loop+0x30/0x80
[ 1467.230630][T18012]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1467.236535][T18012] RIP: 0033:0x7ff47478e9a9
[ 1467.240949][T18012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1467.260558][T18012] RSP: 002b:00007ff47568a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1467.268980][T18012] RAX: ffffffffffffffda RBX: 00007ff4749b5fa0 RCX: 00007ff47478e9a9
[ 1467.276975][T18012] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000012
[ 1467.284949][T18012] RBP: 00007ff47568a090 R08: 0000000000000000 R09: 0000000000000000
[ 1467.292943][T18012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1467.300911][T18012] R13: 0000000000000000 R14: 00007ff4749b5fa0 R15: 00007ffdbf229b48
[ 1467.308905][T18012]  </TASK>
[ 1467.330177][T18001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1467.338938][T18001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1467.353057][T18001] loop4: detected capacity change from 0 to 512
[ 1467.360592][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1467.360887][  T390] usb 1-1: USB disconnect, device number 126
[ 1467.377217][T18001] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1467.643204][T11600] usb 3-1: new full-speed USB device number 106 using dummy_hcd
[ 1467.924278][T11600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1467.960239][T11600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1468.245368][T11600] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1468.256627][T11600] usb 3-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1468.264976][T11600] usb 3-1: Manufacturer: syz
[ 1468.388592][T11600] usb 3-1: SerialNumber: syz
[ 1468.393961][T11600] usb 3-1: config 0 descriptor??
[ 1468.399301][T18016] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1468.407907][T11600] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input142
[ 1469.212684][T18016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1469.222871][T18016] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1469.239623][T18016] loop2: detected capacity change from 0 to 512
[ 1469.248028][T18016] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1469.825308][T18055] overlayfs: failed to resolve './bus': -2
[ 1470.075755][   T24] usb 5-1: USB disconnect, device number 101
[ 1470.148191][T11893] EXT4-fs (loop4): unmounting filesystem.
[ 1470.171784][T18065] loop3: detected capacity change from 0 to 128
[ 1470.182037][T18067] FAULT_INJECTION: forcing a failure.
[ 1470.182037][T18067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1470.195290][  T695] usb 1-1: new full-speed USB device number 127 using dummy_hcd
[ 1470.204389][T18065] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1470.214086][T18065] ext4 filesystem being mounted at /411/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1470.252963][T18067] CPU: 0 PID: 18067 Comm: syz.4.4938 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1470.262914][T18067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1470.272990][T18067] Call Trace:
[ 1470.276284][T18067]  <TASK>
[ 1470.279232][T18067]  __dump_stack+0x21/0x24
[ 1470.283581][T18067]  dump_stack_lvl+0xee/0x150
[ 1470.288187][T18067]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1470.293236][T18067]  dump_stack+0x15/0x24
[ 1470.297426][T18067]  should_fail_ex+0x3d4/0x520
[ 1470.302124][T18067]  should_fail+0xb/0x10
[ 1470.306310][T18067]  should_fail_usercopy+0x1a/0x20
[ 1470.311353][T18067]  _copy_from_user+0x1e/0xc0
[ 1470.315954][T18067]  __sys_bpf+0x277/0x780
[ 1470.320203][T18067]  ? bpf_link_show_fdinfo+0x320/0x320
[ 1470.325587][T18067]  ? __cfi_ksys_write+0x10/0x10
[ 1470.330464][T18067]  ? debug_smp_processor_id+0x17/0x20
[ 1470.335859][T18067]  __x64_sys_bpf+0x7c/0x90
[ 1470.340299][T18067]  x64_sys_call+0x488/0x9a0
[ 1470.344825][T18067]  do_syscall_64+0x4c/0xa0
[ 1470.349274][T18067]  ? clear_bhb_loop+0x30/0x80
[ 1470.353969][T18067]  ? clear_bhb_loop+0x30/0x80
[ 1470.358661][T18067]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1470.364579][T18067] RIP: 0033:0x7fa295b8e9a9
[ 1470.369006][T18067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1470.388630][T18067] RSP: 002b:00007fa296a1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1470.397091][T18067] RAX: ffffffffffffffda RBX: 00007fa295db5fa0 RCX: 00007fa295b8e9a9
[ 1470.405077][T18067] RDX: 0000000000000020 RSI: 0000200000000900 RDI: 0000000000000002
[ 1470.413076][T18067] RBP: 00007fa296a1a090 R08: 0000000000000000 R09: 0000000000000000
[ 1470.421072][T18067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1470.429058][T18067] R13: 0000000000000000 R14: 00007fa295db5fa0 R15: 00007ffca324aeb8
[ 1470.437057][T18067]  </TASK>
[ 1470.564014][  T695] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1470.575685][  T695] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1470.998234][  T695] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1471.091723][  T695] usb 1-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1471.099866][  T695] usb 1-1: Manufacturer: syz
[ 1471.104742][  T695] usb 1-1: SerialNumber: syz
[ 1471.111686][  T695] usb 1-1: config 0 descriptor??
