last executing test programs:

3m25.478503151s ago: executing program 0 (id=1466):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100008e88052086800095d8b6010203010902120001"], 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="900000002000010000000000000000000a8010000000000118000100050015000200000014000100ff020000000000007d8d77fd000000010500130001000000140002"], 0x90}}, 0x0)

3m23.39787866s ago: executing program 0 (id=1487):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000980)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@errors_continue}, {@errors_continue}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r7, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

3m20.981472351s ago: executing program 0 (id=1501):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000093c0)=[{{0x0, 0x0, 0x0}, 0xffff}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x6}], 0x3, 0x10000, 0x0)

3m20.061336244s ago: executing program 0 (id=1503):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x508, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sbNMmhR4AFbqUwoJWayfeNqp6oT1VCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMjQNSD4g7Ege4cSkHpAIrUIPEwchje+v8cWJ2Y7uNfz9pNG/m2fO9t6OZN/tZmRfAxLoZEUcRMRsR70TEQmd/0lni9fbS+tzHD++vHT+8v5ZEs/n2P5KsvrUver7T8lTnmPmI+P6bET9MTgX9Y0T94HB7tVIp73V2FRvV3WL94PDOVnV1s7xZ3imVVpZXll69+0rpyvr6QvXXH81FxG9/8+UP/3D0rR+3mjXfqevtx1Vqd33mUZyW6Yj47jCCjcFUpz+zj/Plx/oSVymNiM9FxIvZ9b8QU9nZPOnkafr2CFsHAAxDs7kQzYXebQDgukuzHFiSFjq5gPlI00KhncN7Lm6klVq9cXujtr+z3s6VLcZMurFVKS91coWLMZNsbE2Xl7Nyd7tSLp3avhsRz0bET3Nz2XZhrVZZH+eDDwBMsKdOjf//zrXHfwDgmst/UsyNsx0AwOjkx90AAGDkjP8AMHmM/wAweYz/ADB5jP8AMHmM/wAwUb731lutpXncef/1+rsH+9u1d++sl+vbher+WmGttrdb2KzVNrN39lQvO16lVttdfjn23ys2yvVGsX5weK9a299p3Mve632vPDOSXgEAF3n2hQ/+nETE0Wtz2RI97/u/dKx+ftitA4YpHXcDgLGZGncDgLE5O9sXMCnk44GeKXof9OzOnymc9v5Ah0/NGwqfPre++AT5f+AzTf4fJtfj5f89y8N18P/m//2fAK6PZjMx5z8ATBjP80BySX3v7/9LzZ6NwX7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGtpPluStNCZC3w+0rRQiHg6IhZjJtnYqpSXIuKZiPhTbibX2l42DygAfMalf0s683/dWnhp/nTtbO4/uWwdET/6+ds/e2+10dhbjphN/vlof+P9zv5SvxiLvxtyJwCAC3TH6e443vXxw/tr3WWU7fnojfbkoq24x52lXTMd09k6n+Uabvwr6Wy3tZ5Xpq4g/tGDiPjCef1PstzIYmfm09PxW7GfHmn89ET8NKtrr1v/Fp+/grbApPngjYjZ18+7/tK4ma3Pv/7z2R3qyXXvf8dn7n/po/vfVJ/7381BY7z8+++c2dlcaNc9iPjSdMRx9+A9959u/KRP/JcGjP+X57/yYr+65i8ibsV5/U9OxCo2qrvF+sHhna3q6mZ5s7xTKq0sryy9eveVUjHLURe7meqz/v7a7Wf6xW/1/0af+PlL+v/1Afv/y/++84OvXhD/m187//w/d0H81pj4jQHjr+b717Xir/fp/2Xn//aA8T/86+H6gB8FAEagfnC4vVqplPeGXUiHHyIrJBFHI+hOu5D71U/eHFWsJyzMRf/PXFClMKmFcd+ZgGH75KIfd0sAAAAAAAAAAAAAAIB+RvHnROPuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wIAAP//DxPT1w==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xb0)

3m20.00103801s ago: executing program 0 (id=1504):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000340)={[0xfffffffffffffffc]}, 0x8, 0x0)

3m19.704212947s ago: executing program 0 (id=1508):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, 0xfffffffffffffffe)

3m19.66548358s ago: executing program 32 (id=1508):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$BINDER_GET_EXTENDED_ERROR(r0, 0xc00c6211, 0xfffffffffffffffe)

2m12.290135508s ago: executing program 1 (id=2122):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53d070c0000002a9000070100f3ffa3000000000b0900d3fc48817a15"], 0x0}, 0x0)

2m9.99514784s ago: executing program 1 (id=2146):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x755, 0x2626, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x45}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f00000000c0)={0x40, 0xa, 0x45, {0x45, 0x22, "61639c545d2ce9daa7080030c686377369efa824c337939610aab1b0d2363bdd25b77c5bdfd51207b2908fceb485a8995d91251ffdff9ebab19ba6613600e553e3b274"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2m7.589077422s ago: executing program 1 (id=2166):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x203, 0x8401)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f00000000c0)={0xa1, 0x0, 0xd, 0x4}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

2m6.864751769s ago: executing program 1 (id=2168):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

2m6.777498227s ago: executing program 1 (id=2170):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400", @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace(0x8, 0x0)
socket$inet6(0xa, 0x3, 0x1)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
getgroups(0x0, &(0x7f00000001c0))
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
keyctl$setperm(0x5, 0x0, 0x21062437)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffff4, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2m6.756845659s ago: executing program 2 (id=2171):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000880)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r5, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000a40)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@errors_continue}, {@errors_continue}, {@block_validity}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r9 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r9, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

2m5.098509803s ago: executing program 1 (id=2173):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002222000000962313b31ce93ee90700ff000028370900be0083"], 0x0}, 0x0)

2m4.866150424s ago: executing program 33 (id=2173):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002222000000962313b31ce93ee90700ff000028370900be0083"], 0x0}, 0x0)

2m4.859931834s ago: executing program 2 (id=2178):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x4c, 0x18, {0x9, @media='udp\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000080}, 0x40010)

2m4.829242037s ago: executing program 2 (id=2180):
getgroups(0x2, &(0x7f0000000000)=[0xffffffffffffffff, <r0=>0xee00])
setresgid(r0, 0x0, 0xffffffffffffffff)
setresgid(0x0, 0x0, 0x0)

2m4.715323468s ago: executing program 2 (id=2182):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

2m4.642446394s ago: executing program 2 (id=2184):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{@nobh}, {@inode_readahead_blks}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x1, 0x0, 0xc}, {0xffffffff, 0x27, 0x0, 0xf254, 0x0, 0x1}]})

2m4.325210664s ago: executing program 2 (id=2186):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f00000002c0)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@discard}, {}, {@dmask={'dmask', 0x3d, 0x6}}, {@sys_tz}, {@keep_last_dots}, {@discard}, {@errors_continue}]}, 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x1188070, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

2m4.246450211s ago: executing program 34 (id=2186):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f00000002c0)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@discard}, {}, {@dmask={'dmask', 0x3d, 0x6}}, {@sys_tz}, {@keep_last_dots}, {@discard}, {@errors_continue}]}, 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x1188070, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

18.506425s ago: executing program 5 (id=2940):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

18.494833041s ago: executing program 5 (id=2941):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = dup2(r1, r2)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r5}, 0xfffffefa)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e0, &(0x7f00000003c0))
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lseek(r7, 0x8d0c, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)

15.828238827s ago: executing program 5 (id=2963):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$int_in(r1, 0x5452, &(0x7f0000000240)=0x7b94)
close_range(r0, 0xffffffffffffffff, 0x0)

15.669320992s ago: executing program 5 (id=2965):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000340)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c73686f72746e616d653d77696e39352c757466383d302c6572726f72733d636f6e74696e75652c666c7573682c646f733178666c6f7070792c726f6469722c636865636b3d72656c617865642c00f644111bec75d1acf37737b55a893f3948e6ba60b6ccd281faa215f94fe2aa36fbe1ac6d9a18e0977d1c6cb9e043ed3b0fbc55872d7c1284a59fc2cc25b9fdd1567f71c07db04f7f712e3c557a3cc5bcb722e1b5a0045ce5aff46a09b39058b220b4f0a3ee9eb38ff4d00acdb165b599fb974ee5"], 0x6, 0x2c7, &(0x7f00000004c0)="$eJzs3T1rZFUYB/DnTm7ujFpMCisRvKCF1bLZ1maC7IKYyiWFWmhwsyCZQUgg4AuOW9naWFj4CQTBD2LjNxBsBTtXWDhy33ZmssMks+xEzP5+zZ499/zvec6ZS3JT5OTjVyfH98q4/+Cr32MwyKI3ilE8zGInetH5JhaMvgsA4P/sYUrxV2qsk8siYrC5sgCADbrc9/981vzlSsoCADbo7vsfvLu3v3/7vbIcxJ3Jt2cH1U/21b/N9b378WmM4yhuxjAeRdQvCttRvy1UzTsppWleVnbijcn07KBKTj76tb3/3p8RdX43hrFTdz1+26jz7+zf3i0bc/lpVceL7fyjKn8rhvHy4/BC/taSfBwU8ebrc/XfiGH89kl8FuO4Vxcxy3+9W5Zvp+///vLDqrwqn03PDvr1uJm0dcUfDQAAAAAAAAAAAAAAAAAAAAAA19iN9uycftTn91Rd7fk7W4+q/2xH2dlZPJ+nyWfdjebPB0opTVP82J2vc7Msy9QOnOXzeCWfP1gQAAAAAAAAAAAAAAAAAAAAnl+nn39xfDgeH508k0Z3GkAeEf/cjXja+4zmel6L1YP77ZyH43GvbS6Oyed7Yqsbk0WsLKNaxNPuRh5rrf2FJ2puGz/9vO7sg4vHbC+f61k2uqfr+DBbvof96HoG7Ub9UETMxhRxybmK8z1p2NwnrfURFEsvDddee/FS3ZiuGBPZqsLe+qPZubYnO7+Kot7VpfHttjEXP/dsXOp5jkETf/JrRea0DgAAAAAAAAAAAAAAAAAA2KjZb/8uufhgZbSX+hsrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1Ozv/1/Y6EVE0zOto1kcnZzmF6SKODn9r9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA9fdvAAAA//9alVff")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x3376039, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

15.668362972s ago: executing program 5 (id=2966):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

15.25622977s ago: executing program 5 (id=2972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000300)='neigh_update\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast1}, {0x0, @link_local}, 0x0, {0x2, 0x0, @private=0xa010100}, 'team_slave_0\x00'})

15.184066267s ago: executing program 35 (id=2972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000300)='neigh_update\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast1}, {0x0, @link_local}, 0x0, {0x2, 0x0, @private=0xa010100}, 'team_slave_0\x00'})

12.493496436s ago: executing program 8 (id=2995):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc293, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r1 = dup(r0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000040)={[{@max_batch_time={'max_batch_time', 0x3d, 0x7fffffff}}, {@orlov}, {@nomblk_io_submit}, {@test_dummy_encryption}, {@nojournal_checksum}, {@grpquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xae8}}, {@discard}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

10.701412311s ago: executing program 8 (id=3018):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x28811, r1, 0x0)
ftruncate(r1, 0xc17a)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)

10.657134175s ago: executing program 8 (id=3030):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000240)={0x1d, r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', '', [{0x20, '\x03\x00\x00\x00\x00\x00\x00\x00'}]}, 0xd)
sendfile(r0, r2, &(0x7f0000000040), 0x7ffff000)

10.383993411s ago: executing program 8 (id=3020):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000340)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c73686f72746e616d653d77696e39352c757466383d302c6572726f72733d636f6e74696e75652c666c7573682c646f733178666c6f7070792c726f6469722c636865636b3d72656c617865642c00f644111bec75d1acf37737b55a893f3948e6ba60b6ccd281faa215f94fe2aa36fbe1ac6d9a18e0977d1c6cb9e043ed3b0fbc55872d7c1284a59fc2cc25b9fdd1567f71c07db04f7f712e3c557a3cc5bcb722e1b5a0045ce5aff46a09b39058b220b4f0a3ee9eb38ff4d00acdb165b599fb974ee5"], 0x6, 0x2c7, &(0x7f00000004c0)="$eJzs3T1rZFUYB/DnTm7ujFpMCisRvKCF1bLZ1maC7IKYyiWFWmhwsyCZQUgg4AuOW9naWFj4CQTBD2LjNxBsBTtXWDhy33ZmssMks+xEzP5+zZ499/zvec6ZS3JT5OTjVyfH98q4/+Cr32MwyKI3ilE8zGInetH5JhaMvgsA4P/sYUrxV2qsk8siYrC5sgCADbrc9/981vzlSsoCADbo7vsfvLu3v3/7vbIcxJ3Jt2cH1U/21b/N9b378WmM4yhuxjAeRdQvCttRvy1UzTsppWleVnbijcn07KBKTj76tb3/3p8RdX43hrFTdz1+26jz7+zf3i0bc/lpVceL7fyjKn8rhvHy4/BC/taSfBwU8ebrc/XfiGH89kl8FuO4Vxcxy3+9W5Zvp+///vLDqrwqn03PDvr1uJm0dcUfDQAAAAAAAAAAAAAAAAAAAAAA19iN9uycftTn91Rd7fk7W4+q/2xH2dlZPJ+nyWfdjebPB0opTVP82J2vc7Msy9QOnOXzeCWfP1gQAAAAAAAAAAAAAAAAAAAAnl+nn39xfDgeH508k0Z3GkAeEf/cjXja+4zmel6L1YP77ZyH43GvbS6Oyed7Yqsbk0WsLKNaxNPuRh5rrf2FJ2puGz/9vO7sg4vHbC+f61k2uqfr+DBbvof96HoG7Ub9UETMxhRxybmK8z1p2NwnrfURFEsvDddee/FS3ZiuGBPZqsLe+qPZubYnO7+Kot7VpfHttjEXP/dsXOp5jkETf/JrRea0DgAAAAAAAAAAAAAAAAAA2KjZb/8uufhgZbSX+hsrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1Ozv/1/Y6EVE0zOto1kcnZzmF6SKODn9r9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA9fdvAAAA//9alVff")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x3376039, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

10.366405012s ago: executing program 8 (id=3021):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000440)=0x2, 0x4)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000580)=0x1009e5, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x6a, &(0x7f0000000600)={@broadcast, @random, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x4, "44863a46875d7a99c994a2f0f3e6c9891f90f0da47b609b1", "282614002ac3b260591ff12441d3b9bd7570005c1a865e453a529854881fe0d4"}}}}}}, 0x0)

10.249898833s ago: executing program 8 (id=3024):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x0, {{@in6=@remote, @in=@dev}, {@in=@remote, 0x0, 0x32}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0xa}}, 0xf0}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000380)={0x1})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

10.238115714s ago: executing program 36 (id=3024):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x0, {{@in6=@remote, @in=@dev}, {@in=@remote, 0x0, 0x32}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0xa}}, 0xf0}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000380)={0x1})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})

7.519828125s ago: executing program 6 (id=3036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ppoll(&(0x7f00000002c0)=[{r3}], 0x1, 0x0, 0x0, 0x0)

7.4660705s ago: executing program 6 (id=3037):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x6, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r2, 0x0, 0xa0028000}, 0x38)

6.654372715s ago: executing program 6 (id=3043):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
dup2(r1, r2)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r6, 0x400448e0, &(0x7f00000003c0))
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lseek(r8, 0x8d0c, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)

5.507962471s ago: executing program 4 (id=3047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))