[ 1471.117803][T18052] raw-gadget.4 gadget.0: fail, usb_ep_enable returned -22
[ 1471.131481][  T695] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input143
[ 1471.236885][T18077] loop4: detected capacity change from 0 to 40427
[ 1471.245229][T18077] F2FS-fs (loop4): invalid crc value
[ 1471.251737][T18077] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1471.297381][T18077] F2FS-fs (loop4): Start checkpoint disabled!
[ 1471.304871][T18077] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1471.359791][T18052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1471.368377][T18077] F2FS-fs (loop4): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[ 1471.375174][T18052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1471.454119][T18052] loop0: detected capacity change from 0 to 512
[ 1471.489149][   T28] audit: type=1400 audit(1753567697.714:422): avc:  denied  { mounton } for  pid=18073 comm="syz.4.4940" path="/382/file0/bus" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1471.582640][   T28] audit: type=1400 audit(1753567697.744:423): avc:  denied  { create } for  pid=18073 comm="syz.4.4940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[ 1471.606139][ T7391] kworker/u4:2: attempt to access beyond end of device
[ 1471.606139][ T7391] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[ 1471.642305][T18052] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1472.234607][T11506] EXT4-fs (loop3): unmounting filesystem.
[ 1472.269855][  T377] usb 3-1: USB disconnect, device number 106
[ 1472.337592][T11007] EXT4-fs (loop2): unmounting filesystem.
[ 1473.954379][  T695] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1474.137552][   T28] audit: type=1400 audit(1753567700.364:424): avc:  denied  { map } for  pid=18105 comm="syz.4.4951" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1474.286047][T11600] usb 1-1: USB disconnect, device number 127
[ 1474.575629][T11642] EXT4-fs (loop0): unmounting filesystem.
[ 1474.713121][  T390] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1474.873207][  T390] usb 5-1: device descriptor read/64, error -71
[ 1474.903126][  T695] usb 4-1: Using ep0 maxpacket: 32
[ 1474.909420][  T695] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1474.917599][  T695] usb 4-1: config 0 has no interface number 0
[ 1474.925100][  T695] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1474.934208][  T695] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1474.942203][  T695] usb 4-1: Product: syz
[ 1474.946529][  T695] usb 4-1: Manufacturer: syz
[ 1474.951143][  T695] usb 4-1: SerialNumber: syz
[ 1474.956417][  T695] usb 4-1: config 0 descriptor??
[ 1474.962009][  T695] smsc95xx v2.0.0
[ 1475.092167][T11600] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1475.163173][  T390] usb 5-1: device descriptor read/64, error -71
[ 1475.273216][T11600] usb 1-1: Using ep0 maxpacket: 32
[ 1475.280492][T11600] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1475.290691][T11600] usb 1-1: config 0 has no interface number 0
[ 1475.300136][T11600] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1475.310192][T11600] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.318784][T11600] usb 1-1: Product: syz
[ 1475.323831][T11600] usb 1-1: Manufacturer: syz
[ 1475.328591][T11600] usb 1-1: SerialNumber: syz
[ 1475.337463][T11600] usb 1-1: config 0 descriptor??
[ 1475.345926][T11600] smsc95xx v2.0.0
[ 1475.433217][  T390] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1475.551560][T18123] loop3: detected capacity change from 0 to 16
[ 1475.565569][T18123] erofs: (device loop3): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1475.593284][  T390] usb 5-1: device descriptor read/64, error -71
[ 1475.665627][  T695] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1475.907876][T18114] loop0: detected capacity change from 0 to 16
[ 1475.910626][  T695] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1475.914878][T18114] erofs: (device loop0): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1476.682459][T11600] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1476.693601][T11600] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1476.708247][T11600] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1476.719382][T11600] smsc95xx: probe of 1-1:0.67 failed with error -71
[ 1476.727199][T11600] usb 1-1: USB disconnect, device number 2
[ 1476.904498][  T390] usb 5-1: device descriptor read/64, error -71
[ 1477.281439][  T390] usb usb5-port1: attempt power cycle
[ 1477.344809][T18135] 9pnet_fd: Insufficient options for proto=fd
[ 1477.409432][   T28] audit: type=1400 audit(1753567703.634:425): avc:  denied  { write } for  pid=18140 comm="syz.5.4963" path="socket:[79150]" dev="sockfs" ino=79150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1477.440902][T18147] 9pnet_fd: Insufficient options for proto=fd
[ 1477.523893][   T28] audit: type=1400 audit(1753567703.664:426): avc:  denied  { accept } for  pid=18140 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1477.551041][   T28] audit: type=1400 audit(1753567703.744:427): avc:  denied  { read } for  pid=18140 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1478.093183][  T390] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1478.135522][  T390] usb 5-1: config index 0 descriptor too short (expected 65426, got 146)
[ 1478.144410][  T390] usb 5-1: config 0 has too many interfaces: 255, using maximum allowed: 32
[ 1478.154240][  T390] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1478.165234][  T390] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 255
[ 1478.176538][  T390] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1478.186501][  T390] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1478.195219][  T390] usb 5-1: SerialNumber: syz
[ 1478.204105][  T390] usb 5-1: config 0 descriptor??
[ 1478.412829][  T390] usb 5-1: USB disconnect, device number 104
[ 1478.536943][  T695] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1478.549893][  T695] smsc95xx: probe of 4-1:0.67 failed with error -71
[ 1478.558277][  T695] usb 4-1: USB disconnect, device number 111
[ 1479.652096][T18169] loop2: detected capacity change from 0 to 256
[ 1479.658806][T18169] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1479.677387][T18169] FAT-fs (loop2): Directory bread(block 64) failed
[ 1479.684000][T18169] FAT-fs (loop2): Directory bread(block 65) failed
[ 1479.690559][T18169] FAT-fs (loop2): Directory bread(block 66) failed
[ 1479.697134][T18169] FAT-fs (loop2): Directory bread(block 67) failed
[ 1479.703683][T18169] FAT-fs (loop2): Directory bread(block 68) failed
[ 1479.710194][T18169] FAT-fs (loop2): Directory bread(block 69) failed
[ 1479.716750][T18169] FAT-fs (loop2): Directory bread(block 70) failed
[ 1479.723288][T18169] FAT-fs (loop2): Directory bread(block 71) failed
[ 1479.729833][T18169] FAT-fs (loop2): Directory bread(block 72) failed
[ 1479.736376][T18169] FAT-fs (loop2): Directory bread(block 73) failed
[ 1479.746481][    T6] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[ 1479.903175][  T695] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 1479.933150][    T6] usb 6-1: Using ep0 maxpacket: 32
[ 1479.939503][    T6] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1479.947873][    T6] usb 6-1: config 0 has no interface number 0
[ 1479.955706][    T6] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1479.964980][    T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1479.972979][    T6] usb 6-1: Product: syz
[ 1479.977385][    T6] usb 6-1: Manufacturer: syz
[ 1479.981997][    T6] usb 6-1: SerialNumber: syz
[ 1479.987606][    T6] usb 6-1: config 0 descriptor??
[ 1479.993492][    T6] smsc95xx v2.0.0
[ 1480.084184][  T695] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1480.094442][  T695] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1480.164925][T18177] 9pnet_fd: Insufficient options for proto=fd
[ 1480.238675][  T695] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1480.247830][  T695] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1480.256184][  T695] usb 4-1: SerialNumber: syz
[ 1480.264363][T18190] FAULT_INJECTION: forcing a failure.
[ 1480.264363][T18190] name failslab, interval 1, probability 0, space 0, times 0
[ 1480.277530][T18190] CPU: 0 PID: 18190 Comm: syz.4.4980 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1480.287451][T18190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1480.297503][T18190] Call Trace:
[ 1480.300774][T18190]  <TASK>
[ 1480.303697][T18190]  __dump_stack+0x21/0x24
[ 1480.308046][T18190]  dump_stack_lvl+0xee/0x150
[ 1480.312639][T18190]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1480.317662][T18190]  ? avc_has_perm+0x158/0x240
[ 1480.322333][T18190]  dump_stack+0x15/0x24
[ 1480.326505][T18190]  should_fail_ex+0x3d4/0x520
[ 1480.331198][T18190]  __should_failslab+0xac/0xf0
[ 1480.335963][T18190]  should_failslab+0x9/0x20
[ 1480.340474][T18190]  slab_pre_alloc_hook+0x30/0x1e0
[ 1480.345497][T18190]  ? __kasan_check_write+0x14/0x20
[ 1480.350619][T18190]  kmem_cache_alloc_lru+0x49/0x280
[ 1480.355730][T18190]  ? sock_alloc_inode+0x28/0xc0
[ 1480.360581][T18190]  sock_alloc_inode+0x28/0xc0
[ 1480.365264][T18190]  ? __cfi_sock_alloc_inode+0x10/0x10
[ 1480.370634][T18190]  new_inode_pseudo+0x70/0x1f0
[ 1480.375389][T18190]  __sock_create+0x12c/0x7c0
[ 1480.380073][T18190]  __sys_socketpair+0x1a1/0x5b0
[ 1480.384924][T18190]  __x64_sys_socketpair+0x9b/0xb0
[ 1480.389944][T18190]  x64_sys_call+0x6e/0x9a0
[ 1480.394354][T18190]  do_syscall_64+0x4c/0xa0
[ 1480.398787][T18190]  ? clear_bhb_loop+0x30/0x80
[ 1480.403457][T18190]  ? clear_bhb_loop+0x30/0x80
[ 1480.408129][T18190]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1480.413157][  T390] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1480.414015][T18190] RIP: 0033:0x7fa295b8e9a9