5.496295332s ago: executing program 4 (id=3048):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0xe, &(0x7f0000000580)={[{@dioread_lock}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@stripe={'stripe', 0x3d, 0x4}}, {@block_validity}, {@debug}]}, 0x3, 0x43b, &(0x7f0000000e00)="$eJzs3MtvG0UYAPBv10lKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWkUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0Xdlzq30/admZ3nJnPs2PP7mQTQM8azv5JIvZFxO8RMVjLri4wXPvv1tLC1N9LC1NJVCpv/ZVUy91cWpgqihav25tnRtKI9LMkjjSpd+7ylfOT5fLMpTw/Nn/h/bG5y1eePXdh8uzM2ZmLE6dOnTwx/sLzE8+1Jc6sTTcPfzR79NBr71x7Y+r0tXd//jYp4m+Io02G1zv4RKXS5uq6a39dOunrYkPYklJEZN3VXx3/g1GKlc4bjFc/7WrjgI6qVCqVva0PL1aAO1gS3W4B0B3FF312/VtsOzT1uC3ceKl2AZTFfSvfakf6Is3L9Ddc37bTcEScXvznq2yLztyHAABY5fts/vNMs/lfGvfXlbs7Xxsaioh7IuJARNwbEQcj4r6IatkHIuLBLdbfuEiydv6TXt9WYJuUzf9ezNe2Vs//itlfDJXy3P5q/P3JmXPlmeP5ezIS/buy/Pg6dfzwym9ftDpWP//Ltqz+Yi6Yt+N6367Vr5menJ/8LzHXu/FJxOG+ZvEnyysBSUQciojD26zj3FPfHG11rEX8uzb1g9uwzlT5OuLJWv8vRkP8hWT99cmxu6I8c3ysOCvW+uXXq2+2qn/j/u+srP/3ND3/l+MfSurXa+e2XsfVPz5veU2z3fN/IHm7mh7I9304OT9/aTxiIHm91uj6/RMrry3yRfks/pFjzcf/gVh5J45ERHYSPxQRD0fEI3nbH42IxyLi2Drx//Ty4+9tP/7OyuKf3lL/ryQGonFP80Tp/I/frap0aCvxZ/1/spoayfds5vNvM+3a3tkMAAAA/z9pROyLJB1dTqfp6Gjt9+UPxp60PDs3//SZ2Q8uTteeERiK/rS40zVYdz90PL+sL/ITDfkT+X3jL0u7q/nRqdnydLeDhx63t8X4z/xZ6nbrgI7zvBb0LuMfepfxD73L+Ife1WT87+5GO4Cd1+z7/+MutAPYeQ3j37If9JANr//9RUe4Yxnd0LuMf+hJc7tj44fkJSTWJCK9LZoh0aFEtz+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2uPfAAAA//8SV+Y8")
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x3fffffffffffe52, 0x10003, '\x00', [{}, {0xffffffff}]})

5.386033142s ago: executing program 4 (id=3049):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x258a, 0x6a88, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "860e0a31"}]}}, 0x0}, 0x0)

4.851513262s ago: executing program 7 (id=3054):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000000), 0x1, 0x457, &(0x7f0000000700)="$eJzs3MtvG0UYAPBvbSdt+iChKo8+gECLqHgkTVpKD1xAgDiAhASHcgxOWpW6DWqCRKsKCkLliCpxRxyR+As4wQUBJySucEeVKtRLCyejtXdrx7GTtHHsEv9+0rYzsxPNfJ4de3YnTgADazz9J4nYERF/RMRoPbu0wnj9v1s3LpX/uXGpnES1+vbfSa3ezRuXynnV/Oe255lSROHzJPa1aXfhwsUzM5XK3PksP7l49oPJhQsXnzt9dubU3Km5c9PHjx89MvXCsennsxpb1xVnGtfNvR/P79/z+rtX3yyfuPreL98lefwtcXTJ+Eonn6xWu9xcf+1sSielPnaEO1KsT9MYqs3/0ShGY/BG49XP+to5YENVq9Xqg51PX64Cm1gSbQpLBxtvD8AmlX/Qp/e/+dGLdce94vpL9RugNO5b2VE/U4pCVmeo5f62m8Yj4sTlf79Oj1j9OcSWDeoGADBAfkjXP8+2W/8Vovm50H3ZHspYRNwfEbsi4lhE7I6IByJqdR+KiIfvsP3WTZLl65/CtbsKbI3S9d+L2d7W0vVfvvqLsWKW21mLfyg5eboydzh7TQ7F0JY0P7VCGz++8vuXnc41r//SI20/Xwtm/bhWaln1zc4szqwn5mbXP43YW2oXf3J7JyCJiD0Rsfcu2zj99Lf7O51bPf4VdGGfqfpNxFP18b8cLfHnkpX3Jye3RmXu8GR+VSz3629X3urU/rri74J0/Le1vf5vxz+WNO/XLqRFw3fUxpU/vyg3ptNSd3v9DyfvLCn7aGZx8fxUxHDyRr3TzeXTLfWmG/XT+A8daD//d0XjldgXEelF/EhEPBoRj2V9fzwinoiIAyvE//PLB9/vdO52/CNZQR/Gf7bd+L/WafwbieFoLWmfKJ756fsljY41kmsb/6O11KGsZC3vf2vpV341AwAAwGZXiIgdxaQwkaejUJiYqP8O/+7YVqjMLyw+c3L+w3Oz9e8IjMVQIX/SNdr0PHQqu63P89Mt+SPZc+OviiO1/ER5vjLb7+BhwG2vzfnl8z/1V7HfvQM23Or7aLt60g+g93xfEwaX+Q+Dy/yHwdVm/o/0ox9A77X7/P+kD/0Aeq9l/tv2gwHi/h8Gl/kPg8v8h4G0MBKrf0leQmJZIgr3RDf+z4lqsvY/VNHzRL/fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrjvwAAAP//n1HZTw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
open(&(0x7f0000000180)='./bus\x00', 0x143042, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
linkat(r5, &(0x7f0000000180)='./file1\x00', r5, &(0x7f00000001c0)='./file3\x00', 0x0)
openat(r5, &(0x7f0000000080)='./file3\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

4.289288463s ago: executing program 6 (id=3056):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b", @ANYRES64], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)

4.197252522s ago: executing program 3 (id=3058):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000180)="66b9c609000066b80e00000066ba000000000f30660fc6d5d1660f38f86a05baf80c66b84c37638066efbafc0cedf4660f3a218f0400330fc4e70067660f3a44e300266536f26f0f015906", 0x4b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.071112134s ago: executing program 3 (id=3059):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x3]}, 0x8, 0x80800)
io_setup(0x1, &(0x7f0000000b80)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
signalfd4(r1, &(0x7f0000000140), 0x8, 0x0)

3.951922165s ago: executing program 7 (id=3060):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
write$binfmt_script(r0, &(0x7f00000001c0), 0x6a)
readv(r0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/56, 0x38}], 0x1)

3.922450747s ago: executing program 3 (id=3061):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000880)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYBLOB="0000000000000000000000001c00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000a40)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@errors_continue}, {@errors_continue}, {@block_validity}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r8, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

3.818023667s ago: executing program 7 (id=3063):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x2)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

3.817535067s ago: executing program 9 (id=3064):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r1, &(0x7f0000000000), 0x0)

3.68094338s ago: executing program 7 (id=3065):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x99, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000003c0)={r0, r1}, 0xc)

3.666994011s ago: executing program 7 (id=3066):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = dup2(r1, r2)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r5}, 0xfffffefa)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lseek(r9, 0x8d0c, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)

2.7056892s ago: executing program 7 (id=3067):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400", @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace(0x8, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
socket$inet6(0xa, 0x3, 0x1)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
getgroups(0x0, &(0x7f00000001c0))
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
keyctl$setperm(0x5, 0x0, 0x21062437)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffff4, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.70546616s ago: executing program 3 (id=3068):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
dup(r0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=r1, @ANYBLOB="0000000000000001140012800c0001006d6163766c616e00", @ANYRES32=r1, @ANYBLOB="080004007f0000000a0001"], 0x50}}, 0x40080)

2.691676561s ago: executing program 9 (id=3069):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00'}, 0x18)
syz_io_uring_setup(0x3f27, &(0x7f0000000100)={0x0, 0x0, 0x22}, &(0x7f0000000180), &(0x7f00000001c0))
write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x768], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb]}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)

2.635510307s ago: executing program 4 (id=3070):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000880)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYBLOB="0000000000000000000000001c00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000a40)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@errors_continue}, {@errors_continue}, {@block_validity}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r8, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

2.624594807s ago: executing program 9 (id=3071):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400", @ANYRES32=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace(0x8, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
socket$inet6(0xa, 0x3, 0x1)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
getgroups(0x0, &(0x7f00000001c0))
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
keyctl$setperm(0x5, 0x0, 0x21062437)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffff4, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.613856608s ago: executing program 3 (id=3072):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000880)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYBLOB="0000000000000000000000001c00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r5, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000a40)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@errors_continue}, {@errors_continue}, {@block_validity}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r9 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r9, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.605683712s ago: executing program 9 (id=3073):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_REAPURB(r2, 0x4008550c, &(0x7f0000002680))
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])

591.733925ms ago: executing program 4 (id=3074):
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x3a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @remote, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0)

566.363427ms ago: executing program 6 (id=3075):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x2000}})

566.064958ms ago: executing program 9 (id=3076):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0xf}], 0x1, 0x40000002, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

547.271719ms ago: executing program 3 (id=3077):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = dup2(r1, r2)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r5}, 0xfffffefa)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

340.619009ms ago: executing program 6 (id=3078):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = dup2(r1, r2)
bpf$TOKEN_CREATE(0x24, &(0x7f00000004c0)={0x0, r5}, 0xfffffefa)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='configfs\x00', 0x0, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
lseek(r9, 0x8d0c, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)

96.147601ms ago: executing program 9 (id=3079):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000880)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000088000000", @ANYRES32, @ANYBLOB="0000000000000000000000001c00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000340)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x90b775, &(0x7f0000000a40)={[{@noquota}, {@resuid}, {@quota}, {@usrjquota_path={'usrjquota', 0x3d, './file1/file0'}}, {@errors_continue}, {@errors_continue}, {@block_validity}, {@delalloc}, {@jqfmt_vfsold}, {@norecovery}, {@errors_continue}, {@nouid32}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r8, 0x400c6615, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

0s ago: executing program 4 (id=3080):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x1e, &(0x7f0000000840)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

urnal. Quota mode: writeback.
[  250.130685][ T7346] loop4: detected capacity change from 0 to 1024
[  250.266646][ T4952] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  250.266677][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  250.426570][   T28] audit: type=1400 audit(1731003183.026:520): avc:  denied  { append } for  pid=7349 comm="syz.3.2609" name="001" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  250.488911][ T7346] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  250.503549][ T7346] ext4 filesystem being mounted at /660/file1 supports timestamps until 2038 (0x7fffffff)
[  250.537913][ T7354] loop3: detected capacity change from 0 to 512
[  250.549261][ T7331] loop5: detected capacity change from 0 to 40427
[  250.557963][ T7329] loop6: detected capacity change from 0 to 40427
[  250.568333][ T7331] F2FS-fs (loop5): invalid crc value
[  250.573539][ T7329] F2FS-fs (loop6): invalid crc value
[  250.580110][ T7354] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.2610: Invalid inode bitmap blk 4 in block_group 0
[  250.593701][ T7354] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  250.593975][ T7329] F2FS-fs (loop6): Found nat_bits in checkpoint
[  250.602285][  T291] EXT4-fs (loop4): unmounting filesystem.
[  250.612269][ T7331] F2FS-fs (loop5): Found nat_bits in checkpoint
[  250.644921][ T7354] process 'syz.3.2610' launched './file2' with NULL argv: empty string added
[  250.685115][   T28] audit: type=1400 audit(1731003183.266:521): avc:  denied  { execute } for  pid=7353 comm="syz.3.2610" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  250.692709][ T7354] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.2610: Invalid inode bitmap blk 4 in block_group 0
[  250.707613][ T7329] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  250.720044][ T7354] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  250.727347][ T7331] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  250.764530][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  250.764802][   T28] audit: type=1400 audit(1731003183.266:522): avc:  denied  { execute_no_trans } for  pid=7353 comm="syz.3.2610" path="/538/file0/file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  250.799764][ T7368] loop4: detected capacity change from 0 to 1024
[  250.814251][  T294] EXT4-fs (loop3): unmounting filesystem.
[  250.831202][ T4079] syz-executor: attempt to access beyond end of device
[  250.831202][ T4079] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  250.851309][ T7368] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  250.860508][   T28] audit: type=1400 audit(1731003183.296:523): avc:  denied  { rename } for  pid=7353 comm="syz.3.2610" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  250.860540][   T28] audit: type=1400 audit(1731003183.296:524): avc:  denied  { unlink } for  pid=7353 comm="syz.3.2610" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  250.971207][ T7372] loop7: detected capacity change from 0 to 256
[  250.990857][ T7372] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  250.994360][ T7375] loop6: detected capacity change from 0 to 512
[  251.026093][ T7375] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  251.066955][ T7375] ext4 filesystem being mounted at /101/bus supports timestamps until 2038 (0x7fffffff)
[  251.135846][ T7382] loop3: detected capacity change from 0 to 1024
[  251.302543][ T7372] exFAT-fs (loop7): hint_cluster is invalid (17)
[  251.333647][ T7382] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  251.393481][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  251.421691][ T7390] loop6: detected capacity change from 0 to 512
[  251.438960][ T7390] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  251.447849][ T7390] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038 (0x7fffffff)
[  252.163640][ T7399] loop7: detected capacity change from 0 to 512
[  252.561290][  T291] EXT4-fs (loop4): unmounting filesystem.
[  252.642338][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  252.776478][  T990] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  253.146103][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  253.159565][    T8] Bluetooth: hci1: Frame reassembly failed (-84)
[  253.206354][  T387] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  253.215987][  T294] EXT4-fs (loop3): unmounting filesystem.
[  253.466573][  T387] usb 5-1: Using ep0 maxpacket: 16
[  253.536370][  T990] usb 6-1: Using ep0 maxpacket: 16
[  253.616400][    T6] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  253.626563][  T387] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[  253.634580][  T387] usb 5-1: config 0 has no interface number 0
[  253.640548][  T387] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  253.650399][  T387] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  253.656428][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.671034][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.680516][  T990] usb 6-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  253.689414][  T990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.698032][  T990] usb 6-1: config 0 descriptor??
[  253.836394][  T387] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  253.845311][  T387] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.853092][  T387] usb 5-1: Product: syz
[  253.857108][  T387] usb 5-1: Manufacturer: syz
[  253.861472][  T387] usb 5-1: SerialNumber: syz
[  253.866367][    T6] usb 4-1: Using ep0 maxpacket: 16
[  253.866647][  T387] usb 5-1: config 0 descriptor??
[  253.886406][ T7402] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  253.893366][ T7402] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  253.986420][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.997179][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.006696][    T6] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  254.015509][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.024214][    T6] usb 4-1: config 0 descriptor??
[  254.117706][ T7402] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  254.124717][ T7402] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  254.177223][  T990] hid-rmi 0003:17EF:6085.004B: report_id 0 is invalid
[  254.183871][  T990] hid-rmi 0003:17EF:6085.004B: item 0 1 1 8 parsing failed
[  254.191079][  T990] hid-rmi 0003:17EF:6085.004B: parse failed
[  254.196826][  T990] hid-rmi: probe of 0003:17EF:6085.004B failed with error -22
[  254.381491][  T990] usb 6-1: USB disconnect, device number 20
[  254.508037][    T6] hid-multitouch 0003:1FD2:6007.004C: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[  254.709355][  T990] usb 4-1: USB disconnect, device number 34
[  254.816370][  T387] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  254.826464][  T387] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  254.836705][  T387] asix: probe of 5-1:0.251 failed with error -71
[  254.844056][  T387] usb 5-1: USB disconnect, device number 29
[  254.894031][ T7416] loop5: detected capacity change from 0 to 512
[  254.900615][ T7416] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  254.911512][ T7416] EXT4-fs error (device loop5): ext4_orphan_get:1396: inode #15: comm syz.5.2622: iget: bad extended attribute block 512
[  254.924233][ T7416] EXT4-fs error (device loop5): ext4_orphan_get:1401: comm syz.5.2622: couldn't read orphan inode 15 (err -117)
[  254.936163][ T7416] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  254.996355][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  254.996347][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  255.156424][ T6826] Bluetooth: hci1: command 0x1003 tx timeout
[  255.156455][ T4952] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  255.301111][ T7424] loop6: detected capacity change from 0 to 1024
[  255.327941][ T7424] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  255.333305][ T7428] loop7: detected capacity change from 0 to 512
[  255.375862][ T7428] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.2624: Invalid inode bitmap blk 4 in block_group 0
[  255.388689][ T7428] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  255.414135][ T7428] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.2624: Invalid inode bitmap blk 4 in block_group 0
[  255.427460][ T7432] usb usb5: usbfs: process 7432 (syz.4.2625) did not claim interface 0 before use
[  255.437581][ T7428] EXT4-fs error (device loop7) in ext4_free_inode:362: Corrupt filesystem
[  255.450841][ T7436] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.457735][ T7436] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.470003][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  255.675021][ T7441] loop7: detected capacity change from 0 to 256
[  255.706453][   T40] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  255.739343][ T7444] loop4: detected capacity change from 0 to 1024
[  255.765332][ T4079] EXT4-fs error (device loop5): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /214/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  255.807327][ T7441] exFAT-fs (loop7): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  255.819753][ T7444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  255.849694][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  255.939258][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  256.061493][ T7461] loop7: detected capacity change from 0 to 1024
[  256.373099][  T329] Bluetooth: hci0: Frame reassembly failed (-84)
[  256.426383][   T40] usb 4-1: Using ep0 maxpacket: 16
[  256.538366][ T7466] loop6: detected capacity change from 0 to 512
[  256.545417][ T7461] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  256.567387][  T291] EXT4-fs (loop4): unmounting filesystem.
[  256.573628][ T7466] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #2: comm syz.6.2634: corrupted xattr block 255
[  256.589165][ T7466] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[  256.598001][ T7466] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  256.606927][ T7466] EXT4-fs error (device loop6): ext4_xattr_block_get:546: inode #2: comm syz.6.2634: corrupted xattr block 255
[  256.619209][ T7466] SELinux: (dev loop6, type ext4) getxattr errno 117
[  256.626981][ T7466] EXT4-fs (loop6): unmounting filesystem.
[  256.640075][ T7470] syz.4.2636[7470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.640134][ T7470] syz.4.2636[7470] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  256.664636][ T7472] loop4: detected capacity change from 0 to 512
[  256.806521][   T40] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[  256.849055][   T40] usb 4-1: config 0 has no interface number 0
[  256.957362][ T7472] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.2637: casefold flag without casefold feature
[  256.982690][   T40] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  256.990237][ T7472] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2637: couldn't read orphan inode 15 (err -117)
[  256.992766][   T40] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  257.014571][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  257.015572][ T7472] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  257.051306][  T291] EXT4-fs (loop4): unmounting filesystem.
[  257.102139][ T7494] loop6: detected capacity change from 0 to 256
[  257.109503][ T7494] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  257.152986][ T7498] loop6: detected capacity change from 0 to 1024
[  257.159599][ T7498] EXT4-fs: Ignoring removed orlov option
[  257.168896][ T7498] EXT4-fs (loop6): Test dummy encryption mode enabled
[  257.194569][ T7501] loop7: detected capacity change from 0 to 1024
[  257.239339][   T40] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  257.243623][ T7498] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  257.248447][   T40] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.265217][ T7501] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  257.290629][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  257.335081][   T40] usb 4-1: Product: syz
[  257.424266][ T7507] loop4: detected capacity change from 0 to 512
[  257.435078][   T40] usb 4-1: Manufacturer: syz
[  257.439545][   T40] usb 4-1: SerialNumber: syz
[  257.446518][   T40] usb 4-1: config 0 descriptor??
[  257.688842][ T7434] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  257.759717][ T7434] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.040741][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  258.059686][ T7516] loop7: detected capacity change from 0 to 512
[  258.068109][ T7516] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #2: comm syz.7.2649: corrupted xattr block 255
[  258.079961][ T7516] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[  258.088593][ T7516] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  258.089743][ T7434] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.097645][ T7516] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #2: comm syz.7.2649: corrupted xattr block 255
[  258.104803][ T7434] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  258.116572][ T7516] SELinux: (dev loop7, type ext4) getxattr errno 117
[  258.130169][ T7516] EXT4-fs (loop7): unmounting filesystem.
[  258.190508][ T7519] loop4: detected capacity change from 0 to 1024
[  258.197258][  T387] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  258.207780][ T7519] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  258.428728][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  258.434718][ T4952] Bluetooth: hci0: command 0x1003 tx timeout
[  258.676459][  T387] usb 7-1: config 1 has an invalid descriptor of length 167, skipping remainder of the config
[  258.686651][  T387] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  258.786383][  T387] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  258.795323][  T387] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  258.803085][  T387] usb 7-1: SerialNumber: syz
[  258.826392][   T40] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  258.838859][   T40] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  258.849460][   T40] asix: probe of 4-1:0.251 failed with error -71
[  258.858526][   T40] usb 4-1: USB disconnect, device number 35
[  258.909081][  T291] EXT4-fs (loop4): unmounting filesystem.
[  258.974778][   T28] audit: type=1400 audit(1731003191.576:525): avc:  denied  { unmount } for  pid=7536 comm="syz.4.2656" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  259.096971][  T387] usb 7-1: 0:2 : does not exist
[  259.139286][  T387] usb 7-1: USB disconnect, device number 9
[  259.150204][  T315] udevd[315]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  259.182707][ T7552] loop4: detected capacity change from 0 to 1024
[  259.197524][ T7552] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  259.236355][  T990] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  259.514877][   T28] audit: type=1400 audit(1731003192.116:526): avc:  denied  { create } for  pid=7557 comm="syz.3.2662" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  259.550989][ T7558] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  259.560635][ T7558] F2FS-fs (loop7): Unable to read 1th superblock
[  259.569370][ T7558] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  259.579934][ T7558] F2FS-fs (loop7): Unable to read 2th superblock
[  259.586873][ T7558] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  259.595861][ T7558] F2FS-fs (loop7): Unable to read 1th superblock
[  259.602112][ T7558] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  259.611094][ T7558] F2FS-fs (loop7): Unable to read 2th superblock
[  259.621112][   T28] audit: type=1400 audit(1731003192.226:527): avc:  denied  { unlink } for  pid=294 comm="syz-executor" name="file0" dev="tmpfs" ino=2809 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  259.686352][  T990] usb 6-1: Using ep0 maxpacket: 16
[  259.886895][ T7570] loop6: detected capacity change from 0 to 1024
[  260.037722][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  260.051088][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  260.056516][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.068137][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.068853][  T291] EXT4-fs (loop4): unmounting filesystem.
[  260.078211][  T990] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  260.096103][  T990] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  260.105425][ T7570] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  260.114439][  T990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.126434][  T990] usb 6-1: config 0 descriptor??
[  260.577199][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  260.606437][  T990] usbhid 6-1:0.0: can't add hid device: -71
[  260.612203][  T990] usbhid: probe of 6-1:0.0 failed with error -71
[  260.622143][  T990] usb 6-1: USB disconnect, device number 21
[  260.713453][ T7583] loop6: detected capacity change from 0 to 40427
[  260.721639][ T7583] F2FS-fs (loop6): invalid crc value
[  260.728664][ T7583] F2FS-fs (loop6): Found nat_bits in checkpoint
[  260.763974][ T7583] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  260.779749][ T7583] syz.6.2669: attempt to access beyond end of device
[  260.779749][ T7583] loop6: rw=34817, sector=77824, nr_sectors = 2048 limit=40427
[  260.798732][ T5963] syz-executor: attempt to access beyond end of device
[  260.798732][ T5963] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  260.895436][ T7589] loop6: detected capacity change from 0 to 512
[  260.908918][ T7589] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #3: comm syz.6.2670: corrupted inode contents
[  260.920842][ T7589] EXT4-fs error (device loop6): ext4_dirty_inode:6088: inode #3: comm syz.6.2670: mark_inode_dirty error
[  260.932629][ T7589] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #3: comm syz.6.2670: corrupted inode contents
[  260.944459][ T7589] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #3: comm syz.6.2670: mark_inode_dirty error
[  260.955962][ T7589] Quota error (device loop6): write_blk: dquota write failed
[  260.963216][ T7589] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  260.972878][ T7589] EXT4-fs error (device loop6): ext4_acquire_dquot:6787: comm syz.6.2670: Failed to acquire dquot type 0
[  260.985023][ T7589] EXT4-fs (loop6): 1 orphan inode deleted
[  260.990615][ T7589] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  260.999544][ T7589] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038 (0x7fffffff)
[  260.999557][ T5881] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  261.018985][ T5881] EXT4-fs error (device loop6): ext4_release_dquot:6810: comm kworker/u4:7: Failed to release dquot type 1
[  261.053243][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  261.456333][ T7602] syz.4.2673 (7602) used greatest stack depth: 19624 bytes left
[  261.636339][  T990] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  261.647305][ T7612] loop4: detected capacity change from 0 to 1024
[  261.660278][ T7612] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  261.946381][ T4952] Bluetooth: hci0: command 0x1003 tx timeout
[  261.946412][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  262.126932][ T7621] loop6: detected capacity change from 0 to 512
[  262.127811][ T7619] loop3: detected capacity change from 0 to 1024
[  262.142363][ T7621] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  262.153571][ T7619] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  262.162636][ T7621] EXT4-fs error (device loop6): ext4_orphan_get:1396: inode #15: comm syz.6.2678: iget: bad extended attribute block 512
[  262.175843][ T7621] EXT4-fs error (device loop6): ext4_orphan_get:1401: comm syz.6.2678: couldn't read orphan inode 15 (err -117)