[ 1480.425892][T18190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1480.445503][T18190] RSP: 002b:00007fa296a1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1480.453906][T18190] RAX: ffffffffffffffda RBX: 00007fa295db5fa0 RCX: 00007fa295b8e9a9
[ 1480.461976][T18190] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[ 1480.469958][T18190] RBP: 00007fa296a1a090 R08: 0000000000000000 R09: 0000000000000000
[ 1480.477935][T18190] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000001
[ 1480.485899][T18190] R13: 0000000000000000 R14: 00007fa295db5fa0 R15: 00007ffca324aeb8
[ 1480.493870][T18190]  </TASK>
[ 1480.501106][  T695] usb 4-1: 0:2 : does not exist
[ 1480.508128][  T695] usb 4-1: USB disconnect, device number 112
[ 1480.516854][T18190] socket: no more sockets
[ 1480.712810][T18197] loop5: detected capacity change from 0 to 16
[ 1481.353522][T18197] erofs: (device loop5): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1481.546420][    T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1481.557289][    T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1481.906277][  T390] usb 1-1: Using ep0 maxpacket: 32
[ 1481.912543][  T390] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1481.920971][  T390] usb 1-1: config 0 has no interface number 0
[ 1481.928339][T18212] 9pnet_fd: Insufficient options for proto=fd
[ 1481.929116][  T390] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1481.943619][  T390] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.951650][  T390] usb 1-1: Product: syz
[ 1481.955937][  T390] usb 1-1: Manufacturer: syz
[ 1481.960570][  T390] usb 1-1: SerialNumber: syz
[ 1481.966050][  T390] usb 1-1: config 0 descriptor??
[ 1481.973697][  T390] smsc95xx v2.0.0
[ 1482.113232][T11600] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1482.189992][T18214] 9pnet_fd: Insufficient options for proto=fd
[ 1482.294203][T11600] usb 4-1: config index 0 descriptor too short (expected 65426, got 146)
[ 1482.302768][T11600] usb 4-1: config 0 has too many interfaces: 255, using maximum allowed: 32
[ 1482.311546][T11600] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1482.321684][T11600] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 255
[ 1482.332408][T11600] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1482.341608][T11600] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1482.349756][T11600] usb 4-1: SerialNumber: syz
[ 1482.358424][T11600] usb 4-1: config 0 descriptor??
[ 1482.609489][    T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1482.627130][T11600] usb 4-1: USB disconnect, device number 113
[ 1483.380910][T18220] loop0: detected capacity change from 0 to 16
[ 1483.413310][T18220] erofs: (device loop0): erofs_read_superblock: dirblkbits 2 isn't supported
[ 1483.539947][  T390] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1483.559216][  T390] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1483.723166][   T24] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1483.810075][    T6] smsc95xx: probe of 6-1:0.67 failed with error -71
[ 1483.817666][    T6] usb 6-1: USB disconnect, device number 116
[ 1483.913126][   T24] usb 3-1: Using ep0 maxpacket: 16
[ 1483.919589][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1483.930618][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1483.940475][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1483.953549][   T24] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1483.962681][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1483.972080][   T24] usb 3-1: config 0 descriptor??
[ 1484.123160][T11600] usb 5-1: new full-speed USB device number 105 using dummy_hcd
[ 1484.255474][  T695] usb 4-1: new full-speed USB device number 114 using dummy_hcd
[ 1484.886449][   T28] audit: type=1400 audit(1753567711.044:428): avc:  denied  { remount } for  pid=18223 comm="syz.2.4993" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1484.985047][  T390] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1484.998737][  T390] smsc95xx: probe of 1-1:0.67 failed with error -71
[ 1485.005689][T11600] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1485.017997][  T390] usb 1-1: USB disconnect, device number 3