[  262.177416][ T7619] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  262.191292][ T7621] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  262.221661][  T294] EXT4-fs (loop3): unmounting filesystem.
[  262.227877][  T990] usb 6-1: config 1 has an invalid descriptor of length 167, skipping remainder of the config
[  262.239353][  T990] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  262.258707][ T7629] loop3: detected capacity change from 0 to 256
[  262.282890][ T7629] FAT-fs (loop3): Directory bread(block 64) failed
[  262.296002][ T7629] FAT-fs (loop3): Directory bread(block 65) failed
[  262.298861][ T7630] loop7: detected capacity change from 0 to 1024
[  262.302946][ T7629] FAT-fs (loop3): Directory bread(block 66) failed
[  262.314907][ T7629] FAT-fs (loop3): Directory bread(block 67) failed
[  262.321242][ T7629] FAT-fs (loop3): Directory bread(block 68) failed
[  262.328479][  T990] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  262.330477][ T7629] FAT-fs (loop3): Directory bread(block 69) failed
[  262.340756][  T990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  262.345527][ T7629] FAT-fs (loop3): Directory bread(block 70) failed
[  262.351676][   T28] audit: type=1400 audit(1731003194.956:528): avc:  denied  { write } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  262.358072][ T7629] FAT-fs (loop3): Directory bread(block 71) failed
[  262.379119][  T990] usb 6-1: SerialNumber: syz
[  262.406544][ T7629] FAT-fs (loop3): Directory bread(block 72) failed
[  262.420125][ T7629] FAT-fs (loop3): Directory bread(block 73) failed
[  262.427974][   T28] audit: type=1400 audit(1731003194.956:529): avc:  denied  { remove_name } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  262.428294][  T291] EXT4-fs (loop4): unmounting filesystem.
[  262.450503][   T28] audit: type=1400 audit(1731003194.956:530): avc:  denied  { rename } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  262.492072][ T7630] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  262.495447][   T28] audit: type=1400 audit(1731003194.956:531): avc:  denied  { add_name } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  262.558799][   T10] kworker/u4:1: attempt to access beyond end of device
[  262.558799][   T10] loop3: rw=1, sector=1224, nr_sectors = 12 limit=256
[  262.623705][ T7639] loop3: detected capacity change from 0 to 2048
[  262.634191][ T7639] EXT4-fs: Ignoring removed nobh option
[  262.639749][ T7639] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.910350][ T7639] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  262.927091][  T990] usb 6-1: 0:2 : does not exist
[  262.946710][ T7639] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2683: bg 0: block 234: padding at end of block bitmap is not set
[  262.968827][  T990] usb 6-1: USB disconnect, device number 22
[  262.979394][  T315] udevd[315]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  262.986988][ T7639] EXT4-fs (loop3): Remounting filesystem read-only
[  263.038565][  T294] EXT4-fs (loop3): unmounting filesystem.
[  263.058071][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  263.090958][ T7645] loop7: detected capacity change from 0 to 512
[  263.127922][ T7645] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  263.128690][ T7650] /dev/loop0: Can't open blockdev
[  263.167583][ T7645] EXT4-fs error (device loop7): ext4_orphan_get:1396: inode #15: comm syz.7.2685: iget: bad extended attribute block 512
[  263.184115][ T7645] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.2685: couldn't read orphan inode 15 (err -117)
[  263.184300][ T5963] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /120/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  263.196144][ T7645] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  263.286780][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  263.342829][ T7638] loop4: detected capacity change from 0 to 40427
[  263.357091][ T7638] F2FS-fs (loop4): fault_injection options not supported
[  263.490424][ T7661] loop6: detected capacity change from 0 to 1024
[  263.542623][ T7663] loop5: detected capacity change from 0 to 1024
[  263.587824][ T7638] F2FS-fs (loop4): Image doesn't support compression
[  263.641757][ T7638] F2FS-fs (loop4): Image doesn't support compression
[  263.649601][ T7638] F2FS-fs (loop4): invalid crc value
[  263.663601][ T7661] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  263.747197][ T7638] F2FS-fs (loop4): Found nat_bits in checkpoint
[  265.015359][ T5981] EXT4-fs error (device loop7): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /78/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  265.069708][ T7638] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  266.233503][ T7693] loop5: detected capacity change from 0 to 1024
[  266.239155][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  266.239172][   T28] audit: type=1400 audit(1731003198.846:536): avc:  denied  { nlmsg_read } for  pid=7694 comm="syz.3.2697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  266.294541][ T7695] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2697'.
[  266.385045][ T7705] loop3: detected capacity change from 0 to 256
[  266.388915][ T7704] loop7: detected capacity change from 0 to 1024
[  266.398071][ T7705] exfat: Deprecated parameter 'namecase'
[  266.403670][ T7705] exfat: Deprecated parameter 'utf8'
[  266.416300][ T7705] exfat: Deprecated parameter 'namecase'
[  266.421881][ T7705] exfat: Deprecated parameter 'utf8'
[  266.464697][ T7705] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  266.688391][ T7707] loop4: detected capacity change from 0 to 2048
[  266.742164][ T7714] loop3: detected capacity change from 0 to 512
[  266.754561][ T7707] ext4 filesystem being mounted at /680/file0 supports timestamps until 2038 (0x7fffffff)
[  266.774531][ T7714] ext4 filesystem being mounted at /552/bus supports timestamps until 2038 (0x7fffffff)
[  266.778088][ T7707] fs-verity: sha512 using implementation "sha512-avx2"
[  267.108388][   T28] audit: type=1400 audit(1731003199.716:537): avc:  denied  { setattr } for  pid=7706 comm="syz.4.2699" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  267.165441][ T7723] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  267.196396][ T7723] F2FS-fs (loop11): Unable to read 1th superblock
[  267.202870][ T7723] I/O error, dev loop11, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  267.215921][ T7723] F2FS-fs (loop11): Unable to read 2th superblock
[  267.230086][ T7728] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[  267.243491][ T7727] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  267.258107][ T7727] F2FS-fs (loop11): Unable to read 1th superblock
[  267.268808][ T7727] I/O error, dev loop11, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  267.282974][ T7727] F2FS-fs (loop11): Unable to read 2th superblock
[  267.349861][ T7739] loop4: detected capacity change from 0 to 1024
[  267.696684][ T2425] Bluetooth: hci0: Frame reassembly failed (-84)
[  267.859584][ T2425] Bluetooth: hci0: Frame reassembly failed (-84)
[  268.159622][ T7753] loop5: detected capacity change from 0 to 256
[  268.170010][ T7753] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  268.198305][ T7753] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  268.206720][ T7753] FAT-fs (loop5): Filesystem has been set read-only
[  268.250165][ T7757] loop6: detected capacity change from 0 to 512
[  268.268348][ T7757] ext4 filesystem being mounted at /125/bus supports timestamps until 2038 (0x7fffffff)
[  268.270415][ T7758] loop4: detected capacity change from 0 to 1024
[  268.362079][ T7765] loop6: detected capacity change from 0 to 512
[  268.372802][ T7765] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.2713: inode #1: comm syz.6.2713: iget: illegal inode #
[  268.386218][ T7765] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.2713: error while reading EA inode 1 err=-117
[  268.399277][ T7765] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.2713: inode #1: comm syz.6.2713: iget: illegal inode #
[  268.593052][ T7765] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.2713: error while reading EA inode 1 err=-117
[  268.671259][ T7773] loop5: detected capacity change from 0 to 1024
[  268.678583][ T7765] EXT4-fs (loop6): 1 orphan inode deleted
[  268.766447][ T7779] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  268.788043][   T28] audit: type=1400 audit(1731003201.396:538): avc:  denied  { create } for  pid=7782 comm="syz.6.2719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  269.162678][ T7787] loop6: detected capacity change from 0 to 512
[  269.175182][ T7787] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  269.186392][ T7787] EXT4-fs error (device loop6): ext4_orphan_get:1396: inode #15: comm syz.6.2720: iget: bad extended attribute block 512
[  269.199376][ T7787] EXT4-fs error (device loop6): ext4_orphan_get:1401: comm syz.6.2720: couldn't read orphan inode 15 (err -117)
[  269.292621][ T7794] loop4: detected capacity change from 0 to 1024
[  269.706349][ T4952] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  269.706409][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  270.033295][ T5963] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /131/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  270.124816][ T7801] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  270.134494][ T7801] F2FS-fs (loop13): Unable to read 1th superblock
[  270.141023][ T7801] I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  270.150942][ T7801] F2FS-fs (loop13): Unable to read 2th superblock
[  270.158437][ T7801] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  270.167873][ T7801] F2FS-fs (loop13): Unable to read 1th superblock
[  270.184615][ T7801] I/O error, dev loop13, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  270.193824][ T7801] F2FS-fs (loop13): Unable to read 2th superblock
[  270.208669][ T7806] loop4: detected capacity change from 0 to 512
[  270.276720][ T7812] loop7: detected capacity change from 0 to 512
[  270.286994][ T7806] ext4 filesystem being mounted at /684/bus supports timestamps until 2038 (0x7fffffff)
[  270.556444][   T40] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  270.573186][ T7812] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #3: comm syz.7.2725: corrupted inode contents
[  270.601355][ T7812] EXT4-fs error (device loop7): ext4_dirty_inode:6088: inode #3: comm syz.7.2725: mark_inode_dirty error
[  270.613298][ T7812] EXT4-fs error (device loop7): ext4_do_update_inode:5226: inode #3: comm syz.7.2725: corrupted inode contents
[  270.626644][ T7812] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #3: comm syz.7.2725: mark_inode_dirty error
[  270.651005][   T28] audit: type=1400 audit(1731003203.256:539): avc:  denied  { execute } for  pid=7821 comm="syz.4.2727" path=2F6D656D66643AC0873A2A18C16BA7875BA06F383449AA4BA5D30B86CA3C7FFD368D7DD8F247B8EA65299086E39608E0FAB1D84EB257CB8D7D336C6D38A537C9202864656C6574656429 dev="tmpfs" ino=223 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  270.688829][ T7812] Quota error (device loop7): write_blk: dquota write failed
[  270.700271][ T7812] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  270.715424][ T7812] EXT4-fs error (device loop7): ext4_acquire_dquot:6787: comm syz.7.2725: Failed to acquire dquot type 0
[  270.728194][ T7812] EXT4-fs (loop7): 1 orphan inode deleted
[  270.733941][ T7812] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038 (0x7fffffff)
[  270.764228][ T2425] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  270.768871][ T7813] syz.5.2723 (7813) used greatest stack depth: 19592 bytes left
[  270.781420][ T2425] EXT4-fs error (device loop7): ext4_release_dquot:6810: comm kworker/u4:6: Failed to release dquot type 1
[  270.862984][ T7828] loop5: detected capacity change from 0 to 256
[  270.892234][   T28] audit: type=1400 audit(1731003203.496:540): avc:  denied  { rename } for  pid=7827 comm="syz.5.2729" name="bus" dev="loop5" ino=1048757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  271.050183][   T40] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  271.064750][   T40] usb 7-1: config 0 has no interface number 0
[  271.156634][   T40] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.352052][   T40] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.374932][ T7839] loop3: detected capacity change from 0 to 512
[  271.385170][   T40] usb 7-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  271.404905][   T40] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.410951][ T7839] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  271.421129][   T40] usb 7-1: config 0 descriptor??
[  271.456161][ T7839] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.2734: iget: bad extended attribute block 512
[  271.477913][ T7839] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2734: couldn't read orphan inode 15 (err -117)
[  271.505856][ T7833] loop7: detected capacity change from 0 to 40427
[  271.521499][ T7833] F2FS-fs (loop7): Invalid segment/section count (24 != 24 * 3)
[  271.529350][ T7833] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  271.537556][ T7833] F2FS-fs (loop7): heap/no_heap options were deprecated
[  271.544494][ T7833] F2FS-fs (loop7): Image doesn't support compression
[  271.618789][ T7833] F2FS-fs (loop7): invalid crc value
[  271.625153][ T7833] F2FS-fs (loop7): Found nat_bits in checkpoint
[  271.686621][ T7833] F2FS-fs (loop7): Start checkpoint disabled!
[  271.976977][ T7833] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  271.987002][ T7833] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  272.021153][   T40] input: HID 04d9:a055 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.1/0003:04D9:A055.004D/input/input46
[  272.092786][ T5881] kworker/u4:7: attempt to access beyond end of device
[  272.092786][ T5881] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  272.112100][ T7850] loop5: detected capacity change from 0 to 1024
[  272.127039][   T40] holtek_kbd 0003:04D9:A055.004D: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.6-1/input1
[  272.241634][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /559/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  272.266685][   T40] usb 7-1: USB disconnect, device number 10
[  272.549742][ T7862] loop7: detected capacity change from 0 to 1024
[  272.689468][ T7871] loop4: detected capacity change from 0 to 512
[  272.708319][ T7871] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #3: comm syz.4.2740: corrupted inode contents
[  272.720086][ T7871] EXT4-fs error (device loop4): ext4_dirty_inode:6088: inode #3: comm syz.4.2740: mark_inode_dirty error
[  272.732957][ T7871] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #3: comm syz.4.2740: corrupted inode contents
[  272.746412][ T7871] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.2740: mark_inode_dirty error
[  272.758771][ T7871] Quota error (device loop4): write_blk: dquota write failed
[  272.767530][ T7871] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  272.777702][ T7871] EXT4-fs error (device loop4): ext4_acquire_dquot:6787: comm syz.4.2740: Failed to acquire dquot type 0
[  272.973885][ T7871] EXT4-fs (loop4): 1 orphan inode deleted
[  272.979692][ T7871] ext4 filesystem being mounted at /688/file1 supports timestamps until 2038 (0x7fffffff)
[  272.990090][    T8] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  273.003794][    T8] EXT4-fs error (device loop4): ext4_release_dquot:6810: comm kworker/u4:0: Failed to release dquot type 1
[  273.054381][ T7880] loop4: detected capacity change from 0 to 512
[  273.061127][ T7880] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  273.072050][ T7880] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.2743: iget: bad extended attribute block 512
[  273.084723][ T7880] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2743: couldn't read orphan inode 15 (err -117)
[  273.116416][  T990] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  273.197585][   T28] audit: type=1400 audit(1731003205.806:541): avc:  denied  { connect } for  pid=7885 comm="syz.6.2745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  273.499561][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2746'.
[  273.676807][ T7897] loop6: detected capacity change from 0 to 2048
[  273.726680][ T7897]  loop6: p3 < > p4 < >
[  273.730809][ T7897] loop6: partition table partially beyond EOD, truncated
[  273.737928][ T7897] loop6: p3 start 4284289 is beyond EOD, truncated
[  273.786413][  T990] usb 4-1: Using ep0 maxpacket: 16
[  273.806404][ T7899] netlink: 'syz.6.2748': attribute type 11 has an invalid length.
[  273.836183][   T28] audit: type=1400 audit(1731003206.436:542): avc:  denied  { create } for  pid=7902 comm="syz.6.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  273.856233][   T28] audit: type=1400 audit(1731003206.446:543): avc:  denied  { setopt } for  pid=7902 comm="syz.6.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  273.892297][ T7907] loop5: detected capacity change from 0 to 2048
[  273.906545][  T990] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.917906][  T990] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.929231][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /690/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  273.949934][  T990] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  273.963683][ T7907] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038 (0x7fffffff)
[  273.973566][  T990] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  273.987828][ T7911] loop6: detected capacity change from 0 to 1024
[  274.007875][  T990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.094306][  T990] usb 4-1: config 0 descriptor??
[  274.128570][ T7920] loop5: detected capacity change from 0 to 512
[  274.150409][ T7920] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #3: comm syz.5.2755: corrupted inode contents
[  274.219773][ T7924] loop7: detected capacity change from 0 to 1024
[  274.282705][ T7920] EXT4-fs error (device loop5): ext4_dirty_inode:6088: inode #3: comm syz.5.2755: mark_inode_dirty error
[  274.295510][ T7920] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #3: comm syz.5.2755: corrupted inode contents
[  274.355995][ T7920] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #3: comm syz.5.2755: mark_inode_dirty error
[  274.486895][ T7920] Quota error (device loop5): write_blk: dquota write failed
[  274.502650][ T7920] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  274.524836][ T7920] EXT4-fs error (device loop5): ext4_acquire_dquot:6787: comm syz.5.2755: Failed to acquire dquot type 0
[  274.540882][  T990] usbhid 4-1:0.0: can't add hid device: -71
[  274.546895][  T990] usbhid: probe of 4-1:0.0 failed with error -71
[  274.556039][  T990] usb 4-1: USB disconnect, device number 36
[  274.563257][ T7920] EXT4-fs (loop5): 1 orphan inode deleted
[  274.573238][ T7920] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038 (0x7fffffff)
[  274.583510][    T8] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  274.898575][    T8] EXT4-fs error (device loop5): ext4_release_dquot:6810: comm kworker/u4:0: Failed to release dquot type 1
[  274.915071][ T7918] loop4: detected capacity change from 0 to 40427
[  274.933142][ T7918] F2FS-fs (loop4): invalid crc value
[  274.960751][ T7918] F2FS-fs (loop4): Found nat_bits in checkpoint
[  275.011563][ T7918] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  275.047824][ T7918] syz.4.2753: attempt to access beyond end of device
[  275.047824][ T7918] loop4: rw=34817, sector=77824, nr_sectors = 2048 limit=40427
[  275.075079][ T7946] loop6: detected capacity change from 0 to 512
[  275.081943][  T291] syz-executor: attempt to access beyond end of device