[ 1485.023913][T11600] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1485.060044][T11600] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1485.220115][   T24] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[ 1485.227668][T11600] usb 5-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1485.236191][   T24] microsoft 0003:045E:07DA.000A: ignoring exceeding usage max
[ 1485.243878][T11600] usb 5-1: Manufacturer: syz
[ 1485.259408][T11600] usb 5-1: SerialNumber: syz
[ 1485.305964][   T24] ==================================================================
[ 1485.314080][   T24] BUG: KASAN: slab-out-of-bounds in mon_bin_event+0x1320/0x24f0
[ 1485.321839][   T24] Read of size 768 at addr ffff88811f884119 by task kworker/1:0/24
[ 1485.329749][   T24] 
[ 1485.332091][   T24] CPU: 1 PID: 24 Comm: kworker/1:0 Not tainted 6.1.145-syzkaller-00015-g2ff414a09808 #0
[ 1485.341820][   T24] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1485.351891][   T24] Workqueue: usb_hub_wq hub_event
[ 1485.357069][   T24] Call Trace:
[ 1485.360357][   T24]  <TASK>
[ 1485.363294][   T24]  __dump_stack+0x21/0x24
[ 1485.367666][   T24]  dump_stack_lvl+0xee/0x150
[ 1485.372294][   T24]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1485.377353][   T24]  ? get_perf_callchain+0x3b1/0x480
[ 1485.382585][   T24]  ? mon_bin_event+0x1320/0x24f0
[ 1485.387542][   T24]  print_address_description+0x71/0x210
[ 1485.393222][   T24]  print_report+0x4a/0x60
[ 1485.397572][   T24]  kasan_report+0x122/0x150
[ 1485.402091][   T24]  ? mon_bin_event+0x1320/0x24f0
[ 1485.407046][   T24]  ? mon_bin_event+0x1320/0x24f0
[ 1485.412110][   T24]  kasan_check_range+0x280/0x290
[ 1485.417071][   T24]  memcpy+0x2d/0x70
[ 1485.420900][   T24]  mon_bin_event+0x1320/0x24f0
[ 1485.425687][   T24]  ? mon_bin_complete+0x30/0x30
[ 1485.430551][   T24]  ? __schedule+0xb8f/0x14e0
[ 1485.435162][   T24]  ? kasan_save_alloc_info+0x25/0x30
[ 1485.440551][   T24]  ? __kasan_kmalloc+0x95/0xb0
[ 1485.445329][   T24]  ? __cfi_mon_bin_submit+0x10/0x10
[ 1485.450539][   T24]  mon_bin_submit+0x27/0x30
[ 1485.455054][   T24]  mon_submit+0x1a1/0x210
[ 1485.459394][   T24]  usb_hcd_submit_urb+0x129/0x1830
[ 1485.464598][   T24]  ? __driver_probe_device+0x198/0x280
[ 1485.470129][   T24]  ? __device_attach_driver+0x2e9/0x4a0
[ 1485.475746][   T24]  usb_submit_urb+0x122d/0x1900
[ 1485.480619][   T24]  ? __device_attach+0x2a2/0x400
[ 1485.485601][   T24]  usb_start_wait_urb+0x117/0x2f0
[ 1485.490651][   T24]  ? usb_api_blocking_completion+0xb0/0xb0
[ 1485.496480][   T24]  ? usb_alloc_urb+0x62/0x140
[ 1485.501179][   T24]  ? __kasan_check_write+0x14/0x20
[ 1485.506318][   T24]  usb_control_msg+0x241/0x3f0
[ 1485.511132][   T24]  usbhid_raw_request+0x453/0x580
[ 1485.516270][   T24]  ? __cfi_usbhid_raw_request+0x10/0x10
[ 1485.521835][   T24]  __hid_request+0x1e0/0x3a0
[ 1485.526526][   T24]  hidinput_connect+0x22c4/0x31b0
[ 1485.531583][   T24]  ? sysvec_reschedule_ipi+0x78/0x80
[ 1485.536923][   T24]  hid_connect+0x496/0x1960
[ 1485.541451][   T24]  ? usbhid_start+0x1e26/0x2450
[ 1485.546327][   T24]  ? usbhid_start+0x1a31/0x2450
[ 1485.551200][   T24]  ? __cfi_hid_connect+0x10/0x10
[ 1485.556167][   T24]  hid_hw_start+0xbf/0x150
[ 1485.560623][   T24]  ms_probe+0x190/0x460
[ 1485.564899][   T24]  ? __cfi_ms_probe+0x10/0x10
[ 1485.569603][   T24]  hid_device_probe+0x268/0x390
[ 1485.574467][   T24]  ? __cfi_hid_device_probe+0x10/0x10
[ 1485.579868][   T24]  really_probe+0x2cb/0x960
[ 1485.584393][   T24]  ? pm_runtime_barrier+0x161/0x1e0
[ 1485.589695][   T24]  __driver_probe_device+0x198/0x280
[ 1485.595014][   T24]  driver_probe_device+0x54/0x3e0
[ 1485.600077][   T24]  ? __device_attach_driver+0x2d3/0x4a0
[ 1485.605653][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1485.611064][   T24]  ? __cfi___device_attach_driver+0x10/0x10
[ 1485.616982][   T24]  bus_for_each_drv+0x183/0x210
[ 1485.621863][   T24]  ? preempt_schedule_thunk+0x16/0x18
[ 1485.627291][   T24]  ? __cfi_bus_for_each_drv+0x10/0x10
[ 1485.632694][   T24]  ? _raw_spin_unlock_irqrestore+0x6f/0x80
[ 1485.638550][   T24]  __device_attach+0x2a2/0x400
[ 1485.643355][   T24]  ? __kmem_cache_free+0xb7/0x1b0
[ 1485.648412][   T24]  ? device_attach+0x20/0x20
[ 1485.653043][   T24]  ? kfree+0x6f/0xf0
[ 1485.657004][   T24]  ? kobject_uevent_env+0x35d/0x730
[ 1485.662322][   T24]  device_initial_probe+0x1a/0x20
[ 1485.667395][   T24]  bus_probe_device+0xc0/0x1f0
[ 1485.672190][   T24]  device_add+0xb4d/0xef0
[ 1485.676629][   T24]  hid_add_device+0x38f/0x540
[ 1485.681327][   T24]  usbhid_probe+0xbb6/0xfa0
[ 1485.685849][   T24]  usb_probe_interface+0x610/0xaf0
[ 1485.690987][   T24]  ? __cfi_usb_probe_interface+0x10/0x10
[ 1485.696639][   T24]  really_probe+0x2cb/0x960
[ 1485.701175][   T24]  ? pm_runtime_barrier+0x161/0x1e0
[ 1485.706394][   T24]  __driver_probe_device+0x198/0x280
[ 1485.711709][   T24]  driver_probe_device+0x54/0x3e0
[ 1485.716758][   T24]  ? __device_attach_driver+0x2d3/0x4a0
[ 1485.722330][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1485.727737][   T24]  ? __cfi___device_attach_driver+0x10/0x10
[ 1485.733662][   T24]  bus_for_each_drv+0x183/0x210
[ 1485.738548][   T24]  ? __kasan_check_write+0x14/0x20
[ 1485.743701][   T24]  ? __cfi_bus_for_each_drv+0x10/0x10
[ 1485.749101][   T24]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1485.754934][   T24]  __device_attach+0x2a2/0x400
[ 1485.759725][   T24]  ? device_attach+0x20/0x20
[ 1485.764340][   T24]  ? kobject_uevent_env+0x35d/0x730
[ 1485.769581][   T24]  device_initial_probe+0x1a/0x20
[ 1485.774626][   T24]  bus_probe_device+0xc0/0x1f0
[ 1485.779401][   T24]  device_add+0xb4d/0xef0
[ 1485.783751][   T24]  usb_set_configuration+0x19c2/0x1f10
[ 1485.789216][   T24]  usb_generic_driver_probe+0x91/0x150
[ 1485.794742][   T24]  usb_probe_device+0x159/0x270
[ 1485.799594][   T24]  ? __cfi_usb_probe_device+0x10/0x10
[ 1485.804969][   T24]  really_probe+0x2cb/0x960
[ 1485.809472][   T24]  ? pm_runtime_barrier+0x161/0x1e0
[ 1485.814685][   T24]  __driver_probe_device+0x198/0x280
[ 1485.819988][   T24]  driver_probe_device+0x54/0x3e0
[ 1485.825012][   T24]  ? __device_attach_driver+0x2d3/0x4a0
[ 1485.830558][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1485.835923][   T24]  ? __cfi___device_attach_driver+0x10/0x10
[ 1485.841807][   T24]  bus_for_each_drv+0x183/0x210
[ 1485.846647][   T24]  ? __kasan_check_write+0x14/0x20
[ 1485.851751][   T24]  ? __cfi_bus_for_each_drv+0x10/0x10
[ 1485.857132][   T24]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 1485.862937][   T24]  __device_attach+0x2a2/0x400
[ 1485.867704][   T24]  ? device_attach+0x20/0x20
[ 1485.872294][   T24]  device_initial_probe+0x1a/0x20
[ 1485.877315][   T24]  bus_probe_device+0xc0/0x1f0
[ 1485.882077][   T24]  device_add+0xb4d/0xef0
[ 1485.886408][   T24]  usb_new_device+0xa70/0x1520
[ 1485.891167][   T24]  ? __cfi_usb_new_device+0x10/0x10
[ 1485.896360][   T24]  hub_event+0x2a5d/0x4680
[ 1485.900778][   T24]  ? __cfi_hub_event+0x10/0x10
[ 1485.905531][   T24]  ? __kasan_check_write+0x14/0x20
[ 1485.910636][   T24]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1485.915670][   T24]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 1485.921213][   T24]  ? bpf_prog_free_deferred+0x614/0x720
[ 1485.926823][   T24]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 1485.932208][   T24]  process_one_work+0x71f/0xc40
[ 1485.937067][   T24]  worker_thread+0xa29/0x11f0
[ 1485.941744][   T24]  kthread+0x281/0x320
[ 1485.945815][   T24]  ? __cfi_worker_thread+0x10/0x10
[ 1485.950937][   T24]  ? __cfi_kthread+0x10/0x10
[ 1485.955516][   T24]  ret_from_fork+0x1f/0x30
[ 1485.959931][   T24]  </TASK>
[ 1485.962943][   T24] 
[ 1485.965253][   T24] Allocated by task 24:
[ 1485.969392][   T24]  kasan_set_track+0x4b/0x70
[ 1485.973971][   T24]  kasan_save_alloc_info+0x25/0x30
[ 1485.979070][   T24]  __kasan_kmalloc+0x95/0xb0
[ 1485.983648][   T24]  __kmalloc+0xb1/0x1e0
[ 1485.987793][   T24]  __hid_request+0x9a/0x3a0
[ 1485.992287][   T24]  hidinput_connect+0x22c4/0x31b0
[ 1485.997309][   T24]  hid_connect+0x496/0x1960