[  275.081943][  T291] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  275.110371][ T7946] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  275.116744][ T7948] SELinux: failed to load policy
[  275.121816][ T7946] EXT4-fs (loop6): 1 truncate cleaned up
[  275.136120][ T7951] loop7: detected capacity change from 0 to 512
[  275.145005][ T7951] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  275.168128][ T7951] EXT4-fs error (device loop7): ext4_orphan_get:1396: inode #15: comm syz.7.2763: iget: bad extended attribute block 512
[  275.181343][ T7951] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.2763: couldn't read orphan inode 15 (err -117)
[  275.696349][  T990] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  275.812305][ T5881] Bluetooth: hci0: Frame reassembly failed (-84)
[  276.014660][ T5981] EXT4-fs error (device loop7): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /90/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  276.107274][ T7968] loop7: detected capacity change from 0 to 2048
[  276.171710][ T7973] EXT4-fs (loop7): shut down requested (0)
[  276.203710][ T7974] loop3: detected capacity change from 0 to 1024
[  276.276390][  T990] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  276.289812][  T990] usb 7-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  276.304209][  T990] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.321328][  T990] usb 7-1: config 0 descriptor??
[  276.336193][ T7968] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2766: bg 0: block 234: padding at end of block bitmap is not set
[  276.350754][ T7968] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  276.363243][ T7968] EXT4-fs (loop7): This should not happen!! Data will be lost
[  276.363243][ T7968] 
[  276.372839][ T7968] EXT4-fs (loop7): Total free blocks count 0
[  276.378722][ T7968] EXT4-fs (loop7): Free/Dirty block details
[  276.384406][ T7968] EXT4-fs (loop7): free_blocks=0
[  276.389205][ T7968] EXT4-fs (loop7): dirty_blocks=8192
[  276.394320][ T7968] EXT4-fs (loop7): Block reservation details
[  276.400130][ T7968] EXT4-fs (loop7): i_reserved_data_blocks=512
[  276.553162][   T10] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  276.599963][ T2164] usb 7-1: USB disconnect, device number 11
[  276.667721][   T28] audit: type=1400 audit(1731003209.276:544): avc:  denied  { bind } for  pid=7981 comm="syz.4.2768" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  276.802921][ T7989] loop4: detected capacity change from 0 to 1024
[  278.305561][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  278.313276][ T4952] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  278.564680][ T8008] loop7: detected capacity change from 0 to 1024
[  278.625614][ T8015] loop6: detected capacity change from 0 to 2048
[  278.660335][ T8015] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038 (0x7fffffff)
[  279.077163][   T40] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  279.331947][ T5981] EXT4-fs unmount: 61 callbacks suppressed
[  279.331964][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  279.396385][   T40] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  279.512491][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  279.512507][   T28] audit: type=1326 audit(1731003212.116:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8038 comm="syz.4.2784" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fadd5b7e719 code=0x0
[  279.974368][ T2425] Bluetooth: hci0: Frame reassembly failed (-84)
[  280.176376][   T40] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  280.185305][   T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.288559][ T8048] loop6: detected capacity change from 0 to 2048
[  280.298119][ T8048] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  280.309055][ T8048] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  280.323873][ T8048] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  280.336154][ T8048] EXT4-fs (loop6): This should not happen!! Data will be lost
[  280.336154][ T8048] 
[  280.345713][ T8048] EXT4-fs (loop6): Total free blocks count 0
[  280.356613][ T8048] EXT4-fs (loop6): Free/Dirty block details
[  280.362365][ T8048] EXT4-fs (loop6): free_blocks=2415919104
[  280.373033][ T8048] EXT4-fs (loop6): dirty_blocks=48
[  280.380893][ T8048] EXT4-fs (loop6): Block reservation details
[  280.387545][ T8048] EXT4-fs (loop6): i_reserved_data_blocks=3
[  280.401137][  T430] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  280.425749][ T8057] loop4: detected capacity change from 0 to 8192
[  280.517928][ T8066] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2793'.
[  280.539756][ T8068] loop6: detected capacity change from 0 to 1024
[  280.599157][ T8068] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  280.816686][   T40] usb 4-1: string descriptor 0 read error: -71
[  280.825137][   T40] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  280.844218][   T40] usb 4-1: No valid video chain found.
[  281.094681][   T40] usb 4-1: USB disconnect, device number 37
[  281.308091][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  281.323075][ T8077] usb usb8: usbfs: process 8077 (syz.6.2795) did not claim interface 0 before use
[  281.578861][ T8092] loop3: detected capacity change from 0 to 1024
[  281.693269][ T8092] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  281.800205][   T60] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  282.026345][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  282.032262][ T4952] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  282.156252][ T8103] loop5: detected capacity change from 0 to 128
[  282.164622][ T8103] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  282.173047][   T60] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  282.173363][ T8103] ext4 filesystem being mounted at /249/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  282.183716][   T60] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  282.234303][ T8103] syz.5.2803 (pid 8103) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  282.251619][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  282.292302][   T60] usb 5-1: config 1 has no interface number 0
[  282.299147][  T294] EXT4-fs (loop3): unmounting filesystem.
[  282.304750][   T60] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.316236][   T60] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  282.334730][   T28] audit: type=1400 audit(1731003214.936:547): avc:  denied  { ioctl } for  pid=8109 comm="syz.3.2806" path="socket:[40577]" dev="sockfs" ino=40577 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  282.390894][   T28] audit: type=1400 audit(1731003214.996:548): avc:  denied  { map } for  pid=8117 comm="syz.3.2811" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  282.419871][ T8121] loop6: detected capacity change from 0 to 1024
[  282.512578][ T8121] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  282.533521][ T8132] loop3: detected capacity change from 0 to 512
[  282.816723][   T28] audit: type=1400 audit(1731003215.136:549): avc:  denied  { name_bind } for  pid=8129 comm="syz.5.2812" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  282.987780][   T60] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  283.010475][ T8132] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  283.070099][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.151320][ T8132] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.2813: iget: bad extended attribute block 512
[  283.169808][ T8132] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2813: couldn't read orphan inode 15 (err -117)
[  283.181833][ T8132] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  283.240675][   T60] usb 5-1: Product: syz
[  283.246791][   T60] usb 5-1: Manufacturer: syz
[  283.254327][   T60] usb 5-1: SerialNumber: syz
[  283.271719][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  283.312714][ T8143] loop7: detected capacity change from 0 to 512
[  283.398792][ T8143] EXT4-fs (loop7): Test dummy encryption mode enabled
[  283.405535][ T8143] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  284.532632][ T8143] EXT4-fs (loop7): 1 truncate cleaned up
[  284.538196][ T8143] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  284.564457][ T8143] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  284.574819][ T8143] ------------[ cut here ]------------
[  284.580162][ T8143] WARNING: CPU: 0 PID: 8143 at fs/crypto/fname.c:573 fscrypt_fname_siphash+0xbf/0xf0
[  284.589438][ T8143] Modules linked in:
[  284.593117][ T8143] CPU: 0 PID: 8143 Comm: syz.7.2816 Not tainted 6.1.112-syzkaller-00110-g976b055754d7 #0
[  284.602766][ T8143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  284.612668][ T8143] RIP: 0010:fscrypt_fname_siphash+0xbf/0xf0
[  284.618390][ T8143] Code: b6 04 28 84 c0 75 3a 41 8b 34 24 49 83 c6 48 4c 89 ff 4c 89 f2 e8 01 f7 39 03 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 21 32 9a ff <0f> 0b eb a8 89 d9 80 e1 07 38 c1 7c 8a 48 89 df e8 6c 9b e1 ff eb
[  284.637860][ T8143] RSP: 0018:ffffc90002ca73c8 EFLAGS: 00010287
[  284.643731][ T8143] RAX: ffffffff81db71ef RBX: 0000000000000000 RCX: 0000000000040000
[  284.651550][ T8143] RDX: ffffc9000573c000 RSI: 0000000000000086 RDI: 0000000000000087
[  284.659355][ T8143] RBP: ffffc90002ca73f0 R08: ffffffff81db7192 R09: ffffffff81f128c8
[  284.667183][ T8143] R10: 0000000000000007 R11: ffff88810e0c3cc0 R12: ffffc90002ca7520
[  284.674957][ T8143] R13: dffffc0000000000 R14: ffff88812f81e7d0 R15: ffff88812f8aba98
[  284.682787][ T8143] FS:  00007ff2966036c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  284.687255][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /568/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  284.691549][ T8143] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  284.718403][ T8143] CR2: 0000001b31c15ff8 CR3: 0000000128808000 CR4: 00000000003506b0
[  284.726628][ T8143] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  284.734440][ T8143] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  284.742288][ T8143] Call Trace:
[  284.745377][ T8143]  <TASK>
[  284.748211][ T8143]  ? show_regs+0x58/0x60
[  284.752237][ T8143]  ? __warn+0x160/0x3d0
[  284.756224][ T8143]  ? fscrypt_fname_siphash+0xbf/0xf0
[  284.761394][ T8143]  ? report_bug+0x4d5/0x7d0
[  284.765690][ T8143]  ? fscrypt_fname_siphash+0xbf/0xf0
[  284.770830][ T8143]  ? handle_bug+0x41/0x70
[  284.774976][ T8143]  ? exc_invalid_op+0x1b/0x50
[  284.779510][ T8143]  ? asm_exc_invalid_op+0x1b/0x20
[  284.784438][ T8143]  ? __ext4fs_dirhash+0x328/0x1630
[  284.789413][ T8143]  ? fscrypt_fname_siphash+0x62/0xf0
[  284.794503][ T8143]  ? fscrypt_fname_siphash+0xbf/0xf0
[  284.799651][ T8143]  ? fscrypt_fname_siphash+0xbf/0xf0
[  284.804743][ T8143]  ? fscrypt_fname_siphash+0xbf/0xf0
[  284.809894][ T8143]  __ext4fs_dirhash+0xe8e/0x1630
[  284.814648][ T8143]  ? ext4fs_dirhash+0x320/0x320
[  284.819354][ T8143]  ext4fs_dirhash+0x1b8/0x320
[  284.823839][ T8143]  ? ext4_sync_file+0xa50/0xa50
[  284.828558][ T8143]  htree_dirblock_to_tree+0x723/0x10d0
[  284.831644][ T8152] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  284.833839][ T8143]  ? ext4_htree_fill_tree+0x13e0/0x13e0
[  284.846336][ T8143]  ? kasan_set_track+0x4b/0x70
[  284.850915][ T8143]  ? kasan_save_alloc_info+0x1f/0x30
[  284.856044][ T8143]  ? ext4_readdir+0x200a/0x3930
[  284.860752][ T8143]  ? iterate_dir+0x265/0x600
[  284.865151][ T8143]  ? __se_sys_getdents64+0x1c1/0x460
[  284.870300][ T8143]  ? __x64_sys_getdents64+0x7b/0x90
[  284.875415][ T8143]  ? x64_sys_call+0x5ae/0x9a0
[  284.879954][ T8143]  ? do_syscall_64+0x3b/0xb0
[  284.884346][ T8143]  ext4_htree_fill_tree+0x73d/0x13e0
[  284.889499][ T8143]  ? ext4_handle_dirty_dirblock+0x6e0/0x6e0
[  284.895199][ T8143]  ? kasan_save_alloc_info+0x1f/0x30
[  284.900341][ T8143]  ? __kasan_kmalloc+0x9c/0xb0
[  284.904914][ T8143]  ext4_readdir+0x2f4b/0x3930
[  284.909450][ T8143]  ? __kasan_check_write+0x14/0x20
[  284.914380][ T8143]  ? down_read_killable+0x1206/0x1ff0
[  284.919606][ T8143]  ? futex_wake+0x758/0xb60
[  284.923920][ T8143]  ? ext4_dir_llseek+0x540/0x540
[  284.928715][ T8143]  ? down_read_interruptible+0x1ed0/0x1ed0
[  284.934337][ T8143]  ? debug_smp_processor_id+0x17/0x20
[  284.939577][ T8143]  ? kasan_quarantine_put+0x34/0x1a0
[  284.944664][ T8143]  ? ____kasan_slab_free+0x13c/0x180
[  284.949805][ T8143]  ? avc_policy_seqno+0x1b/0x70
[  284.954473][ T8143]  ? security_file_permission+0x86/0xb0
[  284.959874][ T8143]  iterate_dir+0x265/0x600
[  284.964109][ T8143]  ? ext4_dir_llseek+0x540/0x540
[  284.968906][ T8143]  __se_sys_getdents64+0x1c1/0x460
[  284.973829][ T8143]  ? __x64_sys_getdents64+0x90/0x90
[  284.978875][ T8143]  ? filldir+0x670/0x670
[  284.982940][ T8143]  ? fpregs_restore_userregs+0x130/0x290
[  284.986352][   T60] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS
[  284.988691][ T8143]  __x64_sys_getdents64+0x7b/0x90
[  284.999364][ T8143]  x64_sys_call+0x5ae/0x9a0
[  285.000229][   T60] cdc_ncm 5-1:1.1: bind() failure
[  285.003843][ T8143]  do_syscall_64+0x3b/0xb0
[  285.012798][ T8143]  ? clear_bhb_loop+0x55/0xb0
[  285.017338][ T8143]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  285.023040][ T8143] RIP: 0033:0x7ff29577e719
[  285.025440][   T60] usb 5-1: USB disconnect, device number 30
[  285.027318][ T8143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.027337][ T8143] RSP: 002b:00007ff296603038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  285.060724][ T8143] RAX: ffffffffffffffda RBX: 00007ff295935f80 RCX: 00007ff29577e719
[  285.068537][ T8143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  285.076345][ T8143] RBP: 00007ff2957f139e R08: 0000000000000000 R09: 0000000000000000
[  285.084316][ T8143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  285.092296][ T8143] R13: 0000000000000000 R14: 00007ff295935f80 R15: 00007fffb40def08
[  285.100089][ T8143]  </TASK>
[  285.102919][ T8143] ---[ end trace 0000000000000000 ]---
[  285.151593][  T294] EXT4-fs (loop3): unmounting filesystem.
[  285.177276][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  285.227099][ T8162] loop5: detected capacity change from 0 to 512
[  285.235255][ T8162] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  285.246435][ T8162] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  285.258228][ T8162] EXT4-fs (loop5): 1 truncate cleaned up
[  285.263750][ T8162] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  285.274240][ T8162] EXT4-fs (loop5): unmounting filesystem.
[  285.446340][   T19] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  285.479054][ T8177] loop7: detected capacity change from 0 to 1024
[  285.620583][ T8177] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  285.797720][ T8184] loop4: detected capacity change from 0 to 512
[  285.808470][ T8184] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  285.823667][ T8184] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz.4.2827: iget: bad extended attribute block 512
[  285.836760][ T8184] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2827: couldn't read orphan inode 15 (err -117)
[  285.875860][ T8184] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  286.752225][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  287.247111][   T19] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  287.255156][   T19] usb 4-1: config 0 has no interface number 0
[  287.261152][   T19] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.271919][   T19] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.281644][   T19] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  287.290565][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.300950][   T19] usb 4-1: config 0 descriptor??
[  287.360085][ T8202] loop7: detected capacity change from 0 to 1024
[  287.396686][ T8202] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  287.451313][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /706/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  287.476760][  T291] EXT4-fs (loop4): unmounting filesystem.
[  287.600837][ T8212] loop4: detected capacity change from 0 to 1024
[  287.850367][ T8212] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  288.079179][ T8219] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  288.230622][ T4952] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  288.255979][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  288.294689][   T19] input: HID 04d9:a055 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:04D9:A055.004E/input/input47
[  288.355407][ T8221] loop6: detected capacity change from 0 to 8192
[  288.372890][  T291] EXT4-fs (loop4): unmounting filesystem.
[  288.399080][   T19] holtek_kbd 0003:04D9:A055.004E: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.3-1/input1
[  288.447515][   T19] usb 4-1: USB disconnect, device number 38
[  288.479760][ T8229] netlink: 176 bytes leftover after parsing attributes in process `syz.7.2836'.
[  288.774660][ T8241] loop5: detected capacity change from 0 to 1024
[  288.924144][ T8241] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  288.925067][  T990] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  289.339638][  T990] usb 5-1: Using ep0 maxpacket: 16
[  289.444434][ T8260] syz.6.2846[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.444501][ T8260] syz.6.2846[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.490182][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  289.530327][ T8266] loop3: detected capacity change from 0 to 512
[  289.543860][ T8266] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  289.555209][ T8266] EXT4-fs (loop3): 1 truncate cleaned up
[  289.560856][ T8266] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  289.638088][ T8273] loop5: detected capacity change from 0 to 1024
[  289.658662][ T8273] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  289.766412][  T990] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  289.771827][ T8277] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  290.086052][ T4182] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  290.093791][  T990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.101654][  T990] usb 5-1: Product: syz
[  290.105590][  T990] usb 5-1: Manufacturer: syz
[  290.110031][  T990] usb 5-1: SerialNumber: syz
[  290.115146][  T990] r8152-cfgselector 5-1: config 0 descriptor??
[  290.387066][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  290.425812][ T8284] loop6: detected capacity change from 0 to 512
[  290.432662][ T8284] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  290.448037][ T8284] EXT4-fs error (device loop6): ext4_orphan_get:1396: inode #17: comm syz.6.2852: iget: bad i_size value: -6917529027641081756
[  290.461244][ T8284] EXT4-fs error (device loop6): ext4_orphan_get:1401: comm syz.6.2852: couldn't read orphan inode 17 (err -117)
[  290.473137][ T8284] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  290.483324][ T8284] device sit0 entered promiscuous mode
[  290.489849][ T8284] netlink: 'syz.6.2852': attribute type 1 has an invalid length.
[  290.497463][ T8284] netlink: 1 bytes leftover after parsing attributes in process `syz.6.2852'.
[  290.508094][ T4182] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  290.518220][ T4182] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  290.518643][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  290.527239][ T4182] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.550240][ T4182] usb 4-1: config 0 descriptor??
[  290.553990][ T8288] loop6: detected capacity change from 0 to 1024
[  290.569999][ T8288] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  290.586453][  T990] r8152-cfgselector 5-1: Unknown version 0x0000
[  290.587818][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  290.595645][  T990] r8152-cfgselector 5-1: bad CDC descriptors