[ 1486.001804][   T24]  hid_hw_start+0xbf/0x150
[ 1486.006209][   T24]  ms_probe+0x190/0x460
[ 1486.010371][   T24]  hid_device_probe+0x268/0x390
[ 1486.015210][   T24]  really_probe+0x2cb/0x960
[ 1486.019711][   T24]  __driver_probe_device+0x198/0x280
[ 1486.024992][   T24]  driver_probe_device+0x54/0x3e0
[ 1486.030009][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1486.035374][   T24]  bus_for_each_drv+0x183/0x210
[ 1486.040230][   T24]  __device_attach+0x2a2/0x400
[ 1486.044981][   T24]  device_initial_probe+0x1a/0x20
[ 1486.049995][   T24]  bus_probe_device+0xc0/0x1f0
[ 1486.054747][   T24]  device_add+0xb4d/0xef0
[ 1486.059064][   T24]  hid_add_device+0x38f/0x540
[ 1486.063730][   T24]  usbhid_probe+0xbb6/0xfa0
[ 1486.068249][   T24]  usb_probe_interface+0x610/0xaf0
[ 1486.073386][   T24]  really_probe+0x2cb/0x960
[ 1486.077895][   T24]  __driver_probe_device+0x198/0x280
[ 1486.083188][   T24]  driver_probe_device+0x54/0x3e0
[ 1486.088210][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1486.093577][   T24]  bus_for_each_drv+0x183/0x210
[ 1486.098411][   T24]  __device_attach+0x2a2/0x400
[ 1486.103178][   T24]  device_initial_probe+0x1a/0x20
[ 1486.108207][   T24]  bus_probe_device+0xc0/0x1f0
[ 1486.112962][   T24]  device_add+0xb4d/0xef0
[ 1486.117285][   T24]  usb_set_configuration+0x19c2/0x1f10
[ 1486.122757][   T24]  usb_generic_driver_probe+0x91/0x150
[ 1486.128213][   T24]  usb_probe_device+0x159/0x270
[ 1486.133060][   T24]  really_probe+0x2cb/0x960
[ 1486.137563][   T24]  __driver_probe_device+0x198/0x280
[ 1486.142846][   T24]  driver_probe_device+0x54/0x3e0
[ 1486.147866][   T24]  __device_attach_driver+0x2e9/0x4a0
[ 1486.153235][   T24]  bus_for_each_drv+0x183/0x210
[ 1486.158074][   T24]  __device_attach+0x2a2/0x400
[ 1486.162830][   T24]  device_initial_probe+0x1a/0x20
[ 1486.167851][   T24]  bus_probe_device+0xc0/0x1f0
[ 1486.172606][   T24]  device_add+0xb4d/0xef0
[ 1486.176929][   T24]  usb_new_device+0xa70/0x1520
[ 1486.181698][   T24]  hub_event+0x2a5d/0x4680
[ 1486.186117][   T24]  process_one_work+0x71f/0xc40
[ 1486.190957][   T24]  worker_thread+0xa29/0x11f0
[ 1486.195622][   T24]  kthread+0x281/0x320
[ 1486.199686][   T24]  ret_from_fork+0x1f/0x30
[ 1486.204095][   T24] 
[ 1486.206421][   T24] The buggy address belongs to the object at ffff88811f884118
[ 1486.206421][   T24]  which belongs to the cache kmalloc-8 of size 8
[ 1486.220108][   T24] The buggy address is located 1 bytes inside of
[ 1486.220108][   T24]  8-byte region [ffff88811f884118, ffff88811f884120)
[ 1486.233071][   T24] 
[ 1486.235381][   T24] The buggy address belongs to the physical page:
[ 1486.241784][   T24] page:ffffea00047e2100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11f884
[ 1486.252006][   T24] flags: 0x4000000000000200(slab|zone=1)
[ 1486.257654][   T24] raw: 4000000000000200 ffffea000469efc0 dead000000000002 ffff888100042300
[ 1486.266227][   T24] raw: 0000000000000000 0000000080660066 00000001ffffffff 0000000000000000
[ 1486.274795][   T24] page dumped because: kasan: bad access detected
[ 1486.281195][   T24] page_owner tracks the page as allocated
[ 1486.286891][   T24] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 2313, tgid 2306 (syz.3.577), ts 141405994273, free_ts 141404592164
[ 1486.305020][   T24]  post_alloc_hook+0x1f5/0x210
[ 1486.309841][   T24]  prep_new_page+0x1c/0x110
[ 1486.314331][   T24]  get_page_from_freelist+0x2c7b/0x2cf0
[ 1486.319864][   T24]  __alloc_pages+0x19e/0x3a0
[ 1486.324442][   T24]  alloc_slab_page+0x6e/0xf0
[ 1486.329033][   T24]  new_slab+0x98/0x3d0
[ 1486.333093][   T24]  ___slab_alloc+0x6f6/0xb50
[ 1486.337679][   T24]  __slab_alloc+0x5e/0xa0
[ 1486.342020][   T24]  __kmem_cache_alloc_node+0x203/0x2c0
[ 1486.347476][   T24]  __kmalloc_node_track_caller+0xa0/0x1e0
[ 1486.353236][   T24]  kstrdup_const+0x5a/0xa0
[ 1486.357698][   T24]  __kernfs_new_node+0x99/0x680
[ 1486.362564][   T24]  kernfs_new_node+0x150/0x260
[ 1486.367323][   T24]  kernfs_create_dir_ns+0x47/0x130
[ 1486.372428][   T24]  sysfs_create_dir_ns+0x11c/0x280
[ 1486.377556][   T24]  kobject_add_internal+0x6fc/0xc20