[  290.612823][ T8292] loop6: detected capacity change from 0 to 256
[  290.618973][  T990] r8152-cfgselector 5-1: Unknown version 0x0000
[  290.634768][  T990] r8152-cfgselector 5-1: USB disconnect, device number 31
[  290.686360][   T40] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  290.790447][ T4182] usb 4-1: USB disconnect, device number 39
[  290.926425][   T40] usb 6-1: Using ep0 maxpacket: 32
[  291.046403][   T40] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.057183][   T40] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.066724][   T40] usb 6-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[  291.076350][   T40] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.090916][   T40] usb 6-1: config 0 descriptor??
[  291.302775][  T294] EXT4-fs (loop3): unmounting filesystem.
[  291.423064][ T8306] loop3: detected capacity change from 0 to 1024
[  291.437700][ T8306] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  291.626472][   T40] saitek 0003:06A3:0CCB.004F: unknown main item tag 0x0
[  291.641349][   T40] saitek 0003:06A3:0CCB.004F: unknown main item tag 0x0
[  291.649741][   T40] saitek 0003:06A3:0CCB.004F: item fetching failed at offset 4/5
[  291.659092][   T40] saitek 0003:06A3:0CCB.004F: parse failed
[  291.664871][   T40] saitek: probe of 0003:06A3:0CCB.004F failed with error -22
[  291.832689][   T40] usb 6-1: USB disconnect, device number 23
[  292.114869][ T8326] loop4: detected capacity change from 0 to 1024
[  292.136421][ T4182] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  292.144995][ T8326] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  292.192893][  T294] EXT4-fs (loop3): unmounting filesystem.
[  292.576505][   T28] audit: type=1400 audit(1731003225.176:550): avc:  denied  { create } for  pid=8336 comm="syz.5.2867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  292.577607][ T8337] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2867'.
[  292.624991][   T28] audit: type=1400 audit(1731003225.186:551): avc:  denied  { write } for  pid=8336 comm="syz.5.2867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  292.659719][   T28] audit: type=1400 audit(1731003225.216:552): avc:  denied  { name_bind } for  pid=8338 comm="syz.7.2868" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  292.691066][ T8337] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2867'.
[  292.708551][   T28] audit: type=1400 audit(1731003225.226:553): avc:  denied  { read } for  pid=8338 comm="syz.7.2868" laddr=ff02::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  292.763251][   T28] audit: type=1400 audit(1731003225.366:554): avc:  denied  { getopt } for  pid=8340 comm="syz.5.2869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  292.797225][   T28] audit: type=1400 audit(1731003225.406:555): avc:  denied  { read write } for  pid=8342 comm="syz.5.2870" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  292.814775][ T8343] random: crng reseeded on system resumption
[  292.820580][   T28] audit: type=1400 audit(1731003225.406:556): avc:  denied  { ioctl open } for  pid=8342 comm="syz.5.2870" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  292.888744][  T291] EXT4-fs (loop4): unmounting filesystem.
[  292.936481][ T4182] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.947486][ T4182] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.953728][ T8349] loop4: detected capacity change from 0 to 2048
[  292.957592][ T4182] usb 7-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00
[  292.972342][ T4182] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.980716][ T4182] usb 7-1: config 0 descriptor??
[  293.078049][ T8349] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  293.145807][ T8349] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  293.162615][ T8349] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 65536 with max blocks 1 with error 28
[  293.176764][ T8349] EXT4-fs (loop4): This should not happen!! Data will be lost
[  293.176764][ T8349] 
[  293.189330][ T8349] EXT4-fs (loop4): Total free blocks count 0
[  293.198079][ T8349] EXT4-fs (loop4): Free/Dirty block details
[  293.205776][ T8349] EXT4-fs (loop4): free_blocks=2415919104
[  293.211517][ T8349] EXT4-fs (loop4): dirty_blocks=16
[  293.216499][ T8349] EXT4-fs (loop4): Block reservation details
[  293.222334][ T8349] EXT4-fs (loop4): i_reserved_data_blocks=1
[  293.233248][  T291] EXT4-fs (loop4): unmounting filesystem.
[  293.250006][ T8356] loop4: detected capacity change from 0 to 128
[  293.259003][ T8356] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  293.476381][ T4182] usb 7-1: string descriptor 0 read error: -71
[  293.576405][ T4182] usbhid 7-1:0.0: can't add hid device: -71
[  293.582234][ T4182] usbhid: probe of 7-1:0.0 failed with error -71
[  293.596853][ T4182] usb 7-1: USB disconnect, device number 12
[  293.921711][ T5881] Bluetooth: hci0: Frame reassembly failed (-84)
[  294.108365][ T8388] loop5: detected capacity change from 0 to 40427
[  294.115165][ T8388] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  294.122827][ T8388] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  294.131539][ T8388] F2FS-fs (loop5): invalid crc value
[  294.138333][ T8388] F2FS-fs (loop5): Found nat_bits in checkpoint
[  294.194700][ T8388] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  294.201753][ T8388] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  294.229612][ T8399] loop3: detected capacity change from 0 to 1024
[  294.250417][ T8399] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  294.255613][ T4079] syz-executor: attempt to access beyond end of device
[  294.255613][ T4079] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  294.275934][  T294] EXT4-fs (loop3): unmounting filesystem.
[  294.627832][ T8417] device erspan1 entered promiscuous mode
[  294.731138][ T8423] loop5: detected capacity change from 0 to 512
[  294.738160][ T8423] EXT4-fs (loop5): Test dummy encryption mode enabled
[  294.744809][ T8423] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  294.755593][ T8423] EXT4-fs (loop5): 1 truncate cleaned up
[  294.761185][ T8423] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  294.776440][ T4182] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  294.785959][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  295.026363][ T4182] usb 7-1: Using ep0 maxpacket: 8
[  295.076356][  T990] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  295.146394][ T4182] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  295.155361][ T4182] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.166979][ T4182] usb 7-1: config 0 descriptor??
[  295.192668][ T8433] loop3: detected capacity change from 0 to 512
[  295.199669][ T8433] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  295.210586][ T8433] EXT4-fs (loop3): 1 truncate cleaned up
[  295.216132][ T8433] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  295.234293][  T294] EXT4-fs (loop3): unmounting filesystem.
[  295.355800][ T8438] loop3: detected capacity change from 0 to 1024
[  295.367762][ T8438] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  295.456467][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.467406][  T990] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.477121][  T990] usb 6-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  295.486946][  T990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.734602][  T990] usb 6-1: config 0 descriptor??
[  295.946476][ T4952] Bluetooth: hci0: command 0x1003 tx timeout
[  295.946492][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  296.221610][  T294] EXT4-fs (loop3): unmounting filesystem.
[  296.350337][  T990] magicmouse 0003:05AC:0269.0050: item fetching failed at offset 6/7
[  296.358447][  T990] magicmouse 0003:05AC:0269.0050: magicmouse hid parse failed
[  296.365747][  T990] magicmouse: probe of 0003:05AC:0269.0050 failed with error -22
[  296.377576][ T8449] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2906'.
[  296.462228][  T990] usb 6-1: USB disconnect, device number 24
[  296.474233][   T28] audit: type=1400 audit(1731003229.076:557): avc:  denied  { connect } for  pid=8452 comm="syz.3.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  296.493652][   T28] audit: type=1400 audit(1731003229.076:558): avc:  denied  { write } for  pid=8452 comm="syz.3.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  296.531785][ T8458] loop3: detected capacity change from 0 to 256
[  296.541413][ T8458] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  296.566913][ T8461] loop3: detected capacity change from 0 to 128
[  296.573319][ T8461] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  296.585380][ T8461] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  296.604567][   T43] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  296.613513][ T4182] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  296.623464][ T4182] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  296.638215][ T4182] asix: probe of 7-1:0.0 failed with error -71
[  296.645125][ T4182] usb 7-1: USB disconnect, device number 13
[  296.950361][ T2425] Bluetooth: hci0: Frame reassembly failed (-84)
[  297.192703][ T8476] loop4: detected capacity change from 0 to 1024
[  297.306693][ T8480] loop7: detected capacity change from 0 to 1024
[  297.454138][ T8480] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  297.515577][ T8488] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2918'.
[  297.550457][   T28] audit: type=1400 audit(1731003230.156:559): avc:  denied  { connect } for  pid=8491 comm="syz.6.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  297.571003][ T8476] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  297.618759][ T8498] SELinux: failed to load policy
[  298.681511][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  298.732600][ T8508] loop5: detected capacity change from 0 to 1024
[  298.739099][ T8508] EXT4-fs: Ignoring removed oldalloc option
[  298.743896][  T291] EXT4-fs (loop4): unmounting filesystem.
[  298.785877][ T8508] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  298.813982][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  298.813998][   T28] audit: type=1400 audit(1731003231.416:561): avc:  denied  { map } for  pid=8507 comm="syz.5.2926" path="/280/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  298.843260][ T4079] EXT4-fs (loop5): unmounting filesystem.
[  298.883221][   T28] audit: type=1400 audit(1731003231.416:562): avc:  denied  { execute } for  pid=8507 comm="syz.5.2926" path="/280/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  298.906310][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  298.945652][ T8520] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2930'.
[  299.014250][   T28] audit: type=1400 audit(1731003231.616:563): avc:  denied  { write } for  pid=8525 comm="syz.5.2933" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  299.045994][ T8512] loop4: detected capacity change from 0 to 40427
[  299.052904][ T8512] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  299.060117][ T8512] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  299.070821][ T8512] F2FS-fs (loop4): fault_injection options not supported
[  299.077963][ T8512] F2FS-fs (loop4): fault_type options not supported
[  299.085127][   T28] audit: type=1400 audit(1731003231.696:564): avc:  denied  { validate_trans } for  pid=8528 comm="syz.6.2934" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  299.105937][ T8512] F2FS-fs (loop4): invalid crc value
[  299.118395][ T8512] F2FS-fs (loop4): Found nat_bits in checkpoint
[  299.160185][ T8512] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  299.167410][ T8512] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  299.182611][ T8512] syz.4.2927: attempt to access beyond end of device
[  299.182611][ T8512] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  299.253619][ T8539] loop6: detected capacity change from 0 to 1024
[  299.266375][   T40] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  299.284441][ T8539] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  299.486831][ T8547] loop4: detected capacity change from 0 to 1024
[  299.716701][   T40] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.729087][ T8547] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  299.800399][   T40] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.810059][   T40] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  299.822980][   T40] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  299.831759][   T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.840406][   T40] usb 4-1: config 0 descriptor??
[  300.169132][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  300.274944][  T291] EXT4-fs (loop4): unmounting filesystem.
[  300.285259][ T8569] xt_hashlimit: size too large, truncated to 1048576
[  300.458996][  T430] Bluetooth: hci0: Frame reassembly failed (-84)
[  300.474342][   T40] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0
[  300.536199][   T40] plantronics 0003:047F:FFFF.0051: No inputs registered, leaving
[  300.653663][   T40] plantronics 0003:047F:FFFF.0051: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  300.828948][ T8591] loop6: detected capacity change from 0 to 512
[  300.835524][ T8591] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  300.846716][ T8591] EXT4-fs error (device loop6): ext4_orphan_get:1396: inode #15: comm syz.6.2952: iget: bad extended attribute block 512
[  300.859395][ T8591] EXT4-fs error (device loop6): ext4_orphan_get:1401: comm syz.6.2952: couldn't read orphan inode 15 (err -117)
[  300.871340][ T8591] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  300.926360][ T4182] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  300.939790][ T8595] loop7: detected capacity change from 0 to 1024
[  300.981951][ T8595] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  301.001868][ T5963] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /192/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  301.027589][ T5963] EXT4-fs (loop6): unmounting filesystem.
[  301.299953][ T8604] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  301.576365][ T4182] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  301.586307][ T4182] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  301.683304][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  301.686469][ T4182] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  301.697840][ T4182] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  301.705646][ T4182] usb 5-1: SerialNumber: syz
[  301.886037][ T8612] loop7: detected capacity change from 0 to 2048
[  301.908064][ T8612] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  301.973566][ T8616] loop6: detected capacity change from 0 to 8192
[  301.996262][ T8616] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  302.064858][ T8621] loop7: detected capacity change from 0 to 1024
[  302.206866][ T8628] tipc: Started in network mode
[  302.207082][ T4182] usb 5-1: 0:2 : does not exist
[  302.211554][ T8628] tipc: Node identity ac1414aa, cluster identity 4711
[  302.223520][ T8628] tipc: Enabled bearer <udp:syz0>, priority 10
[  302.426382][  T500] Bluetooth: hci0: command 0x1003 tx timeout
[  302.426409][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  302.571790][ T4182] usb 5-1: USB disconnect, device number 32
[  302.589128][  T315] udevd[315]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  302.613328][   T28] audit: type=1400 audit(1731003235.216:565): avc:  denied  { unmount } for  pid=4079 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  302.633570][  T387] usb 4-1: USB disconnect, device number 40
[  302.647916][ T8639] loop5: detected capacity change from 0 to 256
[  302.661142][   T28] audit: type=1400 audit(1731003235.266:566): avc:  denied  { mounton } for  pid=8638 comm="syz.5.2965" path="/286/file0/file0" dev="loop5" ino=1048816 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  302.686160][ T4079] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  302.695008][ T4079] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  303.027406][   T28] audit: type=1326 audit(1731003235.636:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8644 comm="syz.4.2967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fadd5b756e7 code=0x7ffc0000
[  303.064443][   T28] audit: type=1326 audit(1731003235.636:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8644 comm="syz.4.2967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fadd5b1a099 code=0x7ffc0000
[  303.102711][  T430] tipc: Disabling bearer <udp:syz2>
[  303.108750][  T430] tipc: Disabling bearer <eth:ip6_vti0>
[  303.114163][   T28] audit: type=1326 audit(1731003235.636:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8644 comm="syz.4.2967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fadd5b756e7 code=0x7ffc0000
[  303.137597][   T28] audit: type=1326 audit(1731003235.636:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8644 comm="syz.4.2967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fadd5b1a099 code=0x7ffc0000
[  303.137679][  T430] tipc: Left network mode
[  303.336351][   T60] tipc: Node number set to 2886997162
[  303.387402][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  303.501305][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  303.510255][ T8659] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.540726][ T8667] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  303.562798][ T8659] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.617072][ T8659] device bridge_slave_0 entered promiscuous mode
[  303.627695][ T8659] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.634558][ T8659] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.641909][ T8659] device bridge_slave_1 entered promiscuous mode
[  303.651998][ T8672] loop3: detected capacity change from 0 to 128
[  303.736878][ T8675] loop3: detected capacity change from 0 to 1024
[  303.775964][ T8659] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.782853][ T8659] bridge0: port 2(bridge_slave_1) entered forwarding state
[  303.789966][ T8659] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.796743][ T8659] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.846904][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  303.854678][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.863049][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.904665][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  303.913264][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.920130][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  303.928349][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  303.961109][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.968028][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.449034][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  304.457021][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  304.465797][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  304.473733][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  304.482091][  T430] device bridge_slave_1 left promiscuous mode
[  304.488115][  T430] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.495407][  T430] device bridge_slave_0 left promiscuous mode
[  304.501483][  T430] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.509314][  T430] device veth1_macvtap left promiscuous mode
[  304.515211][  T430] device veth0_vlan left promiscuous mode
[  304.596048][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  304.604347][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  304.615728][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  304.623527][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  304.632046][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  304.639618][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  304.647658][ T8659] device veth0_vlan entered promiscuous mode
[  304.657973][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  304.666188][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  304.675266][ T8659] device veth1_macvtap entered promiscuous mode
[  304.684160][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  304.691820][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  304.700016][   T40] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  304.700065][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  304.717481][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  304.725568][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  304.740576][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  304.740592][   T28] audit: type=1400 audit(1731003237.346:583): avc:  denied  { mounton } for  pid=8659 comm="syz-executor" path="/root/syzkaller.YD4lvw/syz-tmp" dev="sda1" ino=1956 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  304.771739][   T28] audit: type=1400 audit(1731003237.346:584): avc:  denied  { mount } for  pid=8659 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  304.793732][   T28] audit: type=1400 audit(1731003237.346:585): avc:  denied  { mounton } for  pid=8659 comm="syz-executor" path="/root/syzkaller.YD4lvw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  304.806361][ T8686] loop8: detected capacity change from 0 to 128
[  304.820332][   T28] audit: type=1400 audit(1731003237.346:586): avc:  denied  { mounton } for  pid=8659 comm="syz-executor" path="/root/syzkaller.YD4lvw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=43282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  304.829508][ T8686] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  304.854150][   T28] audit: type=1400 audit(1731003237.386:587): avc:  denied  { mounton } for  pid=8659 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=522 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  304.907077][   T28] audit: type=1400 audit(1731003237.386:588): avc:  denied  { mounton } for  pid=8659 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  304.931086][   T28] audit: type=1400 audit(1731003237.496:589): avc:  denied  { getopt } for  pid=8685 comm="syz.8.2973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  304.976353][   T40] usb 7-1: Using ep0 maxpacket: 16
[  305.074813][ T8693] loop8: detected capacity change from 0 to 1024
[  305.133047][   T40] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.143895][   T40] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.153679][   T40] usb 7-1: New USB device found, idVendor=28bd, idProduct=0935, bcdDevice= 0.00
[  305.162550][   T40] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.171977][   T40] usb 7-1: config 0 descriptor??
[  305.386377][  T500] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  305.386409][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  305.547131][   T28] audit: type=1400 audit(1731003238.156:590): avc:  denied  { write } for  pid=8715 comm="syz.4.2991" name="file0" dev="tmpfs" ino=3835 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  305.688500][   T40] input: HID 28bd:0935 Mouse as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:28BD:0935.0052/input/input48
[  305.702979][   T40] uclogic 0003:28BD:0935.0052: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0935] on usb-dummy_hcd.6-1/input0
[  305.890382][ T4182] usb 7-1: USB disconnect, device number 14
[  305.981962][  T430] Bluetooth: hci0: Frame reassembly failed (-84)
[  306.276350][  T990] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  306.418431][ T8745] loop3: detected capacity change from 0 to 512
[  306.425092][ T8745] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  306.436620][ T8745] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.3001: iget: bad extended attribute block 512
[  306.449326][ T8745] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.3001: couldn't read orphan inode 15 (err -117)
[  306.666719][ T8760] loop7: detected capacity change from 0 to 1024
[  306.673583][  T990] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.695062][  T990] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.712435][  T990] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  306.725469][  T990] usb 9-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  306.734827][  T990] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.749551][  T990] usb 9-1: config 0 descriptor??
[  307.075247][ T8730] loop8: detected capacity change from 0 to 1024
[  307.090481][ T8730] EXT4-fs: Ignoring removed orlov option
[  307.097054][ T8730] EXT4-fs: Ignoring removed nomblk_io_submit option
[  307.104097][ T8730] EXT4-fs (loop8): Test dummy encryption mode enabled
[  307.117638][   T28] audit: type=1400 audit(1731003239.726:591): avc:  denied  { mounton } for  pid=8729 comm="syz.8.2995" path="/3/file0" dev="loop8" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  307.226345][  T990] usbhid 9-1:0.0: can't add hid device: -71
[  307.232145][  T990] usbhid: probe of 9-1:0.0 failed with error -71
[  307.238974][  T990] usb 9-1: USB disconnect, device number 2
[  307.284809][  T294] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /601/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  307.314894][ T8777] loop3: detected capacity change from 0 to 128
[  307.350814][ T8779] loop3: detected capacity change from 0 to 2048
[  307.357238][ T8779] EXT4-fs: Ignoring removed mblk_io_submit option
[  307.367950][ T8779] ext4 filesystem being mounted at /603/bus supports timestamps until 2038 (0x7fffffff)
[  307.407922][   T28] audit: type=1400 audit(1731003240.016:592): avc:  denied  { relabelfrom } for  pid=8784 comm="syz.3.3012" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  307.582666][ T8799] loop7: detected capacity change from 0 to 1024
[  307.784921][ T8812] loop6: detected capacity change from 0 to 128
[  307.931057][ T8812] ext4 filesystem being mounted at /207/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  307.968333][ T8817] loop8: detected capacity change from 0 to 256
[  307.987674][ T8659] FAT-fs (loop8): error, corrupted directory (invalid entries)
[  307.996488][ T8659] FAT-fs (loop8): error, corrupted directory (invalid entries)
[  308.036314][  T500] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  308.036352][ T6826] Bluetooth: hci0: command 0x1003 tx timeout
[  308.114985][ T8805] loop3: detected capacity change from 0 to 40427
[  308.128057][ T8805] F2FS-fs (loop3): fault_injection options not supported
[  308.141385][ T8805] F2FS-fs (loop3): invalid crc value
[  308.159877][ T8805] F2FS-fs (loop3): Found nat_bits in checkpoint
[  308.262696][ T8830] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.269714][ T8830] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.277539][ T8830] device bridge_slave_0 entered promiscuous mode
[  309.941627][ T5981] EXT4-fs unmount: 20 callbacks suppressed
[  309.941646][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  309.949124][ T8830] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.960211][ T8830] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.967983][ T8830] device bridge_slave_1 entered promiscuous mode
[  310.019471][ T8805] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  310.046531][ T8847] tipc: Started in network mode
[  310.056202][ T8847] tipc: Node identity ac1414aa, cluster identity 4711
[  310.063423][  T294] syz-executor: attempt to access beyond end of device
[  310.063423][  T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  310.077582][ T8847] tipc: Enabled bearer <udp:syz0>, priority 10
[  310.132533][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  310.140414][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  310.159879][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  310.176597][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  310.185034][ T5881] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.191908][ T5881] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.210103][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  310.228531][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  310.242287][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  310.258104][ T5881] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.264985][ T5881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.286333][  T990] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  310.294812][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  310.308129][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  310.326870][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  310.340918][ T8830] device veth0_vlan entered promiscuous mode
[  310.348322][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  310.356744][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  310.364173][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  310.381610][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  310.391506][ T8830] device veth1_macvtap entered promiscuous mode
[  310.403447][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  310.416002][ T5881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  310.447737][   T10] device bridge_slave_1 left promiscuous mode
[  310.454480][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.462391][   T10] device bridge_slave_0 left promiscuous mode
[  310.469349][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.478278][   T10] device veth1_macvtap left promiscuous mode
[  310.484212][   T10] device veth0_vlan left promiscuous mode
[  310.656380][  T990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  310.670798][  T990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.680873][  T990] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  310.689880][  T990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.698476][  T990] usb 5-1: config 0 descriptor??
[  310.746433][  T317] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  310.989092][  T317] usb 10-1: Using ep0 maxpacket: 8
[  311.106355][  T317] usb 10-1: config index 0 descriptor too short (expected 64745, got 27)
[  311.128269][ T8874] syz.7.3041[8874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.128332][ T8874] syz.7.3041[8874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  311.176926][  T990] holtek 0003:1241:5015.0053: collection stack underflow
[  311.195044][  T990] holtek 0003:1241:5015.0053: item 0 1 0 12 parsing failed
[  311.202985][  T990] holtek 0003:1241:5015.0053: parse failed
[  311.208885][  T990] holtek: probe of 0003:1241:5015.0053 failed with error -22
[  311.217842][  T990] tipc: Node number set to 2886997162
[  311.266393][  T317] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  311.275636][  T317] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.283756][ T8878] loop7: detected capacity change from 0 to 1024
[  311.284061][  T317] usb 10-1: Product: syz
[  311.294065][  T317] usb 10-1: Manufacturer: syz
[  311.298813][  T317] usb 10-1: SerialNumber: syz
[  311.308066][ T8878] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  311.366314][  T990] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  311.379202][   T19] usb 5-1: USB disconnect, device number 33
[  311.630817][  T317] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  311.756359][  T990] usb 4-1: Using ep0 maxpacket: 8
[  311.778114][  T317] usb 10-1: USB disconnect, device number 2
[  311.784447][  T317] usblp0: removed
[  312.081031][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  312.116989][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  312.146419][  T990] usb 4-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=72.34
[  312.155420][  T990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.164095][  T990] usb 4-1: config 0 descriptor??
[  312.217930][  T990] usb 4-1: bad CDC descriptors
[  312.282235][ T8896] loop7: detected capacity change from 0 to 1024
[  312.331403][ T8896] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  312.412770][  T387] usb 4-1: USB disconnect, device number 41
[  312.864706][ T8907] loop4: detected capacity change from 0 to 512
[  312.871640][ T8907] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  312.891694][ T8907] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  312.899525][ T8907] System zones: 1-12
[  312.904140][ T8907] EXT4-fs (loop4): 1 truncate cleaned up
[  312.910012][ T8907] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  312.927581][  T291] EXT4-fs (loop4): unmounting filesystem.
[  313.017450][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  313.206322][  T387] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  313.235272][ T8915] loop7: detected capacity change from 0 to 40427
[  313.242646][ T8915] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  313.249643][ T8915] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  313.258011][ T8915] F2FS-fs (loop7): fault_injection options not supported
[  313.265004][ T8915] F2FS-fs (loop7): fault_type options not supported
[  313.273280][ T8915] F2FS-fs (loop7): invalid crc value
[  313.280142][ T8915] F2FS-fs (loop7): Found nat_bits in checkpoint
[  313.325971][ T8915] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  313.332926][ T8915] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  313.356515][ T8915] syz.7.3051: attempt to access beyond end of device
[  313.356515][ T8915] loop7: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  313.508295][ T8928] loop7: detected capacity change from 0 to 512
[  313.516828][ T8928] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  313.528140][ T8928] EXT4-fs error (device loop7): ext4_orphan_get:1396: inode #15: comm syz.7.3054: iget: bad extended attribute block 512
[  313.541202][ T8928] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.3054: couldn't read orphan inode 15 (err -117)
[  313.553774][ T8928] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  313.612460][  T387] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  313.623607][  T387] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  313.633388][  T387] usb 5-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  313.642369][  T387] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.657670][  T387] usb 5-1: config 0 descriptor??
[  313.705083][ T8934] loop9: detected capacity change from 0 to 1024
[  313.717915][ T8934] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  313.946398][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  314.217872][  T387] itetech 0003:258A:6A88.0054: unknown main item tag 0x0
[  314.225627][  T387] itetech 0003:258A:6A88.0054: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.4-1/input0
[  314.363629][   T60] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  314.364169][ T5981] EXT4-fs error (device loop7): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /144/bus: bad entry in directory: rec_len is smaller than minimal - offset=780, inode=0, rec_len=0, size=1024 fake=0
[  314.395598][ T5981] EXT4-fs (loop7): unmounting filesystem.
[  314.418217][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  314.418234][   T28] audit: type=1400 audit(1731003247.026:596): avc:  denied  { read write } for  pid=8950 comm="syz.7.3060" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  314.448163][ T8830] EXT4-fs (loop9): unmounting filesystem.
[  314.454665][  T317] usb 5-1: USB disconnect, device number 34
[  314.461280][   T28] audit: type=1400 audit(1731003247.056:597): avc:  denied  { open } for  pid=8950 comm="syz.7.3060" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  314.485901][   T28] audit: type=1400 audit(1731003247.076:598): avc:  denied  { ioctl } for  pid=8950 comm="syz.7.3060" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  314.557343][ T8957] serio: Serial port ptm1
[  314.568805][ T8960] loop3: detected capacity change from 0 to 1024
[  314.588077][ T8960] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  315.633355][   T60] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  315.647805][  T294] EXT4-fs (loop3): unmounting filesystem.
[  315.672424][ T8977] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3068'.
[  315.675646][   T28] audit: type=1400 audit(1731003248.276:599): avc:  denied  { sqpoll } for  pid=8978 comm="syz.9.3069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  315.681925][   T60] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  315.702681][ T8979] input: syz0 as /devices/virtual/input/input49
[  315.791093][   T60] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  315.816317][   T60] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  315.830525][ T8988] loop4: detected capacity change from 0 to 1024
[  315.837633][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.863437][ T8988] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  316.095838][ T8993] loop3: detected capacity change from 0 to 1024
[  316.746473][ T8940] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  316.777821][ T8993] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  317.753687][  T317] usb 7-1: USB disconnect, device number 15
[  317.760803][  T291] EXT4-fs (loop4): unmounting filesystem.
[  317.805956][  T294] EXT4-fs (loop3): unmounting filesystem.
[  318.041011][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  318.155105][   T28] audit: type=1400 audit(1731003250.756:600): avc:  denied  { bind } for  pid=9012 comm="syz.4.3074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  318.303442][   T28] audit: type=1400 audit(1731003250.786:601): avc:  denied  { name_bind } for  pid=9012 comm="syz.4.3074" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  318.323939][   T28] audit: type=1400 audit(1731003250.786:602): avc:  denied  { node_bind } for  pid=9012 comm="syz.4.3074" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  320.992907][ T6826] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  320.999304][  T500] Bluetooth: hci0: command 0x1003 tx timeout
[  418.376239][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  418.383023][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P9015/1:b..l
[  418.390870][    C0] 	(detected by 0, t=10002 jiffies, g=37069, q=655 ncpus=2)
[  418.397988][    C0] task:syz.3.3077      state:R  running task     stack:25160 pid:9015  ppid:294    flags:0x00004000
[  418.408655][    C0] Call Trace:
[  418.411777][    C0]  <TASK>
[  418.414558][    C0]  __schedule+0xcb5/0x1560
[  418.418816][    C0]  ? __sched_text_start+0x8/0x8
[  418.423498][    C0]  ? cgroup_rstat_updated+0xe5/0x370
[  418.428708][    C0]  ? preempt_schedule+0xd9/0xe0
[  418.433393][    C0]  preempt_schedule_common+0x9b/0xf0
[  418.438516][    C0]  preempt_schedule+0xd9/0xe0
[  418.443027][    C0]  ? schedule_preempt_disabled+0x20/0x20
[  418.448491][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  418.454135][    C0]  preempt_schedule_thunk+0x16/0x18
[  418.459169][    C0]  ? xas_find+0x104/0x820
[  418.463353][    C0]  ? xas_find+0x347/0x820
[  418.467499][    C0]  _raw_spin_unlock+0x5f/0x70
[  418.472014][    C0]  filemap_map_pages+0x127e/0x1470
[  418.476972][    C0]  ? filemap_read_folio+0x2a0/0x2a0
[  418.481996][    C0]  ? folio_unlock+0x5c/0x70
[  418.486336][    C0]  do_fault+0x124a/0x1f10
[  418.490503][    C0]  ? pte_marker_clear+0x2f0/0x2f0
[  418.495360][    C0]  ? __kasan_check_write+0x14/0x20
[  418.500304][    C0]  ? _raw_spin_lock+0xa4/0x1b0
[  418.504908][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  418.510118][    C0]  handle_mm_fault+0x189f/0x30e0
[  418.514886][    C0]  ? _raw_spin_unlock+0x4c/0x70
[  418.519588][    C0]  ? numa_migrate_prep+0xe0/0xe0
[  418.524349][    C0]  ? follow_page_mask+0x94f/0x1070
[  418.529298][    C0]  ? follow_page+0x250/0x250
[  418.533720][    C0]  ? __get_user_pages+0x2aa/0xf20