[ 1486.382744][   T24] page last free stack trace:
[ 1486.387406][   T24]  free_unref_page_prepare+0x742/0x750
[ 1486.392859][   T24]  free_unref_page+0x8f/0x530
[ 1486.397536][   T24]  __folio_put+0xac/0xe0
[ 1486.401820][   T24]  generic_pipe_buf_release+0xaf/0xd0
[ 1486.407190][   T24]  splice_direct_to_actor+0x788/0xb10
[ 1486.412602][   T24]  do_splice_direct+0x1b3/0x2c0
[ 1486.417457][   T24]  do_sendfile+0x5c6/0xeb0
[ 1486.421865][   T24]  __x64_sys_sendfile64+0x18f/0x1f0
[ 1486.427058][   T24]  x64_sys_call+0x62c/0x9a0
[ 1486.431563][   T24]  do_syscall_64+0x4c/0xa0
[ 1486.435987][   T24]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1486.441866][   T24] 
[ 1486.444173][   T24] Memory state around the buggy address:
[ 1486.449786][   T24]  ffff88811f884000: fa fc fc fc fc fa fc fc fc fc 00 fc fc fc fc fa
[ 1486.457837][   T24]  ffff88811f884080: fc fc fc fc fb fc fc fc fc fb fc fc fc fc fa fc
[ 1486.465894][   T24] >ffff88811f884100: fc fc fc 07 fc fc fc fc fa fc fc fc fc fa fc fc
[ 1486.473939][   T24]                             ^
[ 1486.478774][   T24]  ffff88811f884180: fc fc fa fc fc fc fc fb fc fc fc fc fa fc fc fc
[ 1486.486849][   T24]  ffff88811f884200: fc 04 fc fc fc fc fa fc fc fc fc fb fc fc fc fc
[ 1486.494896][   T24] ==================================================================
[ 1486.502939][   T24] Disabling lock debugging due to kernel taint
[ 1486.519631][   T28] audit: type=1400 audit(1753567712.744:429): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1486.522285][T11600] usb 5-1: config 0 descriptor??
[ 1486.547471][T18228] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1486.549192][   T28] audit: type=1400 audit(1753567712.774:430): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1486.576434][   T28] audit: type=1400 audit(1753567712.774:431): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1486.598410][   T28] audit: type=1400 audit(1753567712.774:432): avc:  denied  { add_name } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1486.617147][T11600] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input144
[ 1486.619787][  T695] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1486.631813][   T28] audit: type=1400 audit(1753567712.774:433): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1486.640234][  T695] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 123, setting to 64
[ 1486.660517][   T28] audit: type=1400 audit(1753567712.774:434): avc:  denied  { append open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1486.672750][  T695] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[ 1486.695057][   T28] audit: type=1400 audit(1753567712.774:435): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1486.703627][  T695] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[ 1486.734008][  T695] usb 4-1: Manufacturer: syz
[ 1486.738686][  T695] usb 4-1: SerialNumber: syz
[ 1486.744044][  T695] usb 4-1: config 0 descriptor??
[ 1486.749308][T18230] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[ 1486.757653][  T695] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input145
[ 1486.822902][  T695] usb 5-1: USB disconnect, device number 105
[ 1486.988033][T18230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1486.996610][T18230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1487.009476][T18230] loop3: detected capacity change from 0 to 512
[ 1487.018075][T18230] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1487.155280][T18244] overlayfs: failed to resolve './bus': -2
[ 1487.534539][   T24] microsoft 0003:045E:07DA.000A: No inputs registered, leaving
[ 1487.542901][   T24] microsoft 0003:045E:07DA.000A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1487.554538][   T24] microsoft 0003:045E:07DA.000A: no inputs found
[ 1487.562726][   T24] microsoft 0003:045E:07DA.000A: could not initialize ff, continuing anyway
[ 1487.573987][   T24] usb 3-1: USB disconnect, device number 107
[ 1488.202408][  T695] usb 4-1: USB disconnect, device number 114
[ 1488.209242][T11506] EXT4-fs (loop3): unmounting filesystem.