[  418.538579][    C0]  ? __get_user_pages+0x2b5/0xf20
[  418.543443][    C0]  __get_user_pages+0x377/0xf20
[  418.548136][    C0]  ? populate_vma_page_range+0x120/0x120
[  418.553681][    C0]  ? userfaultfd_unmap_complete+0x308/0x360
[  418.559413][    C0]  __mm_populate+0x375/0x570
[  418.563839][    C0]  ? userfaultfd_unmap_prep+0x3e0/0x3e0
[  418.569307][    C0]  ? check_vma_flags+0x2d0/0x2d0
[  418.574075][    C0]  ? do_futex+0x501/0x9a0
[  418.578248][    C0]  vm_mmap_pgoff+0x290/0x430
[  418.582673][    C0]  ? account_locked_vm+0x250/0x250
[  418.587619][    C0]  ? xfd_validate_state+0x6f/0x170
[  418.592566][    C0]  ksys_mmap_pgoff+0xed/0x1e0
[  418.597077][    C0]  ? __kasan_check_write+0x14/0x20
[  418.602027][    C0]  ? fpregs_restore_userregs+0x130/0x290
[  418.607495][    C0]  __x64_sys_mmap+0x103/0x120
[  418.612007][    C0]  x64_sys_call+0x67/0x9a0
[  418.616260][    C0]  do_syscall_64+0x3b/0xb0
[  418.620514][    C0]  ? clear_bhb_loop+0x55/0xb0
[  418.625027][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  418.630753][    C0] RIP: 0033:0x7f0c88f7e719
[  418.635006][    C0] RSP: 002b:00007f0c89d81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  418.643253][    C0] RAX: ffffffffffffffda RBX: 00007f0c89135f80 RCX: 00007f0c88f7e719
[  418.651060][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  418.658871][    C0] RBP: 00007f0c88ff139e R08: ffffffffffffffff R09: 0000000000000000
[  418.666812][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  418.674619][    C0] R13: 0000000000000000 R14: 00007f0c89135f80 R15: 00007ffe6379bdf8
[  418.682440][    C0]  </TASK>
[  418.685297][    C0] rcu: rcu_preempt kthread starved for 10028 jiffies! g37069 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  418.696321][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  418.706130][    C0] rcu: RCU grace-period kthread stack dump:
[  418.711854][    C0] task:rcu_preempt     state:R  running task     stack:27688 pid:14    ppid:2      flags:0x00004000
[  418.722598][    C0] Call Trace:
[  418.725662][    C0]  <TASK>
[  418.728436][    C0]  __schedule+0xcb5/0x1560
[  418.732687][    C0]  ? __sched_text_start+0x8/0x8
[  418.737377][    C0]  ? __kasan_check_write+0x14/0x20
[  418.742410][    C0]  schedule+0xc3/0x180
[  418.746328][    C0]  schedule_timeout+0x18c/0x380
[  418.751012][    C0]  ? _raw_spin_unlock_irq+0x4d/0x70
[  418.756077][    C0]  ? console_conditional_schedule+0x10/0x10
[  418.761892][    C0]  ? update_process_times+0x1b0/0x1b0
[  418.767101][    C0]  ? prepare_to_swait_event+0x308/0x320
[  418.772482][    C0]  rcu_gp_fqs_loop+0x2ed/0x10a0
[  418.777165][    C0]  ? _raw_spin_unlock_irq+0x4d/0x70
[  418.782199][    C0]  ? rcu_gp_init+0xc7f/0xfa0
[  418.786628][    C0]  ? rcu_gp_init+0xfa0/0xfa0
[  418.791055][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  418.796697][    C0]  ? finish_swait+0x17d/0x1b0
[  418.801221][    C0]  rcu_gp_kthread+0xa3/0x3a0
[  418.805637][    C0]  ? queued_spin_lock_slowpath+0x50/0x50
[  418.811102][    C0]  ? set_cpus_allowed_ptr+0xa4/0xe0
[  418.816137][    C0]  ? __kasan_check_read+0x11/0x20
[  418.820997][    C0]  ? __kthread_parkme+0x12d/0x180
[  418.825855][    C0]  kthread+0x26d/0x300
[  418.829759][    C0]  ? queued_spin_lock_slowpath+0x50/0x50
[  418.835231][    C0]  ? kthread_blkcg+0xd0/0xd0
[  418.839656][    C0]  ret_from_fork+0x1f/0x30
[  418.843916][    C0]  </TASK>
[  418.846771][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  418.852934][    C0] Sending NMI from CPU 0 to CPUs 1:
[  418.857980][    C1] NMI backtrace for cpu 1
[  418.857993][    C1] CPU: 1 PID: 9017 Comm: syz.6.3078 Tainted: G        W          6.1.112-syzkaller-00110-g976b055754d7 #0
[  418.858014][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  418.858025][    C1] RIP: 0010:is_bpf_text_address+0x2c/0x190
[  418.858058][    C1] Code: 89 e5 41 57 41 56 41 55 41 54 53 50 49 89 fe 49 bc 00 00 00 00 00 fc ff df e8 b0 4a f1 ff e8 ab 26 dd ff 44 8b 2d 94 61 7c 05 <45> 89 ef 41 83 e7 01 4a 8d 1c fd 08 bb 00 87 48 89 d8 48 c1 e8 03
[  418.858074][    C1] RSP: 0018:ffffc9000108f4d8 EFLAGS: 00000046
[  418.858090][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  418.858103][    C1] RDX: ffffc90001119000 RSI: 000000000003ffff RDI: 0000000000040000
[  418.858115][    C1] RBP: ffffc9000108f508 R08: ffffffff81642486 R09: 000000000000000d
[  418.858129][    C1] R10: ffffc9000108f670 R11: dffffc0000000001 R12: dffffc0000000000
[  418.858143][    C1] R13: 0000000000000966 R14: 0000000000000000 R15: 0000000000000001
[  418.858155][    C1] FS:  00007f35f11ec6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  418.858171][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  418.858185][    C1] CR2: 00000000200bd038 CR3: 0000000125486000 CR4: 00000000003506a0
[  418.858202][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  418.858213][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  418.858224][    C1] Call Trace:
[  418.858230][    C1]  <NMI>
[  418.858236][    C1]  ? show_regs+0x58/0x60
[  418.858254][    C1]  ? nmi_cpu_backtrace+0x285/0x2f0
[  418.858279][    C1]  ? nmi_trigger_cpumask_backtrace+0x3b0/0x3b0
[  418.858305][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858322][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858339][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  418.858361][    C1]  ? nmi_handle+0xa7/0x280
[  418.858380][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858409][    C1]  ? default_do_nmi+0x69/0x160
[  418.858430][    C1]  ? exc_nmi+0xad/0x100
[  418.858449][    C1]  ? end_repeat_nmi+0x16/0x31
[  418.858472][    C1]  ? is_module_text_address+0x296/0x360
[  418.858498][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858515][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858533][    C1]  ? is_bpf_text_address+0x2c/0x190
[  418.858550][    C1]  </NMI>
[  418.858555][    C1]  <TASK>
[  418.858561][    C1]  ? is_module_text_address+0x210/0x360
[  418.858585][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  418.858603][    C1]  kernel_text_address+0xa9/0xe0
[  418.858620][    C1]  __kernel_text_address+0xd/0x40
[  418.858635][    C1]  unwind_get_return_address+0x4d/0x90
[  418.858676][    C1]  arch_stack_walk+0xf3/0x140
[  418.858702][    C1]  stack_trace_save+0x113/0x1c0
[  418.858721][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  418.858741][    C1]  ? stack_trace_save+0x113/0x1c0
[  418.858759][    C1]  ? __dequeue_signal+0x519/0x650
[  418.858778][    C1]  ? __dequeue_signal+0x519/0x650
[  418.858795][    C1]  kasan_set_track+0x4b/0x70
[  418.858819][    C1]  ? kasan_set_track+0x4b/0x70
[  418.858841][    C1]  ? kasan_save_free_info+0x2b/0x40
[  418.858857][    C1]  ? ____kasan_slab_free+0x131/0x180
[  418.858881][    C1]  ? __kasan_slab_free+0x11/0x20
[  418.858904][    C1]  ? kmem_cache_free+0x291/0x510
[  418.858922][    C1]  ? __dequeue_signal+0x519/0x650
[  418.858945][    C1]  ? dequeue_signal+0x165/0x590
[  418.858962][    C1]  ? get_signal+0x54c/0x1820
[  418.858980][    C1]  ? arch_do_signal_or_restart+0xb0/0x16f0
[  418.859005][    C1]  ? exit_to_user_mode_loop+0x74/0xa0
[  418.859027][    C1]  ? exit_to_user_mode_prepare+0x5a/0xa0
[  418.859048][    C1]  ? syscall_exit_to_user_mode+0x26/0x130
[  418.859070][    C1]  ? do_syscall_64+0x47/0xb0
[  418.859087][    C1]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  418.859121][    C1]  kasan_save_free_info+0x2b/0x40
[  418.859137][    C1]  ____kasan_slab_free+0x131/0x180
[  418.859162][    C1]  __kasan_slab_free+0x11/0x20
[  418.859185][    C1]  kmem_cache_free+0x291/0x510
[  418.859206][    C1]  ? __dequeue_signal+0x519/0x650
[  418.859225][    C1]  __dequeue_signal+0x519/0x650
[  418.859245][    C1]  dequeue_signal+0x165/0x590
[  418.859263][    C1]  ? unhandled_signal+0x1d0/0x1d0
[  418.859282][    C1]  ? uprobe_deny_signal+0x77/0x230
[  418.859301][    C1]  get_signal+0x54c/0x1820
[  418.859324][    C1]  ? ptrace_notify+0x350/0x350
[  418.859342][    C1]  ? __kasan_check_write+0x14/0x20
[  418.859362][    C1]  arch_do_signal_or_restart+0xb0/0x16f0
[  418.859388][    C1]  ? __do_compat_sys_x32_rt_sigreturn+0x1e0/0x1e0
[  418.859414][    C1]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  418.859434][    C1]  ? do_sigaltstack+0x3f9/0x630
[  418.859459][    C1]  ? get_sigframe_size+0x10/0x10
[  418.859483][    C1]  ? restore_altstack+0x107/0x150
[  418.859505][    C1]  ? __ia32_sys_sigaltstack+0x260/0x260
[  418.859532][    C1]  ? __do_sys_rt_sigreturn+0x160/0x1e0
[  418.859559][    C1]  exit_to_user_mode_loop+0x74/0xa0
[  418.859581][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[  418.859604][    C1]  syscall_exit_to_user_mode+0x26/0x130
[  418.859627][    C1]  do_syscall_64+0x47/0xb0
[  418.859644][    C1]  ? clear_bhb_loop+0x55/0xb0
[  418.859667][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  418.859687][    C1] RIP: 0033:0x7f35f037e719
[  418.859701][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.859716][    C1] RSP: 002b:00007f35f11ec0e8 EFLAGS: 00000246
[  418.859730][    C1] RAX: fffffffffffffffc RBX: 00007f35f0535f88 RCX: 00007f35f037e719
[  418.859744][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35f0535f88
[  418.859755][    C1] RBP: 00007f35f0535f80 R08: 0000000000000000 R09: 0000000000000000
[  418.859766][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f35f0535f8c
[  418.859778][    C1] R13: 0000000000000000 R14: 00007fff2c41e490 R15: 00007fff2c41e578
[  418.859795][    C1]  </TASK>
[  454.994533][   T29] INFO: task syz.6.3078:9016 blocked for more than 126 seconds.
[  455.016278][   T29]       Tainted: G        W          6.1.112-syzkaller-00110-g976b055754d7 #0
[  455.024959][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  462.988391][   T29] task:syz.6.3078      state:D stack:25552 pid:9016  ppid:5963   flags:0x00004006
[  465.026285][   T29] Call Trace:
[  465.029422][   T29]  <TASK>
[  465.032191][   T29]  __schedule+0xcb5/0x1560
[  469.016217][   T29]  ? __sched_text_start+0x8/0x8
[  469.020946][   T29]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  473.026261][   T29]  ? prepare_to_wait_event+0x3e6/0x420
[  473.031593][   T29]  schedule+0xc3/0x180
[  473.035493][   T29]  synchronize_rcu_expedited+0x6bd/0x860
[  478.989274][   T29]  ? synchronize_rcu+0x3d0/0x3d0
[  478.994088][   T29]  ? 0xffffffffa00007c8
[  482.002415][   T29]  ? is_bpf_text_address+0x172/0x190
[  484.026615][   T29]  ? rcu_exp_handler+0x360/0x360
[  484.031425][   T29]  ? __kernel_text_address+0xd/0x40
[  488.006238][   T29]  ? unwind_get_return_address+0x4d/0x90
[  488.011738][   T29]  ? arch_stack_walk+0xf3/0x140
[  492.006243][   T29]  ? wake_bit_function+0x230/0x230
[  492.011225][   T29]  ? stack_trace_save+0x113/0x1c0
[  492.016086][   T29]  ? do_syscall_64+0x47/0xb0
[  497.010046][   T29]  synchronize_rcu+0x93/0x3d0
[  497.014583][   T29]  ? schedule_delayed_monitor_work+0x160/0x160
[  501.016204][   T29]  ? __stack_depot_save+0x36/0x480
[  501.021183][   T29]  ? __kasan_check_write+0x14/0x20
[  501.026124][   T29]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  504.996206][   T29]  ? _raw_spin_lock_irqsave+0x210/0x210
[  505.001622][   T29]  ? __kasan_check_write+0x14/0x20
[  508.996196][   T29]  ? mutex_unlock+0xb2/0x260
[  509.000653][   T29]  rcu_sync_enter+0x1e0/0x330
[  509.005168][   T29]  ? rcu_sync_enter_start+0x70/0x70
[  514.006249][   T29]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  514.011579][   T29]  ? __mutex_lock_slowpath+0x10/0x10
[  518.006247][   T29]  ? _raw_spin_lock+0x1b0/0x1b0
[  518.010957][   T29]  ? tty_buffer_flush+0x366/0x3f0
[  518.015841][   T29]  percpu_down_write+0xc5/0x750
[  522.996186][   T29]  ? pty_flush_buffer+0xdb/0x120
[  523.000984][   T29]  ? pty_unthrottle+0x60/0x60
[  523.005496][   T29]  ? __percpu_down_read+0x480/0x480
[  528.026266][   T29]  hci_uart_tty_close+0x123/0x240
[  528.031158][   T29]  ? hci_uart_tty_open+0x340/0x340
[  528.036105][   T29]  tty_ldisc_kill+0x10b/0x1f0
[  534.006230][   T29]  tty_ldisc_release+0x195/0x1f0
[  534.011039][   T29]  tty_release_struct+0x2a/0xe0
[  534.015725][   T29]  tty_release+0xd14/0xf70
[  539.016219][   T29]  ? tty_release_struct+0xe0/0xe0
[  539.021117][   T29]  __fput+0x1e5/0x870
[  539.024940][   T29]  ____fput+0x15/0x20
[  543.015849][   T29]  task_work_run+0x24d/0x2e0
[  544.026244][   T29]  ? task_work_cancel+0x2e0/0x2e0
[  544.031137][   T29]  get_signal+0x15a0/0x1820
[  544.035479][   T29]  ? ptrace_notify+0x350/0x350
[  550.016204][   T29]  arch_do_signal_or_restart+0xb0/0x16f0
[  550.021721][   T29]  ? __ia32_sys_pidfd_getfd+0x90/0x90
[  554.006203][   T29]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  554.011178][   T29]  ? __kasan_check_write+0x14/0x20
[  554.016121][   T29]  ? _raw_spin_lock+0xa4/0x1b0
[  557.010811][   T29]  ? _raw_spin_trylock_bh+0x190/0x190
[  557.016017][   T29]  ? fput+0x162/0x1b0
[  562.026526][   T29]  ? get_sigframe_size+0x10/0x10
[  562.031329][   T29]  ? _raw_spin_unlock+0x4c/0x70
[  562.036017][   T29]  ? __close_range+0x7d2/0x880
[  568.011746][   T29]  ? bpf_send_signal+0x19/0x20
[  570.006200][   T29]  ? close_fd+0x2f0/0x2f0
[  570.010404][   T29]  exit_to_user_mode_loop+0x74/0xa0
[  570.015430][   T29]  exit_to_user_mode_prepare+0x5a/0xa0
[  572.106401][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 152s!
[  572.115137][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=-20 stuck for 146s!
[  572.124009][    C0] Showing busy workqueues and worker pools:
[  572.129727][    C0] workqueue events_long: flags=0x0
[  572.134682][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.134736][    C0]     pending: br_multicast_gc_work, br_fdb_cleanup
[  572.134799][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.134854][    C0]     pending: br_fdb_cleanup, br_fdb_cleanup, br_multicast_gc_work
[  572.134931][    C0] workqueue events_power_efficient: flags=0x80
[  572.170080][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.170136][    C0]     pending: neigh_managed_work, neigh_periodic_work, gc_worker
[  572.170216][    C0] workqueue mm_percpu_wq: flags=0x8
[  572.190341][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.190388][    C0]     pending: vmstat_update
[  572.190435][    C0] workqueue kblockd: flags=0x18
[  572.207086][    C0]   pwq 3: cpus=1 node=0 flags=0x0 nice=-20 active=1/256 refcnt=2
[  572.207148][    C0]     pending: blk_mq_timeout_work
[  572.207194][    C0] workqueue ipv6_addrconf: flags=0x40008
[  572.225276][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=3
[  572.225326][    C0]     pending: addrconf_verify_work
[  572.225361][    C0]     inactive: addrconf_verify_work
[  572.225415][    C0] workqueue wg-crypt-wg1: flags=0x28
[  572.247968][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.248022][    C0]     pending: wg_packet_encrypt_worker, wg_packet_decrypt_worker
[  572.248081][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.268303][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.268352][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker
[  572.268411][    C0] workqueue wg-kex-wg0: flags=0x24
[  572.288449][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.288499][    C0]     pending: wg_packet_handshake_receive_worker
[  572.288541][    C0] workqueue wg-crypt-wg0: flags=0x28
[  572.307372][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.307420][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker
[  572.307479][    C0] workqueue wg-kex-wg2: flags=0x24
[  572.327691][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.327743][    C0]     pending: wg_packet_handshake_receive_worker
[  572.327780][    C0] workqueue wg-kex-wg2: flags=0x6
[  572.346446][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  572.346498][    C0]     pending: wg_packet_handshake_send_worker
[  572.346536][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.364566][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.364622][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker
[  572.364686][    C0] workqueue wg-kex-wg0: flags=0x24
[  572.384715][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.384770][    C0]     pending: wg_packet_handshake_receive_worker
[  572.384812][    C0] workqueue wg-crypt-wg0: flags=0x28
[  572.403548][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.403594][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker, wg_packet_tx_worker
[  572.403670][    C0] workqueue wg-crypt-wg1: flags=0x28
[  572.426856][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.426907][    C0]     pending: wg_packet_tx_worker, wg_packet_decrypt_worker, wg_packet_encrypt_worker
[  572.426984][    C0] workqueue wg-kex-wg2: flags=0x24
[  572.448854][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.448906][    C0]     pending: wg_packet_handshake_receive_worker
[  572.448944][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.467701][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.467752][    C0]     pending: wg_packet_encrypt_worker, wg_packet_tx_worker
[  572.467806][    C0] workqueue wg-kex-wg0: flags=0x24
[  572.487408][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.487463][    C0]     pending: wg_packet_handshake_receive_worker
[  572.487502][    C0] workqueue wg-crypt-wg0: flags=0x28
[  572.506240][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.506290][    C0]     pending: wg_packet_tx_worker, wg_packet_encrypt_worker, wg_packet_decrypt_worker
[  572.506367][    C0] workqueue wg-kex-wg1: flags=0x24
[  572.528315][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.528369][    C0]     pending: wg_packet_handshake_receive_worker
[  572.528408][    C0] workqueue wg-crypt-wg1: flags=0x28
[  572.547496][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.547549][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker, wg_packet_tx_worker
[  572.547625][    C0] workqueue wg-kex-wg2: flags=0x24
[  572.569484][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.569536][    C0]     pending: wg_packet_handshake_receive_worker
[  572.569577][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.588320][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.588373][    C0]     pending: wg_packet_encrypt_worker, wg_packet_tx_worker
[  572.588433][    C0] workqueue wg-kex-wg0: flags=0x24
[  572.608035][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.608091][    C0]     pending: wg_packet_handshake_receive_worker
[  572.608130][    C0] workqueue wg-crypt-wg0: flags=0x28
[  572.626956][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.627005][    C0]     pending: wg_packet_decrypt_worker, wg_packet_encrypt_worker, wg_packet_tx_worker
[  572.627088][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.627129][    C0]     pending: wg_packet_encrypt_worker
[  572.627158][    C0] workqueue wg-kex-wg1: flags=0x24
[  572.662050][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.662109][    C0]     pending: wg_packet_handshake_receive_worker
[  572.662157][    C0] workqueue wg-crypt-wg1: flags=0x28
[  572.680889][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  572.680936][    C0]     pending: wg_packet_encrypt_worker, wg_packet_decrypt_worker, wg_packet_tx_worker
[  572.681011][    C0] workqueue wg-kex-wg2: flags=0x24
[  572.702860][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  572.702909][    C0]     pending: wg_packet_handshake_receive_worker
[  572.702946][    C0] workqueue wg-crypt-wg2: flags=0x28
[  572.721689][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  572.721743][    C0]     pending: wg_packet_tx_worker, wg_packet_encrypt_worker
[  576.006199][   T29]  syscall_exit_to_user_mode+0x26/0x130
[  576.011615][   T29]  do_syscall_64+0x47/0xb0
[  576.015864][   T29]  ? clear_bhb_loop+0x55/0xb0
[  581.019135][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  581.024904][   T29] RIP: 0033:0x7f35f037e719